View
369
Download
1
Embed Size (px)
DESCRIPTION
Citation preview
WEBSENSE EMAIL SECURITY
SOLUTIONS OVERVIEW
ChallengeThe nature of email threats has changed over the past few years. Gone are the days when email security, better
known as anti-spam, was primarily tasked with blocking based on volume and scanning for email-borne viruses. The
signature-based techniques used in early solutions, while still a viable part of a multi-layered strategy, are simply not
capable of protecting organizations from the highly targeted, blended attacks of today. In February 2012 IDC stated,
“Signature-based tools are only effective against 30–50% of current security threats.”
SolutionRead the cybercrime blogs and it’s evident that email is still a major attack vector. But read further and you’ll find
that a large percentage of the attacks are actually perpetrated via the web. The takeaway is email facilitates the
attack and web actually performs the actions. A modern security approach therefore requires both web and email
channels be evaluated with a strong cross-pollination of information between the two.
Websense® email security solutions are built on our core TRITON® technologies:
• Gateway Threat Analysis leverages security intelligence from the Websense ThreatSeeker® Intelligence Cloud
and Websense ACE (Advanced Classification Engine) — collecting data from more than 900 million endpoints
and analyzing up to 5 billion requests per day — to thwart advanced malware, spam, and blended threats.
• Point-of-Click Threat Analysis sandboxes suspicious links embedded in emails at the recipient’s point-of-click.
• Behavioral File Sandboxing analyzes suspicious files attached to email.
• Built-in Data Loss Prevention (DLP) monitors and prevents sensitive data such as product roadmaps or
customers’ personally identifiable information (PII) from leaving the corporate network via email.
ThreatSeeker Intelligence Cloud™URL
ANALYSISTHREAT
DATAEVENT
CORRELATIONCONTENTANALYSIS
PAYLOADANALYSIS
Network & Reputation
Analysis
Malware Spyware
Filters
SpamFilters
ContentFilters
Unwanted Email Quarantined
Internet EmailUnfiltered
Outbound EmailClean and Policy Compliant
Outbound EmailUnfiltered
Inbound EmailClean and Policy Compliant
Adaptive Learning
INTERNET
Websense Email Security Solutions Overview
The Websense DifferenceACE uses composite scoring with predictive
analysis. Combined with classifiers for real-time
security, data and content analysis — the result of
years of research and development — they enable
ACE to detect more threats than traditional anti-
virus engines every day (the proof is updated
weekly at securitylabs.websense.com). ACE is the
primary engine behind all TRITON solutions, and
is supported by the ThreatSeeker Intelligence
Cloud, which collects data from more than 900
million endpoints and analyzes up to 5 billion
requests every day.
Gateway Threat AnalysisAdvanced Malware Protection
ACE analyzes inbound and outbound email for
malware, spyware, and targeted and blended
threats. With real-time composite risk scoring,
anti-malware engines, and security intelligence
from the ThreatSeeker Intelligence Cloud,
protection is provided against known and
unknown threats within email.
Accurate Spam Detection
Websense provides highly accurate spam
blocking with very low false positives that
is backed by a 99 percent or higher SLA. A
combination of identification technologies is
used, including: sender reputation, connection
management, adaptive learning, URL analysis,
heuristics, suspicious PDF identification and
optical recognition of image spam.
Point-of-Click Threat AnalysisURL Sandboxing
Isolates suspicious links embedded in emails and
analyzes the payload of the corresponding web
page at the recipient’s point-of-click. Modern
phishing attacks succeed primarily because
phishing emails now contain embedded links that
point to dynamic-IP botnets or web pages that
host dynamic code — two techniques that may
elude even the most robust gateway malware
analysis.
For example, an email sent at midnight may
contain a link to a web page that was harmless on
the initial security scan at the gateway. However,
the same web page may include injected
malicious code when the recipient clicks on the
link the following morning. URL Sandboxing
helps thwart web pages hosting dynamic code
injections that have bypassed initial gateway
analysis.
Behavioral File SandboxingEmail File Sandboxing
Suspicious file attachments are scanned in a
cloud-based behavioral sandbox to protect
against the latest, and most dangerous, zero-day
and advanced persistent threats (APTs).
Forensic Reporting
Actionable reports that describe the system
changes made and network communications
used by the malware are automatically delivered
to administrators.
Built-in Data Loss Prevention (DLP)Policy Templates and Dictionaries
Pre-defined dictionaries in multiple topics and
languages plus built-in PCI-DSS and data privacy
templates help you quickly identify and stop
email policy violations and meet regulatory
requirements.
Flexible Encryption
Protect sensitive and regulated data by securing
email through TLS encryption for server-to-
server protection. Advanced Email Encryption
(optional) secures the email and any attachments
from sender to recipient.
Websense Email Security Solutions Overview Features
CloudCloud: An in-the-cloud email security solution saves time and money with
no equipment to install or maintain, built-in resilience, predictable costs
and reduced administrative overhead.
Protecting email with Websense is easy. Simply point MX records to the
Websense data centers and email is cleansed before it reaches your
network, saving bandwidth by removing spam and threats in the cloud.
Websense data centers are
• Load balanced
• Redundant
• Located worldwide
The service provides an SLA-backed availability of 99.999 percent and is
certified to ISO27001 standards to provide the highest degree of global
and localized security, privacy and confidentiality.
Appliance
Appliance: Maximum control of all policies and reporting with an
on-premises appliance.
The Websense V-Series™ appliances are high-performance, preconfigured,
security-hardened hardware platforms designed to support flexible
deployment of the leading Websense web, email, and data security solutions.
The physical appliances are available in two models:
• Websense V10000: For headquarters and large office deployments.
• Websense V5000: For branch office and medium business deployments.
A virtual appliance is also available:
• Websense ESGv – Virtual appliance in OVF format.
HybridHybrid: Integrates in-the-cloud deployment with an appliance for an
optimal balance between scalability and control.
Websense offers multiple deployment models for email security, so that you get to choose which method makes the most sense for your organization.
Websense Email Security Solutions Overview Deployment Models
Feature Cloud Email
Security & Content Control (CES & CC)
Email Security Gateway
Email Security Gateway
Anywhere (ESGA)
Deployment Model Cloud Appliance HybridWebsense ACE
(Advanced Classification Engine)
Multiple Anti-Malware Engines
Anti-Spam and Anti-Phishing
URL Sandboxing*
File Sandboxing*
Phishing Education and Reporting*
In-the-Cloud Spam Filtering
Service Level Agreements (SLAs)
Data Loss Prevention for Email
TLS Encryption
Advanced Email Encryption*
Image Analysis/Virtual Image Analyzer*
Managed Through TRITON Console
Virtual Appliance Option
*Optional Add-On
© 2013 Websense, Inc. All rights reserved. Websense, TRITON and the Websense logo are registered trademarks of Websense, Inc. in the United States and various countries. All other trademarks are the properties of their respective owners. EmailSecuritySolutions 11-05-13ENG.
Learn more at www.websense.com | +1 800-723-1166 | [email protected]
TRITON STOPS MORE THREATS. WE CAN PROVE IT.
Websense Email Security Solutions Overview Product Comparison