McAfee-Solution-pr-rethinking-web-security.pptx
ngvson
1 views
30 slides
Oct 01, 2025
Slide 1 of 30
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
About This Presentation
McAfee Web Security Proxy - Re-thinking about web sec
Slide Content
Rethinking Web Security November 5, 2013
Internet Internet
Social media rewards and risks “ Facebook's redirect error foretells the future of hacking” InfoWorld February 2013 “Google Chrome browser blocks websites with malware warnings, including YouTube ” Mercury News February 2013 “ Skype malware steals more than your money” The Next Web October 2012 “ LinkedIn and Facebook spam spreads trojans ” The Guardian January 2013 “ US media groups hit by hacking attacks ” New York Times, Wall Street Journal, Washington Post and Twitter February 2013 New Marketing Channels Employee Life/ Work Balance Collaboration Tools/ Business Apps Find Employees
More Cloud Brings New Business Challenges SECURITY More exposure to malware Lack of visibility Increased SSL traffic ACCESS More people & devices connecting to more applications outside traditional network FLEXIBILITY Protection needs to travel with the user and device rather than stay in the office
McAfee can help Access Flexibility Security Simplify and secure access to cloud applications while protecting against malware and hidden threats ONLY MCAFEE CAN OFFER THE COMPREHENSIVE SOLUTION YOU NEED: Seamless, secure access and control Advanced malware protection Deployment flexibility to protect anyone, anywhere, any device
Access Flexibility Security
Access: Traditional Proxy Policy-based model Internet Kiosk/Shared Resource Guest No Credentials, Limited Access Policy Employee Credentials, Access Policy E Marketing Employee on Laptop Finance Employee on Laptop With Smart Card Sales Employee on Device Employee Credentials, Access Policy A Employee Credentials, Access Policy B Employee Credentials, Access Policy C Off Network IT Employee, Access Policy D McAfee SaaS Web Protection No Credentials, Limited Web Access Employee Credentials, Corp Web Access No upload Employee Credentials, Corp Web Access Post to Social Media Upload to Box View Salesforce Employee Credentials, Corp Web Access Upload to financial sites Employee Credentials, Corp Web Access Post to Salesforce Off Network IT Employee, Full Web Access Access: Today’s needs Let the solution match the needs of the business
Access challenges Average enterprise has dozens of authorized Cloud apps Users struggle to remember multiple user ID/passwords IT under pressure to rapidly enable & disable access Insecure access Additional authentication on all or specific applications
Access solutions Web Gateway integration with McAfee Cloud Identity Manager Cost-effective Use something the user already has: cell phone One solution for all OTP needs Cloud applications VPN Citrix
Access Application Control Point/Click Control for Over 1000 Web Applications Enable the applications you want Control what information is shared Apply policy based on specific application, user, group, risk Control sub-functionality Allow Facebook but block chat, games, etc. Enforce notion of “read-only” access for specific applications
Control Access Query for YouTube category in real-time Set policy by: Category, Author, Channel
Apply comprehensive DLP rules Supports preformatted McAfee DLP dictionaries (HIPAA, PCI, UK-NHS, European IBAN) Control: Integrated DLP Minimize security gaps and data leakage
Access Flexibility Security
Security: Hackers and malware advance Hacker exploit toolkits Simplify malware creation Designed to evade security professionals Aggressive, multi-layered security approach is needed Threat detection must be proactive Need end-to-end visibility and control to understand the threat landscape and accelerate response 14 “ BlackHole 2.0 now available, with a raft of hacker upgrades” September 2012 “New crime kit forces anti-virus vendors to change tack” October 2012
Unprecedented Malware Growth Malware continues growing at a rapid clip 20 million new threats in Q3 2013 alone Daily malware sample growth is more than 100,000 per day The McAfee” Zoo” now contains more than 172 million distinct samples
The Need for Layered Protection Sample Malicious Traffic 16 HTML Documents (Incl. embedded scripts) Windows Executables Standalone JavaScript Graphics (JPEG, GIF) McAfee AV: Signature coverage McAfee Gateway Anti-Malware : Proactive coverage 30% 1% 0.5% 5% 16% 47%
. File Reputation Web Reputation Ports / Protocol Application Network Activity Geo-location IP Address Affiliations Email Address DNS Server Web Activity Data Activity Mail Activity URL Sender Reputation Domain Threat Reputation Global Threat Intelligence Intelligence Across the Spectrum Network IPS Firewall Web Gateway Host AV Mail Gateway Host IPS 3rd Party Feed 300M IPS attacks/mo. 300M IPS attacks/mo. 2B Botnet C&C IP Reputation Queries/mo. 20B Message Reputation Queries/mo. 2.5B Malware Reputation Queries/mo. 300M IPS Attacks/mo. Geo location feeds GTI GTI 17 Security Connected
Aggressive, Multi-Layered Protection Starts with SSL inspection and certificate validation 18 Geolocation (GTI) Web Protection Web Reputation (GTI) Web Categorization (GTI) File Reputation (GTI) Media/File Analysis DLP Proactive Anti-Malware Signature-based Anti-Malware
Typical Vendor Protections Category Reputation Signature Detection Typical Vendor Protection DISSECT ANALYZE EMULATE Web Page, PDF, Exe, doc…. Unique to McAfee Web Protection Real-time protection Sandboxing analyzes after the code or content is delivered to the user Most effective zero-day protection Advanced Protection: McAfee Web Gateway Anti-Malware Engine
Patent pending, outbound detection of botnet phone-home behavior Understand difference between user and application initiated requests Adjust proactive detection level dynamically Outbound Protection Real User, Clicks Links Malware Unsolicited Download Normal Scanning ! Aggressive scanning
Security: Malware Detection Cloud intelligence Ability to open content and inspect Proactive scanning Signature-based protection Worms, Trojans PW stealing programs PDF exploits Macros for MS Office Malicious scripts AV-Test.org Performance results obtained using specific combinations of hardware, software, and test samples. The results reflect approximate relative performance as measured by the tests performed. Any difference in system hardware, software or available threat information may cause your performance to vary. Zero Day Protection Rate 95% 99% 99% PE Malware Detection Non-PE Malware Detection New 2013 results Web Gateway increases Zero-Day protection to 95% Other vendors invited to participate No response
30-Day POC Evaluation One sixth of users traffic sent to Web Gateway after being scanned by existing solution Cost of missed malware Scanned Results BACKGROUND Fortune 100 US corporation Existing web proxy/gateway installation RESULTS Savings: 1,000 desktops saved from infection during POC Remediation costs : $ 150–$ 200 per desktop During POC : $ 150,000–$ 200,000 savings POC result: Prospect became a customer Ninety-two million URLs 346,000 websites and web objects 280,000 URLs categorized incorrectly by current proxy 50,000 URLs with unacceptable reputations 16,000 discrete web objects containing malware
Security Connected Visibility, Control, Compliance McAfee ePO offers detailed web reporting: Content Security Reporter
Access Flexibility Security
Flexibility Deploy on-premise, in the cloud, or a hybrid combination VM Appliance and SaaS (Hybrid) Appliance and SaaS (Hybrid) Remote Users (SaaS) SaaS or VM Common policy and management from Web Gateway console. Common reporting. Family of appliances Blade Server SaaS Performance and Scalability from branch offices to Corporate Headquarters
Flexibility Anyone, anywhere, any device Off network laptops and devices Redirect traffic to McAfee Web Protection solution Enforce use policy Control sites allowed Limit BW consumption Security Consolidate usage reports Inbound network control Allow access to internal sites Act as reverse proxy
Protection for Remote Users Off Network McAfee Data Center SaaS Web Protection (or Web Gateway in DMZ) Internet MCP Active ? Browser Browser Corporate Office On-Network Web Gateway ?
Proof of Concept: Span Port Mode Install McAfee Web Gateway off any span port or tap – passive installation! Deploy into a production environment in under 2 hours Sit behind any existing proxy or Web Security solution (no “proxy-chain” needed) Quickly demonstrate value with production data: S how what is missed
McAfee can help Access Flexibility Security Simplify and secure access to cloud applications while protecting against malware and hidden threats ONLY MCAFEE CAN OFFER THE ACCESS , SECURITY AND FLEXIBILITY YOU NEED: Seamless, secure access and control Advanced malware protection Deployment flexibility to protect anyone, anywhere, any device
Tags
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 1
- Slides 30
- Age 61 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
44 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
44 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
21
Know for Certain
DaveSinNM
19 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views