Embed Size (px)
Citation preview
McAfee SaaS Web ProtectionIntroduction
August 26, 2013
Presenter’s NamePresenter’s Title
2
Agenda
Web 2.0 – Value and Threats
McAfee SaaS Web Protection
Web Protection – Delivery Mechanisms
Global Threat Intelligence (GTI)
Anti-malware Capability
Resources
Web 2.0 Value and Threats
3
New Marketing Channels
Employee Life / Work Balance
Collaboration Tools / Business Apps
Find Employees
“Twitter hack raises flags on security”The New York Times
“Facebook hit by another version of Koobface worm”
USA Today
“Loudmouth workers leaking data through social networking sites”
The Register
“Salesforce.com employee hands customer list to phisher”
eWeek.com
“Facebook and YouTube dominate workplace traffic and bandwidth”
SC Magazine
Web 2.0 Security Challenges
August 26, 20134
Malware attacking via Facebook, Twitter and MySpace
August 26, 20135
Video links resulting in requirement to download fake flash player updates
Trusted Sites Deliver Malware via Ads
August 26, 20136
August 26, 20137
ApplianceVirtual
McAfee delivers Flexible Web SecurityDeployment options to fit your dynamic business
SaaS
August 26, 20138
Don’t Forget about Hybrid…
8
HYBRID Delivery
On-Premises Cloud Computing+
August 26, 2013
Web Protection in the Cloud
• Multi-tenant Architecture• Headless Scalability• Global Datacenters• Thousands of Customers• >50 Million Requests/day
http://www
http://www
http://www
http://wwwhttp://www
http://wwwhttp://www
http://wwwhttp://www
http://wwwhttp://www
Productive Browsing
©2009 McAfee SaaS, All Rights Reserved 10
Blocked Malware DeliveryAllowed Content RequestBlocked Content Request
McAfee SaaS Web Protection
Log
Content ControlThreat ControlTotal Control
Complete Web Protection Service
MalwareFilter
ContentPolicyBlocked
Page Warning
www
McAfee SaaS Web Protection
McAfee SaaS Web Protection
• Faster to deploy, less expensive to own• Zero-footprint, Always-on security
Cloud-based service
• Remove inappropriate content, reduce distraction, optimize bandwidth• Over 100 granular categories
URL filtering based on Trusted Source categories (GTI)**
• Behavior and intent based code analysis• Much more effective than signature based approaches
State-of-the-art Malware removal**
• Allocate resources to business focused activities• Protect vital access from bandwidth hogs
Bandwidth management
• Different access based on directory users and groups• Change restrictions based on time of day
Flexible rules allow for appropriate controls
How McAfee Global Threat Intelligence WorksDelivering the Most Comprehensive Intelligence in the Market
McAfee Labs
EmailFirewallIPS DLPWeb AWLePO AV
12
File Reputation Engine
Web Reputation Engine
Network Reputation Engine
Email Reputation Engine
Vulnerability Information
Threat Intelligence FeedsOther feeds & analysisServers FirewallsEndpoints Appliances
Mobile
Why McAfee is Best Positioned to Deliver GTIThe Most Robust Telemetry Data in the Market
August 26, 201313
• 2.5B Malware Reputation Queries/Month• 20B Email Reputation Queries/Month• 75B Web Reputation Queries/Month• 2B IP Reputation Queries/Month• 300M IPS Attacks/Month• 100M Ntwk Conn Rep Queries/Month• 100+ BILLION QUERIES
Queries
Nodes
• Malware: 40M Endpoints• Email: 30M Nodes• Web: 45M Endpoint and Gateway Users• Intrusions: 4M Nodes• 100+ MILLION NODES, 120 COUNTRIES
McAfee GTI Recognition
Highest total detectionrate with lowest false positive rate
Highest ongoingdetection rate
Multiple products, including Best Enterprise Security Solution
Only one of seven leading vendors to thwart Operation Aurora
Highest detection rate of Potentially Unwanted Programs (PUPs)
VB100 award for excellence invirus detection
McAfee Labs, the McAfee security research organization that created Global Threat Intelligence
The McAfee Anti-Malware PROACTIVE Difference
WebReputation(McAfee® GTI)
Behavioral Analysis
Exploit Detection
Proactive Real-time Protection
15
Executable Behavioral Analysis
16
• What is this content doing?
• Analyses 100,000s Of “Behaviors”
• Context Aware
Disinfect page
Redirects to exploit
Steals from
clipboard
XSS
VulnerableActiveX
Infected
• Constantly Learning New Behaviors
• Disinfect Where Possible
Sample Malicious Traffic from Financial Institution
August 26, 201317
HTML Documents (Incl. embedded scripts)
Windows Executables
Standalone JavaScript
Graphics (JPEG, GIF)
McAfee AV: Signature coverage
McAfee Anti-Malware: Proactive coverage
30%
1% 0.5%
5%
16%
47%
McAfee SaaS Web Protection
Security: Malware Detection Leadership
• AV-Test is one of the worldwide leading providers of test scenarios analyzing effectiveness, behavior and speed of IT-security solutions
• Quarterly tests on 36 anti-malware products • McAfee Web Security consistently leads
18
Proactive Detections: Q2 2010
0 100 200 300
McAfee GW Edition
Sophos
Kaspersky
Fortinet
Trend Micro
Symantec
0 100 200 300
McAfee GW Edition
Sophos
Kaspersky
Symantec
Fortinet
Trend Micro
Average Response Time/Hrs: Q2 2010
Anti-malware Awards and Testing
August 26, 2013McAfee Web Gateway19
Network World Magazine Clear
Choice Winner for Anti-malware
GatewayDec 2009
2009 Readers’ Choice Award from Information Security
Magazine and SearchSecurity.com
SC Magazine Awards 2010 Best
Anti-Malware Solution
Network World: “McAfee's Web Gateway appliance is our Clear Choice winner…McAfee's appliance thwarted more malware—with
lower latency—than the other gateways.”
Note: McAfee SaaS Web Protection and Web Gateway utilize the same Anti-malware engine
SaaS Web Protection20
Resources
• Product data sheets• Case studies• Whitepapers• Web based training• Videos, etc.• Demonstration System• 30 Day Evaluations • www.mcafeesaas.com
