Presentation is loading. Please wait.

Presentation is loading. Please wait.

Websense Hosted Web Security

Similar presentations

Presentation on theme: "Websense Hosted Web Security"— Presentation transcript:

1 Websense Hosted Web Security

2 About Websense Leading Provider of Web, Messaging and Data Security Solutions Annual Billings: $356m + Employees: 1,250 44 million subscription seats 5,000 value-add resellers, worldwide Award-winning partner program Global development with ~5 sites Global security research with >80 dedicated content researchers Global support and services “Today’s enterprises require a more holistic and integrated approach for Internet security—a Web security ecosystem—to combat emerging threats from the Internet… Websense is the worldwide leading vendor in the Web Security market.” -Brian Burke, Program Director Security Products, IDC

3 Websense Integrated Solutions

4 Forrester Wave™: Content Security Suites, Q2 2009
“Websense alone leads the content security suite market because of its current functionality and suite-oriented product strategy.” ****DO NOT ALTER SLIDE**** NOTE: Any alterations require prior approval by Forrester. Leading industry analyst firm Forrester agrees. In their recently published Content Security wave they examined companies with , web and data security solutions and ranked Websense as the clear leader. In fact Websense is the only company that is named as a leader in all three of their separately published , Web and Data security waves. The Forrester Wave is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarks of Forrester Research, Inc. The Forrester Wave is a graphical representation of Forrester's call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change.

5 Websense core differentiator
Security 2+M posts per day Websense Hosted Customers 50M real-time data collecting systems 10+M s per hour Websense core differentiation is its broad and deep visibility into the Web. It is based on the analysis done by Websense security lab, threat seeker network, Defensio and the feedback from 35 m+ web, and DLP users. Scans more than 40 million Web sites for malicious code every hour Assigns more than 2 million domains, networks, IPs and hosts with reputation every hour Scans nearly 10 million s for unwanted content and malicious code every hour Uses more than 50 million real-time data collecting systems to parse one billion pieces of content daily Mines and analyzes more than 100 million Web sites with Honeyclients daily Captures spam, phishing or exploit campaigns with Honeypots and Spamtraps for more than 10 million unsolicited attacks daily Dynamically classifies structured and unstructured data to enforce data standards and regulations and prevent loss of sensitive data on internal endpoint systems 100+M Websites per day URL & Security Database Websense Security Labs Websense Hosted Security Threat detection/ probes Shared analytics/ feedback Security updates ThreatSeeker® TECHNOLOGY

6 Why does this matter? Websense Security Labs research enables our products to protect against the rapidly changing web threat environment Websense security research is focused on new threats that traditional security research methods aren’t designed for Websense is the recognized worldwide leader in Web security research Websense products protect over 50,000 organizations and 50 million employees worldwide Websense has been researching web based threats for 6+ years

7 Security Effectiveness Center
Eg. Stuff AV missed that we caught This is just one example of how our Security Labs stays ahead of competitors. Visit the Security Labs “Security Effectiveness Center” on the web for more information including: top client web application exploits top known viruses on the web top unknown viruses on the web no. of unknown viruses detected no. of real time updates today no. of web threat scans today © 2009 Websense, Inc. All rights reserved.

8 Benefits of Websense Hosted Security
Stop Threats in the Cloud Reduce Business Costs and Complexity No equipment to purchase or maintain Eased administrative overhead Increase Protection Leading security from converged and Web 2.0 threats Powered by the ThreatSeeker Network Backed by industry-leading SLAs Retain Control Flexible customization of policies, configuration settings, quarantine management, and reporting 24 x 7 Access So here are some of the reasons why you should consider hosted security. First, it reduces the cost and complexity of managing your security since there is no equipment or software to install, maintain, upgrade, or throw away. This reduces administrative burden so your IT staff can focus on projects with higher strategic importance to the business. Second, Websense Hosted Security provides an increased level of protection with leading protection against converged and web threats and the power of the ThreatSeeker Network. In addition, we provide contractual commitments in the form of Service Level Agreements for the level of spam and virus detection. Third, because unlike some managed services, Websense Hosted Security allows you to retain the access and control you need in managing your security. And, let me explain each of these in bit more depth…

9 Introduction to Hosted Web Security

10 What is Websense Hosted Security?
Web security delivered from the ‘cloud’ No on-site equipment Customers have full policy control Quality ensured through Service Level Agreements Roaming Users & Remote Offices So, from a high level, let’s go over what exactly Hosted Security is. 1. First, nothing whatsoever is installed at the customer’s site: no software, appliance, client, equipment, installation, or anything. 2. Many sales people use the phrase “virtual appliance” to describe how it works, because customer still have… 3. Full policy control. This isn’t managed by the reseller or by us. Customers log onto a secure web-based portal and administer the product themselves. We do have some resellers set up to administer policy, but this is not the norm. 4. Another key attribute of Hosted Security is that levels of protection are backed and guaranteed through SLAs or “service level agreements,” meaning that we provide clearly defined minimum levels of virus protection, spam protection, uptime, etc., as part of the customer’s service contract. 5. Finally, another part of the definition is that the filtering and takes place at Websense datacenters, which come built with failover, load-balancing, and high availability. Data Centers Filter and block web traffic HQ Internal Users

11 Hosted Web Security Package Options
Hosted Web Security Gateway Includes: Inbound + Outbound Real-time scanning Security Filtering Standard URL Filtering Hosted Web Security Gateway Real-time Virus and malware scanning Backed by 100% of known virus protection SLA And all functionality included in Hosted Web Security Hosted Web Security: Leading protection and control over unwanted and malicious web content Leverages real-time ThreatSeeker security updates for zero day detection of malicious web content Hosted Web Security Includes: Security Filtering Standard URL Filtering

12 Hosted Service Delivery
Hosted from 8 globally distributed data centers San Jose and Ashburn, United States Heathrow and Feltham, UK Dusseldorf, Germany Paris, France Hong Kong Sydney, Australia Resilient processing clusters Automatic data center allocation and fail-over Directs travelling users to nearest geographical data center Redirects to nearest alternate in case of failure Performance Service Level Agreements: 100% protection against known viruses 99.99% service availability No noticeable latency: < 60ms average processing time Accredited to ISO27001 Global in 10 geographic locations Top-tier, physically secure facilities Infinitely scalable Multiple power feeds & internet connections Redundant Automatic failover between locations Built to capacity even if one datacenter fails 99.99% uptime backed by SLA ISO accredited 8 currently provide Hosted Web Service. Data Centers 9 facilities operated by Equinix, 1 by Verizon (Feltham) 24x7 onsite security CCTV Biometric access control Flood control Earthquake resistant Advanced fire suppression Redundant power Multiple circuits Backups generators Redundant cooling Multiple, diverse high-capacity network feeds Provide “remote hands”

13 Hosted Service Data Centers
How it works Chained Proxy Port 8081 Hosted Service Data Centers Port 8081 PAC File PAC File Web traffic is re-directed to nearest data center PAC file or Chained proxy server Geographic datacenter allocation for minimal latency Built-in scalability and resilience Proxies in the data center apply filtering policy Websense URL database with extensive security categories Updated by ThreatSeeker > 300 times per day Real-time scanning for malware AV tools scan page content for inbound and outbound web traffic Same URL database as used by the on-premise products

14 How it works Configure and report using the services portal
No software installation required Authentication/identification options Transparent identification Manual/basic authentication Synchronize with local directories MS Active Directory, Novell eDirectory Small footprint client Service scales

15 Where would you use it? Where ease of deployment is key
Remote sites/branch offices Roaming users Large distributed environments Where IT shop is small or refocusing No equipment/software maintenance Easy to deploy new sites Where traffic is being backhauled Save bandwidth with local internet break-out In conjunction with on-premise web security

16 Product Tour Dashboard Filtering policy creation Content control
Notification pages Reporting Tools

17 Dashboard Web Security and Security through one integrated management console Easy administration, simplified security Also for many small and medium-sized businesses, there is a real advantage to having a consolidated dashboard and management interface for Web and security. Often, it is the same administrator managing policy for both types of security. And sometimes by gaining visibility through Web trends, it becomes clear that policy needs to be tweaked on the side, or vice-versa. Websense Hosted Security gives you a complete picture of your security, and a single place to implement changes or do a little investigating. This provides greater ease-of-use and improves administrative efficiency, and ultimately, this results in a tangible cost savings.

18 Filtering Policy Creation
Define acceptable use policy Granular control with Security categories Enable control for groups and individual users Policy exceptions by user, group or time period Create custom categories and blacklist/whitelists Objective: Illustrate filtering configuration interface v7 DB Security categories

19 Content Control Control inbound and outbound content
Prevent threats from entering the network Control what information leaves Prevent the further spread of malware Prevent infected computers from leaking data over the web

20 Notification pages Customizable content, look and feel
Alternative page options Roaming user: Common look and feel to v7+ on-premise product Access to HTML to customize pages, look and feel, logos etc.

21 Reporting Easy to use reporting via services portal
Analyse browsing behaviour and traffic volumes Identify malware detections Tabular and graphical presentation Export to CSV format file Schedule account summary reports & delivery by

22 Tools Assistance for Administrators and users Query page
Am I using the service? Performance monitor tool compare to direct connect Context Sensitive Help

23 Deployment Scenarios

24 Deployment Scenarios PAC File Chained Proxy Stored at data centers
Centrally configured Chained Proxy Local proxy server Minimal access to client settings Browser configuration settings. Best practice lock-down desktop.

25 Hosted Service Data Center
PAC File Distribution Point to PAC file in connections settings Automatically created by the service Manual config or MS Group Policy Objects Request for Reply with proxy.pac specific to the customer and policy PAC File store PAC File store PAC File store PAC File Can host locally but manual updates. May need to explain hotel billing system scenario – add notes. Client System Hosted Service Data Center

26 Deployment Types Internet Direct Connection Chained Proxy Roaming User
Website Website Hosted Service Data Center (Proxies, policy & reporting) Client Direct Connection PAC File store PAC File Website Internet Hosted Service Data Center Local Proxy Server Client Chained Proxy PAC File store Local config Hosted Service Data Center Roaming User Client PAC File PAC File store HWS supports 3 types of clients: Office-bound (behind a NAT’d firewall or some other fixed IP address or range). Office-bound behind a chained proxy. Roaming, e.g. a laptop on a coffee shop. Data Centers in 10 locations 8 are for HWS Getting Started Guide provided guidance for setting up PAC files and proxy servers

27 Hybrid – Future Deployments
On-Premise Deployments Hosted Service Data Centers Logging and Policy Remote/Branch Offices Hosted Deployments (in-the-cloud) Headquarters WSG Roaming Users V10000 Logging and Policy V10000 Regional Offices Rationale The customer wishes to augment their current Web Security Gateway solution by extending protection to: Hard to reach/manage remote sites Sites where WSG is not available or not cost effective (< approx. 500 users) Roaming users as an alternative to Remote Filter that includes AV On-Premise Now we are considering a Web Security Gateway deployment that happens to be using the V10000 appliance. The on-premise WSG/V10000 deployment provides policy management, reporting/log storage, Filtering/security and real-time analytics. Network agent could also be implemented as an option to cover non HTTP protocols. Regional offices may also make use of the WSG/V10000 products either by backhauling traffic to the HQ or by having a local implementation of the gateway (V10000 shown) and connecting direct to the Internet. Hybrid We now ‘add-on’ a hosted WSG component for the remote offices producing a hybrid WSG solution. For those remote offices, filtering/security and real-time AV scanning will take place in the cloud at our hosted service data centers. Policy management, reporting and log storage still occur on-premise. The on-premise Manager will push policy up to the hosted service data centers and log data will be fed down to the on-premise deployment for reporting and storage. Roaming Users - The hybrid offers a hosted WSG deployment option for roaming users and an alternative to Remote Filter for roaming users (RF requires a DMZ based gateway). Internet Component OP Cloud Policy Management Y Reporting/log storage Filtering/Security Real-time Analytics AV Note: Web Security Gateway throughout No mixed deployments Component OP Cloud Policy Management Y Reporting/log storage Filtering/Security Real-time Analytics AV Note: Web Security Gateway throughout No mixed deployments Websites

28 The Hybrid Web Security Advantage for Distributed Enterprises
Real-time Content and Threat Analysis Corporate Network V10000 Internet SSL Application Control Anti-Virus Websense SAAS Web 2.0 Data Loss Prevention Websense Virtual Application Platform Hybrid – Filtering in the cloud Mobile Workers Centralized policy management and reporting Branch Office 1 Branch Office 2 Advantages Extended security coverage with no additional infrastructure or complexity Reduced capital and maintenance costs 28

29 Hybrid On-premise and hosted deployments Benefits Target
Apply most appropriate deployment to each location Hosted for roaming users and remote offices On-premise for HQ and regional offices Policy management and reporting on-premise Benefits Comprehensive coverage of customer environment Simplified deployment and management Single point for Reporting/Policy management Real-time analytics Control of non HTTP protocol controls and applications Extended data retention Delegated reporting and policy admin Target Enhance WSG implementations - Remote office/roaming user When Hosted is attractive Distributed environment Diminished IT shop Focus on core business

30 Customers Financial Services Transportation - Energy Government
Technology Telecommunications Hospitality Manufacturing Retail Agriculture & Construction 30

31 Why SaaS Security from Websense?
Technology Expertise: Websense is the leader in protecting customers from converged and Web 2.0 threats Budget Savings: Investing in the Websense Essential Information Protection enables a consolidated security strategy Strategic Partnership: The Websense Essential Information Protection portfolio delivers greater value and enables you to further leverage your investment from your trusted security partner So in summary Websense is able to provide better security because we are able to see the big picture. Through our combined Web and intelligence we provide more effective protection against emerging threats, and the converged and web threats that are commonplace today. Our hosted security solutions offer a much lower total cost of ownership compared to on-premise alternatives saving you time and money. And you’re able to leverage your trusted relationship with Websense with a one stop shop for your web, and data security needs.

32 Evaluations & Demos Request free evaluation Live and Video demos
If you’d like to find out more I encourage you to sign up for a free evaluation by going to You can also download our whitepaper on the advantages of a Hosted Security Model. 32

33 Resources Hosted Web Security Getting Started Guide pdf
Administrators guide From within the hosted services portal support page Sales Portal Case studies Data sheets Customer facing presentation

34 Questions

Download ppt "Websense Hosted Web Security"

Similar presentations

Ads by Google