Complete Proactive Content Securityfrom the Gateway to the Desktop

Copyright © 2003 Aladdin Knowledge Systems

What is Content Security?Content Security ensures aclean flow of information

Free of malicious code:Vandals, viruses, worms, Trojans,ActiveX, Java, scripts

Free of Inappropriate and nonproductive content

Some Facts About Content Security

96% of corporations use anti-virus products

Virus attacks are constantly rising, and so are the damages

Most anti-virus products are desktop solutions

Many organizations use email anti-virus solutions

Most organizations do not inspect Web (HTTP) traffic, yet...

A complete Content Security solution covers:

Malicious code that destroys or steals digital assets Inappropriate and nonproductive material The misuse of company resources

(P.S. If one of the checkmarks is empty, eSafe could be the solution you need)

Mail server level Content Inspection (SMTP and/or Exchange)

Gateway level Content Inspection (FW-1 or other firewalls)

Desktop level Content Inspection

(P.S. If one of the checkmarks is empty, eSafe could be the solution you need)

Multi-tiered Content Security

Proactive Security The eSafe Way

- Multiple levels of content security throughout the enterprise

- Multiple content security methods:

Scanning • Heuristics • Blocking

Content Security Methods

ScanningScanning identifies malicious code using known signatures.

Scanning is the most common anti-virus method.

Scanning is update dependant.

Pattern signatures can be applied to any type of malicious code.

Ghost Machine™ is an advanced scanning technology that detects complicated polymorphic, encrypted, and stealth malicious code.

HeuristicsHeuristics is a method of analyzing scripted programs such VB/Java scripts and MS Office macros.

Heuristics can detect variants of known vandal code as well as completely new and unknown malicious code.

Macro Terminator™ is used to eliminate VBA macros and SmartScript™ filtering removes malicious VBScript and JavaScript vandals.

Content Security Methods

Content Security Methods

BlockingUsed for stripping dangerous content sent by untrusted source, such as:

Executable attachments

Macros in Office documents

Scripts in emails

Effective as an immediate solution for outbreaks, until an update is available.

Content Security for Gateways and Mail Servers

eSafe GatewayProactive Content Security and Anti-virus for Internet gateways

eSafe MailProactive Email Security and Anti-virus for

Email Servers

eSafe ApplianceA hardware appliance preconfigured with eSafe Gateway or eSafe Mail

“eSafe is not just another anti-virus” “Aladdin Knowledge Systems, with its eSafe

products, has taken a pioneering step in the software security market by moving beyond only detecting and preventing virus attacks.”

“An important function that differentiates eSafe products from most competitors in the market is that it does not rely solely on scanning signatures.“

© Gartner Research Product Report

The Ultimate Proactive Content Security for Internet Gateways

Proactive Internet gateway security Integrated email security and anti-spam Certified auto-updating anti-virus Proactive malicious code protection Filters non-productive content Content Security policy enforcement Scalable enterprise solution

eSafe Gateway Means:

Inspection of Web pages and HTML based emails

Blocks malicious ActiveX, Java Applets and scripts

SmartScripts™ Filtering including email!(Malicious VB/Java scripts protection)

No Malicious Code

eSafe Gateway Means:

ICSA and Checkmark certified anti-virus

Scans all MIME and compressed file types

Macro Terminator™ and Ghost Machine™(Advanced Heuristic and Polymorphic Anti-virus protection)

Certified Anti Virus

eSafe Gateway Means:

Keyword-based email filtering(for inappropriate content and data exposure)

Email anti-spam and anti-spoof features

Removes all macros from untrusted documents

Blocks attachments by MIME and binary file types

Optional SurfControl® URL Filtering database(Millions of URLs indexed in 40 categories)

Content Filtering

eSafe Gateway Means:

Integrated Content Security solution for HTTP, FTP, and SMTP

Scalable architecture with load sharing

Remote secure management

Extensive reports and alerts

Integration and Management

Remote eConsole

All eSafe Products can be centrally managed over the network or across the Internet

Gateway eConsole Main Screen

Allows a real-time view of the network traffic and content inspection results

eSafe Gateway for OPSECCheck Point FireWall-1 CVP

The Best solution in the market for FireWall-1

Allows handling all content security in a secure DMZ

Simple and easy setup and configuration

Supports CVP load-sharing

NEW! Alternative SMTP traffic handling on the same machine!

FireWall-1 NGCertified

eSafe Gateway NitroInspectionSupports Most Networks

NT or Linux?Now you can have your choice! eSafe Gateway and eSafe Mail are

available for Windows or Linux platforms.

As a dedicated HARDENED machine, either choice would work great.

As Easy As 1-2-3Connect the eSafe Appliance in your LAN or DMZ.

Configure your Check Point FireWall-1 and/or SMTP mail server.

Configure the eSafe Appliance Content Security preferences.

* Available with eSafe Gateway for FW-1 (CVP) and eSafe Mail

1st Linux-based Content Security Appliance

Inspects HTTP, FTP and SMTP

Scans, filters and blocks viruses and malicious code

Integrated email security and anti-spam

Pre-configured plug-and-play box

Check Point OPSEC certified solution

Hi-capacity Network Challenges

Full Content Inspection in networks with over 8Mbit connections can create bottlenecks

Traditional proxy solutions are difficult to implement and are not scalable

Traditional solutions can produce a single-point-of-failure situation

What is HTTP traffic composed of?

Nearly 80% of HTTP traffic is composed of safe data:

GIF, JPEG, MPEG, etc.

Only 20% of HTTP traffic needs to be inspected

15%

70%

8%

5%2%

HTML Images

Multimedia Compressed

Other

The Aladdin-Radware Solution

eSafe Gateway with Nitro Inspection Routing (NIR) A fast, MIME type based content security routing policy system.

Radware CIDAn advanced ITM (Internet Traffic Management) device capable of rerouting, load-balancing and health monitoring capabilities .

+

=The first high-capacity Internet content security and management for the large enterprise or xSP.

Up to 500% content inspection speed increase and advanced scalability options.

How Does It Work?File Type Redirection

Other protocols and Trusted HTTP traffic and files bypasses Content Inspectors (according to MIME type)

Several ESG/ESM machines inspecting different content

Potentially malicious content is routed for inspection in an eSafe content inspection farm.

ESG1 ESG2 ESG3 ESM1

Only files that are potentially malicious are routed for content inspection

Radware CID

Proactive Email Security and Anti-virus for

Email Servers

Integrated email security and anti-spam

Certified auto-updating anti-virus

Proactive malicious code protection

Blocks email security exploits Filters non-productive content Content Security policy

enforcement

In the June 12th 2001 issue of PC Magazine, Aladdin’s eSafe Mail™ content security solution received the prestigious Editors’ Choice Award. Outranking eight competitors, eSafe was labeled “impressive.”

Editor Les Freed selected eSafe Mail for its:• Simple integration into the eSafe suite of security products• Unmatched logging methods through email, a report file & Event• Easily expandable, distributed server arrangement for future growth• Strong email scanning and filtering capabilities

Proactive Updates

Incremental scanning engine signatures(Similar to other anti-virus products)

New blocking policies

New monitoring policies

Incremental content (URL) filtering database

Instant alert/notification messages

Product updates and upgrades

eSafe Products Provide:

Proactive gateway to desktop security

Multi-tiered enterprise solution

Central administration

Scans and filters malicious code

Blocks hostile attachments

Analyses and blocks malicious scripts

Content security policy enforcement

Filters of nonproductive content

eSafe in the Press

“eSafe Mail is the most suitable solution for small businesses… it provides very thorough virus protection and filtering in one package and it’s very easy to set up and manage.”

PC Magazine June 12, 2001

“…don't let its size fool you: This device is packed with features.

PC Magazine, Best Product of 2002 – Networking Category

“Anyone can appreciate its multipurpose filtering abilities and strong throughput…The size of a cereal box, this Linux-based appliance is an easy addition to cramped offices… the eSafe Appliance is almost certain to make an impression.”

PC Magazine, Editors’ Choice, 2002

Thank You!

For more information:

www.eSafe.com