Contenu connexe Similaire à Check Point: Securing Web 2.0 (20) Plus de Group of company MUK (15) Check Point: Securing Web 2.0 3. In an Internet Minute:
1.9 Million
Likes
92,593 Hours
Viewed
694,444 Files
Uploaded
©2013 Check Point Software Technologies Ltd.
3
4. The Web Evolves as Attack Vector:
Sites compromised to spread malware
Applications might pose security risk
Sensitive data might be lost
Social networks used in attacks
©2013 Check Point Software Technologies Ltd.
4
7. Check Point’s
Next Generation
Secure Web
Gateway
Educate and
Engage Users
Block Use of
Dangerous Applications
Prevent Malicious
Downloads
Block Access
to Malicious
Sites
©2013 Check Point Software Technologies Ltd.
7
8. Legitimate Sites Compromised to Spread Malware
“NBC Websites Hacked To Serve Citadel
Financial Malware”
Information Week, February 22, 2013 09:50 AM
©2013 Check Point Software Technologies Ltd.
8
9. Does Your Secure Web Gateway Download
Protection Updates Once a Day?!
Sometimes old is fine…
…Not in security!
©2013 Check Point Software Technologies Ltd.
9
10. Check Point’s Next Gen Secure Web Gateway
Powered by Threat Intelligence
URL Filtering
constantly updated
Antivirus uses ThreatCloud—
a vast, collaborative threat
intelligence repository
©2013 Check Point Software Technologies Ltd.
10
11. But Web is More Than Just URLs…
In
61% of organizations,
a P2P file sharing application is used
Heavily used to spread malware
Open back doors to the network
Legal liability for illegal downloads
©2013 Check Point Software Technologies Ltd.
11
12. Anonymizers Used to Bypass the Security Policy
Some Applications are
Highly Evasive!
©2013 Check Point Software Technologies Ltd.
12
13. Does Your Secure Web Gateway
Look only at URLs?!
You Can’t
Afford
to Look Only
Under the
Lamppost!
©2013 Check Point Software Technologies Ltd.
13
14. Check Point’s Next Gen Secure Web Gateway
Control Thousands of Applications
Over 300 P2P file sharing apps
Over 90 anonymizers
Identify and control even
highly evasive applications
appwiki.checkpoint.com
©2013 Check Point Software Technologies Ltd.
14
15. Why Use Separate Solutions to Control
Applications and Sites?!
Websites
Applications
Not URL-based
www.hackthissite.org
www.fantasyfootball.com
Facebook Chat
Granularity
beyond URLs
©2013 Check Point Software Technologies Ltd.
15
16. Check Point’s Next Gen Secure Web Gateway
The Only Solution to Offer
Unified Security!
Unified control, analysis and reporting
over all aspects of Web.
©2013 Check Point Software Technologies Ltd.
16
17. Sharing is Not Always Caring…
80%
of organizations use file storage
and sharing applications
“Our investigation found that usernames and passwords
recently stolen were used to sign in to Dropbox accounts”
Dropbox blog, July 31, 2012
©2013 Check Point Software Technologies Ltd.
17
18. Check Point’s Next Gen Secure Web Gateway
Granularly Control Features
Within Applications
Add DLP for extended data protection!
©2013 Check Point Software Technologies Ltd.
18
19. Social Media Used as Attack Vector
Spread malware
Gather information to be
used in targeted attacks
©2013 Check Point Software Technologies Ltd.
19
20. Blocking Won’t Help…
I need
to stay in
touch with
customers, partners and
colleagues
Sales
I need
to get the
latest industry
news, articles and
reviews
Social media increasingly
used in the business!
Engineer
©2013 Check Point Software Technologies Ltd.
20
21. Does Your Secure Web Gateway Allow
Business Continuity While Maintaining Security?
Kids know not to take
candy from strangers…
…Education is key!
©2013 Check Point Software Technologies Ltd.
21
22. Check Point’s Next Gen Secure Web Gateway
Using Social Media Safely
Easily EducateSocial Networks
Stay safe on and
Engage End-Users
Dear John Smith,
Before proceeding to use Facebook, please
be aware:
•
•
Fake Rihanna videos are actually a virus don't click!
Cyber-criminals might use Social
Networks to gather information in
preparation for an attack - don't accept
friends you don't personally know!
OK, I Understand
Safe browsing,
Maintain business continuity
IT Department
without compromising security!
©2013 Check Point Software Technologies Ltd.
22
24. Check Point’s Next Gen Secure Web Gateway
©2013 Check Point Software Technologies Ltd.
24
25. Check Point’s Next Gen Secure Web Gateway
Executive Summary Reports:
©2013 Check Point Software Technologies Ltd.
25
26. Check Point’s Next Gen Secure Web Gateway
Detailed user and group activity reports:
©2013 Check Point Software Technologies Ltd.
26
27. Last But Not Least…
Web security doesn’t have to cost a fortune!
©2013 Check Point Software Technologies Ltd.
27
28. Check Point’s Next Gen Secure Web Gateway
Example: Web Security for 1,000 users, 1st Year Cost
Traditional
Secure Web Gateway
Check Point
SWG 4800
Only
Subscription Renewal:
$38,990
(street price)
First year – HW+SW:
$31,100
(list price)
©2013 Check Point Software Technologies Ltd.
28
29. Check Point’s Next Gen Secure Web Gateway
Example: Web Security for 1,000 users, 3 Years’ Cost
Traditional
Secure Web Gateway
Check Point
SWG 4800
HW + SW:
$99,760
(street price)
HW+SW:
$42,150
(list price)
More security—for 57% less!
©2013 Check Point Software Technologies Ltd.
29
30. Check Point Secure Web Gateway
is Your Safety Net
Enabling you to leverage the power of Web
in your business!
©2013 Check Point Software Technologies Ltd.
30
31. Educate and Engage
Users
Check Point’s
Next Generation
Secure Web
Gateway
Block Use of
Dangerous Applications
Prevent Malicious
Downloads
Block Access to
Malicious Sites
©2013 Check Point Software Technologies Ltd.
31
32. Check Point’s
Next Generation
Secure Web
Gateway
Educate and
Engage Users
Block Use of
Dangerous Applications
Prevent Malicious
Downloads
Block Access
to Malicious
Sites
©2013 Check Point Software Technologies Ltd.
32
Notes de l'éditeur http://www.istockphoto.com/stock-photo-3675907-analogue-stop-watch-isolated-on-white.php http://www.istockphoto.com/stock-photo-4020428-five-seconds.php?st=d78456bhttp://www.businessweek.com/articles/2012-10-04/facebook-the-making-of-1-billion-users#p2 - Each day, Facebook processes 2.7 billion “Likes”, 2.5 billion content items sharedHours of Video watched on YouTube 4,000,000,000 a month 133,333,333 a day 5,555,556 an hour 92,593 a minutehttp://www.youtube.com/yt/press/statistics.html – Over 4 billion hours of video are watched each month on YouTubehttp://youtube-global.blogspot.ca/2013/03/onebillionstrong.html – March 20, 2013: YouTube Hits a Billion Monthly Usershttp://thenextweb.com/insider/2013/02/27/1-billion-files-are-now-being-uploaded-to-dropbox-every-day/ - Dropbox: 1 billion files are now being uploaded every day http://www.istockphoto.com/stock-photo-3844961-top-secret-file.php?st=1fe26daTwitter: It’s you on photo http://www.zdnet.com/twitter-malware-warning-its-you-on-photo-or-its-about-you-7000001736/ http://www.istockphoto.com/stock-photo-5091675-light-bulb.php?st=9bb1045Threats are coming from different direction – a new approach is needed: multi-layered Web Security http://www.istockphoto.com/stock-photo-19905144-brushed-metal-shield.php?st=24b2fc0 http://www.istockphoto.com/stock-photo-19905144-brushed-metal-shield.php?st=24b2fc0 How does Ultrasurf Anonymizer Work?Ultrasurf is a very sophisticated anonymizer that worksas a proxy client, creating an encrypted HTTP tunnelbetween the user’s computer and a central pool of proxyservers, enabling users to bypass firewalls and censorship.Ultrasurf has a very resilient design for discovering proxyservers including a cache file of proxy server IPs, DNSrequests, which return encoded IPs of proxy servers,encrypted documents on Google Docs and a hard codedlist of proxy server IPs built into the program. Thesetechniques make it even more difficult to be detected bysecurity devices. Security 1.0 can’t handle these applications –Can block websites providing proxy avoidance services, but what about Vtunnel, UltraSurf…?“Block UDP on the FW, turn on SSL inspection – all non-standard SSL traffic will be blocked”Not practical… collect personal information in preparing for a spear phishing attack Or: Social Media is now an essential business tool http://www.istockphoto.com/stock-photo-21037762-sherlock-holmes-silhouette-computing.php?st=b5274ebAlternative: http://www.istockphoto.com/stock-illustration-11975852-detective-holding-a-magnifier-and-showing-something.php?st=b5274eb http://www.istockphoto.com/stock-photo-2765246-money-bags.php?st=e063e67 http://www.istockphoto.com/stock-photo-17147167-scales-of-justice.php?st=0b6931bhttp://www.istockphoto.com/stock-photo-17147227-scales-of-justice.php?st=0b6931b http://www.istockphoto.com/stock-photo-17147167-scales-of-justice.php?st=0b6931bhttp://www.istockphoto.com/stock-photo-17147227-scales-of-justice.php?st=0b6931b This safety net can only be achieved by incorporating multiple lines of defense, a multi-layered approach to Web Security http://www.istockphoto.com/stock-photo-19905144-brushed-metal-shield.php?st=24b2fc0