complete proactive content security from the gateway to the desktop copyright © 2003 aladdin...
TRANSCRIPT
![Page 1: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/1.jpg)
Complete Proactive Content Securityfrom the Gateway to the Desktop
Copyright © 2003 Aladdin Knowledge Systems
![Page 2: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/2.jpg)
What is Content Security?Content Security ensures aclean flow of information
Free of malicious code:Vandals, viruses, worms, Trojans,ActiveX, Java, scripts
Free of Inappropriate and nonproductive content
![Page 3: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/3.jpg)
Some Facts About Content Security
96% of corporations use anti-virus products
Virus attacks are constantly rising, and so are the damages
Most anti-virus products are desktop solutions
Many organizations use email anti-virus solutions
Most organizations do not inspect Web (HTTP) traffic, yet...
![Page 4: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/4.jpg)
A complete Content Security solution covers:
Malicious code that destroys or steals digital assets Inappropriate and nonproductive material The misuse of company resources
(P.S. If one of the checkmarks is empty, eSafe could be the solution you need)
![Page 5: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/5.jpg)
Mail server level Content Inspection (SMTP and/or Exchange)
Gateway level Content Inspection (FW-1 or other firewalls)
Desktop level Content Inspection
(P.S. If one of the checkmarks is empty, eSafe could be the solution you need)
Multi-tiered Content Security
![Page 6: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/6.jpg)
Proactive Security The eSafe Way
- Multiple levels of content security throughout the enterprise
- Multiple content security methods:
Scanning • Heuristics • Blocking
![Page 7: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/7.jpg)
Content Security Methods
ScanningScanning identifies malicious code using known signatures.
Scanning is the most common anti-virus method.
Scanning is update dependant.
Pattern signatures can be applied to any type of malicious code.
Ghost Machine™ is an advanced scanning technology that detects complicated polymorphic, encrypted, and stealth malicious code.
![Page 8: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/8.jpg)
HeuristicsHeuristics is a method of analyzing scripted programs such VB/Java scripts and MS Office macros.
Heuristics can detect variants of known vandal code as well as completely new and unknown malicious code.
Macro Terminator™ is used to eliminate VBA macros and SmartScript™ filtering removes malicious VBScript and JavaScript vandals.
Content Security Methods
![Page 9: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/9.jpg)
Content Security Methods
BlockingUsed for stripping dangerous content sent by untrusted source, such as:
Executable attachments
Macros in Office documents
Scripts in emails
Effective as an immediate solution for outbreaks, until an update is available.
![Page 10: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/10.jpg)
Content Security for Gateways and Mail Servers
eSafe GatewayProactive Content Security and Anti-virus for Internet gateways
eSafe MailProactive Email Security and Anti-virus for
Email Servers
eSafe ApplianceA hardware appliance preconfigured with eSafe Gateway or eSafe Mail
![Page 11: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/11.jpg)
“eSafe is not just another anti-virus” “Aladdin Knowledge Systems, with its eSafe
products, has taken a pioneering step in the software security market by moving beyond only detecting and preventing virus attacks.”
“An important function that differentiates eSafe products from most competitors in the market is that it does not rely solely on scanning signatures.“
© Gartner Research Product Report
![Page 12: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/12.jpg)
The Ultimate Proactive Content Security for Internet Gateways
Proactive Internet gateway security Integrated email security and anti-spam Certified auto-updating anti-virus Proactive malicious code protection Filters non-productive content Content Security policy enforcement Scalable enterprise solution
![Page 13: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/13.jpg)
eSafe Gateway Means:
Inspection of Web pages and HTML based emails
Blocks malicious ActiveX, Java Applets and scripts
SmartScripts™ Filtering including email!(Malicious VB/Java scripts protection)
No Malicious Code
![Page 14: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/14.jpg)
eSafe Gateway Means:
ICSA and Checkmark certified anti-virus
Scans all MIME and compressed file types
Macro Terminator™ and Ghost Machine™(Advanced Heuristic and Polymorphic Anti-virus protection)
Certified Anti Virus
![Page 15: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/15.jpg)
eSafe Gateway Means:
Keyword-based email filtering(for inappropriate content and data exposure)
Email anti-spam and anti-spoof features
Removes all macros from untrusted documents
Blocks attachments by MIME and binary file types
Optional SurfControl® URL Filtering database(Millions of URLs indexed in 40 categories)
Content Filtering
![Page 16: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/16.jpg)
eSafe Gateway Means:
Integrated Content Security solution for HTTP, FTP, and SMTP
Scalable architecture with load sharing
Remote secure management
Extensive reports and alerts
Integration and Management
![Page 17: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/17.jpg)
Remote eConsole
All eSafe Products can be centrally managed over the network or across the Internet
![Page 18: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/18.jpg)
Gateway eConsole Main Screen
Allows a real-time view of the network traffic and content inspection results
![Page 19: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/19.jpg)
eSafe Gateway for OPSECCheck Point FireWall-1 CVP
The Best solution in the market for FireWall-1
Allows handling all content security in a secure DMZ
Simple and easy setup and configuration
Supports CVP load-sharing
NEW! Alternative SMTP traffic handling on the same machine!
FireWall-1 NGCertified
![Page 20: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/20.jpg)
eSafe Gateway NitroInspectionSupports Most Networks
![Page 21: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/21.jpg)
NT or Linux?Now you can have your choice! eSafe Gateway and eSafe Mail are
available for Windows or Linux platforms.
As a dedicated HARDENED machine, either choice would work great.
![Page 22: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/22.jpg)
As Easy As 1-2-3Connect the eSafe Appliance in your LAN or DMZ.
Configure your Check Point FireWall-1 and/or SMTP mail server.
Configure the eSafe Appliance Content Security preferences.
* Available with eSafe Gateway for FW-1 (CVP) and eSafe Mail
![Page 23: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/23.jpg)
1st Linux-based Content Security Appliance
Inspects HTTP, FTP and SMTP
Scans, filters and blocks viruses and malicious code
Integrated email security and anti-spam
Pre-configured plug-and-play box
Check Point OPSEC certified solution
![Page 24: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/24.jpg)
Hi-capacity Network Challenges
Full Content Inspection in networks with over 8Mbit connections can create bottlenecks
Traditional proxy solutions are difficult to implement and are not scalable
Traditional solutions can produce a single-point-of-failure situation
![Page 25: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/25.jpg)
What is HTTP traffic composed of?
Nearly 80% of HTTP traffic is composed of safe data:
GIF, JPEG, MPEG, etc.
Only 20% of HTTP traffic needs to be inspected
15%
70%
8%
5%2%
HTML Images
Multimedia Compressed
Other
![Page 26: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/26.jpg)
The Aladdin-Radware Solution
eSafe Gateway with Nitro Inspection Routing (NIR) A fast, MIME type based content security routing policy system.
Radware CIDAn advanced ITM (Internet Traffic Management) device capable of rerouting, load-balancing and health monitoring capabilities .
+
=The first high-capacity Internet content security and management for the large enterprise or xSP.
Up to 500% content inspection speed increase and advanced scalability options.
![Page 27: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/27.jpg)
How Does It Work?File Type Redirection
Other protocols and Trusted HTTP traffic and files bypasses Content Inspectors (according to MIME type)
Several ESG/ESM machines inspecting different content
Potentially malicious content is routed for inspection in an eSafe content inspection farm.
ESG1 ESG2 ESG3 ESM1
Only files that are potentially malicious are routed for content inspection
Radware CID
![Page 28: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/28.jpg)
![Page 29: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/29.jpg)
Proactive Email Security and Anti-virus for
Email Servers
Integrated email security and anti-spam
Certified auto-updating anti-virus
Proactive malicious code protection
Blocks email security exploits Filters non-productive content Content Security policy
enforcement
![Page 30: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/30.jpg)
In the June 12th 2001 issue of PC Magazine, Aladdin’s eSafe Mail™ content security solution received the prestigious Editors’ Choice Award. Outranking eight competitors, eSafe was labeled “impressive.”
Editor Les Freed selected eSafe Mail for its:• Simple integration into the eSafe suite of security products• Unmatched logging methods through email, a report file & Event• Easily expandable, distributed server arrangement for future growth• Strong email scanning and filtering capabilities
![Page 31: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/31.jpg)
Proactive Updates
Incremental scanning engine signatures(Similar to other anti-virus products)
New blocking policies
New monitoring policies
Incremental content (URL) filtering database
Instant alert/notification messages
Product updates and upgrades
![Page 32: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/32.jpg)
eSafe Products Provide:
Proactive gateway to desktop security
Multi-tiered enterprise solution
Central administration
Scans and filters malicious code
Blocks hostile attachments
Analyses and blocks malicious scripts
Content security policy enforcement
Filters of nonproductive content
![Page 33: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/33.jpg)
eSafe in the Press
“eSafe Mail is the most suitable solution for small businesses… it provides very thorough virus protection and filtering in one package and it’s very easy to set up and manage.”
PC Magazine June 12, 2001
“…don't let its size fool you: This device is packed with features.
PC Magazine, Best Product of 2002 – Networking Category
“Anyone can appreciate its multipurpose filtering abilities and strong throughput…The size of a cereal box, this Linux-based appliance is an easy addition to cramped offices… the eSafe Appliance is almost certain to make an impression.”
PC Magazine, Editors’ Choice, 2002
![Page 34: Complete Proactive Content Security from the Gateway to the Desktop Copyright © 2003 Aladdin Knowledge Systems](https://reader030.vdocuments.site/reader030/viewer/2022032606/56649eb55503460f94bbdb3e/html5/thumbnails/34.jpg)
Thank You!
For more information:
www.eSafe.com