WEBSENSE EMAIL SECURITY

SOLUTIONS OVERVIEW

ChallengeThe nature of email threats has changed over the past few years. Gone are the days when email security, better

known as anti-spam, was primarily tasked with blocking based on volume and scanning for email-borne viruses. The

signature-based techniques used in early solutions, while still a viable part of a multi-layered strategy, are simply not

capable of protecting organizations from the highly targeted, blended attacks of today. In February 2012 IDC stated,

“Signature-based tools are only effective against 30–50% of current security threats.”

SolutionRead the cybercrime blogs and it’s evident that email is still a major attack vector. But read further and you’ll find

that a large percentage of the attacks are actually perpetrated via the web. The takeaway is email facilitates the

attack and web actually performs the actions. A modern security approach therefore requires both web and email

channels be evaluated with a strong cross-pollination of information between the two.

Websense® email security solutions are built on our core TRITON® technologies:

• Gateway Threat Analysis leverages security intelligence from the Websense ThreatSeeker® Intelligence Cloud

and Websense ACE (Advanced Classification Engine) — collecting data from more than 900 million endpoints

and analyzing up to 5 billion requests per day — to thwart advanced malware, spam, and blended threats.

• Point-of-Click Threat Analysis sandboxes suspicious links embedded in emails at the recipient’s point-of-click.

• Behavioral File Sandboxing analyzes suspicious files attached to email.

• Built-in Data Loss Prevention (DLP) monitors and prevents sensitive data such as product roadmaps or

customers’ personally identifiable information (PII) from leaving the corporate network via email.

ThreatSeeker Intelligence Cloud™URL

ANALYSISTHREAT

DATAEVENT

CORRELATIONCONTENTANALYSIS

PAYLOADANALYSIS

Network & Reputation

Analysis

Malware Spyware

Filters

SpamFilters

ContentFilters

Unwanted Email Quarantined

Internet EmailUnfiltered

Outbound EmailClean and Policy Compliant

Outbound EmailUnfiltered

Inbound EmailClean and Policy Compliant

Adaptive Learning

INTERNET

Websense Email Security Solutions Overview

The Websense DifferenceACE uses composite scoring with predictive

analysis. Combined with classifiers for real-time

security, data and content analysis — the result of

years of research and development — they enable

ACE to detect more threats than traditional anti-

virus engines every day (the proof is updated

weekly at securitylabs.websense.com). ACE is the

primary engine behind all TRITON solutions, and

is supported by the ThreatSeeker Intelligence

Cloud, which collects data from more than 900

million endpoints and analyzes up to 5 billion

requests every day.

Gateway Threat AnalysisAdvanced Malware Protection

ACE analyzes inbound and outbound email for

malware, spyware, and targeted and blended

threats. With real-time composite risk scoring,

anti-malware engines, and security intelligence

from the ThreatSeeker Intelligence Cloud,

protection is provided against known and

unknown threats within email.

Accurate Spam Detection

Websense provides highly accurate spam

blocking with very low false positives that

is backed by a 99 percent or higher SLA. A

combination of identification technologies is

used, including: sender reputation, connection

management, adaptive learning, URL analysis,

heuristics, suspicious PDF identification and

optical recognition of image spam.

Point-of-Click Threat AnalysisURL Sandboxing

Isolates suspicious links embedded in emails and

analyzes the payload of the corresponding web

page at the recipient’s point-of-click. Modern

phishing attacks succeed primarily because

phishing emails now contain embedded links that

point to dynamic-IP botnets or web pages that

host dynamic code — two techniques that may

elude even the most robust gateway malware

analysis.

For example, an email sent at midnight may

contain a link to a web page that was harmless on

the initial security scan at the gateway. However,

the same web page may include injected

malicious code when the recipient clicks on the

link the following morning. URL Sandboxing

helps thwart web pages hosting dynamic code

injections that have bypassed initial gateway

analysis.

Behavioral File SandboxingEmail File Sandboxing

Suspicious file attachments are scanned in a

cloud-based behavioral sandbox to protect

against the latest, and most dangerous, zero-day

and advanced persistent threats (APTs).

Forensic Reporting

Actionable reports that describe the system

changes made and network communications

used by the malware are automatically delivered

to administrators.

Built-in Data Loss Prevention (DLP)Policy Templates and Dictionaries

Pre-defined dictionaries in multiple topics and

languages plus built-in PCI-DSS and data privacy

templates help you quickly identify and stop

email policy violations and meet regulatory

requirements.

Flexible Encryption

Protect sensitive and regulated data by securing

email through TLS encryption for server-to-

server protection. Advanced Email Encryption

(optional) secures the email and any attachments

from sender to recipient.

Websense Email Security Solutions Overview Features

CloudCloud: An in-the-cloud email security solution saves time and money with

no equipment to install or maintain, built-in resilience, predictable costs

and reduced administrative overhead.

Protecting email with Websense is easy. Simply point MX records to the

Websense data centers and email is cleansed before it reaches your

network, saving bandwidth by removing spam and threats in the cloud.

Websense data centers are

• Load balanced

• Redundant

• Located worldwide

The service provides an SLA-backed availability of 99.999 percent and is

certified to ISO27001 standards to provide the highest degree of global

and localized security, privacy and confidentiality.

Appliance

Appliance: Maximum control of all policies and reporting with an

on-premises appliance.

The Websense V-Series™ appliances are high-performance, preconfigured,

security-hardened hardware platforms designed to support flexible

deployment of the leading Websense web, email, and data security solutions.

The physical appliances are available in two models:

• Websense V10000: For headquarters and large office deployments.

• Websense V5000: For branch office and medium business deployments.

A virtual appliance is also available:

• Websense ESGv – Virtual appliance in OVF format.

HybridHybrid: Integrates in-the-cloud deployment with an appliance for an

optimal balance between scalability and control.

Websense offers multiple deployment models for email security, so that you get to choose which method makes the most sense for your organization.

Websense Email Security Solutions Overview Deployment Models

Feature Cloud Email

Security & Content Control (CES & CC)

Email Security Gateway

Email Security Gateway

Anywhere (ESGA)

Deployment Model Cloud Appliance HybridWebsense ACE

(Advanced Classification Engine)

Multiple Anti-Malware Engines

Anti-Spam and Anti-Phishing

URL Sandboxing*

File Sandboxing*

Phishing Education and Reporting*

In-the-Cloud Spam Filtering

Service Level Agreements (SLAs)

Data Loss Prevention for Email

TLS Encryption

Advanced Email Encryption*

Image Analysis/Virtual Image Analyzer*

Managed Through TRITON Console

Virtual Appliance Option

*Optional Add-On

© 2013 Websense, Inc. All rights reserved. Websense, TRITON and the Websense logo are registered trademarks of Websense, Inc. in the United States and various countries. All other trademarks are the properties of their respective owners. EmailSecuritySolutions 11-05-13ENG.

Learn more at www.websense.com | +1 800-723-1166 | info@websense.com

TRITON STOPS MORE THREATS. WE CAN PROVE IT.

Websense Email Security Solutions Overview Product Comparison