Feature

Web security gateways keep Web-based malware at bay

Ezine

This article can also be found in the Premium Editorial Download "Information Security magazine: Security Readers' Choice Awards 2008."

Download it now to read this article plus other related content.

PLUGGING DATA LEAKS
The increasing number of ways users can communicate or move data online makes controlling data leakage a key objective for most administrators. While information escaping the organization has always been a problem, the depth and breadth of the problem has changed dramatically. Data leakage can occur by accident or because of poor business processes, but increasingly, malware of some form or another is sending it out through the network.

Web security gateways can certainly help in this area by monitoring the types of files going through the network perimeter and scanning documents for phrases and terms that could potentially cause data leakage. Coordination of content policy across all communication channels is a lot more efficient when they're all passing through one box.

As part of the process of reducing data leaks, users need to be made aware of the risks of Web 2.0 in the same way most have been told of the dangers of email attachments from unknown sources. Web security gateways that capture traffic on all ports and protocols can produce an excellent evidence chain to help challenge risky user behavior. To do this, they need to provide clear and concise reports of consolidated data; an outstanding feature of Mi5's Web-gate are its reports. Another tool to stop data leakage, provided by Webgate

    Requires Free Membership to View

and other Web security gateways, is identification and remote remediation of infected PCs.

One area that has always been a bit of a blind spot when it comes to data analysis is SSL traffic. SSL decryption requires that the SSL certificate is imported into the device so that it has the ability to decrypt and inspect SSL traffic. This obviously incurs heavy overhead. Most Web security gateways still require an SSL proxy engine to be added separately to handle SSL encrypted traffic.

WEIGHING OPTIONS
Web security gateways will certainly appeal to the many enterprises that are looking to cut down on client-side security software. However, the Jericho Forum, a group of security practitioners, cites the breaking down of traditional network perimeters and the huge explosion in Web use as to why a radical change in security practices is required. Web traffic that tunnels through perimeters or bypasses them altogether, and applications that encapsulate their protocols within other Web protocols are examples of why traditional perimeter defenses are not effective against today's threats. The forum advocates deperimeterization: protect the information itself and make every component independently secure.

The attraction of this approach is that it costs a lot less than trying to provide top-down security. But it requires a mature user base and may not fully address the data leakage problem. Web security gateways allow an organization to apply security policies to data on a network while still tackling the dangers of external threats. Out-bound traffic control is increasingly important, and for those who think deperimeterization is too bold, the Web security gateway has many benefits, particularly the convergence of security and systems management

Roundtable's Stump plans to roll out ScanSafe to the additional Dairy Queen stores the company plans to open in the coming months. The service is easy to manage over the Web, allowing him and his team to enable or disable URLs and types of Web sites, like social networking ones. Limited to little else than the company's domain, employees now have no choice but to comply with corporate policy. "We let them get weather and that's about it," Stump says.

Marketplace


CLICK HERE for a sample of products and services
that provide protection against Web-based attacks,
content filtering and/or URL filtering (PDF).

This was first published in April 2008

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: