complete proactive content security from the gateway to the desktop copyright © 2003 aladdin...
TRANSCRIPT
Complete Proactive Content Securityfrom the Gateway to the Desktop
Copyright © 2003 Aladdin Knowledge Systems
What is Content Security?Content Security ensures aclean flow of information
Free of malicious code:Vandals, viruses, worms, Trojans,ActiveX, Java, scripts
Free of Inappropriate and nonproductive content
Some Facts About Content Security
96% of corporations use anti-virus products
Virus attacks are constantly rising, and so are the damages
Most anti-virus products are desktop solutions
Many organizations use email anti-virus solutions
Most organizations do not inspect Web (HTTP) traffic, yet...
A complete Content Security solution covers:
Malicious code that destroys or steals digital assets Inappropriate and nonproductive material The misuse of company resources
(P.S. If one of the checkmarks is empty, eSafe could be the solution you need)
Mail server level Content Inspection (SMTP and/or Exchange)
Gateway level Content Inspection (FW-1 or other firewalls)
Desktop level Content Inspection
(P.S. If one of the checkmarks is empty, eSafe could be the solution you need)
Multi-tiered Content Security
Proactive Security The eSafe Way
- Multiple levels of content security throughout the enterprise
- Multiple content security methods:
Scanning • Heuristics • Blocking
Content Security Methods
ScanningScanning identifies malicious code using known signatures.
Scanning is the most common anti-virus method.
Scanning is update dependant.
Pattern signatures can be applied to any type of malicious code.
Ghost Machine™ is an advanced scanning technology that detects complicated polymorphic, encrypted, and stealth malicious code.
HeuristicsHeuristics is a method of analyzing scripted programs such VB/Java scripts and MS Office macros.
Heuristics can detect variants of known vandal code as well as completely new and unknown malicious code.
Macro Terminator™ is used to eliminate VBA macros and SmartScript™ filtering removes malicious VBScript and JavaScript vandals.
Content Security Methods
Content Security Methods
BlockingUsed for stripping dangerous content sent by untrusted source, such as:
Executable attachments
Macros in Office documents
Scripts in emails
Effective as an immediate solution for outbreaks, until an update is available.
Content Security for Gateways and Mail Servers
eSafe GatewayProactive Content Security and Anti-virus for Internet gateways
eSafe MailProactive Email Security and Anti-virus for
Email Servers
eSafe ApplianceA hardware appliance preconfigured with eSafe Gateway or eSafe Mail
“eSafe is not just another anti-virus” “Aladdin Knowledge Systems, with its eSafe
products, has taken a pioneering step in the software security market by moving beyond only detecting and preventing virus attacks.”
“An important function that differentiates eSafe products from most competitors in the market is that it does not rely solely on scanning signatures.“
© Gartner Research Product Report
The Ultimate Proactive Content Security for Internet Gateways
Proactive Internet gateway security Integrated email security and anti-spam Certified auto-updating anti-virus Proactive malicious code protection Filters non-productive content Content Security policy enforcement Scalable enterprise solution
eSafe Gateway Means:
Inspection of Web pages and HTML based emails
Blocks malicious ActiveX, Java Applets and scripts
SmartScripts™ Filtering including email!(Malicious VB/Java scripts protection)
No Malicious Code
eSafe Gateway Means:
ICSA and Checkmark certified anti-virus
Scans all MIME and compressed file types
Macro Terminator™ and Ghost Machine™(Advanced Heuristic and Polymorphic Anti-virus protection)
Certified Anti Virus
eSafe Gateway Means:
Keyword-based email filtering(for inappropriate content and data exposure)
Email anti-spam and anti-spoof features
Removes all macros from untrusted documents
Blocks attachments by MIME and binary file types
Optional SurfControl® URL Filtering database(Millions of URLs indexed in 40 categories)
Content Filtering
eSafe Gateway Means:
Integrated Content Security solution for HTTP, FTP, and SMTP
Scalable architecture with load sharing
Remote secure management
Extensive reports and alerts
Integration and Management
Remote eConsole
All eSafe Products can be centrally managed over the network or across the Internet
Gateway eConsole Main Screen
Allows a real-time view of the network traffic and content inspection results
eSafe Gateway for OPSECCheck Point FireWall-1 CVP
The Best solution in the market for FireWall-1
Allows handling all content security in a secure DMZ
Simple and easy setup and configuration
Supports CVP load-sharing
NEW! Alternative SMTP traffic handling on the same machine!
FireWall-1 NGCertified
eSafe Gateway NitroInspectionSupports Most Networks
NT or Linux?Now you can have your choice! eSafe Gateway and eSafe Mail are
available for Windows or Linux platforms.
As a dedicated HARDENED machine, either choice would work great.
As Easy As 1-2-3Connect the eSafe Appliance in your LAN or DMZ.
Configure your Check Point FireWall-1 and/or SMTP mail server.
Configure the eSafe Appliance Content Security preferences.
* Available with eSafe Gateway for FW-1 (CVP) and eSafe Mail
1st Linux-based Content Security Appliance
Inspects HTTP, FTP and SMTP
Scans, filters and blocks viruses and malicious code
Integrated email security and anti-spam
Pre-configured plug-and-play box
Check Point OPSEC certified solution
Hi-capacity Network Challenges
Full Content Inspection in networks with over 8Mbit connections can create bottlenecks
Traditional proxy solutions are difficult to implement and are not scalable
Traditional solutions can produce a single-point-of-failure situation
What is HTTP traffic composed of?
Nearly 80% of HTTP traffic is composed of safe data:
GIF, JPEG, MPEG, etc.
Only 20% of HTTP traffic needs to be inspected
15%
70%
8%
5%2%
HTML Images
Multimedia Compressed
Other
The Aladdin-Radware Solution
eSafe Gateway with Nitro Inspection Routing (NIR) A fast, MIME type based content security routing policy system.
Radware CIDAn advanced ITM (Internet Traffic Management) device capable of rerouting, load-balancing and health monitoring capabilities .
+
=The first high-capacity Internet content security and management for the large enterprise or xSP.
Up to 500% content inspection speed increase and advanced scalability options.
How Does It Work?File Type Redirection
Other protocols and Trusted HTTP traffic and files bypasses Content Inspectors (according to MIME type)
Several ESG/ESM machines inspecting different content
Potentially malicious content is routed for inspection in an eSafe content inspection farm.
ESG1 ESG2 ESG3 ESM1
Only files that are potentially malicious are routed for content inspection
Radware CID
Proactive Email Security and Anti-virus for
Email Servers
Integrated email security and anti-spam
Certified auto-updating anti-virus
Proactive malicious code protection
Blocks email security exploits Filters non-productive content Content Security policy
enforcement
In the June 12th 2001 issue of PC Magazine, Aladdin’s eSafe Mail™ content security solution received the prestigious Editors’ Choice Award. Outranking eight competitors, eSafe was labeled “impressive.”
Editor Les Freed selected eSafe Mail for its:• Simple integration into the eSafe suite of security products• Unmatched logging methods through email, a report file & Event• Easily expandable, distributed server arrangement for future growth• Strong email scanning and filtering capabilities
Proactive Updates
Incremental scanning engine signatures(Similar to other anti-virus products)
New blocking policies
New monitoring policies
Incremental content (URL) filtering database
Instant alert/notification messages
Product updates and upgrades
eSafe Products Provide:
Proactive gateway to desktop security
Multi-tiered enterprise solution
Central administration
Scans and filters malicious code
Blocks hostile attachments
Analyses and blocks malicious scripts
Content security policy enforcement
Filters of nonproductive content
eSafe in the Press
“eSafe Mail is the most suitable solution for small businesses… it provides very thorough virus protection and filtering in one package and it’s very easy to set up and manage.”
PC Magazine June 12, 2001
“…don't let its size fool you: This device is packed with features.
PC Magazine, Best Product of 2002 – Networking Category
“Anyone can appreciate its multipurpose filtering abilities and strong throughput…The size of a cereal box, this Linux-based appliance is an easy addition to cramped offices… the eSafe Appliance is almost certain to make an impression.”
PC Magazine, Editors’ Choice, 2002
Thank You!
For more information:
www.eSafe.com