SlideShare uma empresa Scribd logo

Web Security Gateway Dec2008

Kim Jensen
Kim Jensen

Tolly Group tekniske analyse af forskellige Web Security Gateways. Analysen er baseret på Gartner Buyers Guide for Secure Gateways.

Tecnologia
1 de 34
Baixar para ler offline
© 2008 The Tolly Group Document # 208326 The Web Security Challenge: A Competitive Guide to Selecting Secure Web Gateways A white paper commissioned by Websense, Inc. White Paper December 2008
WHITE PAPER: The Web Security Challenge: A Competitive Guide to Selecting Web Security Gateways Table of Contents _ÉÑçêÉ=ìëáåÖ=íÜáë=ÇçÅìãÉåí=óçì=ãìëí=~ÖêÉÉ=íç=íÜÉ=íÉêãë=çÑ=ìë~ÖÉK qÜÉëÉ=íÉêãë=~êÉ=äáëíÉÇ=çå=íÜÉ=Ñáå~ä=é~ÖÉK Executive Summary 4 Web 2.0 Effectiveness 7 Manageability and Scalability 9 Policy Interface 11 Reporting Capabilities 13 URL Filtering 15 Malware Filtering 16 Application Control 18 Data Loss Protection 20 Network Implementation 22 Integration with Other Solutions 24 Service and support 26 Test Methodology 28 Alexa 100,000 URL Filtering/Classification Test 28 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========O
WHITE PAPER: The Web Security Challenge: A Competitive Guide to Selecting Web Security Gateways Table of Contents _ÉÑçêÉ=ìëáåÖ=íÜáë=ÇçÅìãÉåí=óçì=ãìëí=~ÖêÉÉ=íç=íÜÉ=íÉêãë=çÑ=ìë~ÖÉK qÜÉëÉ=íÉêãë=~êÉ=äáëíÉÇ=çå=íÜÉ=Ñáå~ä=é~ÖÉK “Long Tail” or Extended URL Classification Test 28 Phishing and/or Proxy Avoidance URL Detection Accuracy Test29 Binary Exploits and Compromises Detection Accuracy Test 29 Malware-infected URL Detection Accuracy Test 30 Web 2.0-Based Malicious URL Detection Accuracy Test 30 Criteria Evaluation by UI Inspection 31 Interaction with Competing Vendors 32 Appendix: Product List 33 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========P
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Executive Summary The World Wide Web has changed dramatically in the past decade. The use of the Web as an application platform, a communication medium, and a business tool, combined with the migration of attackers onto the Web, demands new solutions to help manage business and mitigate security threats. Enterprise IT managers should carefully evaluate both the ease of management, as well as the effective- ness, of gateway-based Web security solutions against a constantly evolving threat landscape. tÉÄëÉåëÉI=fåÅK=ÅçããáëëáçåÉÇ=qÜÉ=qçääó=dêçìé=íç=Éî~äì~íÉ=áíë=tÉÄ=pÉÅìJ êáíó=d~íÉï~ó=~Ö~áåëí=çíÜÉê=~î~áä~ÄäÉ=Ö~íÉï~ó=ëÉÅìêáíó=éêçÇìÅíëK=qÜÉ=ÅçãJ éÉíáåÖ=éêçÇìÅíë=íÉëíÉÇ=ïÉêÉW=_äìÉ=`ç~í=póëíÉãëÛ=mêçñópd=ONM=~åÇ= mêçñó^s=RNM=~ééäá~åÅÉëI=`áëÅç=póëíÉãë=fåÅKÛë=fêçåmçêí=pSRM=tÉÄ=pÉÅìêáíó= ^ééäá~åÅÉI=qêÉåÇ=jáÅêçI=fåÅKÛë=fåíÉêpÅ~å=tÉÄ=pÉÅìêáíó=pìáíÉ=EftppFI=~åÇ= pÉÅìêÉ=`çãéìíáåÖ=`çêéçê~íáçåÛë=pÉÅìêÉ=tÉÄ=EtÉÄï~ëÜÉêF=~ééäá~åÅÉK= Note: All products under test shall be referenced by their manufacturer s name hereafter in the document. Websense Web Security Gateway combines powerful and easy-to-manage software with the ability to mitigate dynamic Web-based threats, exceeding other vendors tested in meeting Gartner’s criteria* for buying Secure Web Gateways. GaáëÅä~áãÉêW qÜÉ=d~êíåÉê=êÉéçêí= ^=_ìóÉêÛë=dìáÇÉ=íç=pÉÅìêÉ=tÉÄ=d~íÉï~óëÒ=Äó=mÉíÉê=cáêëíÄêççâ=~åÇ= i~ïêÉåÅÉ=lê~åë=Ed~êíåÉê=o^p=`çêÉ=oÉëÉ~êÅÜ=kçíÉ=dMMNRVSSVX=NR=^ìÖìëí=OMMUF=ï~ë= ìëÉÇ=çåäó=~ë=~=êÉèìáêÉãÉåíë=ÖìáÇÉ=áå=íÜáë=Éî~äì~íáçåK=eçïÉîÉêI=~åó=~åÇ=~ää=îÉåÇçê=~åÇ= éêçÇìÅí=Åçãé~êáëçåë=~åÇ=Éî~äì~íáçåë=ïÉêÉ=ÇçåÉ=Äó=íÜÉ=qçääó=dêçìé=~åÇ=áå=åç=ï~ó=Çç=íÜÉó= ÉñéêÉëë=íÜÉ=çéáåáçå=çÑ=d~êíåÉêK ^ää=ëí~íÉãÉåíë=áå=íÜáë=êÉéçêí=~ííêáÄìí~ÄäÉ=íç=d~êíåÉê=êÉéêÉëÉåí=tÉÄëÉåëÉI=fåÅKÛë=áåíÉêéêÉí~J íáçå=çÑ=Ç~í~I=êÉëÉ~êÅÜ=çéáåáçå=çê=îáÉïéçáåíë=éìÄäáëÜÉÇ=~ë=é~êí=çÑ=~=ëóåÇáÅ~íÉÇ=ëìÄëÅêáéíáçå= ëÉêîáÅÉ=Äó=d~êíåÉêI=fåÅKI=~åÇ=Ü~îÉ=åçí=ÄÉÉå=êÉîáÉïÉÇ=Äó=d~êíåÉêK=b~ÅÜ=d~êíåÉê=éìÄäáÅ~íáçå= ëéÉ~âë=~ë=çÑ=áíë=çêáÖáå~ä=éìÄäáÅ~íáçå=Ç~íÉ=E~åÇ=åçí=~ë=çÑ=íÜÉ=Ç~íÉ=çÑ=íÜáë=êÉéçêíFK=qÜÉ=çéáåJ áçåë=ÉñéêÉëëÉÇ=áå=d~êíåÉê=éìÄäáÅ~íáçåë=~êÉ=åçí=êÉéêÉëÉåí~íáçåë=çÑ=Ñ~ÅíI=~åÇ=~êÉ=ëìÄàÉÅí=íç= ÅÜ~åÖÉ=ïáíÜçìí=åçíáÅÉK fÑ=ÅäáÉåíë=ÇÉëáêÉ=d~êíåÉê=íç=îÉêáÑó=íÜ~í=èìçíÉë=~êÉ=~ÅÅìê~íÉ=~åÇ=Åçãéäó=ïáíÜ=d~êíåÉêÛë=`çéóJ êáÖÜí=~åÇ=nìçíÉ=mçäáÅóI=d~êíåÉê=éêçîáÇÉë=~=ëÉêîáÅÉ=íÜ~í=îÉêáÑáÉë=èìçíÉ=~ÅÅìê~Åó=~åÇ=~ééêçJ éêá~íÉåÉëëK=`äáÉåíë=ïáëÜáåÖ=íç=í~âÉ=~Çî~åí~ÖÉ=çÑ=íÜáë=ëÉêîáÅÉ=ëÜçìäÇ=Åçåí~Åí=d~êíåÉê=sÉåJ Ççê=oÉä~íáçåë=~í=îÉåÇçêKêÉä~íáçåë]Ö~êíåÉêKÅçãK «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========Q
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P qçääó=dêçìé=ÉåÖáåÉÉêë=Éî~äì~íÉÇ=íÜÉ=éêçÇìÅíë=ìåÇÉê=íÉëí=Ä~ëÉÇ= tÉÄëÉåëÉI= çå=~=ëÉí=çÑ=ÅêáíÉêá~=d~êíåÉê=áÇÉåíáÑáÉÇ=~ë=íÜÉ=ãçëíJ~Çî~åÅÉÇ=ÑÉ~J fåÅK íìêÉë=íÜ~í=ÅçìäÇ=ÜÉäé=ïáíÜ=Åçãé~ê~íáîÉ=Éî~äì~íáçå=~åÇ=ëÉäÉÅíáçå= çÑ=~=ëÉÅìêÉ=tÉÄ=Ö~íÉï~óK=qÉëíë=ïÉêÉ=ÅçåÇìÅíÉÇ=áå=lÅíçÄÉê= pÉÅìêÉ=tÉÄ= OMMUK d~íÉï~ó cêçã=~=ÜáÖÜJäÉîÉä=éÉêëéÉÅíáîÉI=íÜÉ=d~êíåÉê=ptd=ÄìóÉêÛë=ÖìáÇÉ= `çãéÉíáíáîÉ= ë~óë=íÜ~í=îÉåÇçêë=çÑ=roi=ÑáäíÉêáåÖI=éêçñó=ëÉêîÉêëI=~åÇ=~åíáJîáêìëL bî~äì~íáçå=çÑ=tÉÄ=pÉÅìêáíó= ~åíáJëé~ã=ëçäìíáçåëI=~ää=~êÉ=~ééêç~ÅÜáåÖ=íÜÉ=ëÉÅìêÉ=tÉÄ=Ö~íÉJ cÉ~íìêÉë ï~ó=ã~êâÉí=Ñêçã=ÇáÑÑÉêÉåí=ÇáêÉÅíáçåëK=qÜÉ=qçääó=dêçìéÛë=Ü~åÇëJçå= ~å~äóëáë=çÑ=íÜÉëÉ=éêçÇìÅíë=îÉêáÑáÉë=íÜ~í=ïÜáäÉ=íÜÉ=ã~àçêáíó=çÑ= éêçÇìÅíë=íÉëíÉÇ=ÉñÅÉä=áå=~=ÑÉï=~êÉ~ëI=çåäó=tÉÄëÉåëÉÛë=tÉÄ=pÉÅìJ êáíó=d~íÉï~ó=ëÅçêÉÇ=ìåáÑçêãäó=ÜáÖÜ=~åÇ=ÇÉäáîÉêÉÇ=ÑÉ~íìêÉJêáÅÜ=Å~é~ÄáäáíáÉë= ~Åêçëë=~ää=åáåÉ=ÑìåÅíáçå~ä=~êÉ~ë=íÜ~í=ÉåÖáåÉÉêë=Éñ~ãáåÉÇK= qçääó=dêçìé=ÉåÖáåÉÉêë=~ëëáÖåÉÇ=~=ëìÄàÉÅíáîÉ=ëÅçêÉ=íç=É~ÅÜ=çÑ=íÜÉ=åáåÉ= éêçÇìÅí=ÅêáíÉêá~=Éî~äì~íÉÇ=~åÇ=í~ääáÉÇ=~=ÅçãéçëáíÉ=ëÅçêÉ=Ñçê=É~ÅÜ=éêçÇìÅíK= táíÜ=~=ëÅçêÉ=çÑ=OMNI=tÉÄëÉåëÉ=pÉÅìêáíó=d~íÉï~ó=~äãçëí=ÇçìÄäÉÇ=íÜÉ=éçáåí= íçí~ä=çÑ=áíë=åÉñí=åÉ~êÉëí=ÅçãéÉíáíçêK=EpÉÉ=cáÖìêÉ=NI=é~ÖÉ=RKF jçêÉçîÉêI=áå=~ÇÇáíáçå=íç=ëí~åÇ~êÇ=roi=ÑáäíÉêáåÖ=~åÇ=íê~Çáíáçå~ä=ã~äï~êÉ=éêçJ íÉÅíáçå=íÜ~í=áë=~î~áä~ÄäÉ=çå=~åó=ëÉÅìêÉ=tÉÄ=Ö~íÉï~óI=tÉÄëÉåëÉ=áë=íÜÉ=Ñáêëí= îÉåÇçê=Éñ~ãáåÉÇ=Äó=qÜÉ=qçääó=dêçìé=ÉåÖáåÉÉêë=íç=çÑÑÉê=~=Ñìääó=áåíÉÖê~íÉÇ= aim=çéíáçåI=~ääçïáåÖ=íÜÉ=Åçãé~åó=íç=çÑÑÉê=~=äÉîÉä=çÑ=Ç~í~=äçëë=éêçíÉÅíáçå= ìåã~íÅÜÉÇ=å~íáîÉäó=Äó=êáî~ä=éêçÇìÅíë=íÉëíÉÇK=qÜÉ=pÉÅìêÉ=tÉÄ=d~íÉï~ó=ÇÉJ äáîÉêë=~=ãçêÉ=ÑìåÅíáçå~ä=ã~å~ÖÉãÉåí=áåíÉêÑ~ÅÉI=ëÅ~ä~Äáäáíó=Å~é~ÄáäáíáÉëI=~åÇ= êáÅÜÉê=êÉéçêíáåÖ=ÑìåÅíáçåë=íÜ~å=êáî~ä=éêçÇìÅíë=íÉëíÉÇK q~âÉå=~ë=~=ïÜçäÉI=íÜÉ=ÅçãéçëáíÉ=ëÅçêÉë=Ñêçã=É~ÅÜ=çÑ=íÜÉ=Éî~äì~íÉÇ=ëÉäÉÅJ íáçå=ÅêáíÉêá~=ëÜçï=íÜ~í=tÉÄëÉåëÉÛë=tÉÄ=pÉÅìêáíó=d~íÉï~ó=áë=íÜÉ=ãçëí= ÑÉ~íìêÉJêáÅÜ=çÑ=íÜÉ=éêçÇìÅíë=íÉëíÉÇI=~äçåÖ=ïáíÜW çÑÑÉêáåÖ=íÜÉ=ïáÇÉëí=ÅçîÉê~ÖÉ=~åÇ=íÜÉ=ÖêÉ~íÉëí=~ÅÅìê~Åó=áå= Å~íÉÖçêáòáåÖ=Çóå~ãáÅ=ÅçåíÉåí=çå=tÉÄ=OKM=ëáíÉë ÄäçÅâáåÖ=ãçêÉ=fåíÉêåÉíJÄ~ëÉÇ=íÜêÉ~íë=íÜ~å=~ää=çíÜÉê=éêçÇìÅíë=íÉëíÉÇ éêçîáÇáåÖ=íÜÉ=É~ëáÉëí=íç=ìëÉ=áåíÉêÑ~ÅÉ=çÑ=íÜÉ=éêçÇìÅíë=íÉëíÉÇ ÇÉäáîÉêáåÖ=ÖêÉ~íÉê=ÑäÉñáÄáäáíó=íÜ~å=~åó=çíÜÉê=ëçäìíáçåë=íÉëíÉÇ «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========R
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Composite Scores of Products Tested Across Evaluation Areas All criteria listed were rated subjectively either by examining publicly available documentation from the vendors; or by launching the management interface, configuring the desired behavior and observing the results. The subjective usability, layout and overall effectiveness of each function by vendor has been assigned a value ranging from 1 (least effective) to 4 (most effective) to indicate the Tolly engineers' im- pression of each of the units tested. Detailed breakdown of scores in each area of evaluation can be seen in Figures 4. through 12. Source: The Tolly Group, November 2008 Figure 1 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========S
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P qÜáë=ïÜáíÉ=é~éÉê=ïáää=ÉñéäçêÉ=ÑáåÇáåÖë=Ñçê=É~ÅÜ=çÑ=íÜÉ=Éî~äì~íáçå=ÅêáíÉêá~=áå= íÜÉ=é~ÖÉë=~åÇ=ÅÜ~êíë=íÜ~í=ÑçääçïK= få=ÅçåÅäìëáçåI=tÉÄëÉåëÉ=tÉÄ=pÉÅìêáíó=d~íÉï~ó=ÅçãÄáåÉÇ=íÜÉ=ÄÉëí=çÑ= ÄêÉÉÇ=íÉÅÜåçäçÖáÉë=íç=çÑÑÉê=~=éêçÇìÅí=íÜ~í=áë=É~ëáÉê=íç=ã~å~ÖÉI=ëÅ~äÉë= ÄÉííÉêI=éêçîáÇÉë=ãçêÉ=Öê~åìä~ê=çéíáçåë=íç=Åçåíêçä=åÉíïçêâ=~ééäáÅ~íáçå=íê~ÑÑáÅ= ~åÇ=Öì~êÇë=~Ö~áåëí=íÜÉ=Çóå~ãáÅ~ääó=ÅÜ~åÖáåÖ=íÜêÉ~í=ä~åÇëÅ~éÉ=çÑ=tÉÄJ Ä~ëÉÇ=~íí~ÅâëK Web 2.0 Effectiveness tÉÄ=OKM=ëáíÉë=~êÉ=ê~éáÇäó=ÖêçïáåÖ=íç=ÄÉ=ëçãÉ=çÑ=íÜÉ=ãçëí=îáëáíÉÇ=tÉÄ=ëáíÉë= çå=íÜÉ=fåíÉêåÉíK=qÜÉ=~Äáäáíó=çÑ=ìëÉêë=íç=ÑêÉÉäó=ÅêÉ~íÉ=~åÇ=ìéäç~Ç= ÅçåíÉåí=çåíç=tÉÄ=OKM=ëáíÉë=áë=áåÅêÉ~ëáåÖäó=~ííê~ÅíáîÉ=íç=~íí~ÅâÉêë=ïÜç ìéäç~Ç=ã~äáÅáçìë=~åÇ=çÄàÉÅíáçå~ÄäÉ=ÅçåíÉåí=çåíç=êÉéìí~ÄäÉ=tÉÄ=OKM=ëáíÉë= äáâÉ=_äçÖëéçí=EÜííéWLLÄäçÖëéçíKÅçãFI=tçêÇmêÉëë=EÜííéWLLïçêÇéêÉëëKçêÖFI=çê= çåíç=äÉÖáíáã~íÉ=ëáíÉë=íÜ~í=Ü~îÉ=ÄÉÉå=ÅçãéêçãáëÉÇK=qÜÉ=~Äáäáíó=çÑ=~=tÉÄ=ëÉJ Åìêáíó=Ö~íÉï~ó=íç=ÇÉíÉÅí=ã~äáÅáçìë=ÅçåíÉåí=~ÅÅìê~íÉäó=çå=Çóå~ãáÅ=tÉÄ=ëáíÉë= äáâÉ=tÉÄ=OKM=êÉäáÉë=ÖêÉ~íäó=çå=êÉ~äJíáãÉ=~å~äóëáë=çÑ=ÅçåíÉåíI=~åÇ=åçí=àìëí=çå= íÜÉ=êÉéìí~íáçå=çÑ=íÜÉ=tÉÄ=ëáíÉëK qÉëíë=ìëáåÖ=VSR=äáîÉ=roië=Ñêçã=éçéìä~ê=tÉÄ=OKM=ëáíÉë=äáâÉ=ÄäçÖëéçíKÅçã= ~åÇ=ïçêÇéêÉëëKÅçã=íÜ~í=ïÉêÉ=ÜçëíáåÖ=ã~äáÅáçìë=çê=çÄàÉÅíáçå~ÄäÉ=ÅçåíÉåí= êÉîÉ~äÉÇ=tÉÄëÉåëÉÛë=éçïÉêÑìä=êÉ~äJíáãÉ=ÅçåíÉåí=~å~äóëáë=Å~é~ÄáäáíóK=tÉÄJ ëÉåëÉ=ÄäçÅâÉÇ=~äãçëí=VVB=çÑ=íÜÉ=ã~äáÅáçìë=roië=ïÜáäÉ=ÅçãéÉíáåÖ=éêçÇìÅíë= ÄäçÅâÉÇ=ÄÉíïÉÉå=äÉëë=íÜ~å=OB=íç=~Äçìí=QMBK=EpÉÉ=cáÖìêÉ=OKF= qÜáë=ÜìÖÉ=ëéêÉ~Ç=çÑ=êÉëìäíë=Ñêçã=éêçÇìÅíë=ìëáåÖ=tÉÄ=oÉéìí~íáçå=ëÉêîáÅÉë= ~åÇ=íê~Çáíáçå~ä=roi=Ç~í~Ä~ëÉë=ëÜçïë=íÜ~í=äÉÖ~Åó=ãÉíÜçÇë=çÑ=roi=ÑáäíÉêáåÖ= ~êÉ=åçí=éçïÉêÑìä=ÉåçìÖÜ=çå=íÜÉáê=çïåI=ìåäÉëë=áíÛë=~ìÖãÉåíÉÇ=Äó=ÉÑÑÉÅíáîÉ= ìëÉ=çÑ=çíÜÉê=íÉÅÜåçäçÖáÉë=äáâÉ=çåJéêÉãáëÉëI=êÉ~äJíáãÉ=ÅçåíÉåí=~å~äóëáëI=ÜÉìJ êáëíáÅëI=ÉíÅK qÉëíë=~äëç=ëÜçïÉÇ=íÜ~í=tÉÄëÉåëÉ=Ü~Ç=íÜÉ=ïáÇÉëí=roi=ÅçîÉê~ÖÉ=çÑ=íÜÉ= Úâåçïå=tÉÄÛ=çìí=çÑ=íÜÉ=éêçÇìÅíë=íÉëíÉÇI=~ë=ÉîáÇÉåÅÉÇ=Äó=íÜÉ=êÉëìäíë=Ñêçã= íÜÉ=^äÉñ~=NMMIMMM=roi=Åä~ëëáÑáÅ~íáçå=íÉëíK=qÜáë=íÉëí=ëÜçïÉÇ=íÜ~í=íÜÉ=tÉÄJ ëÉåëÉ=Åä~ëëáÑáÉÇ=VTKNB=çÑ=íÜÉ=íçé=NMMIMMM=ãçëí=îáëáíÉÇ=tÉÄ=ëáíÉë=çå=íÜÉ= fåíÉêåÉí=E~ë=äáëíÉÇ=Äó=íÜÉ=^äÉñ~=NMMIMMM=roi=äáëíFI=ïÜáäÉ=ÅçãéÉíáåÖ=îÉåÇçêë= Åä~ëëáÑáÉÇ=ÄÉíïÉÉå=VOB=íç=VQBK=EpÉÉ=cáÖìêÉ=PKF= «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========T
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Web 2.0 Detection Accuracy Effectiveness 98.9 Percent of detection accuracy (%) NMM TR RM 40.2 OR 11.1 11 1.8 M Websense BlueCoat Cisco Secure Trend Computing Micro Note: All URLs tested were sourced from the Websense ThreatSeeker network, within six to 24 hours of the testing window. Source: The Tolly Group, November 2008 Figure 2 qÉëíë=~äëç=ëÜçïÉÇ=tÉÄëÉåëÉÛë=ëìéÉêáçê=~Äáäáíó=íç=Åä~ëëáÑó=íÜÉ=Úìåâåçïå= tÉÄÛ=EêÉÑÉêêÉÇ=íç=~ë=íÜÉ=ÚiçåÖ=q~áäÛ=çÑ=íÜÉ=fåíÉêåÉíF=íóéáÅ~ääó=ÅçåëáëíáåÖ=çÑ= àìåâI=éÉêëçå~ä=çê=ëÅ~ã=tÉÄ=ëáíÉëI=çê=íÜÉ=ãáääáçåë=çÑ=åÉï=tÉÄ=ëáíÉë=ÅêÉ~íÉÇ= ÉîÉêó=Ç~óK=mêçÇìÅíë=ëçäÉäó=êÉäóáåÖ=çå=tÉÄ=êÉéìí~íáçåJÄ~ëÉÇ=Åä~ëëáÑáÅ~íáçå=çê= íê~Çáíáçå~ä=roi=Ç~í~Ä~ëÉë=Å~ååçí=~ÇÉèì~íÉäó=âÉÉé=ìé=ïáíÜ=íÜÉ=ÇÉã~åÇ=íç= Åä~ëëáÑó=tÉÄ=ëáíÉë=áå=íÜÉ=içåÖ=q~áä=çÑ=íÜÉ=fåíÉêåÉíK=tÉÄëÉåëÉ=ÇÉãçåëíê~íÉÇ= áíë=ëíêÉåÖíÜ=áå=êÉ~äJíáãÉ=Åä~ëëáÑáÅ~íáçå=çÑ=tÉÄ=ÅçåíÉåí=Äó=Å~íÉÖçêáòáåÖ=VVKVB= çÑ=íÜÉ=NUIRUM=äáîÉ=roië=ëçìêÅÉÇ=Ñêçã=íÜÉ=içåÖ=q~áäK=få=Åçåíê~ëíI=íÜÉ=ÅçãJ éÉíáåÖ=îÉåÇçêë=Åä~ëëáÑáÉÇ=ÄÉíïÉÉå=PSB=~åÇ=TMBK få=íÉëíë=ÑçÅìëáåÖ=çå=ÇÉíÉÅíáåÖ=~åÇ=ÄäçÅâáåÖ=roië=äÉ~ÇáåÖ=íç=mÜáëÜáåÖ=~åÇLçê= mêçñó=~îçáÇ~åÅÉ=tÉÄ=ëáíÉëI=tÉÄëÉåëÉ=çåÅÉ=~Ö~áå=ÇÉíÉÅíÉÇ=VUKPB=çÑ=íÜÉ= OIPMO=äáîÉ=roiëI=ïÜáäÉ=íÜÉ=ÅçãéÉíáåÖ=îÉåÇçêë=ÇÉíÉÅíÉÇ=ÄÉíïÉÉå=TMB=~åÇ= UUBK=páãáä~êäóI=áå=íÉëíë=ïáíÜ=PTV=roië=Åçåí~áåáåÖ=Äáå~êó=Éñéäçáíë=çê=ÅçãJ éêçãáëÉ=ÅçÇÉI=tÉÄëÉåëÉ=ÄäçÅâÉÇ=VVB=çÑ=roiëI=îÉêëìë=çíÜÉê=îÉåÇçêë=ïÜç= ÄäçÅâÉÇ=ÄÉíïÉÉå=RPB=íç=VNBK=^äëçI=çå=íÉëíë=ïáíÜ=USR=roië=ÜçëíáåÖ=j~äJ «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========U
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P ï~êÉI=tÉÄëÉåëÉ=ÄäçÅâÉÇ=VUKQB=ïÜáäÉ=çíÜÉê=îÉåÇçêë=ÄäçÅâÉÇ=ÄÉíïÉÉå=SRB= ~åÇ=~êçìåÇ=VSBK=EpÉÉ=cáÖìêÉ=PKF Web 2.0 Accuracy and Coverage Test Results Source: The Tolly Group, November 2008 Figure 3 Manageability and Scalability oÉÇìÅÉÇ=~Çãáåáëíê~íáçå=çîÉêÜÉ~Ç=áë=çåÉ=çÑ=íÜÉ=íçé=ÅçåÅÉêåë=çÑ=ëÉÅìêáíó= ~Çãáåáëíê~íçêëK=qÜÉ=êÉéçêí=ÉãéÜ~ëáòÉë=íÜÉ=áãéçêí~åÅÉ=çÑ=~å=ÉÑÑÉÅíáîÉ=í~ëâJ çêáÉåíÉÇ=Öê~éÜáÅ~ä=ìëÉê=áåíÉêÑ~ÅÉ=EdrfF=~åÇ=ÅçãéêÉÜÉåëáîÉ=ã~å~ÖÉãÉåí= áåíÉêÑ~ÅÉ=íç=äçïÉê=íçí~ä=Åçëí=çÑ=çïåÉêëÜáéK qçääó=dêçìé=Ü~åÇëJçå=íÉëíáåÖ=ëÜçïë=íÜ~í=tÉÄëÉåëÉ=êÉÅÉáîÉ=~=ã~ñáãìã= ëÅçêÉ=çÑ= QÒ=Ñçê=ÑáîÉ=çÑ=íÜÉ=ÉáÖÜí=ã~å~ÖÉãÉåí=áåíÉêÑ~ÅÉ=ÅêáíÉêá~=êÉîáÉïÉÇ=Äó= ÉåÖáåÉÉêëK=låäó=çåÉ=çíÜÉê=éêçÇìÅí=Ü~Ç=íïç= QëÒ=Ñçê=áíë=ã~å~ÖÉãÉåí=áåíÉêJ Ñ~ÅÉK=lÑ=é~êíáÅìä~ê=åçíÉ=ï~ë=tÉÄëÉåëÉÛë=êÉ~äJíáãÉ=ÉîÉåí=Ç~ëÜÄç~êÇ=ïáíÜ= ~Åíáçå~ÄäÉ=~äÉêíë=ïÜáÅÜ=Éå~ÄäÉë=ê~éáÇ=ÉîÉåí=áÇÉåíáÑáÅ~íáçå=~åÇ=éêç~ÅíáîÉ=áåJ «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========V
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P ÅáÇÉåí=êÉëéçåëÉK=tÉÄëÉåëÉ=~äëç=ï~ë=Öê~ÇÉÇ=~= QÒ=Ñçê=áíë=Åìëíçãáò~ÄäÉ= Ç~ëÜÄç~êÇ=îáÉïëK=tÉÄëÉåëÉ=~äëç=É~êåÉÇ= QëÒ=Ñçê=Öê~åìä~ê=êçäÉJÄ~ëÉÇ= Management and Scalability Scoring Source: The Tolly Group, November 2008 Figure 4 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NM
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P ~Çãáåáëíê~íáçåI=~ìíçã~íÉÇ=~äÉêíáåÖI=~Çî~åÅÉÇ=ÜÉäéI=ÅÉåíê~äáòÉÇ=ã~å~ÖÉJ ãÉåí=çÑ=ãìäíáéäÉ=~ééäá~åÅÉë=~åÇ=å~íáîÉ=äç~Ç=Ä~ä~åÅáåÖL~ÅíáîÉ=ÅäìëíÉêáåÖK=få= íçí~äI=áí=É~êåÉÇ=QM=éçáåíëI=îÉêëìë=PN=Ñçê=íÜÉ=åÉ~êÉëí=ÅçãéÉíáíçêK=EpÉÉ=cáÖìêÉ= QKF= Policy Interface ^åó=éçäáÅó=áåíÉêÑ~ÅÉë=ëÜçìäÇ=ÄÉ=É~ëó=íç=ìëÉI=áåíìáíáîÉ=Ñçê=åçåJíÉÅÜåáÅ~ä=éÉêJ ëçååÉä=~åÇ=ìëÉêJÑêáÉåÇäóK=eÉêÉI=íççI=tÉÄëÉåëÉ=êÉÅÉáîÉ= QëÒ=Ñçê=Ñçìê=çÑ=íÜÉ= ëÉîÉå=ÅêáíÉêá~=êÉîáÉïÉÇ=~åÇ=ï~ë=íÜÉ=çåäó=ëÉÅìêÉ=Ö~íÉï~ó=îÉåÇçê=íç=êÉÅÉáîÉ= íÜÉ=ÜáÖÜÉëí=ã~êâ=éçëëáÄäÉ=Ñçê=éçäáÅó=áåíÉêÑ~ÅÉëK tÉÄëÉåëÉ=êÉÅÉáîÉÇ=íÜÉ=ÜáÖÜ=Öê~ÇÉë=Ñçê=íÜÉ=~Äáäáíó=íç=çÑÑÉê=~=ëáåÖäÉ=é~ÖÉ= îáÉï=çÑ=éçäáÅó=ëí~íÉãÉåíëI=êÉìë~ÄäÉ=éçäáÅó=çÄàÉÅíëI=íÜÉ=~Äáäáíó=íç=ãçÇáÑó=áåJ ÜÉêáíÉÇ=éçäáÅáÉë=~åÇ=Ñçê=êÉéçêíáåÖ=Äó=éçäáÅó=íóéÉI=ïÜáÅÜ=áë=ÉëëÉåíá~ä=áå=ÇÉíÉêJ ãáåáåÖ=Åçãéäá~åÅÉ=íç=~=éçäáÅóK=lîÉê~ääI=tÉÄëÉåëÉ=É~êåÉÇ=~=ëÅçêÉ=çÑ=OOI= îÉêëìë=áíë=åÉñí=åÉ~êÉëí=êáî~ä=ïáíÜ=~=ëÅçêÉ=çÑ=NQK=EpÉÉ=cáÖìêÉ=RKF «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NN
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Policy Interface Scoring Source: The Tolly Group, November 2008 Figure 5 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NO
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Reporting Capabilities oÉéçêíáåÖ=Å~é~ÄáäáíáÉë=Ü~îÉ=ÉãÉêÖÉÇ=~ë=~å=ÉëëÉåíá~ä=ÅçãéçåÉåí=çÑ=pÉÅìêÉ= tÉÄ=Ö~íÉï~óë=ÄÉÅ~ìëÉ=íÜÉó=ÄêáÇÖÉ=íÜÉ=íÉÅÜåáÅ~ä=ïçêäÇ=ïáíÜ=íÜÉ=ÄìëáåÉëë= ëáÇÉ=çÑ=íÜÉ=Åçãé~åóK=_ìëáåÉëë=ìëÉêë=ÇçåÛí=Ü~îÉ=íáãÉ=íç=ï~ÇÉ=íÜêçìÖÜ=ÖçÄë= çÑ=íÉÅÜåáÅ~ä=Ç~í~I=Äìí=áåëíÉ~Ç=ï~åí=ëìãã~êó=áåÑç=Ü~êîÉëíÉÇ=~åÇ=éêÉëÉåíÉÇ= áå=~å=É~ëó=íç=Ñçääçï=Ñçêã~íK= tÉÄëÉåëÉ=êÉÅÉáîÉ=íÜÉ=ã~ñáãìã=ëÅçêÉ=çÑ= QÒ=áå=ÉáÖÜí=çÑ=åáåÉ=~î~áä~ÄäÉ= Å~íÉÖçêáÉëI=ïÜáäÉ=êáî~ä=éêçÇìÅíë=ëÅçêÉÇ=~=N=çê=O=áå=ãçëí=Å~íÉÖçêáÉëK tÉÄëÉåëÉ=É~êåÉÇ=~=ëÅçêÉ=çÑ=PRI=ïÜáäÉ=íÜÉ=åÉñí=ÅçãéÉíáåÖ=éêçÇìÅí= êÉÅÉáîÉÇ=~=OOK=tÉÄëÉåëÉ=êÉÅÉáîÉÇ=ÜáÖÜ=Öê~ÇÉë=Ñçê=íÜÉ=äÉîÉä=çÑ=ÄìëáåÉëë= çêáÉåíÉÇ=êÉéçêíë=çÑÑÉêÉÇI=íÜÉ=èìáÅâ=~ÅÅÉëë=íççäë=~î~áä~ÄäÉ=íç=ÖÉí=~í=Ç~í~K=^ÇJ Çáíáçå~ääóI=êÉ~äJíáãÉ=êÉéçêíë=~åÇ=ÑçêÉåëáÅ=êÉéçêíë=~êÉ=~î~áä~ÄäÉ=EpÉÉ=cáÖìêÉ= SKF «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NP
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Reporting Scores Source: The Tolly Group, November 2008 Figure 6 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NQ
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P URL Filtering qÜÉ=~Äáäáíó=íç=Åçåíêçä=~åÇ=ãçåáíçê=tÉÄ=ìë~ÖÉ=Äó=ÉãéäçóÉÉë=áë=ÄÉÅçãáåÖ=~= åÉÅÉëëáíó=Ñçê=Åçãé~åáÉëK=qÜÉ=~Äáäáíó=íç=ÉåÑçêÅÉ=Åçêéçê~íÉ=éçäáÅó=åçí=àìëí= ïÜáäÉ=íÜÉ=ÉãéäçóÉÉë=~êÉ=çå=éêÉãáëÉëI=Äìí=~äëç=ïÜáäÉ=çÑÑJéêÉãáëÉë=ÄÉÅçãÉë= î~äì~ÄäÉ=~ë=ÉãéäçóÉÉë=~êÉ=ÄÉÅçãáåÖ=áåÅêÉ~ëáåÖäó=ãçÄáäÉK tÉÄëÉåëÉ=çåÅÉ=~Ö~áå=çÑÑÉêÉÇ=éçïÉêÑìä=~åÇ=ÑäÉñáÄäÉ=íççäë=íç=Öê~åìä~êäó=ÅçåJ íêçä=íÜÉ=tÉÄ=~ÅÅÉëë=çÑ=ìëÉêë=ÄçíÜ=çå=~åÇ=çÑÑ=íÜÉ=éêÉãáëÉëX=~åÇ=ëÅçêÉÇ=~= ã~ñáãìã=éçëëáÄäÉ=NO=éçáåíë=~Åêçëë=íÜêÉÉ=~êÉ~ë=Éî~äì~íÉÇK=EpÉÉ=cáÖìêÉ=TKF= qÜÉ=åÉñí=ÅäçëÉëí=ÅçãéÉíáíçê=éêçÇìÅí=ëÅçêÉÇ=~=V=ïáíÜ=íÜÉ=êÉëí=ëÅçêáåÖ=Q=É~ÅÜK URL Filtering Feature Scoring Source: The Tolly Group, November 2008 Figure 7 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NR
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Malware Filtering tÜáäÉ=roi=ÑáäíÉêáåÖ=áë=~=ëí~éäÉ=çÑ=~åó=ëÉÅìêÉ=tÉÄ=Ö~íÉï~óI=ã~äï~êÉ=ÑáäíÉêáåÖ= áë=Ñ~ëí=Å~íÅÜáåÖ=çå=~ë=~=ÅêáíáÅ~ä=ÑìåÅíáçåK=sáêìë=ÇÉíÉÅíáçå=~åÇ= êÉãçî~ä=áå=Ö~íÉï~óë=áë=ÅêáíáÅ~ä=~ë=ãçêÉ=ã~äï~êÉ=ãçîÉë=íç=~=tÉÄ=ÇáëíêáÄìJ íáçå=ãÉíÜçÇ=~åÇ=ÉåÇéçáåí=éêçíÉÅíáçå=ëíêìÖÖäÉë=íç=âÉÉé=é~ÅÉ=ïáíÜ=íÜÉ=îçäìãÉ= çÑ=íÜêÉ~íëK= eÉêÉI=qÜÉ=qçääó=dêçìé=ÉåÖáåÉÉêë=ÅçåÇìÅíÉÇ=~=Ü~åÇëJçå=íÉëí=çÑ=ÅÉêí~áå=ÑÉ~J íìêÉëI=ïÜáäÉ=~ëëáÖåáåÖ=ëìÄàÉÅíáîÉ=ëÅçêÉë=íç=íÜÉ=éêçÇìÅíëÛ=~êÅÜáíÉÅíìêÉ=~åÇ= ÉîÉåí=~äÉêíë=Å~é~ÄáäáíáÉëK tÉÄëÉåëÉ=~ÅÜáÉîÉÇ=~=VUKQB=ëÅçêÉ=Ñçê=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=ã~äï~êÉ=Ñçê= USR=ëáíÉë=ÜçëíáåÖ=ã~äáÅáçìë=ÑáäÉëK=líÜÉê=îÉåÇçêë=ê~åÖÉÇ=Ñêçã=SRB=íç=VSB= ã~äï~êÉ=ÇÉíÉÅíáçå=~ÅÅìê~ÅóK=EpÉÉ=cáÖìêÉ=UKF tÉÄëÉåëÉ=~äëç=ï~ë=ëìÅÅÉëëÑìä=~í=ÇÉíÉÅíáåÖ=~åÇ=~îçáÇáåÖ=éÜáëÜáåÖ=~åÇ= éêçñó=ëáíÉë=VUKPB=çÑ=íÜÉ=íáãÉI=îÉêëìë=TMB=íç=UUB=Ñçê=çíÜÉê=éêçÇìÅíë=íÉëíÉÇK= ^åÇ=tÉÄëÉåëÉ=ï~ë=ëìÅÅÉëëÑìä=VVB=çÑ=íÜÉ=íáãÉ=~í=ÇÉíÉÅíáåÖ=~åÇ=~îçáÇáåÖ= ëáíÉë=ïáíÜ=ã~äáÅáçìë=Éñéäçáíë=çê=ÇêáîÉJÄó=ÑáäÉ=áåëí~ääëK=líÜÉê=éêçÇìÅíë=ïÉêÉ= ëìÅÅÉëëÑìä=çåäó=RQB=íç=VNB=çÑ=íÜÉ=íáãÉK tÉÄëÉåëÉ=ï~ë=~äëç=íÜÉ=çåäó=îÉåÇçê=íç=êÉÅÉáîÉ=íÜÉ=ã~ñáãìã=ëÅçêÉ=çÑ= QÒ= Ñçê=áíë=ëçäìíáçå=~êÅÜáíÉÅíìêÉ=ÇìÉ=íç=áíë=ÜóÄêáÇ=~êÅÜáíÉÅíìêÉK=qÜáë=áë=Ä~ëÉÇ=çå= d~êíåÉêÛë=ÇáëÅìëëáçå=çÑ=íÜÉ=ÄÉåÉÑáíë=çÑ=~= ÜóÄêáÇÒ=~êÅÜáíÉÅíìêÉ=íÜ~í=ìíáäáòÉë= éêçñó=íÉÅÜåçäçÖó=Ñçê=Öê~åìä~êáíó=~åÇ=ÇÉí~áäÉÇ=Åçåíêçä=ÅçìéäÉÇ=ïáíÜ=åÉíïçêâ= ãçåáíçêáåÖ=Å~é~ÄáäáíáÉë=Ñçê=ëÅ~ä~Äáäáíó=~åÇ=Äêç~Ç=ÅçîÉê~ÖÉK «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NS
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Malware Detection Scores Source: The Tolly Group, November 2008 Figure 8 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NT
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Application Control bãÄÉÇÇÉÇ=~ééäáÅ~íáçåJäÉîÉä=Åçåíêçäë=Éå~ÄäÉ=ëÉÅìêáíó=~Çãáåáëíê~íçêë=íç=ÖçîJ Éêå=íÜÉ=~Ççéíáçå=~åÇ=ìë~ÖÉ=çÑ=tÉÄJÄ~ëÉÇ=~ééäáÅ~íáçåë=ëìÅÜ=~ë=fjI=pâóéÉI= mOmI=~åÇ=ãçêÉK=qçääó=dêçìé=ÉåÖáåÉÉêë=~ï~êÇÉÇ=íÜÉ=ã~ñáãìã=ëÅçêÉ=çÑ= QÒ= íç=íÜÉ=tÉÄëÉåëÉ=éêçÇìÅí=áå=Ñçìê=çÑ=íÜÉ=ÑáîÉ=^ééäáÅ~íáçå=`çåíêçä=Å~íÉÖçêáÉë= Éñ~ãáåÉÇK=EpÉÉ=cáÖìêÉ=VKF= tÉÄëÉåëÉ=É~êåÉÇ=NV=çìí=çÑ=~=éçëëáÄäÉ=OM=éçáåíëI=ïáíÜ=íÜÉ=åÉñíJåÉ~êÉëí= ÅçãéÉíáíçê=ÅçãáåÖ=áå=ïáíÜ=~=ëÅçêÉ=çÑ=NNK=tÉÄëÉåëÉ=É~êåÉÇ=ÜáÖÜ=Öê~ÇÉë=Ñçê= áíë=~Äáäáíó=íç=Å~íÉÖçêáòÉ=~ééäáÅ~íáçåëI=ïÜáÅÜ=É~ëÉë=íÜÉ=ÅêÉ~íáçå=~åÇ=~ÇãáåáJ ëíê~íáçå=çÑ=éçäáÅáÉëK=fí=~äëç=É~êåÉÇ=~=ã~ñáãìã=ëÅçêÉ=Ñçê=éçäáÅó=ÉåÑçêÅÉãÉåí= Äó=Å~íÉÖçêóI=ïÜáÅÜ=êÉÇìÅÉë=íÜÉ=ïçêâäç~Ç=~åÇ=íÜÉ=åìãÄÉê=çÑ=ÉêêçêëK=^åÇ= tÉÄëÉåëÉ=É~êåÉÇ=~=ã~ñáãìã=ëÅçêÉ=Ñçê=Åä~ëëáÑóáåÖ=mOm=~ë=~=ÇáëíáåÅíäó=ÇáÑJ ÑÉêÉåí=~ééäáÅ~íáçå=íÜ~å=çíÜÉêëI=ëáåÅÉ=áí=éçëÉë==ÖêÉ~íÉê=êáëâë=ÇìÉ=íç=ÑáäÉ=íê~åëJ ÑÉêëK= «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NU
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Application Control Scores Source: The Tolly Group, November 2008 Figure 9 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NV
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Data Loss Protection tÉÄëÉåëÉ=ëçäìíáçå=ï~ë=íÜÉ=çåäó=éêçÇìÅí=íÉëíÉÇ=íç=É~êå=~=ã~ñáãìã=ëÅçêÉ=áå= ÉîÉêó=Å~íÉÖçêó=Ñçê=Ç~í~=äçëë=éêçíÉÅíáçåI=Ñçê=~=íçí~ä=çÑ=PO=éçáåíëK=qÜÉ=åÉñí= åÉ~êÉëí=îÉåÇçê=É~êåÉÇ=NQ=éçáåíëK=EpÉÉ=cáÖìêÉ=NMKF ^ë=íÜÉ=tÉÄ=ÄÉÅçãÉë=ãçêÉ=áåíÉê~ÅíáîÉ=Äó=å~íìêÉI=çêÖ~åáò~íáçåë=~êÉ=ÅçåJ ÅÉêåÉÇ=~Äçìí=íÜÉ=êáëâ=Ñçê=íÜÉ=äçëë=çÑ=ëÉåëáíáîÉ=Ç~í~K=pÉÅìêÉ=tÉÄ=Ö~íÉï~óë= ÅçãÄ~í=íÜáë=Äó=çÑÑÉêáåÖ=íÜÉ=~Äáäáíó=íç=ÇÉíÉÅí=åçåJÅçãéäá~åÅÉ=íç=Åçêéçê~íÉ= ~åÇ=êÉÖìä~íçêó=éçäáÅáÉëK=táíÜ=Ñìää=áåíÉÖê~íáçå=ïáíÜ=íÜÉ=tÉÄëÉåëÉ=a~í~=pÉÅìJ êáíó=pçäìíáçå=çÑÑÉêÉÇI=tÉÄëÉåëÉ=ï~ë=íÜÉ=çåäó=îÉåÇçê=íç=çÑÑÉê=~=éêÉÇÉíÉêJ ãáåÉÇ=åìãÄÉê=çÑ=íÉãéä~íÉë=íç=Öì~êÇ=~Ö~áåëí=åçåJÅçãéäá~åÅÉI=Ñçê=íÜáåÖë= ëìÅÜ=~ë=ÅêÉÇáí=Å~êÇë=çê=ëçÅá~ä=ëÉÅìêáíó=åìãÄÉêëK==tÉÄëÉåëÉ=~äëç=ï~ë=ÅáíÉÇ= Ñçê=áíë=ëíêÉåÖíÜ=~í=ÇÉÉé=ÅçåíÉåí=áåëéÉÅíáçåI=ïÜÉêÉ=çíÜÉê=éêçÇìÅíë=Çç=åçí= Ü~îÉ=íÜÉ=Å~é~Äáäáíó=çê=~êÉ=ïÉ~â=~í=áíK e~åÇëJçå=Éñ~ãáå~íáçå=çÑ=íÜÉ=éêçÇìÅíë=ëÜçï=íÜ~í=ëçãÉ=çÑÑÉêáåÖëI=ëìÅÜ=~ë= _äìÉ`ç~í=mêçñó=pdONM=~åÇ=qêÉåÇ=jáÅêç=fåíÉêëÅ~å=tÉÄ=pÉÅìêáíó=pìáíÉ=Çç= åçí=çÑÑÉê=~åó=Ç~í~=äçëë=éêÉîÉåíáçå=Ñ~ÅáäáíáÉë=çê=áåíÉÖê~íáçå=çéíáçåëK «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OM
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Data Loss Prevention Scores Source: The Tolly Group, November 2008 Figure 10 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========ON
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Network Implementation tÉÄëÉåëÉ=ëÅçêÉÇ=NN=çìí=çÑ=~=éçëëáÄäÉ=OM=éçáåíëI=ÑçääçïáåÖ=pÉÅìêÉ=tÉÄ= Ñêçã=pÉÅìêÉ=`çãéìíáåÖ=ïÜáÅÜ=ëÅçêÉÇ=NQI=~åÇ=fåíÉêpÅ~å=tÉÄ=pÉÅìêáíó= pìáíÉ=Ñêçã=qêÉåÇ=jáÅêç=ïÜáÅÜ=ëÅçêÉÇ=NOK=EpÉÉ=cáÖìêÉ=NNKF qçÇ~óÛë=çêÖ~åáò~íáçåë=êÉèìáêÉ=~=ÑäÉñáÄäÉ=ëçäìíáçå=íÜ~í=Å~å=áåíÉÖê~íÉ=ïáíÜ=íÜÉ= ïáÇÉ=ê~åÖÉ=çÑ=åÉíïçêâ=íçéçäçÖáÉë=ÅìêêÉåíäó=áå=ìëÉK=tÉÄëÉåëÉ=çÑÑÉêë=ÄçíÜ= çåJéêÉãáëÉë=~åÇ=Ñìääó=ÜçëíÉÇ=tÉÄ=ëÉÅìêáíó=çéíáçåë=éêçîáÇáåÖ=ÅìëíçãÉê=ïáíÜ= ãçêÉ=ÅÜçáÅÉë=ïÜÉå=ÇÉëáÖåáåÖ=~=ÇáëíêáÄìíÉÇ=ëçäìíáçåK=pìééçêí=Ñçê=~=Äêç~Ç= ê~åÖÉ=çÑ=Ü~êÇï~êÉ=~åÇ=ëçÑíï~êÉ=éä~íÑçêãë=Éå~ÄäÉë=É~ëó=áåíÉÖê~íáçå=áåíç= ãçëí=ÅìëíçãÉê=åÉíïçêâëK=e~êÇï~êÉ=~ééäá~åÅÉë=~êÉ=çÑíÉå=ìëÉÇ=Ñçê=ëã~ääÉê= áåëí~ää~íáçåë=íÜ~í=ä~Åâ=ÉñéÉêáÉåÅÉÇ=áãéäÉãÉåí~íáçå=ëí~ÑÑI=Äìí=~êÉ=äÉëë=çÑíÉå= ìëÉÇ=áå=ÉåíÉêéêáëÉ=åÉíïçêâë=Ä~ëÉÇ=çå=íÜÉ=ÜáÖÜÉê=ÅçëíëK «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OO
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Delivery and Network Implementation Feature Scores Source: The Tolly Group, November 2008 Figure 11 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OP
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Integration with Other Solutions fåíÉÖê~íáçå=ïáíÜ=çíÜÉê=éêçÇìÅíëI=ëìÅÜ=~ë=äç~Ç=Ä~ä~åÅÉêëI=éêçñáÉëI=bJã~áä=~åÇ= çíÜÉê=ëçäìíáçå=ã~ó=åçí=ÄÉ=ÅêáíáÅ~äI=Äìí=ã~ó=óáÉäÇ=ëìÑÑáÅáÉåí=ÄÉåÉÑáíë=íç=ï~êê~åí= íÜÉ=áåíÉÖê~íáçåK=tÜáäÉ=ãçëí=éêçÇìÅíë=íÉëíÉÇ=É~êåÉÇ=éççê=ëÅçêÉë=Ñçê=áåíÉÖê~J íáçåI=tÉÄëÉåëÉ=ÉñÅÉääÉÇ=áå=íÜÉ=~êÉ~=çÑ=ÑáêÉï~ääëI=~êÅÜáîáåÖ=~åÇ=aim=ëóëJ íÉãëK=EpÉÉ=cáÖìêÉ=NOKF «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OQ
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Integration Scores Source: The Tolly Group, November 2008 Figure 12 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OR
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Service and support pÉêîáÅÉ=~åÇ=ëìééçêí=çéíáçåë=~êÉ=~å=áãéçêí~åí=Ñ~Åíçê=íç=ÅçåëáÇÉê=ïÜÉå=ëÉJ äÉÅíáåÖ=~=ëçäìíáçåK=qÜÉ=èì~äáíó=çÑ=ëÉêîáÅÉ=çÑÑÉêáåÖë=Å~å=î~êó=ïáÇÉäó=~ãçåÖ= îÉåÇçêëK=_~ëÉÇ=çå=íÜÉ=ëÅçéÉ=çÑ=íÜáë=êÉéçêíI=íÉëíáåÖ=çÑ=íÜÉ=ëÉêîáÅÉ=çéíáçåë= çÑÑÉêÉÇ=Äó=íÜÉ=îÉåÇçêë=ï~ë=åçí=éÉêÑçêãÉÇI=ëç=~=èì~äáí~íáîÉ=ê~íáåÖ=çÑ=íÜÉ= îÉåÇçê=ëÉêîáÅÉë=Ü~ë=åçí=ÄÉÉå=éêçîáÇÉÇK=qÜÉ=çÑÑÉêáåÖë=Ñêçã=É~ÅÜ=îÉåÇçê= Ü~îÉ=ÄÉÉå=ÉåìãÉê~íÉÇ=íç=áåÇáÅ~íÉ=áÑ=íÜÉó=éêçîáÇÉ=íÜÉ=íóéÉë=çÑ=ëìééçêí=çéJ íáçåë=áåÇáÅ~íÉÇI=ëç=~=ÜáÖÜÉê=ëÅçêÉ=áåÇáÅ~íÉë=~=Äêç~ÇÉê=ê~åÖÉ=çÑ=çÑÑÉêáåÖëI=Äìí= åçí=åÉÅÉëë~êáäó=~=ëìéÉêáçê=çÑÑÉêáåÖK=EpÉÉ=cáÖìêÉ=NPKF «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OS
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Service and Support Scores Source: The Tolly Group, November 2008 Figure 13 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OT
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Test Methodology Alexa 100,000 URL Filtering/ Classification Test qÜÉ=Ä~ëáÅ=roi=ÑáäíÉêáåÖ=Å~é~ÄáäáíáÉë=çÑ=É~ÅÜ=ëóëíÉã=ï~ë=íÉëíÉÇ=Äó=ëÅêáéíáåÖ= ëí~åÇ~êÇ=ïçêâëí~íáçåë=íç=~ÅÅÉëë=~=ë~ãéäÉ=ëÉí=çÑ=NMMIMMM=roië=Ñêçã=íÜÉ= ^äÉñ~=qçé=NMMIMMM=ãçëí=îáëáíÉÇ=tÉÄ=ëáíÉë=íÜêçìÖÜ=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëíK= ^ää=~î~áä~ÄäÉ=roi=Å~íÉÖçêáÉë=çÑ=Åä~ëëáÑáÅ~íáçå=çå=~=éêçÇìÅí=ïÉêÉ=Éå~ÄäÉÇ= ~åÇ=ÅçåÑáÖìêÉÇ=íç=ÄäçÅâ=~ÅÅÉëë=íç=~åó=roi=ã~íÅÜáåÖ=çåÉ=çÑ=íÜÉ=ÇÉÑáåÉÇ=ÑáäJ íÉêáåÖ=Å~íÉÖçêáÉëK=fÑ=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Å~íÉÖçêó=~î~áä~ÄäÉ=çå= íÜÉ=éêçÇìÅíI=íÜÉ=roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê= ~åó=~î~áä~ÄäÉ=Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ= ~å=~äÉêíK=qÜÉ=äçÖë=çÑ=É~ÅÜ=ÇÉîáÅÉ=ïÉêÉ=íÜÉå=ÅçêêÉä~íÉÇ=ïáíÜ=íÜÉ=ë~ãéäÉ=ëÉí= íç=~êêáîÉ=~í=íÜÉ=ÇÉîáÅÉÛë=ëÅçêÉK=^ë=äçåÖ=~ë=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=~å= ÉñáëíáåÖ=Å~íÉÖçêó=çÑ=Åä~ëëáÑáÅ~íáçå=çå=íÜÉ=éêçÇìÅíI=íÜÉ=êÉëìäí=ï~ë=ÅçåëáÇÉêÉÇ= î~äáÇK=qÜÉ=êÉëìäíáåÖ=ëÅçêÉ=Ü~ë=ÄÉÉå=êÉÅçêÇÉÇ=~ë=íÜÉ=éÉêÅÉåí~ÖÉ=çÑ=roië= ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=~Ö~áåëí=íÜÉ=ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ=êÉJ éÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK= “Long Tail” or Extended URL Classification Test cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=NUIRUM=roië=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄJ ëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ=roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië= ëìÄãáííÉÇ=íç=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâ=Ñçê=Åä~ëëáÑáÅ~íáçå=Äó=ÉåÇJìëÉêë= ~êçìåÇ=íÜÉ=ïçêäÇK=qÜÉ=roië=ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=íç=OQ= Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåÇçïI=íç=ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ= çå=íÜÉ=fåíÉêåÉíK=låÅÉ=~Ö~áåI=ÉåÖáåÉÉêë=Éå~ÄäÉÇ=~ää=~î~áä~ÄäÉ=roi=Åä~ëëáÑáÅ~J íáçå=Å~íÉÖçêáÉë=~î~áä~ÄäÉ=çå=éêçÇìÅíë=ìåÇÉê=íÉëíI=~åÇ=îÉêáÑáÉÇ=íÜÉ=äçÖë=çÑ= É~ÅÜ=ÇÉîáÅÉ=íç=çÄí~áå=íÜÉ=åìãÄÉê=çÑ=Åä~ëëáÑáÉÇ=~åÇ=åìãÄÉê=çÑ=ãáëëÉÇ=roiëK= = fÑ=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Éå~ÄäÉÇ=Å~íÉÖçêáÉë=çå=íÜÉ=éêçÇìÅíI= íÜÉ=roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Éå~ÄäÉÇ= Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ=~å=~äÉêíK=båÖáJ åÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=íÜÉ=éêçÇìÅí=~ë=íÜÉ=ê~íáç=çÑ= ~ää=roië=ëìÅÅÉëëÑìääó=Åä~ëëáÑáÉÇ=çìí=çÑ=íÜÉ=íçí~ä=roië=íêáÉÇK=qÜÉ=êÉëìäíáåÖ= «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OU
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P ëÅçêÉ=Ü~ë=ÄÉÉå=êÉÅçêÇÉÇ=~ë=íÜÉ=éÉêÅÉåí~ÖÉ=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäJ íÉêÉÇ=~Ö~áåëí=íÜÉ=ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ=êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~íJ ~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK Phishing and/or Proxy Avoidance URL Detection Accuracy Test cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=OIPMO=roië=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄJ ëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ=roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië= ÇÉíÉÅíÉÇ=Äó=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâ=~êçìåÇ=íÜÉ=ïçêäÇ=~ë=roië=çÑ=tÉÄ= ëáíÉë=Åçåí~áåáåÖ=mÜáëÜáåÖ=Éñéäçáíë=çê=Ñ~Åáäáí~íÉÇ=mêçñó=^îçáÇ~åÅÉK= qÜÉ=roië=ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåJ ÇçïI=íç=ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ=çå=íÜÉ=fåíÉêåÉíK=låÅÉ= ~Ö~áåI=ÉåÖáåÉÉêë=Éå~ÄäÉÇ=~ää=roi=Åä~ëëáÑáÅ~íáçå=Å~íÉÖçêáÉë=êÉä~íÉÇ=íç=mÜáëÜJ áåÖ=~åÇ=mêçñó=^îçáÇ~åÅÉ=Å~íÉÖçêáÉë=~î~áä~ÄäÉ=çå=éêçÇìÅíë=ìåÇÉê=íÉëíI=~åÇ= îÉêáÑáÉÇ=íÜÉ=äçÖë=çÑ=É~ÅÜ=ÇÉîáÅÉ=íç=çÄí~áå=íÜÉ=åìãÄÉê=çÑ=Åä~ëëáÑáÉÇ=~åÇ=åìãJ ÄÉê=çÑ=ãáëëÉÇ=roiëK=fÑ=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Å~íÉÖçêáÉë= Éå~ÄäÉÇ=çå=íÜÉ=éêçÇìÅíI=íÜÉ=roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ= Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Éå~ÄäÉÇ=Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖJ ìêÉÇ=íç=ÖÉåÉê~íÉ=~å=~äÉêíK=båÖáåÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó= ~ë=íÜÉ=éÉêÅÉåí~ÖÉ=çÑ=roië=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=çìí=çÑ=íÜÉ= ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ=êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉJ ëìäíë=~îÉê~ÖÉÇK Binary Exploits and Compromises Detection Accuracy Test cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=PTV=roië=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄJ ëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ=roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië= ÇÉíÉÅíÉÇ=Äó=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâ=~êçìåÇ=íÜÉ=ïçêäÇ=~ë=roië=çÑ=tÉÄ= ëáíÉë=Åçåí~áåáåÖ=_áå~êó=Éñéäçáíë=çê=ÅçãéêçãáëÉëK= qÜÉ=roië=ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåJ ÇçïI=íç=ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ=çå=íÜÉ=fåíÉêåÉíK=låÅÉ= ~Ö~áåI=ÉåÖáåÉÉêë=Éå~ÄäÉÇ=~ää=roi=Åä~ëëáÑáÅ~íáçå=Å~íÉÖçêáÉë=êÉä~íÉÇ=íç=_áå~êó= Éñéäçáíë=~åÇ=ÅçãéêçãáëÉë=Å~íÉÖçêáÉë=~î~áä~ÄäÉ=çå=éêçÇìÅíë=ìåÇÉê=íÉëíK=fÑ=~= roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Å~íÉÖçêáÉë=Éå~ÄäÉÇ=çå=íÜÉ=éêçÇìÅíI=íÜÉ= «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OV
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Éå~ÄäÉÇ= Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ=~å=~äÉêíK=båÖáJ åÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=íÜÉ=éêçÇìÅí=~ë=íÜÉ=éÉêÅÉåíJ ~ÖÉ=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=çìí=çÑ=íÜÉ=ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ= êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK= Malware-infected URL Detection Accuracy Test cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=USR=roië=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄJ ëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ=roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië= ÇÉíÉÅíÉÇ=Äó=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâ=~êçìåÇ=íÜÉ=ïçêäÇ=~ë=roië=çÑ=tÉÄ= ëáíÉë=Åçåí~áåáåÖ=ã~äï~êÉ=Eã~äáÅáçìë=ÅçÇÉ=çê=~ééäáÅ~íáçåëFK= qÜÉ=roië=ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåJ ÇçïI=íç=ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ=çå=íÜÉ=fåíÉêåÉíK=låÅÉ= ~Ö~áåI=ÉåÖáåÉÉêë=Éå~ÄäÉÇ=~ää=roi=Åä~ëëáÑáÅ~íáçå=Å~íÉÖçêáÉë=êÉä~íÉÇ=íç=ã~äJ ï~êÉ=_áå~êó=Éñéäçáíë=~åÇ=ÅçãéêçãáëÉë=Å~íÉÖçêáÉë=~î~áä~ÄäÉ=çå=éêçÇìÅíë= ìåÇÉê=íÉëíK=fÑ=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Å~íÉÖçêáÉë=Éå~ÄäÉÇ=çå= íÜÉ=éêçÇìÅíI=íÜÉ=roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê= ~åó=Éå~ÄäÉÇ=Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ= ~å=~äÉêíK=båÖáåÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=íÜÉ=éêçÇìÅí=~ë= íÜÉ=éÉêÅÉåí~ÖÉ=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=çìí=çÑ=íÜÉ=ë~ãéäÉ=ëÉíK= qÉëíë=ïÉêÉ=êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK= Web 2.0-Based Malicious URL Detection Accuracy Test cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=VSR=roië=çå=éçéìä~ê=tÉÄ=OKM=ëáíÉë= äáâÉ=ÄäçÖëéçíKÅçã=~åÇ=ïçêÇéêÉëëKçêÖ=Åçåí~áåáåÖ=ã~äáÅáçìë=ÅçÇÉI=çê=çÄàÉÅJ íáçå~ÄäÉ=ã~íÉêá~äI=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ= roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië=ÇÉíÉÅíÉÇ=Äó=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíJ ïçêâ=íç=ÄÉ=Åçåí~áåáåÖ=ã~äáÅáçìë=ÅçÇÉ=çê=çÄàÉÅíáçå~ÄäÉ=ã~íÉêá~äK=qÜÉ=roië= ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=íç=OQ=Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåÇçïI=íç= ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ=çå=íÜÉ=fåíÉêåÉíK= båÖáåÉÉêë=Éå~ÄäÉÇ=~ää=~î~áä~ÄäÉ=roi=Åä~ëëáÑáÅ~íáçå=Å~íÉÖçêáÉë=çå=éêçÇìÅíë= ìåÇÉê=íÉëíI=êÉä~íÉÇ=íç=ã~äáÅáçìëLÜ~êãÑìä=å~íìêÉI=çê=çÄàÉÅíáçå~ÄäÉ=ÅçåíÉåíK= «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PM
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P qÜÉ=ëÉí=çÑ=roië=ï~ë=íÜÉå=~ÅÅÉëëÉÇ=~Åêçëë=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëíK=fÑ=~=roi= ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Å~íÉÖçêáÉë=Éå~ÄäÉÇ=çå=íÜÉ=éêçÇìÅíI=íÜÉ=roi= ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Éå~ÄäÉÇ=Å~íÉJ ÖçêóI=íÜÉ=éêçÇìÅíë=ìåÇÉê=íÉëí=ïÉêÉ=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ=~å=~äÉêíK=båÖáJ åÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=íÜÉ=éêçÇìÅí=~ë=íÜÉ=éÉêÅÉåíJ ~ÖÉ=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=çìí=çÑ=íÜÉ=ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ= êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK Criteria Evaluation by UI Inspection båÖáåÉÉêë=íÜÉå=éêçÅÉÉÇÉÇ=íç=Éî~äì~íÉ=íÜÉ=éêçÇìÅíë=ìåÇÉê=íÉëí=íç=ÇÉíÉêãáåÉ= íÜÉ=ÉÑÑÉÅíáîÉåÉëë=çÑ=íÜÉ=ìëÉê=áåíÉêÑ~ÅÉ=~åÇ=ÅçãéêÉÜÉåëáîÉåÉëë=çÑ=íÜÉ=ã~åJ ~ÖÉãÉåí=áåíÉêÑ~ÅÉK=qÜÉ=Éî~äì~íáçå=ï~ë=ÇçåÉ=Äó=áåëéÉÅíáåÖ=íÜÉ=ã~å~ÖÉJ ãÉåí=áåíÉêÑ~ÅÉ=çÑ=É~ÅÜ=éêçÇìÅí=ìåÇÉê=íÉëíI=~åÇ=~äëç=Äó=éÉêìëáåÖ=íÜÉ=éìÄäáÅäó= ~î~áä~ÄäÉ=ÇçÅìãÉåí~íáçå=Ñêçã=íÜÉ=îÉåÇçê=çÑ=íÜÉ=éêçÇìÅíK=cçê=É~ÅÜ=Å~íÉÖçêóI= qÜÉ=qçääó=dêçìé=ÉåÖáåÉÉêë=íÜÉå=~ëëáÖåÉÇ=~=ëìÄàÉÅíáîÉ=ëÅçêÉ=çå=~=ëÅ~äÉ=çÑ=N= EäÉ~ëí=ÉÑÑÉÅíáîÉF=íç=Q=Eãçëí=ÉÑÑÉÅíáîÉKF=aÉí~áäÉÇ=êÉëìäíë=ìåÇÉê=É~ÅÜ=Å~íÉÖçêó= ~êÉ=éêÉëÉåíÉÇ=áå=íÜÉ=ÑçääçïáåÖ=ëÉÅíáçåëK rë~Äáäáíó=ÅêáíÉêá~=ïÉêÉ=íÉëíÉÇ=Äó=ä~ìåÅÜáåÖ=íÜÉ=ã~å~ÖÉãÉåí=áåíÉêÑ~ÅÉ=~åÇ= çÄëÉêîáåÖ=íÜÉ=Å~é~ÄáäáíáÉë=çÑ=É~ÅÜ=ëóëíÉãK=qÜÉ=ëìÄàÉÅíáîÉ=ìë~ÄáäáíóI=ä~óçìí= ~åÇ=çîÉê~ää=ÉÑÑÉÅíáîÉåÉëë=çÑ=É~ÅÜ=ÑÉ~íìêÉ=Ü~ë=ÄÉÉå=~ëëáÖåÉÇ=~=î~äìÉ=ê~åÖJ áåÖ=Ñêçã=NI=äÉ~ëí=ÉÑÑÉÅíáîÉ=íç=QI=ãçëí=ÉÑÑÉÅíáîÉ=íç=áåÇáÅ~íÉ=íÜÉ=qçääó=ÉåÖáåÉÉêë= áãéêÉëëáçå=çÑ=É~ÅÜ=çÑ=íÜÉ=ìåáíë=íÉëíÉÇK= «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PN
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Interaction with Competing Vendors Fair Testing Charter ™ ~åÇ=fåíÉê~Åíáçå=ïáíÜ=`çãéÉíáíçêë In accordance with The Tolly Group’s process, competitors were contacted and invited to participate in the test - to review the test plans, the product levels and configurations of their prod- ucts and to review and comment on their results. For more information on this process, please see: http://www.Tolly.com/FTC.aspx. Cisco Systems Inc., and Blue Coat Systems did not respond to the invitation. Trend Micro, Inc. and Secure Computing Corporation agreed to par- ticipate in the test, and were provided with a test plan. At the completion of testing, The Tolly Group provided Trend Micro and Secure Computing with the results of their products, and requested to provide comments. Secure Computing did not provide official comments on their results. Trend Micro representatives provided the following comments: Trend Micro's most current secure web gateway product, InterScan Web Security Virtual Appliance v3.1 (IWSVA), was not used in this test. The IWSVA product has improved functionality over the tested product (IWSS) in the following areas: 1. Implementation Model: IWSVA supports bi-direction transparent bridging so that no client or network re-configuration is needed. 2. Malware Detection: additional capabilities have been added to the IWSVA product to ensure the highest possible content-based malware detection rates, further enhancing the URL reputation-based malware detection already in the product. 3. Performance and Throughput: IWSVA running on a standard off-the-shelf 8- core server can support up to 10,000 users with full scanning and no notice- able latency. «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PO
T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Appendix: Product List Source: The Tolly Group, November 2008 Figure 14 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PP
Terms of Usage USE THIS DOCUMENT ONLY IF YOU AGREE TO THE TERMS LISTED HEREIN. = This document is provided, free-of-charge, to help you understand whether a given product, technology or service merits addi- tional investigation for your particular needs. Any decision to purchase must be based on your own assessment of suitability. This evaluation was focused on illustrating specific features and/or performance of the product(s) and was conducted under con- trolled, laboratory conditions and certain tests may have been tailored to reflect performance under ideal conditions; performance may vary under real-world conditions. Users should run tests based on their own real-world scenarios to validate performance for their own networks. Commercially reasonable efforts were made to ensure the accuracy of the data contained herein but errors and/or oversights can occur. In no event shall The Tolly Group be liable for damages of any kind including direct, indirect, special, incidental and consequential damages which may result from the use of information contained in this document The test/audit documented herein may also rely on various test tools the accuracy of which is beyond our control. Furthermore, the document relies on certain representations by the sponsor that are beyond our control to verify. Among these is that the software/hardware tested is production or production track and is, or will be, available in equivalent or better form to commercial customers. When foreign translations exist, the English document is considered authoritative. To assure accuracy, only use documents downloaded directly from The Tolly Group’s Web site. All trademarks are the property of their respective owners. qÜÉ=qçääó=dêçìé=áë=~=äÉ~ÇáåÖ=ÖäçÄ~ä=éêçîáÇÉê=çÑ=íÜáêÇJ é~êíó=î~äáÇ~íáçå=ëÉêîáÅÉë=Ñçê=îÉåÇçêë=çÑ=fq=éêçÇìÅíëI= ÅçãéçåÉåíë=~åÇ=ëÉêîáÅÉëK qÜÉ=Åçãé~åó=áë=Ä~ëÉÇ=áå=_çÅ~=o~íçåI=ci=~åÇ=Å~å=ÄÉ= êÉ~ÅÜÉÇ=Äó=éÜçåÉ=~í==ERSNF=PVNJRSNMI=çê=îá~=íÜÉ=fåíÉêJ åÉí=~í ÜííéWLLïïïKíçääóKÅçãI=ë~äÉë]íçääóKÅçã= båíáêÉ=`çåíÉåíë=`çéóêáÖÜí=OMMU=Äó= qÜÉ=qçääó=dêçìéI=fåÅK ^ii=ofdeqp=obpbosba OMUPOSJñÑÅÑëNJââJMOaÉÅMU «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PQ

Recomendados

C++
C++C++
C++guest0307c6
 
Cloud era -『クラウド時代』マッシュアップ技術による地方からの世界発信
Cloud era -『クラウド時代』マッシュアップ技術による地方からの世界発信Cloud era -『クラウド時代』マッシュアップ技術による地方からの世界発信
Cloud era -『クラウド時代』マッシュアップ技術による地方からの世界発信Yusuke Kawasaki
 
Pink mango presentation
Pink mango presentation Pink mango presentation
Pink mango presentation Aote Pinrarod
 
PHP超入門@LL温泉
PHP超入門@LL温泉PHP超入門@LL温泉
PHP超入門@LL温泉Sotaro Karasawa
 
multimedia networking
multimedia networkingmultimedia networking
multimedia networkingNorajuk Neverdie
 
ไม้ขีดก้านเดียวที่เปลี่ยนสังคมเกาหลี: ชีวประวัติชุน เต-อิล
ไม้ขีดก้านเดียวที่เปลี่ยนสังคมเกาหลี: ชีวประวัติชุน เต-อิลไม้ขีดก้านเดียวที่เปลี่ยนสังคมเกาหลี: ชีวประวัติชุน เต-อิล
ไม้ขีดก้านเดียวที่เปลี่ยนสังคมเกาหลี: ชีวประวัติชุน เต-อิลJunya Yimprasert
 
Je suis végétarienne diapo helene et vishnuca
Je suis végétarienne diapo helene et vishnucaJe suis végétarienne diapo helene et vishnuca
Je suis végétarienne diapo helene et vishnucalouisemichelchampigny
 
Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014Kim Jensen
 

Recomendados

C++
C++C++
C++guest0307c6
 
Cloud era -『クラウド時代』マッシュアップ技術による地方からの世界発信
Cloud era -『クラウド時代』マッシュアップ技術による地方からの世界発信Cloud era -『クラウド時代』マッシュアップ技術による地方からの世界発信
Cloud era -『クラウド時代』マッシュアップ技術による地方からの世界発信Yusuke Kawasaki
 
Pink mango presentation
Pink mango presentation Pink mango presentation
Pink mango presentation Aote Pinrarod
 
PHP超入門@LL温泉
PHP超入門@LL温泉PHP超入門@LL温泉
PHP超入門@LL温泉Sotaro Karasawa
 
multimedia networking
multimedia networkingmultimedia networking
multimedia networkingNorajuk Neverdie
 
ไม้ขีดก้านเดียวที่เปลี่ยนสังคมเกาหลี: ชีวประวัติชุน เต-อิล
ไม้ขีดก้านเดียวที่เปลี่ยนสังคมเกาหลี: ชีวประวัติชุน เต-อิลไม้ขีดก้านเดียวที่เปลี่ยนสังคมเกาหลี: ชีวประวัติชุน เต-อิล
ไม้ขีดก้านเดียวที่เปลี่ยนสังคมเกาหลี: ชีวประวัติชุน เต-อิลJunya Yimprasert
 
Je suis végétarienne diapo helene et vishnuca
Je suis végétarienne diapo helene et vishnucaJe suis végétarienne diapo helene et vishnuca
Je suis végétarienne diapo helene et vishnucalouisemichelchampigny
 
Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014Kim Jensen
 
Hewlett-Packard Enterprise- State of Security Operations 2015
Hewlett-Packard Enterprise- State of Security Operations 2015Hewlett-Packard Enterprise- State of Security Operations 2015
Hewlett-Packard Enterprise- State of Security Operations 2015Kim Jensen
 
5 things needed to know migrating Windows Server 2003
5 things needed to know migrating Windows Server 20035 things needed to know migrating Windows Server 2003
5 things needed to know migrating Windows Server 2003Kim Jensen
 
Infoworld deep dive - Mobile Security2015 updated
Infoworld deep dive - Mobile Security2015 updatedInfoworld deep dive - Mobile Security2015 updated
Infoworld deep dive - Mobile Security2015 updatedKim Jensen
 
Ictere
Ictere Ictere
Ictere imaneouadi
 
OpenDNS presenter pack
OpenDNS presenter packOpenDNS presenter pack
OpenDNS presenter packKim Jensen
 
Forcepoint Whitepaper 2016 Security Predictions
Forcepoint Whitepaper 2016 Security PredictionsForcepoint Whitepaper 2016 Security Predictions
Forcepoint Whitepaper 2016 Security PredictionsKim Jensen
 
20090418 イケテルRails勉強会 第2部Air編 解説
20090418 イケテルRails勉強会 第2部Air編 解説20090418 イケテルRails勉強会 第2部Air編 解説
20090418 イケテルRails勉強会 第2部Air編 解説mochiko AsTech
 
Five Minutes Introduction For Rails
Five Minutes Introduction For RailsFive Minutes Introduction For Rails
Five Minutes Introduction For RailsKoichi ITO
 
Understanding Web Services
Understanding Web ServicesUnderstanding Web Services
Understanding Web Servicesaru85
 
Apache Tapestry
Apache TapestryApache Tapestry
Apache TapestryAkio Katayama
 
Understanding Web Services
Understanding Web ServicesUnderstanding Web Services
Understanding Web Servicesaru85
 
20090313 Cakephpstudy
20090313 Cakephpstudy20090313 Cakephpstudy
20090313 CakephpstudyYusuke Ando
 
Webken 03: Project Design for Optimaizing User Experience
Webken 03: Project Design for Optimaizing User ExperienceWebken 03: Project Design for Optimaizing User Experience
Webken 03: Project Design for Optimaizing User ExperienceNobuya Sato
 
AWS IoT Greengrass V2 の紹介
AWS IoT Greengrass V2 の紹介AWS IoT Greengrass V2 の紹介
AWS IoT Greengrass V2 の紹介Amazon Web Services Japan
 
20090418 イケテルRails勉強会 第2部Air編
20090418 イケテルRails勉強会 第2部Air編20090418 イケテルRails勉強会 第2部Air編
20090418 イケテルRails勉強会 第2部Air編mochiko AsTech
 
مقدمة عن أندرويد
مقدمة عن أندرويدمقدمة عن أندرويد
مقدمة عن أندرويدahmed_hassan
 
20090323 Phpstudy
20090323 Phpstudy20090323 Phpstudy
20090323 PhpstudyYusuke Ando
 
優雅與摩登的使用docker container和資料庫建立部落格.
優雅與摩登的使用docker container和資料庫建立部落格.優雅與摩登的使用docker container和資料庫建立部落格.
優雅與摩登的使用docker container和資料庫建立部落格.ChihChiaWang
 
IE-016 全球運籌電子化供應鏈管理
IE-016 全球運籌電子化供應鏈管理IE-016 全球運籌電子化供應鏈管理
IE-016 全球運籌電子化供應鏈管理handbook
 
Impact Credentials Final
Impact Credentials FinalImpact Credentials Final
Impact Credentials FinalZiggyrules
 
Dynamic Language による Silverlight2 アプリケーション開発
Dynamic Language による Silverlight2 アプリケーション開発Dynamic Language による Silverlight2 アプリケーション開発
Dynamic Language による Silverlight2 アプリケーション開発terurou
 
Fleet Hub for AWS IoT Device Management のご紹介
Fleet Hub for AWS IoT Device Management のご紹介Fleet Hub for AWS IoT Device Management のご紹介
Fleet Hub for AWS IoT Device Management のご紹介Amazon Web Services Japan
 

Mais conteúdo relacionado

Destaque

Hewlett-Packard Enterprise- State of Security Operations 2015
Hewlett-Packard Enterprise- State of Security Operations 2015Hewlett-Packard Enterprise- State of Security Operations 2015
Hewlett-Packard Enterprise- State of Security Operations 2015Kim Jensen
 
5 things needed to know migrating Windows Server 2003
5 things needed to know migrating Windows Server 20035 things needed to know migrating Windows Server 2003
5 things needed to know migrating Windows Server 2003Kim Jensen
 
Infoworld deep dive - Mobile Security2015 updated
Infoworld deep dive - Mobile Security2015 updatedInfoworld deep dive - Mobile Security2015 updated
Infoworld deep dive - Mobile Security2015 updatedKim Jensen
 
OpenDNS presenter pack
OpenDNS presenter packOpenDNS presenter pack
OpenDNS presenter packKim Jensen
 
Forcepoint Whitepaper 2016 Security Predictions
Forcepoint Whitepaper 2016 Security PredictionsForcepoint Whitepaper 2016 Security Predictions
Forcepoint Whitepaper 2016 Security PredictionsKim Jensen
 

Destaque (6)

Hewlett-Packard Enterprise- State of Security Operations 2015
Hewlett-Packard Enterprise- State of Security Operations 2015Hewlett-Packard Enterprise- State of Security Operations 2015
Hewlett-Packard Enterprise- State of Security Operations 2015
 
5 things needed to know migrating Windows Server 2003
5 things needed to know migrating Windows Server 20035 things needed to know migrating Windows Server 2003
5 things needed to know migrating Windows Server 2003
 
Infoworld deep dive - Mobile Security2015 updated
Infoworld deep dive - Mobile Security2015 updatedInfoworld deep dive - Mobile Security2015 updated
Infoworld deep dive - Mobile Security2015 updated
 
Ictere
Ictere Ictere
Ictere
 
OpenDNS presenter pack
OpenDNS presenter packOpenDNS presenter pack
OpenDNS presenter pack
 
Forcepoint Whitepaper 2016 Security Predictions
Forcepoint Whitepaper 2016 Security PredictionsForcepoint Whitepaper 2016 Security Predictions
Forcepoint Whitepaper 2016 Security Predictions
 

Semelhante a Web Security Gateway Dec2008

20090418 イケテルRails勉強会 第2部Air編 解説
20090418 イケテルRails勉強会 第2部Air編 解説20090418 イケテルRails勉強会 第2部Air編 解説
20090418 イケテルRails勉強会 第2部Air編 解説mochiko AsTech
 
Five Minutes Introduction For Rails
Five Minutes Introduction For RailsFive Minutes Introduction For Rails
Five Minutes Introduction For RailsKoichi ITO
 
Understanding Web Services
Understanding Web ServicesUnderstanding Web Services
Understanding Web Servicesaru85
 
Understanding Web Services
Understanding Web ServicesUnderstanding Web Services
Understanding Web Servicesaru85
 
20090313 Cakephpstudy
20090313 Cakephpstudy20090313 Cakephpstudy
20090313 CakephpstudyYusuke Ando
 
Webken 03: Project Design for Optimaizing User Experience
Webken 03: Project Design for Optimaizing User ExperienceWebken 03: Project Design for Optimaizing User Experience
Webken 03: Project Design for Optimaizing User ExperienceNobuya Sato
 
20090418 イケテルRails勉強会 第2部Air編
20090418 イケテルRails勉強会 第2部Air編20090418 イケテルRails勉強会 第2部Air編
20090418 イケテルRails勉強会 第2部Air編mochiko AsTech
 
مقدمة عن أندرويد
مقدمة عن أندرويدمقدمة عن أندرويد
مقدمة عن أندرويدahmed_hassan
 
20090323 Phpstudy
20090323 Phpstudy20090323 Phpstudy
20090323 PhpstudyYusuke Ando
 
優雅與摩登的使用docker container和資料庫建立部落格.
優雅與摩登的使用docker container和資料庫建立部落格.優雅與摩登的使用docker container和資料庫建立部落格.
優雅與摩登的使用docker container和資料庫建立部落格.ChihChiaWang
 
IE-016 全球運籌電子化供應鏈管理
IE-016 全球運籌電子化供應鏈管理IE-016 全球運籌電子化供應鏈管理
IE-016 全球運籌電子化供應鏈管理handbook
 
Impact Credentials Final
Impact Credentials FinalImpact Credentials Final
Impact Credentials FinalZiggyrules
 
Dynamic Language による Silverlight2 アプリケーション開発
Dynamic Language による Silverlight2 アプリケーション開発Dynamic Language による Silverlight2 アプリケーション開発
Dynamic Language による Silverlight2 アプリケーション開発terurou
 
Fleet Hub for AWS IoT Device Management のご紹介
Fleet Hub for AWS IoT Device Management のご紹介Fleet Hub for AWS IoT Device Management のご紹介
Fleet Hub for AWS IoT Device Management のご紹介Amazon Web Services Japan
 
【13 C 2】デベロッパーに贈る!M-V-VMパターンで造るWPFアプリケーション
【13 C 2】デベロッパーに贈る!M-V-VMパターンで造るWPFアプリケーション【13 C 2】デベロッパーに贈る!M-V-VMパターンで造るWPFアプリケーション
【13 C 2】デベロッパーに贈る!M-V-VMパターンで造るWPFアプリケーションYuya Yamaki
 
How To Create Custom DSLs By PHP
How To Create Custom DSLs By PHPHow To Create Custom DSLs By PHP
How To Create Custom DSLs By PHPAtsuhiro Kubo
 
P2P Bug Tracking with SD
P2P Bug Tracking with SDP2P Bug Tracking with SD
P2P Bug Tracking with SDJesse Vincent
 

Semelhante a Web Security Gateway Dec2008 (20)

20090418 イケテルRails勉強会 第2部Air編 解説
20090418 イケテルRails勉強会 第2部Air編 解説20090418 イケテルRails勉強会 第2部Air編 解説
20090418 イケテルRails勉強会 第2部Air編 解説
 
Five Minutes Introduction For Rails
Five Minutes Introduction For RailsFive Minutes Introduction For Rails
Five Minutes Introduction For Rails
 
Understanding Web Services
Understanding Web ServicesUnderstanding Web Services
Understanding Web Services
 
Apache Tapestry
Apache TapestryApache Tapestry
Apache Tapestry
 
Understanding Web Services
Understanding Web ServicesUnderstanding Web Services
Understanding Web Services
 
20090313 Cakephpstudy
20090313 Cakephpstudy20090313 Cakephpstudy
20090313 Cakephpstudy
 
Webken 03: Project Design for Optimaizing User Experience
Webken 03: Project Design for Optimaizing User ExperienceWebken 03: Project Design for Optimaizing User Experience
Webken 03: Project Design for Optimaizing User Experience
 
AWS IoT Greengrass V2 の紹介
AWS IoT Greengrass V2 の紹介AWS IoT Greengrass V2 の紹介
AWS IoT Greengrass V2 の紹介
 
20090418 イケテルRails勉強会 第2部Air編
20090418 イケテルRails勉強会 第2部Air編20090418 イケテルRails勉強会 第2部Air編
20090418 イケテルRails勉強会 第2部Air編
 
مقدمة عن أندرويد
مقدمة عن أندرويدمقدمة عن أندرويد
مقدمة عن أندرويد
 
20090323 Phpstudy
20090323 Phpstudy20090323 Phpstudy
20090323 Phpstudy
 
優雅與摩登的使用docker container和資料庫建立部落格.
優雅與摩登的使用docker container和資料庫建立部落格.優雅與摩登的使用docker container和資料庫建立部落格.
優雅與摩登的使用docker container和資料庫建立部落格.
 
IE-016 全球運籌電子化供應鏈管理
IE-016 全球運籌電子化供應鏈管理IE-016 全球運籌電子化供應鏈管理
IE-016 全球運籌電子化供應鏈管理
 
Impact Credentials Final
Impact Credentials FinalImpact Credentials Final
Impact Credentials Final
 
Dynamic Language による Silverlight2 アプリケーション開発
Dynamic Language による Silverlight2 アプリケーション開発Dynamic Language による Silverlight2 アプリケーション開発
Dynamic Language による Silverlight2 アプリケーション開発
 
Fleet Hub for AWS IoT Device Management のご紹介
Fleet Hub for AWS IoT Device Management のご紹介Fleet Hub for AWS IoT Device Management のご紹介
Fleet Hub for AWS IoT Device Management のご紹介
 
【13 C 2】デベロッパーに贈る!M-V-VMパターンで造るWPFアプリケーション
【13 C 2】デベロッパーに贈る!M-V-VMパターンで造るWPFアプリケーション【13 C 2】デベロッパーに贈る!M-V-VMパターンで造るWPFアプリケーション
【13 C 2】デベロッパーに贈る!M-V-VMパターンで造るWPFアプリケーション
 
How To Create Custom DSLs By PHP
How To Create Custom DSLs By PHPHow To Create Custom DSLs By PHP
How To Create Custom DSLs By PHP
 
AWS re:Invent 2020 IoT Update - 20201223
AWS re:Invent 2020 IoT Update - 20201223AWS re:Invent 2020 IoT Update - 20201223
AWS re:Invent 2020 IoT Update - 20201223
 
P2P Bug Tracking with SD
P2P Bug Tracking with SDP2P Bug Tracking with SD
P2P Bug Tracking with SD
 

Mais de Kim Jensen

Cisco 2013 Annual Security Report
Cisco 2013 Annual Security ReportCisco 2013 Annual Security Report
Cisco 2013 Annual Security ReportKim Jensen
 
Websense 2013 Threat Report
Websense 2013 Threat ReportWebsense 2013 Threat Report
Websense 2013 Threat ReportKim Jensen
 
Security Survey 2013 UK
Security Survey 2013 UKSecurity Survey 2013 UK
Security Survey 2013 UKKim Jensen
 
Miercom Security Effectiveness Test Report
Miercom Security Effectiveness Test Report Miercom Security Effectiveness Test Report
Miercom Security Effectiveness Test Report Kim Jensen
 
DK Cert Trend Rapport 2012
DK Cert Trend Rapport 2012DK Cert Trend Rapport 2012
DK Cert Trend Rapport 2012Kim Jensen
 
Bliv klar til cloud med Citrix Netscaler (pdf)
Bliv klar til cloud med Citrix Netscaler (pdf)Bliv klar til cloud med Citrix Netscaler (pdf)
Bliv klar til cloud med Citrix Netscaler (pdf)Kim Jensen
 
Data Breach Investigations Report 2012
Data Breach Investigations Report 2012Data Breach Investigations Report 2012
Data Breach Investigations Report 2012Kim Jensen
 
State of Web Q3 2011
State of Web Q3 2011State of Web Q3 2011
State of Web Q3 2011Kim Jensen
 
Wave mobile collaboration Q3 2011
Wave mobile collaboration Q3 2011Wave mobile collaboration Q3 2011
Wave mobile collaboration Q3 2011Kim Jensen
 
Corporate Web Security
Corporate Web SecurityCorporate Web Security
Corporate Web SecurityKim Jensen
 
Cloud security Deep Dive 2011
Cloud security Deep Dive 2011Cloud security Deep Dive 2011
Cloud security Deep Dive 2011Kim Jensen
 
Cloud rambøll mgmt - briefing d. 28. januar 2011
Cloud rambøll mgmt - briefing d. 28. januar 2011Cloud rambøll mgmt - briefing d. 28. januar 2011
Cloud rambøll mgmt - briefing d. 28. januar 2011Kim Jensen
 
Cloud security deep dive infoworld jan 2011
Cloud security deep dive infoworld jan 2011Cloud security deep dive infoworld jan 2011
Cloud security deep dive infoworld jan 2011Kim Jensen
 
Cloud services deep dive infoworld july 2010
Cloud services deep dive infoworld july 2010Cloud services deep dive infoworld july 2010
Cloud services deep dive infoworld july 2010Kim Jensen
 
Sådan kommer du i gang med skyen (pdf)
Sådan kommer du i gang med skyen (pdf)Sådan kommer du i gang med skyen (pdf)
Sådan kommer du i gang med skyen (pdf)Kim Jensen
 
Unified communications presence er den afgørende funktion (pdf)
Unified communications presence er den afgørende funktion (pdf)Unified communications presence er den afgørende funktion (pdf)
Unified communications presence er den afgørende funktion (pdf)Kim Jensen
 
Unified communication by hp
Unified communication by hpUnified communication by hp
Unified communication by hpKim Jensen
 
Guide to Cloud Computing (pdf) - Danish
Guide to Cloud Computing (pdf) - DanishGuide to Cloud Computing (pdf) - Danish
Guide to Cloud Computing (pdf) - DanishKim Jensen
 
Cloud Computing for Banking - Accenture
Cloud Computing for Banking - AccentureCloud Computing for Banking - Accenture
Cloud Computing for Banking - AccentureKim Jensen
 
Unified communication
Unified communicationUnified communication
Unified communicationKim Jensen
 

Mais de Kim Jensen (20)

Cisco 2013 Annual Security Report
Cisco 2013 Annual Security ReportCisco 2013 Annual Security Report
Cisco 2013 Annual Security Report
 
Websense 2013 Threat Report
Websense 2013 Threat ReportWebsense 2013 Threat Report
Websense 2013 Threat Report
 
Security Survey 2013 UK
Security Survey 2013 UKSecurity Survey 2013 UK
Security Survey 2013 UK
 
Miercom Security Effectiveness Test Report
Miercom Security Effectiveness Test Report Miercom Security Effectiveness Test Report
Miercom Security Effectiveness Test Report
 
DK Cert Trend Rapport 2012
DK Cert Trend Rapport 2012DK Cert Trend Rapport 2012
DK Cert Trend Rapport 2012
 
Bliv klar til cloud med Citrix Netscaler (pdf)
Bliv klar til cloud med Citrix Netscaler (pdf)Bliv klar til cloud med Citrix Netscaler (pdf)
Bliv klar til cloud med Citrix Netscaler (pdf)
 
Data Breach Investigations Report 2012
Data Breach Investigations Report 2012Data Breach Investigations Report 2012
Data Breach Investigations Report 2012
 
State of Web Q3 2011
State of Web Q3 2011State of Web Q3 2011
State of Web Q3 2011
 
Wave mobile collaboration Q3 2011
Wave mobile collaboration Q3 2011Wave mobile collaboration Q3 2011
Wave mobile collaboration Q3 2011
 
Corporate Web Security
Corporate Web SecurityCorporate Web Security
Corporate Web Security
 
Cloud security Deep Dive 2011
Cloud security Deep Dive 2011Cloud security Deep Dive 2011
Cloud security Deep Dive 2011
 
Cloud rambøll mgmt - briefing d. 28. januar 2011
Cloud rambøll mgmt - briefing d. 28. januar 2011Cloud rambøll mgmt - briefing d. 28. januar 2011
Cloud rambøll mgmt - briefing d. 28. januar 2011
 
Cloud security deep dive infoworld jan 2011
Cloud security deep dive infoworld jan 2011Cloud security deep dive infoworld jan 2011
Cloud security deep dive infoworld jan 2011
 
Cloud services deep dive infoworld july 2010
Cloud services deep dive infoworld july 2010Cloud services deep dive infoworld july 2010
Cloud services deep dive infoworld july 2010
 
Sådan kommer du i gang med skyen (pdf)
Sådan kommer du i gang med skyen (pdf)Sådan kommer du i gang med skyen (pdf)
Sådan kommer du i gang med skyen (pdf)
 
Unified communications presence er den afgørende funktion (pdf)
Unified communications presence er den afgørende funktion (pdf)Unified communications presence er den afgørende funktion (pdf)
Unified communications presence er den afgørende funktion (pdf)
 
Unified communication by hp
Unified communication by hpUnified communication by hp
Unified communication by hp
 
Guide to Cloud Computing (pdf) - Danish
Guide to Cloud Computing (pdf) - DanishGuide to Cloud Computing (pdf) - Danish
Guide to Cloud Computing (pdf) - Danish
 
Cloud Computing for Banking - Accenture
Cloud Computing for Banking - AccentureCloud Computing for Banking - Accenture
Cloud Computing for Banking - Accenture
 
Unified communication
Unified communicationUnified communication
Unified communication
 

Último

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 

Último (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 

Web Security Gateway Dec2008

  • 1. © 2008 The Tolly Group Document # 208326 The Web Security Challenge: A Competitive Guide to Selecting Secure Web Gateways A white paper commissioned by Websense, Inc. White Paper December 2008
  • 2. WHITE PAPER: The Web Security Challenge: A Competitive Guide to Selecting Web Security Gateways Table of Contents _ÉÑçêÉ=ìëáåÖ=íÜáë=ÇçÅìãÉåí=óçì=ãìëí=~ÖêÉÉ=íç=íÜÉ=íÉêãë=çÑ=ìë~ÖÉK qÜÉëÉ=íÉêãë=~êÉ=äáëíÉÇ=çå=íÜÉ=Ñáå~ä=é~ÖÉK Executive Summary 4 Web 2.0 Effectiveness 7 Manageability and Scalability 9 Policy Interface 11 Reporting Capabilities 13 URL Filtering 15 Malware Filtering 16 Application Control 18 Data Loss Protection 20 Network Implementation 22 Integration with Other Solutions 24 Service and support 26 Test Methodology 28 Alexa 100,000 URL Filtering/Classification Test 28 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========O
  • 3. WHITE PAPER: The Web Security Challenge: A Competitive Guide to Selecting Web Security Gateways Table of Contents _ÉÑçêÉ=ìëáåÖ=íÜáë=ÇçÅìãÉåí=óçì=ãìëí=~ÖêÉÉ=íç=íÜÉ=íÉêãë=çÑ=ìë~ÖÉK qÜÉëÉ=íÉêãë=~êÉ=äáëíÉÇ=çå=íÜÉ=Ñáå~ä=é~ÖÉK “Long Tail” or Extended URL Classification Test 28 Phishing and/or Proxy Avoidance URL Detection Accuracy Test29 Binary Exploits and Compromises Detection Accuracy Test 29 Malware-infected URL Detection Accuracy Test 30 Web 2.0-Based Malicious URL Detection Accuracy Test 30 Criteria Evaluation by UI Inspection 31 Interaction with Competing Vendors 32 Appendix: Product List 33 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========P
  • 4. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Executive Summary The World Wide Web has changed dramatically in the past decade. The use of the Web as an application platform, a communication medium, and a business tool, combined with the migration of attackers onto the Web, demands new solutions to help manage business and mitigate security threats. Enterprise IT managers should carefully evaluate both the ease of management, as well as the effective- ness, of gateway-based Web security solutions against a constantly evolving threat landscape. tÉÄëÉåëÉI=fåÅK=ÅçããáëëáçåÉÇ=qÜÉ=qçääó=dêçìé=íç=Éî~äì~íÉ=áíë=tÉÄ=pÉÅìJ êáíó=d~íÉï~ó=~Ö~áåëí=çíÜÉê=~î~áä~ÄäÉ=Ö~íÉï~ó=ëÉÅìêáíó=éêçÇìÅíëK=qÜÉ=ÅçãJ éÉíáåÖ=éêçÇìÅíë=íÉëíÉÇ=ïÉêÉW=_äìÉ=`ç~í=póëíÉãëÛ=mêçñópd=ONM=~åÇ= mêçñó^s=RNM=~ééäá~åÅÉëI=`áëÅç=póëíÉãë=fåÅKÛë=fêçåmçêí=pSRM=tÉÄ=pÉÅìêáíó= ^ééäá~åÅÉI=qêÉåÇ=jáÅêçI=fåÅKÛë=fåíÉêpÅ~å=tÉÄ=pÉÅìêáíó=pìáíÉ=EftppFI=~åÇ= pÉÅìêÉ=`çãéìíáåÖ=`çêéçê~íáçåÛë=pÉÅìêÉ=tÉÄ=EtÉÄï~ëÜÉêF=~ééäá~åÅÉK= Note: All products under test shall be referenced by their manufacturer s name hereafter in the document. Websense Web Security Gateway combines powerful and easy-to-manage software with the ability to mitigate dynamic Web-based threats, exceeding other vendors tested in meeting Gartner’s criteria* for buying Secure Web Gateways. GaáëÅä~áãÉêW qÜÉ=d~êíåÉê=êÉéçêí= ^=_ìóÉêÛë=dìáÇÉ=íç=pÉÅìêÉ=tÉÄ=d~íÉï~óëÒ=Äó=mÉíÉê=cáêëíÄêççâ=~åÇ= i~ïêÉåÅÉ=lê~åë=Ed~êíåÉê=o^p=`çêÉ=oÉëÉ~êÅÜ=kçíÉ=dMMNRVSSVX=NR=^ìÖìëí=OMMUF=ï~ë= ìëÉÇ=çåäó=~ë=~=êÉèìáêÉãÉåíë=ÖìáÇÉ=áå=íÜáë=Éî~äì~íáçåK=eçïÉîÉêI=~åó=~åÇ=~ää=îÉåÇçê=~åÇ= éêçÇìÅí=Åçãé~êáëçåë=~åÇ=Éî~äì~íáçåë=ïÉêÉ=ÇçåÉ=Äó=íÜÉ=qçääó=dêçìé=~åÇ=áå=åç=ï~ó=Çç=íÜÉó= ÉñéêÉëë=íÜÉ=çéáåáçå=çÑ=d~êíåÉêK ^ää=ëí~íÉãÉåíë=áå=íÜáë=êÉéçêí=~ííêáÄìí~ÄäÉ=íç=d~êíåÉê=êÉéêÉëÉåí=tÉÄëÉåëÉI=fåÅKÛë=áåíÉêéêÉí~J íáçå=çÑ=Ç~í~I=êÉëÉ~êÅÜ=çéáåáçå=çê=îáÉïéçáåíë=éìÄäáëÜÉÇ=~ë=é~êí=çÑ=~=ëóåÇáÅ~íÉÇ=ëìÄëÅêáéíáçå= ëÉêîáÅÉ=Äó=d~êíåÉêI=fåÅKI=~åÇ=Ü~îÉ=åçí=ÄÉÉå=êÉîáÉïÉÇ=Äó=d~êíåÉêK=b~ÅÜ=d~êíåÉê=éìÄäáÅ~íáçå= ëéÉ~âë=~ë=çÑ=áíë=çêáÖáå~ä=éìÄäáÅ~íáçå=Ç~íÉ=E~åÇ=åçí=~ë=çÑ=íÜÉ=Ç~íÉ=çÑ=íÜáë=êÉéçêíFK=qÜÉ=çéáåJ áçåë=ÉñéêÉëëÉÇ=áå=d~êíåÉê=éìÄäáÅ~íáçåë=~êÉ=åçí=êÉéêÉëÉåí~íáçåë=çÑ=Ñ~ÅíI=~åÇ=~êÉ=ëìÄàÉÅí=íç= ÅÜ~åÖÉ=ïáíÜçìí=åçíáÅÉK fÑ=ÅäáÉåíë=ÇÉëáêÉ=d~êíåÉê=íç=îÉêáÑó=íÜ~í=èìçíÉë=~êÉ=~ÅÅìê~íÉ=~åÇ=Åçãéäó=ïáíÜ=d~êíåÉêÛë=`çéóJ êáÖÜí=~åÇ=nìçíÉ=mçäáÅóI=d~êíåÉê=éêçîáÇÉë=~=ëÉêîáÅÉ=íÜ~í=îÉêáÑáÉë=èìçíÉ=~ÅÅìê~Åó=~åÇ=~ééêçJ éêá~íÉåÉëëK=`äáÉåíë=ïáëÜáåÖ=íç=í~âÉ=~Çî~åí~ÖÉ=çÑ=íÜáë=ëÉêîáÅÉ=ëÜçìäÇ=Åçåí~Åí=d~êíåÉê=sÉåJ Ççê=oÉä~íáçåë=~í=îÉåÇçêKêÉä~íáçåë]Ö~êíåÉêKÅçãK «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========Q
  • 5. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P qçääó=dêçìé=ÉåÖáåÉÉêë=Éî~äì~íÉÇ=íÜÉ=éêçÇìÅíë=ìåÇÉê=íÉëí=Ä~ëÉÇ= tÉÄëÉåëÉI= çå=~=ëÉí=çÑ=ÅêáíÉêá~=d~êíåÉê=áÇÉåíáÑáÉÇ=~ë=íÜÉ=ãçëíJ~Çî~åÅÉÇ=ÑÉ~J fåÅK íìêÉë=íÜ~í=ÅçìäÇ=ÜÉäé=ïáíÜ=Åçãé~ê~íáîÉ=Éî~äì~íáçå=~åÇ=ëÉäÉÅíáçå= çÑ=~=ëÉÅìêÉ=tÉÄ=Ö~íÉï~óK=qÉëíë=ïÉêÉ=ÅçåÇìÅíÉÇ=áå=lÅíçÄÉê= pÉÅìêÉ=tÉÄ= OMMUK d~íÉï~ó cêçã=~=ÜáÖÜJäÉîÉä=éÉêëéÉÅíáîÉI=íÜÉ=d~êíåÉê=ptd=ÄìóÉêÛë=ÖìáÇÉ= `çãéÉíáíáîÉ= ë~óë=íÜ~í=îÉåÇçêë=çÑ=roi=ÑáäíÉêáåÖI=éêçñó=ëÉêîÉêëI=~åÇ=~åíáJîáêìëL bî~äì~íáçå=çÑ=tÉÄ=pÉÅìêáíó= ~åíáJëé~ã=ëçäìíáçåëI=~ää=~êÉ=~ééêç~ÅÜáåÖ=íÜÉ=ëÉÅìêÉ=tÉÄ=Ö~íÉJ cÉ~íìêÉë ï~ó=ã~êâÉí=Ñêçã=ÇáÑÑÉêÉåí=ÇáêÉÅíáçåëK=qÜÉ=qçääó=dêçìéÛë=Ü~åÇëJçå= ~å~äóëáë=çÑ=íÜÉëÉ=éêçÇìÅíë=îÉêáÑáÉë=íÜ~í=ïÜáäÉ=íÜÉ=ã~àçêáíó=çÑ= éêçÇìÅíë=íÉëíÉÇ=ÉñÅÉä=áå=~=ÑÉï=~êÉ~ëI=çåäó=tÉÄëÉåëÉÛë=tÉÄ=pÉÅìJ êáíó=d~íÉï~ó=ëÅçêÉÇ=ìåáÑçêãäó=ÜáÖÜ=~åÇ=ÇÉäáîÉêÉÇ=ÑÉ~íìêÉJêáÅÜ=Å~é~ÄáäáíáÉë= ~Åêçëë=~ää=åáåÉ=ÑìåÅíáçå~ä=~êÉ~ë=íÜ~í=ÉåÖáåÉÉêë=Éñ~ãáåÉÇK= qçääó=dêçìé=ÉåÖáåÉÉêë=~ëëáÖåÉÇ=~=ëìÄàÉÅíáîÉ=ëÅçêÉ=íç=É~ÅÜ=çÑ=íÜÉ=åáåÉ= éêçÇìÅí=ÅêáíÉêá~=Éî~äì~íÉÇ=~åÇ=í~ääáÉÇ=~=ÅçãéçëáíÉ=ëÅçêÉ=Ñçê=É~ÅÜ=éêçÇìÅíK= táíÜ=~=ëÅçêÉ=çÑ=OMNI=tÉÄëÉåëÉ=pÉÅìêáíó=d~íÉï~ó=~äãçëí=ÇçìÄäÉÇ=íÜÉ=éçáåí= íçí~ä=çÑ=áíë=åÉñí=åÉ~êÉëí=ÅçãéÉíáíçêK=EpÉÉ=cáÖìêÉ=NI=é~ÖÉ=RKF jçêÉçîÉêI=áå=~ÇÇáíáçå=íç=ëí~åÇ~êÇ=roi=ÑáäíÉêáåÖ=~åÇ=íê~Çáíáçå~ä=ã~äï~êÉ=éêçJ íÉÅíáçå=íÜ~í=áë=~î~áä~ÄäÉ=çå=~åó=ëÉÅìêÉ=tÉÄ=Ö~íÉï~óI=tÉÄëÉåëÉ=áë=íÜÉ=Ñáêëí= îÉåÇçê=Éñ~ãáåÉÇ=Äó=qÜÉ=qçääó=dêçìé=ÉåÖáåÉÉêë=íç=çÑÑÉê=~=Ñìääó=áåíÉÖê~íÉÇ= aim=çéíáçåI=~ääçïáåÖ=íÜÉ=Åçãé~åó=íç=çÑÑÉê=~=äÉîÉä=çÑ=Ç~í~=äçëë=éêçíÉÅíáçå= ìåã~íÅÜÉÇ=å~íáîÉäó=Äó=êáî~ä=éêçÇìÅíë=íÉëíÉÇK=qÜÉ=pÉÅìêÉ=tÉÄ=d~íÉï~ó=ÇÉJ äáîÉêë=~=ãçêÉ=ÑìåÅíáçå~ä=ã~å~ÖÉãÉåí=áåíÉêÑ~ÅÉI=ëÅ~ä~Äáäáíó=Å~é~ÄáäáíáÉëI=~åÇ= êáÅÜÉê=êÉéçêíáåÖ=ÑìåÅíáçåë=íÜ~å=êáî~ä=éêçÇìÅíë=íÉëíÉÇK q~âÉå=~ë=~=ïÜçäÉI=íÜÉ=ÅçãéçëáíÉ=ëÅçêÉë=Ñêçã=É~ÅÜ=çÑ=íÜÉ=Éî~äì~íÉÇ=ëÉäÉÅJ íáçå=ÅêáíÉêá~=ëÜçï=íÜ~í=tÉÄëÉåëÉÛë=tÉÄ=pÉÅìêáíó=d~íÉï~ó=áë=íÜÉ=ãçëí= ÑÉ~íìêÉJêáÅÜ=çÑ=íÜÉ=éêçÇìÅíë=íÉëíÉÇI=~äçåÖ=ïáíÜW çÑÑÉêáåÖ=íÜÉ=ïáÇÉëí=ÅçîÉê~ÖÉ=~åÇ=íÜÉ=ÖêÉ~íÉëí=~ÅÅìê~Åó=áå= Å~íÉÖçêáòáåÖ=Çóå~ãáÅ=ÅçåíÉåí=çå=tÉÄ=OKM=ëáíÉë ÄäçÅâáåÖ=ãçêÉ=fåíÉêåÉíJÄ~ëÉÇ=íÜêÉ~íë=íÜ~å=~ää=çíÜÉê=éêçÇìÅíë=íÉëíÉÇ éêçîáÇáåÖ=íÜÉ=É~ëáÉëí=íç=ìëÉ=áåíÉêÑ~ÅÉ=çÑ=íÜÉ=éêçÇìÅíë=íÉëíÉÇ ÇÉäáîÉêáåÖ=ÖêÉ~íÉê=ÑäÉñáÄáäáíó=íÜ~å=~åó=çíÜÉê=ëçäìíáçåë=íÉëíÉÇ «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========R
  • 6. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Composite Scores of Products Tested Across Evaluation Areas All criteria listed were rated subjectively either by examining publicly available documentation from the vendors; or by launching the management interface, configuring the desired behavior and observing the results. The subjective usability, layout and overall effectiveness of each function by vendor has been assigned a value ranging from 1 (least effective) to 4 (most effective) to indicate the Tolly engineers' im- pression of each of the units tested. Detailed breakdown of scores in each area of evaluation can be seen in Figures 4. through 12. Source: The Tolly Group, November 2008 Figure 1 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========S
  • 7. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P qÜáë=ïÜáíÉ=é~éÉê=ïáää=ÉñéäçêÉ=ÑáåÇáåÖë=Ñçê=É~ÅÜ=çÑ=íÜÉ=Éî~äì~íáçå=ÅêáíÉêá~=áå= íÜÉ=é~ÖÉë=~åÇ=ÅÜ~êíë=íÜ~í=ÑçääçïK= få=ÅçåÅäìëáçåI=tÉÄëÉåëÉ=tÉÄ=pÉÅìêáíó=d~íÉï~ó=ÅçãÄáåÉÇ=íÜÉ=ÄÉëí=çÑ= ÄêÉÉÇ=íÉÅÜåçäçÖáÉë=íç=çÑÑÉê=~=éêçÇìÅí=íÜ~í=áë=É~ëáÉê=íç=ã~å~ÖÉI=ëÅ~äÉë= ÄÉííÉêI=éêçîáÇÉë=ãçêÉ=Öê~åìä~ê=çéíáçåë=íç=Åçåíêçä=åÉíïçêâ=~ééäáÅ~íáçå=íê~ÑÑáÅ= ~åÇ=Öì~êÇë=~Ö~áåëí=íÜÉ=Çóå~ãáÅ~ääó=ÅÜ~åÖáåÖ=íÜêÉ~í=ä~åÇëÅ~éÉ=çÑ=tÉÄJ Ä~ëÉÇ=~íí~ÅâëK Web 2.0 Effectiveness tÉÄ=OKM=ëáíÉë=~êÉ=ê~éáÇäó=ÖêçïáåÖ=íç=ÄÉ=ëçãÉ=çÑ=íÜÉ=ãçëí=îáëáíÉÇ=tÉÄ=ëáíÉë= çå=íÜÉ=fåíÉêåÉíK=qÜÉ=~Äáäáíó=çÑ=ìëÉêë=íç=ÑêÉÉäó=ÅêÉ~íÉ=~åÇ=ìéäç~Ç= ÅçåíÉåí=çåíç=tÉÄ=OKM=ëáíÉë=áë=áåÅêÉ~ëáåÖäó=~ííê~ÅíáîÉ=íç=~íí~ÅâÉêë=ïÜç ìéäç~Ç=ã~äáÅáçìë=~åÇ=çÄàÉÅíáçå~ÄäÉ=ÅçåíÉåí=çåíç=êÉéìí~ÄäÉ=tÉÄ=OKM=ëáíÉë= äáâÉ=_äçÖëéçí=EÜííéWLLÄäçÖëéçíKÅçãFI=tçêÇmêÉëë=EÜííéWLLïçêÇéêÉëëKçêÖFI=çê= çåíç=äÉÖáíáã~íÉ=ëáíÉë=íÜ~í=Ü~îÉ=ÄÉÉå=ÅçãéêçãáëÉÇK=qÜÉ=~Äáäáíó=çÑ=~=tÉÄ=ëÉJ Åìêáíó=Ö~íÉï~ó=íç=ÇÉíÉÅí=ã~äáÅáçìë=ÅçåíÉåí=~ÅÅìê~íÉäó=çå=Çóå~ãáÅ=tÉÄ=ëáíÉë= äáâÉ=tÉÄ=OKM=êÉäáÉë=ÖêÉ~íäó=çå=êÉ~äJíáãÉ=~å~äóëáë=çÑ=ÅçåíÉåíI=~åÇ=åçí=àìëí=çå= íÜÉ=êÉéìí~íáçå=çÑ=íÜÉ=tÉÄ=ëáíÉëK qÉëíë=ìëáåÖ=VSR=äáîÉ=roië=Ñêçã=éçéìä~ê=tÉÄ=OKM=ëáíÉë=äáâÉ=ÄäçÖëéçíKÅçã= ~åÇ=ïçêÇéêÉëëKÅçã=íÜ~í=ïÉêÉ=ÜçëíáåÖ=ã~äáÅáçìë=çê=çÄàÉÅíáçå~ÄäÉ=ÅçåíÉåí= êÉîÉ~äÉÇ=tÉÄëÉåëÉÛë=éçïÉêÑìä=êÉ~äJíáãÉ=ÅçåíÉåí=~å~äóëáë=Å~é~ÄáäáíóK=tÉÄJ ëÉåëÉ=ÄäçÅâÉÇ=~äãçëí=VVB=çÑ=íÜÉ=ã~äáÅáçìë=roië=ïÜáäÉ=ÅçãéÉíáåÖ=éêçÇìÅíë= ÄäçÅâÉÇ=ÄÉíïÉÉå=äÉëë=íÜ~å=OB=íç=~Äçìí=QMBK=EpÉÉ=cáÖìêÉ=OKF= qÜáë=ÜìÖÉ=ëéêÉ~Ç=çÑ=êÉëìäíë=Ñêçã=éêçÇìÅíë=ìëáåÖ=tÉÄ=oÉéìí~íáçå=ëÉêîáÅÉë= ~åÇ=íê~Çáíáçå~ä=roi=Ç~í~Ä~ëÉë=ëÜçïë=íÜ~í=äÉÖ~Åó=ãÉíÜçÇë=çÑ=roi=ÑáäíÉêáåÖ= ~êÉ=åçí=éçïÉêÑìä=ÉåçìÖÜ=çå=íÜÉáê=çïåI=ìåäÉëë=áíÛë=~ìÖãÉåíÉÇ=Äó=ÉÑÑÉÅíáîÉ= ìëÉ=çÑ=çíÜÉê=íÉÅÜåçäçÖáÉë=äáâÉ=çåJéêÉãáëÉëI=êÉ~äJíáãÉ=ÅçåíÉåí=~å~äóëáëI=ÜÉìJ êáëíáÅëI=ÉíÅK qÉëíë=~äëç=ëÜçïÉÇ=íÜ~í=tÉÄëÉåëÉ=Ü~Ç=íÜÉ=ïáÇÉëí=roi=ÅçîÉê~ÖÉ=çÑ=íÜÉ= Úâåçïå=tÉÄÛ=çìí=çÑ=íÜÉ=éêçÇìÅíë=íÉëíÉÇI=~ë=ÉîáÇÉåÅÉÇ=Äó=íÜÉ=êÉëìäíë=Ñêçã= íÜÉ=^äÉñ~=NMMIMMM=roi=Åä~ëëáÑáÅ~íáçå=íÉëíK=qÜáë=íÉëí=ëÜçïÉÇ=íÜ~í=íÜÉ=tÉÄJ ëÉåëÉ=Åä~ëëáÑáÉÇ=VTKNB=çÑ=íÜÉ=íçé=NMMIMMM=ãçëí=îáëáíÉÇ=tÉÄ=ëáíÉë=çå=íÜÉ= fåíÉêåÉí=E~ë=äáëíÉÇ=Äó=íÜÉ=^äÉñ~=NMMIMMM=roi=äáëíFI=ïÜáäÉ=ÅçãéÉíáåÖ=îÉåÇçêë= Åä~ëëáÑáÉÇ=ÄÉíïÉÉå=VOB=íç=VQBK=EpÉÉ=cáÖìêÉ=PKF= «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========T
  • 8. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Web 2.0 Detection Accuracy Effectiveness 98.9 Percent of detection accuracy (%) NMM TR RM 40.2 OR 11.1 11 1.8 M Websense BlueCoat Cisco Secure Trend Computing Micro Note: All URLs tested were sourced from the Websense ThreatSeeker network, within six to 24 hours of the testing window. Source: The Tolly Group, November 2008 Figure 2 qÉëíë=~äëç=ëÜçïÉÇ=tÉÄëÉåëÉÛë=ëìéÉêáçê=~Äáäáíó=íç=Åä~ëëáÑó=íÜÉ=Úìåâåçïå= tÉÄÛ=EêÉÑÉêêÉÇ=íç=~ë=íÜÉ=ÚiçåÖ=q~áäÛ=çÑ=íÜÉ=fåíÉêåÉíF=íóéáÅ~ääó=ÅçåëáëíáåÖ=çÑ= àìåâI=éÉêëçå~ä=çê=ëÅ~ã=tÉÄ=ëáíÉëI=çê=íÜÉ=ãáääáçåë=çÑ=åÉï=tÉÄ=ëáíÉë=ÅêÉ~íÉÇ= ÉîÉêó=Ç~óK=mêçÇìÅíë=ëçäÉäó=êÉäóáåÖ=çå=tÉÄ=êÉéìí~íáçåJÄ~ëÉÇ=Åä~ëëáÑáÅ~íáçå=çê= íê~Çáíáçå~ä=roi=Ç~í~Ä~ëÉë=Å~ååçí=~ÇÉèì~íÉäó=âÉÉé=ìé=ïáíÜ=íÜÉ=ÇÉã~åÇ=íç= Åä~ëëáÑó=tÉÄ=ëáíÉë=áå=íÜÉ=içåÖ=q~áä=çÑ=íÜÉ=fåíÉêåÉíK=tÉÄëÉåëÉ=ÇÉãçåëíê~íÉÇ= áíë=ëíêÉåÖíÜ=áå=êÉ~äJíáãÉ=Åä~ëëáÑáÅ~íáçå=çÑ=tÉÄ=ÅçåíÉåí=Äó=Å~íÉÖçêáòáåÖ=VVKVB= çÑ=íÜÉ=NUIRUM=äáîÉ=roië=ëçìêÅÉÇ=Ñêçã=íÜÉ=içåÖ=q~áäK=få=Åçåíê~ëíI=íÜÉ=ÅçãJ éÉíáåÖ=îÉåÇçêë=Åä~ëëáÑáÉÇ=ÄÉíïÉÉå=PSB=~åÇ=TMBK få=íÉëíë=ÑçÅìëáåÖ=çå=ÇÉíÉÅíáåÖ=~åÇ=ÄäçÅâáåÖ=roië=äÉ~ÇáåÖ=íç=mÜáëÜáåÖ=~åÇLçê= mêçñó=~îçáÇ~åÅÉ=tÉÄ=ëáíÉëI=tÉÄëÉåëÉ=çåÅÉ=~Ö~áå=ÇÉíÉÅíÉÇ=VUKPB=çÑ=íÜÉ= OIPMO=äáîÉ=roiëI=ïÜáäÉ=íÜÉ=ÅçãéÉíáåÖ=îÉåÇçêë=ÇÉíÉÅíÉÇ=ÄÉíïÉÉå=TMB=~åÇ= UUBK=páãáä~êäóI=áå=íÉëíë=ïáíÜ=PTV=roië=Åçåí~áåáåÖ=Äáå~êó=Éñéäçáíë=çê=ÅçãJ éêçãáëÉ=ÅçÇÉI=tÉÄëÉåëÉ=ÄäçÅâÉÇ=VVB=çÑ=roiëI=îÉêëìë=çíÜÉê=îÉåÇçêë=ïÜç= ÄäçÅâÉÇ=ÄÉíïÉÉå=RPB=íç=VNBK=^äëçI=çå=íÉëíë=ïáíÜ=USR=roië=ÜçëíáåÖ=j~äJ «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========U
  • 9. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P ï~êÉI=tÉÄëÉåëÉ=ÄäçÅâÉÇ=VUKQB=ïÜáäÉ=çíÜÉê=îÉåÇçêë=ÄäçÅâÉÇ=ÄÉíïÉÉå=SRB= ~åÇ=~êçìåÇ=VSBK=EpÉÉ=cáÖìêÉ=PKF Web 2.0 Accuracy and Coverage Test Results Source: The Tolly Group, November 2008 Figure 3 Manageability and Scalability oÉÇìÅÉÇ=~Çãáåáëíê~íáçå=çîÉêÜÉ~Ç=áë=çåÉ=çÑ=íÜÉ=íçé=ÅçåÅÉêåë=çÑ=ëÉÅìêáíó= ~Çãáåáëíê~íçêëK=qÜÉ=êÉéçêí=ÉãéÜ~ëáòÉë=íÜÉ=áãéçêí~åÅÉ=çÑ=~å=ÉÑÑÉÅíáîÉ=í~ëâJ çêáÉåíÉÇ=Öê~éÜáÅ~ä=ìëÉê=áåíÉêÑ~ÅÉ=EdrfF=~åÇ=ÅçãéêÉÜÉåëáîÉ=ã~å~ÖÉãÉåí= áåíÉêÑ~ÅÉ=íç=äçïÉê=íçí~ä=Åçëí=çÑ=çïåÉêëÜáéK qçääó=dêçìé=Ü~åÇëJçå=íÉëíáåÖ=ëÜçïë=íÜ~í=tÉÄëÉåëÉ=êÉÅÉáîÉ=~=ã~ñáãìã= ëÅçêÉ=çÑ= QÒ=Ñçê=ÑáîÉ=çÑ=íÜÉ=ÉáÖÜí=ã~å~ÖÉãÉåí=áåíÉêÑ~ÅÉ=ÅêáíÉêá~=êÉîáÉïÉÇ=Äó= ÉåÖáåÉÉêëK=låäó=çåÉ=çíÜÉê=éêçÇìÅí=Ü~Ç=íïç= QëÒ=Ñçê=áíë=ã~å~ÖÉãÉåí=áåíÉêJ Ñ~ÅÉK=lÑ=é~êíáÅìä~ê=åçíÉ=ï~ë=tÉÄëÉåëÉÛë=êÉ~äJíáãÉ=ÉîÉåí=Ç~ëÜÄç~êÇ=ïáíÜ= ~Åíáçå~ÄäÉ=~äÉêíë=ïÜáÅÜ=Éå~ÄäÉë=ê~éáÇ=ÉîÉåí=áÇÉåíáÑáÅ~íáçå=~åÇ=éêç~ÅíáîÉ=áåJ «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========V
  • 10. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P ÅáÇÉåí=êÉëéçåëÉK=tÉÄëÉåëÉ=~äëç=ï~ë=Öê~ÇÉÇ=~= QÒ=Ñçê=áíë=Åìëíçãáò~ÄäÉ= Ç~ëÜÄç~êÇ=îáÉïëK=tÉÄëÉåëÉ=~äëç=É~êåÉÇ= QëÒ=Ñçê=Öê~åìä~ê=êçäÉJÄ~ëÉÇ= Management and Scalability Scoring Source: The Tolly Group, November 2008 Figure 4 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NM
  • 11. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P ~Çãáåáëíê~íáçåI=~ìíçã~íÉÇ=~äÉêíáåÖI=~Çî~åÅÉÇ=ÜÉäéI=ÅÉåíê~äáòÉÇ=ã~å~ÖÉJ ãÉåí=çÑ=ãìäíáéäÉ=~ééäá~åÅÉë=~åÇ=å~íáîÉ=äç~Ç=Ä~ä~åÅáåÖL~ÅíáîÉ=ÅäìëíÉêáåÖK=få= íçí~äI=áí=É~êåÉÇ=QM=éçáåíëI=îÉêëìë=PN=Ñçê=íÜÉ=åÉ~êÉëí=ÅçãéÉíáíçêK=EpÉÉ=cáÖìêÉ= QKF= Policy Interface ^åó=éçäáÅó=áåíÉêÑ~ÅÉë=ëÜçìäÇ=ÄÉ=É~ëó=íç=ìëÉI=áåíìáíáîÉ=Ñçê=åçåJíÉÅÜåáÅ~ä=éÉêJ ëçååÉä=~åÇ=ìëÉêJÑêáÉåÇäóK=eÉêÉI=íççI=tÉÄëÉåëÉ=êÉÅÉáîÉ= QëÒ=Ñçê=Ñçìê=çÑ=íÜÉ= ëÉîÉå=ÅêáíÉêá~=êÉîáÉïÉÇ=~åÇ=ï~ë=íÜÉ=çåäó=ëÉÅìêÉ=Ö~íÉï~ó=îÉåÇçê=íç=êÉÅÉáîÉ= íÜÉ=ÜáÖÜÉëí=ã~êâ=éçëëáÄäÉ=Ñçê=éçäáÅó=áåíÉêÑ~ÅÉëK tÉÄëÉåëÉ=êÉÅÉáîÉÇ=íÜÉ=ÜáÖÜ=Öê~ÇÉë=Ñçê=íÜÉ=~Äáäáíó=íç=çÑÑÉê=~=ëáåÖäÉ=é~ÖÉ= îáÉï=çÑ=éçäáÅó=ëí~íÉãÉåíëI=êÉìë~ÄäÉ=éçäáÅó=çÄàÉÅíëI=íÜÉ=~Äáäáíó=íç=ãçÇáÑó=áåJ ÜÉêáíÉÇ=éçäáÅáÉë=~åÇ=Ñçê=êÉéçêíáåÖ=Äó=éçäáÅó=íóéÉI=ïÜáÅÜ=áë=ÉëëÉåíá~ä=áå=ÇÉíÉêJ ãáåáåÖ=Åçãéäá~åÅÉ=íç=~=éçäáÅóK=lîÉê~ääI=tÉÄëÉåëÉ=É~êåÉÇ=~=ëÅçêÉ=çÑ=OOI= îÉêëìë=áíë=åÉñí=åÉ~êÉëí=êáî~ä=ïáíÜ=~=ëÅçêÉ=çÑ=NQK=EpÉÉ=cáÖìêÉ=RKF «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NN
  • 12. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Policy Interface Scoring Source: The Tolly Group, November 2008 Figure 5 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NO
  • 13. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Reporting Capabilities oÉéçêíáåÖ=Å~é~ÄáäáíáÉë=Ü~îÉ=ÉãÉêÖÉÇ=~ë=~å=ÉëëÉåíá~ä=ÅçãéçåÉåí=çÑ=pÉÅìêÉ= tÉÄ=Ö~íÉï~óë=ÄÉÅ~ìëÉ=íÜÉó=ÄêáÇÖÉ=íÜÉ=íÉÅÜåáÅ~ä=ïçêäÇ=ïáíÜ=íÜÉ=ÄìëáåÉëë= ëáÇÉ=çÑ=íÜÉ=Åçãé~åóK=_ìëáåÉëë=ìëÉêë=ÇçåÛí=Ü~îÉ=íáãÉ=íç=ï~ÇÉ=íÜêçìÖÜ=ÖçÄë= çÑ=íÉÅÜåáÅ~ä=Ç~í~I=Äìí=áåëíÉ~Ç=ï~åí=ëìãã~êó=áåÑç=Ü~êîÉëíÉÇ=~åÇ=éêÉëÉåíÉÇ= áå=~å=É~ëó=íç=Ñçääçï=Ñçêã~íK= tÉÄëÉåëÉ=êÉÅÉáîÉ=íÜÉ=ã~ñáãìã=ëÅçêÉ=çÑ= QÒ=áå=ÉáÖÜí=çÑ=åáåÉ=~î~áä~ÄäÉ= Å~íÉÖçêáÉëI=ïÜáäÉ=êáî~ä=éêçÇìÅíë=ëÅçêÉÇ=~=N=çê=O=áå=ãçëí=Å~íÉÖçêáÉëK tÉÄëÉåëÉ=É~êåÉÇ=~=ëÅçêÉ=çÑ=PRI=ïÜáäÉ=íÜÉ=åÉñí=ÅçãéÉíáåÖ=éêçÇìÅí= êÉÅÉáîÉÇ=~=OOK=tÉÄëÉåëÉ=êÉÅÉáîÉÇ=ÜáÖÜ=Öê~ÇÉë=Ñçê=íÜÉ=äÉîÉä=çÑ=ÄìëáåÉëë= çêáÉåíÉÇ=êÉéçêíë=çÑÑÉêÉÇI=íÜÉ=èìáÅâ=~ÅÅÉëë=íççäë=~î~áä~ÄäÉ=íç=ÖÉí=~í=Ç~í~K=^ÇJ Çáíáçå~ääóI=êÉ~äJíáãÉ=êÉéçêíë=~åÇ=ÑçêÉåëáÅ=êÉéçêíë=~êÉ=~î~áä~ÄäÉ=EpÉÉ=cáÖìêÉ= SKF «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NP
  • 14. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Reporting Scores Source: The Tolly Group, November 2008 Figure 6 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NQ
  • 15. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P URL Filtering qÜÉ=~Äáäáíó=íç=Åçåíêçä=~åÇ=ãçåáíçê=tÉÄ=ìë~ÖÉ=Äó=ÉãéäçóÉÉë=áë=ÄÉÅçãáåÖ=~= åÉÅÉëëáíó=Ñçê=Åçãé~åáÉëK=qÜÉ=~Äáäáíó=íç=ÉåÑçêÅÉ=Åçêéçê~íÉ=éçäáÅó=åçí=àìëí= ïÜáäÉ=íÜÉ=ÉãéäçóÉÉë=~êÉ=çå=éêÉãáëÉëI=Äìí=~äëç=ïÜáäÉ=çÑÑJéêÉãáëÉë=ÄÉÅçãÉë= î~äì~ÄäÉ=~ë=ÉãéäçóÉÉë=~êÉ=ÄÉÅçãáåÖ=áåÅêÉ~ëáåÖäó=ãçÄáäÉK tÉÄëÉåëÉ=çåÅÉ=~Ö~áå=çÑÑÉêÉÇ=éçïÉêÑìä=~åÇ=ÑäÉñáÄäÉ=íççäë=íç=Öê~åìä~êäó=ÅçåJ íêçä=íÜÉ=tÉÄ=~ÅÅÉëë=çÑ=ìëÉêë=ÄçíÜ=çå=~åÇ=çÑÑ=íÜÉ=éêÉãáëÉëX=~åÇ=ëÅçêÉÇ=~= ã~ñáãìã=éçëëáÄäÉ=NO=éçáåíë=~Åêçëë=íÜêÉÉ=~êÉ~ë=Éî~äì~íÉÇK=EpÉÉ=cáÖìêÉ=TKF= qÜÉ=åÉñí=ÅäçëÉëí=ÅçãéÉíáíçê=éêçÇìÅí=ëÅçêÉÇ=~=V=ïáíÜ=íÜÉ=êÉëí=ëÅçêáåÖ=Q=É~ÅÜK URL Filtering Feature Scoring Source: The Tolly Group, November 2008 Figure 7 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NR
  • 16. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Malware Filtering tÜáäÉ=roi=ÑáäíÉêáåÖ=áë=~=ëí~éäÉ=çÑ=~åó=ëÉÅìêÉ=tÉÄ=Ö~íÉï~óI=ã~äï~êÉ=ÑáäíÉêáåÖ= áë=Ñ~ëí=Å~íÅÜáåÖ=çå=~ë=~=ÅêáíáÅ~ä=ÑìåÅíáçåK=sáêìë=ÇÉíÉÅíáçå=~åÇ= êÉãçî~ä=áå=Ö~íÉï~óë=áë=ÅêáíáÅ~ä=~ë=ãçêÉ=ã~äï~êÉ=ãçîÉë=íç=~=tÉÄ=ÇáëíêáÄìJ íáçå=ãÉíÜçÇ=~åÇ=ÉåÇéçáåí=éêçíÉÅíáçå=ëíêìÖÖäÉë=íç=âÉÉé=é~ÅÉ=ïáíÜ=íÜÉ=îçäìãÉ= çÑ=íÜêÉ~íëK= eÉêÉI=qÜÉ=qçääó=dêçìé=ÉåÖáåÉÉêë=ÅçåÇìÅíÉÇ=~=Ü~åÇëJçå=íÉëí=çÑ=ÅÉêí~áå=ÑÉ~J íìêÉëI=ïÜáäÉ=~ëëáÖåáåÖ=ëìÄàÉÅíáîÉ=ëÅçêÉë=íç=íÜÉ=éêçÇìÅíëÛ=~êÅÜáíÉÅíìêÉ=~åÇ= ÉîÉåí=~äÉêíë=Å~é~ÄáäáíáÉëK tÉÄëÉåëÉ=~ÅÜáÉîÉÇ=~=VUKQB=ëÅçêÉ=Ñçê=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=ã~äï~êÉ=Ñçê= USR=ëáíÉë=ÜçëíáåÖ=ã~äáÅáçìë=ÑáäÉëK=líÜÉê=îÉåÇçêë=ê~åÖÉÇ=Ñêçã=SRB=íç=VSB= ã~äï~êÉ=ÇÉíÉÅíáçå=~ÅÅìê~ÅóK=EpÉÉ=cáÖìêÉ=UKF tÉÄëÉåëÉ=~äëç=ï~ë=ëìÅÅÉëëÑìä=~í=ÇÉíÉÅíáåÖ=~åÇ=~îçáÇáåÖ=éÜáëÜáåÖ=~åÇ= éêçñó=ëáíÉë=VUKPB=çÑ=íÜÉ=íáãÉI=îÉêëìë=TMB=íç=UUB=Ñçê=çíÜÉê=éêçÇìÅíë=íÉëíÉÇK= ^åÇ=tÉÄëÉåëÉ=ï~ë=ëìÅÅÉëëÑìä=VVB=çÑ=íÜÉ=íáãÉ=~í=ÇÉíÉÅíáåÖ=~åÇ=~îçáÇáåÖ= ëáíÉë=ïáíÜ=ã~äáÅáçìë=Éñéäçáíë=çê=ÇêáîÉJÄó=ÑáäÉ=áåëí~ääëK=líÜÉê=éêçÇìÅíë=ïÉêÉ= ëìÅÅÉëëÑìä=çåäó=RQB=íç=VNB=çÑ=íÜÉ=íáãÉK tÉÄëÉåëÉ=ï~ë=~äëç=íÜÉ=çåäó=îÉåÇçê=íç=êÉÅÉáîÉ=íÜÉ=ã~ñáãìã=ëÅçêÉ=çÑ= QÒ= Ñçê=áíë=ëçäìíáçå=~êÅÜáíÉÅíìêÉ=ÇìÉ=íç=áíë=ÜóÄêáÇ=~êÅÜáíÉÅíìêÉK=qÜáë=áë=Ä~ëÉÇ=çå= d~êíåÉêÛë=ÇáëÅìëëáçå=çÑ=íÜÉ=ÄÉåÉÑáíë=çÑ=~= ÜóÄêáÇÒ=~êÅÜáíÉÅíìêÉ=íÜ~í=ìíáäáòÉë= éêçñó=íÉÅÜåçäçÖó=Ñçê=Öê~åìä~êáíó=~åÇ=ÇÉí~áäÉÇ=Åçåíêçä=ÅçìéäÉÇ=ïáíÜ=åÉíïçêâ= ãçåáíçêáåÖ=Å~é~ÄáäáíáÉë=Ñçê=ëÅ~ä~Äáäáíó=~åÇ=Äêç~Ç=ÅçîÉê~ÖÉK «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NS
  • 17. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Malware Detection Scores Source: The Tolly Group, November 2008 Figure 8 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NT
  • 18. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Application Control bãÄÉÇÇÉÇ=~ééäáÅ~íáçåJäÉîÉä=Åçåíêçäë=Éå~ÄäÉ=ëÉÅìêáíó=~Çãáåáëíê~íçêë=íç=ÖçîJ Éêå=íÜÉ=~Ççéíáçå=~åÇ=ìë~ÖÉ=çÑ=tÉÄJÄ~ëÉÇ=~ééäáÅ~íáçåë=ëìÅÜ=~ë=fjI=pâóéÉI= mOmI=~åÇ=ãçêÉK=qçääó=dêçìé=ÉåÖáåÉÉêë=~ï~êÇÉÇ=íÜÉ=ã~ñáãìã=ëÅçêÉ=çÑ= QÒ= íç=íÜÉ=tÉÄëÉåëÉ=éêçÇìÅí=áå=Ñçìê=çÑ=íÜÉ=ÑáîÉ=^ééäáÅ~íáçå=`çåíêçä=Å~íÉÖçêáÉë= Éñ~ãáåÉÇK=EpÉÉ=cáÖìêÉ=VKF= tÉÄëÉåëÉ=É~êåÉÇ=NV=çìí=çÑ=~=éçëëáÄäÉ=OM=éçáåíëI=ïáíÜ=íÜÉ=åÉñíJåÉ~êÉëí= ÅçãéÉíáíçê=ÅçãáåÖ=áå=ïáíÜ=~=ëÅçêÉ=çÑ=NNK=tÉÄëÉåëÉ=É~êåÉÇ=ÜáÖÜ=Öê~ÇÉë=Ñçê= áíë=~Äáäáíó=íç=Å~íÉÖçêáòÉ=~ééäáÅ~íáçåëI=ïÜáÅÜ=É~ëÉë=íÜÉ=ÅêÉ~íáçå=~åÇ=~ÇãáåáJ ëíê~íáçå=çÑ=éçäáÅáÉëK=fí=~äëç=É~êåÉÇ=~=ã~ñáãìã=ëÅçêÉ=Ñçê=éçäáÅó=ÉåÑçêÅÉãÉåí= Äó=Å~íÉÖçêóI=ïÜáÅÜ=êÉÇìÅÉë=íÜÉ=ïçêâäç~Ç=~åÇ=íÜÉ=åìãÄÉê=çÑ=ÉêêçêëK=^åÇ= tÉÄëÉåëÉ=É~êåÉÇ=~=ã~ñáãìã=ëÅçêÉ=Ñçê=Åä~ëëáÑóáåÖ=mOm=~ë=~=ÇáëíáåÅíäó=ÇáÑJ ÑÉêÉåí=~ééäáÅ~íáçå=íÜ~å=çíÜÉêëI=ëáåÅÉ=áí=éçëÉë==ÖêÉ~íÉê=êáëâë=ÇìÉ=íç=ÑáäÉ=íê~åëJ ÑÉêëK= «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NU
  • 19. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Application Control Scores Source: The Tolly Group, November 2008 Figure 9 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NV
  • 20. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Data Loss Protection tÉÄëÉåëÉ=ëçäìíáçå=ï~ë=íÜÉ=çåäó=éêçÇìÅí=íÉëíÉÇ=íç=É~êå=~=ã~ñáãìã=ëÅçêÉ=áå= ÉîÉêó=Å~íÉÖçêó=Ñçê=Ç~í~=äçëë=éêçíÉÅíáçåI=Ñçê=~=íçí~ä=çÑ=PO=éçáåíëK=qÜÉ=åÉñí= åÉ~êÉëí=îÉåÇçê=É~êåÉÇ=NQ=éçáåíëK=EpÉÉ=cáÖìêÉ=NMKF ^ë=íÜÉ=tÉÄ=ÄÉÅçãÉë=ãçêÉ=áåíÉê~ÅíáîÉ=Äó=å~íìêÉI=çêÖ~åáò~íáçåë=~êÉ=ÅçåJ ÅÉêåÉÇ=~Äçìí=íÜÉ=êáëâ=Ñçê=íÜÉ=äçëë=çÑ=ëÉåëáíáîÉ=Ç~í~K=pÉÅìêÉ=tÉÄ=Ö~íÉï~óë= ÅçãÄ~í=íÜáë=Äó=çÑÑÉêáåÖ=íÜÉ=~Äáäáíó=íç=ÇÉíÉÅí=åçåJÅçãéäá~åÅÉ=íç=Åçêéçê~íÉ= ~åÇ=êÉÖìä~íçêó=éçäáÅáÉëK=táíÜ=Ñìää=áåíÉÖê~íáçå=ïáíÜ=íÜÉ=tÉÄëÉåëÉ=a~í~=pÉÅìJ êáíó=pçäìíáçå=çÑÑÉêÉÇI=tÉÄëÉåëÉ=ï~ë=íÜÉ=çåäó=îÉåÇçê=íç=çÑÑÉê=~=éêÉÇÉíÉêJ ãáåÉÇ=åìãÄÉê=çÑ=íÉãéä~íÉë=íç=Öì~êÇ=~Ö~áåëí=åçåJÅçãéäá~åÅÉI=Ñçê=íÜáåÖë= ëìÅÜ=~ë=ÅêÉÇáí=Å~êÇë=çê=ëçÅá~ä=ëÉÅìêáíó=åìãÄÉêëK==tÉÄëÉåëÉ=~äëç=ï~ë=ÅáíÉÇ= Ñçê=áíë=ëíêÉåÖíÜ=~í=ÇÉÉé=ÅçåíÉåí=áåëéÉÅíáçåI=ïÜÉêÉ=çíÜÉê=éêçÇìÅíë=Çç=åçí= Ü~îÉ=íÜÉ=Å~é~Äáäáíó=çê=~êÉ=ïÉ~â=~í=áíK e~åÇëJçå=Éñ~ãáå~íáçå=çÑ=íÜÉ=éêçÇìÅíë=ëÜçï=íÜ~í=ëçãÉ=çÑÑÉêáåÖëI=ëìÅÜ=~ë= _äìÉ`ç~í=mêçñó=pdONM=~åÇ=qêÉåÇ=jáÅêç=fåíÉêëÅ~å=tÉÄ=pÉÅìêáíó=pìáíÉ=Çç= åçí=çÑÑÉê=~åó=Ç~í~=äçëë=éêÉîÉåíáçå=Ñ~ÅáäáíáÉë=çê=áåíÉÖê~íáçå=çéíáçåëK «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OM
  • 21. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Data Loss Prevention Scores Source: The Tolly Group, November 2008 Figure 10 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========ON
  • 22. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Network Implementation tÉÄëÉåëÉ=ëÅçêÉÇ=NN=çìí=çÑ=~=éçëëáÄäÉ=OM=éçáåíëI=ÑçääçïáåÖ=pÉÅìêÉ=tÉÄ= Ñêçã=pÉÅìêÉ=`çãéìíáåÖ=ïÜáÅÜ=ëÅçêÉÇ=NQI=~åÇ=fåíÉêpÅ~å=tÉÄ=pÉÅìêáíó= pìáíÉ=Ñêçã=qêÉåÇ=jáÅêç=ïÜáÅÜ=ëÅçêÉÇ=NOK=EpÉÉ=cáÖìêÉ=NNKF qçÇ~óÛë=çêÖ~åáò~íáçåë=êÉèìáêÉ=~=ÑäÉñáÄäÉ=ëçäìíáçå=íÜ~í=Å~å=áåíÉÖê~íÉ=ïáíÜ=íÜÉ= ïáÇÉ=ê~åÖÉ=çÑ=åÉíïçêâ=íçéçäçÖáÉë=ÅìêêÉåíäó=áå=ìëÉK=tÉÄëÉåëÉ=çÑÑÉêë=ÄçíÜ= çåJéêÉãáëÉë=~åÇ=Ñìääó=ÜçëíÉÇ=tÉÄ=ëÉÅìêáíó=çéíáçåë=éêçîáÇáåÖ=ÅìëíçãÉê=ïáíÜ= ãçêÉ=ÅÜçáÅÉë=ïÜÉå=ÇÉëáÖåáåÖ=~=ÇáëíêáÄìíÉÇ=ëçäìíáçåK=pìééçêí=Ñçê=~=Äêç~Ç= ê~åÖÉ=çÑ=Ü~êÇï~êÉ=~åÇ=ëçÑíï~êÉ=éä~íÑçêãë=Éå~ÄäÉë=É~ëó=áåíÉÖê~íáçå=áåíç= ãçëí=ÅìëíçãÉê=åÉíïçêâëK=e~êÇï~êÉ=~ééäá~åÅÉë=~êÉ=çÑíÉå=ìëÉÇ=Ñçê=ëã~ääÉê= áåëí~ää~íáçåë=íÜ~í=ä~Åâ=ÉñéÉêáÉåÅÉÇ=áãéäÉãÉåí~íáçå=ëí~ÑÑI=Äìí=~êÉ=äÉëë=çÑíÉå= ìëÉÇ=áå=ÉåíÉêéêáëÉ=åÉíïçêâë=Ä~ëÉÇ=çå=íÜÉ=ÜáÖÜÉê=ÅçëíëK «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OO
  • 23. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Delivery and Network Implementation Feature Scores Source: The Tolly Group, November 2008 Figure 11 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OP
  • 24. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Integration with Other Solutions fåíÉÖê~íáçå=ïáíÜ=çíÜÉê=éêçÇìÅíëI=ëìÅÜ=~ë=äç~Ç=Ä~ä~åÅÉêëI=éêçñáÉëI=bJã~áä=~åÇ= çíÜÉê=ëçäìíáçå=ã~ó=åçí=ÄÉ=ÅêáíáÅ~äI=Äìí=ã~ó=óáÉäÇ=ëìÑÑáÅáÉåí=ÄÉåÉÑáíë=íç=ï~êê~åí= íÜÉ=áåíÉÖê~íáçåK=tÜáäÉ=ãçëí=éêçÇìÅíë=íÉëíÉÇ=É~êåÉÇ=éççê=ëÅçêÉë=Ñçê=áåíÉÖê~J íáçåI=tÉÄëÉåëÉ=ÉñÅÉääÉÇ=áå=íÜÉ=~êÉ~=çÑ=ÑáêÉï~ääëI=~êÅÜáîáåÖ=~åÇ=aim=ëóëJ íÉãëK=EpÉÉ=cáÖìêÉ=NOKF «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OQ
  • 25. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Integration Scores Source: The Tolly Group, November 2008 Figure 12 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OR
  • 26. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Service and support pÉêîáÅÉ=~åÇ=ëìééçêí=çéíáçåë=~êÉ=~å=áãéçêí~åí=Ñ~Åíçê=íç=ÅçåëáÇÉê=ïÜÉå=ëÉJ äÉÅíáåÖ=~=ëçäìíáçåK=qÜÉ=èì~äáíó=çÑ=ëÉêîáÅÉ=çÑÑÉêáåÖë=Å~å=î~êó=ïáÇÉäó=~ãçåÖ= îÉåÇçêëK=_~ëÉÇ=çå=íÜÉ=ëÅçéÉ=çÑ=íÜáë=êÉéçêíI=íÉëíáåÖ=çÑ=íÜÉ=ëÉêîáÅÉ=çéíáçåë= çÑÑÉêÉÇ=Äó=íÜÉ=îÉåÇçêë=ï~ë=åçí=éÉêÑçêãÉÇI=ëç=~=èì~äáí~íáîÉ=ê~íáåÖ=çÑ=íÜÉ= îÉåÇçê=ëÉêîáÅÉë=Ü~ë=åçí=ÄÉÉå=éêçîáÇÉÇK=qÜÉ=çÑÑÉêáåÖë=Ñêçã=É~ÅÜ=îÉåÇçê= Ü~îÉ=ÄÉÉå=ÉåìãÉê~íÉÇ=íç=áåÇáÅ~íÉ=áÑ=íÜÉó=éêçîáÇÉ=íÜÉ=íóéÉë=çÑ=ëìééçêí=çéJ íáçåë=áåÇáÅ~íÉÇI=ëç=~=ÜáÖÜÉê=ëÅçêÉ=áåÇáÅ~íÉë=~=Äêç~ÇÉê=ê~åÖÉ=çÑ=çÑÑÉêáåÖëI=Äìí= åçí=åÉÅÉëë~êáäó=~=ëìéÉêáçê=çÑÑÉêáåÖK=EpÉÉ=cáÖìêÉ=NPKF «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OS
  • 27. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Service and Support Scores Source: The Tolly Group, November 2008 Figure 13 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OT
  • 28. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Test Methodology Alexa 100,000 URL Filtering/ Classification Test qÜÉ=Ä~ëáÅ=roi=ÑáäíÉêáåÖ=Å~é~ÄáäáíáÉë=çÑ=É~ÅÜ=ëóëíÉã=ï~ë=íÉëíÉÇ=Äó=ëÅêáéíáåÖ= ëí~åÇ~êÇ=ïçêâëí~íáçåë=íç=~ÅÅÉëë=~=ë~ãéäÉ=ëÉí=çÑ=NMMIMMM=roië=Ñêçã=íÜÉ= ^äÉñ~=qçé=NMMIMMM=ãçëí=îáëáíÉÇ=tÉÄ=ëáíÉë=íÜêçìÖÜ=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëíK= ^ää=~î~áä~ÄäÉ=roi=Å~íÉÖçêáÉë=çÑ=Åä~ëëáÑáÅ~íáçå=çå=~=éêçÇìÅí=ïÉêÉ=Éå~ÄäÉÇ= ~åÇ=ÅçåÑáÖìêÉÇ=íç=ÄäçÅâ=~ÅÅÉëë=íç=~åó=roi=ã~íÅÜáåÖ=çåÉ=çÑ=íÜÉ=ÇÉÑáåÉÇ=ÑáäJ íÉêáåÖ=Å~íÉÖçêáÉëK=fÑ=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Å~íÉÖçêó=~î~áä~ÄäÉ=çå= íÜÉ=éêçÇìÅíI=íÜÉ=roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê= ~åó=~î~áä~ÄäÉ=Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ= ~å=~äÉêíK=qÜÉ=äçÖë=çÑ=É~ÅÜ=ÇÉîáÅÉ=ïÉêÉ=íÜÉå=ÅçêêÉä~íÉÇ=ïáíÜ=íÜÉ=ë~ãéäÉ=ëÉí= íç=~êêáîÉ=~í=íÜÉ=ÇÉîáÅÉÛë=ëÅçêÉK=^ë=äçåÖ=~ë=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=~å= ÉñáëíáåÖ=Å~íÉÖçêó=çÑ=Åä~ëëáÑáÅ~íáçå=çå=íÜÉ=éêçÇìÅíI=íÜÉ=êÉëìäí=ï~ë=ÅçåëáÇÉêÉÇ= î~äáÇK=qÜÉ=êÉëìäíáåÖ=ëÅçêÉ=Ü~ë=ÄÉÉå=êÉÅçêÇÉÇ=~ë=íÜÉ=éÉêÅÉåí~ÖÉ=çÑ=roië= ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=~Ö~áåëí=íÜÉ=ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ=êÉJ éÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK= “Long Tail” or Extended URL Classification Test cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=NUIRUM=roië=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄJ ëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ=roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië= ëìÄãáííÉÇ=íç=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâ=Ñçê=Åä~ëëáÑáÅ~íáçå=Äó=ÉåÇJìëÉêë= ~êçìåÇ=íÜÉ=ïçêäÇK=qÜÉ=roië=ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=íç=OQ= Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåÇçïI=íç=ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ= çå=íÜÉ=fåíÉêåÉíK=låÅÉ=~Ö~áåI=ÉåÖáåÉÉêë=Éå~ÄäÉÇ=~ää=~î~áä~ÄäÉ=roi=Åä~ëëáÑáÅ~J íáçå=Å~íÉÖçêáÉë=~î~áä~ÄäÉ=çå=éêçÇìÅíë=ìåÇÉê=íÉëíI=~åÇ=îÉêáÑáÉÇ=íÜÉ=äçÖë=çÑ= É~ÅÜ=ÇÉîáÅÉ=íç=çÄí~áå=íÜÉ=åìãÄÉê=çÑ=Åä~ëëáÑáÉÇ=~åÇ=åìãÄÉê=çÑ=ãáëëÉÇ=roiëK= = fÑ=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Éå~ÄäÉÇ=Å~íÉÖçêáÉë=çå=íÜÉ=éêçÇìÅíI= íÜÉ=roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Éå~ÄäÉÇ= Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ=~å=~äÉêíK=båÖáJ åÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=íÜÉ=éêçÇìÅí=~ë=íÜÉ=ê~íáç=çÑ= ~ää=roië=ëìÅÅÉëëÑìääó=Åä~ëëáÑáÉÇ=çìí=çÑ=íÜÉ=íçí~ä=roië=íêáÉÇK=qÜÉ=êÉëìäíáåÖ= «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OU
  • 29. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P ëÅçêÉ=Ü~ë=ÄÉÉå=êÉÅçêÇÉÇ=~ë=íÜÉ=éÉêÅÉåí~ÖÉ=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäJ íÉêÉÇ=~Ö~áåëí=íÜÉ=ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ=êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~íJ ~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK Phishing and/or Proxy Avoidance URL Detection Accuracy Test cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=OIPMO=roië=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄJ ëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ=roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië= ÇÉíÉÅíÉÇ=Äó=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâ=~êçìåÇ=íÜÉ=ïçêäÇ=~ë=roië=çÑ=tÉÄ= ëáíÉë=Åçåí~áåáåÖ=mÜáëÜáåÖ=Éñéäçáíë=çê=Ñ~Åáäáí~íÉÇ=mêçñó=^îçáÇ~åÅÉK= qÜÉ=roië=ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåJ ÇçïI=íç=ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ=çå=íÜÉ=fåíÉêåÉíK=låÅÉ= ~Ö~áåI=ÉåÖáåÉÉêë=Éå~ÄäÉÇ=~ää=roi=Åä~ëëáÑáÅ~íáçå=Å~íÉÖçêáÉë=êÉä~íÉÇ=íç=mÜáëÜJ áåÖ=~åÇ=mêçñó=^îçáÇ~åÅÉ=Å~íÉÖçêáÉë=~î~áä~ÄäÉ=çå=éêçÇìÅíë=ìåÇÉê=íÉëíI=~åÇ= îÉêáÑáÉÇ=íÜÉ=äçÖë=çÑ=É~ÅÜ=ÇÉîáÅÉ=íç=çÄí~áå=íÜÉ=åìãÄÉê=çÑ=Åä~ëëáÑáÉÇ=~åÇ=åìãJ ÄÉê=çÑ=ãáëëÉÇ=roiëK=fÑ=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Å~íÉÖçêáÉë= Éå~ÄäÉÇ=çå=íÜÉ=éêçÇìÅíI=íÜÉ=roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ= Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Éå~ÄäÉÇ=Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖJ ìêÉÇ=íç=ÖÉåÉê~íÉ=~å=~äÉêíK=båÖáåÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó= ~ë=íÜÉ=éÉêÅÉåí~ÖÉ=çÑ=roië=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=çìí=çÑ=íÜÉ= ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ=êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉJ ëìäíë=~îÉê~ÖÉÇK Binary Exploits and Compromises Detection Accuracy Test cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=PTV=roië=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄJ ëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ=roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië= ÇÉíÉÅíÉÇ=Äó=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâ=~êçìåÇ=íÜÉ=ïçêäÇ=~ë=roië=çÑ=tÉÄ= ëáíÉë=Åçåí~áåáåÖ=_áå~êó=Éñéäçáíë=çê=ÅçãéêçãáëÉëK= qÜÉ=roië=ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåJ ÇçïI=íç=ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ=çå=íÜÉ=fåíÉêåÉíK=låÅÉ= ~Ö~áåI=ÉåÖáåÉÉêë=Éå~ÄäÉÇ=~ää=roi=Åä~ëëáÑáÅ~íáçå=Å~íÉÖçêáÉë=êÉä~íÉÇ=íç=_áå~êó= Éñéäçáíë=~åÇ=ÅçãéêçãáëÉë=Å~íÉÖçêáÉë=~î~áä~ÄäÉ=çå=éêçÇìÅíë=ìåÇÉê=íÉëíK=fÑ=~= roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Å~íÉÖçêáÉë=Éå~ÄäÉÇ=çå=íÜÉ=éêçÇìÅíI=íÜÉ= «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OV
  • 30. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Éå~ÄäÉÇ= Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ=~å=~äÉêíK=båÖáJ åÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=íÜÉ=éêçÇìÅí=~ë=íÜÉ=éÉêÅÉåíJ ~ÖÉ=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=çìí=çÑ=íÜÉ=ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ= êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK= Malware-infected URL Detection Accuracy Test cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=USR=roië=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄJ ëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ=roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië= ÇÉíÉÅíÉÇ=Äó=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâ=~êçìåÇ=íÜÉ=ïçêäÇ=~ë=roië=çÑ=tÉÄ= ëáíÉë=Åçåí~áåáåÖ=ã~äï~êÉ=Eã~äáÅáçìë=ÅçÇÉ=çê=~ééäáÅ~íáçåëFK= qÜÉ=roië=ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåJ ÇçïI=íç=ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ=çå=íÜÉ=fåíÉêåÉíK=låÅÉ= ~Ö~áåI=ÉåÖáåÉÉêë=Éå~ÄäÉÇ=~ää=roi=Åä~ëëáÑáÅ~íáçå=Å~íÉÖçêáÉë=êÉä~íÉÇ=íç=ã~äJ ï~êÉ=_áå~êó=Éñéäçáíë=~åÇ=ÅçãéêçãáëÉë=Å~íÉÖçêáÉë=~î~áä~ÄäÉ=çå=éêçÇìÅíë= ìåÇÉê=íÉëíK=fÑ=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Å~íÉÖçêáÉë=Éå~ÄäÉÇ=çå= íÜÉ=éêçÇìÅíI=íÜÉ=roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê= ~åó=Éå~ÄäÉÇ=Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ= ~å=~äÉêíK=båÖáåÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=íÜÉ=éêçÇìÅí=~ë= íÜÉ=éÉêÅÉåí~ÖÉ=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=çìí=çÑ=íÜÉ=ë~ãéäÉ=ëÉíK= qÉëíë=ïÉêÉ=êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK= Web 2.0-Based Malicious URL Detection Accuracy Test cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=VSR=roië=çå=éçéìä~ê=tÉÄ=OKM=ëáíÉë= äáâÉ=ÄäçÖëéçíKÅçã=~åÇ=ïçêÇéêÉëëKçêÖ=Åçåí~áåáåÖ=ã~äáÅáçìë=ÅçÇÉI=çê=çÄàÉÅJ íáçå~ÄäÉ=ã~íÉêá~äI=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ= roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië=ÇÉíÉÅíÉÇ=Äó=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíJ ïçêâ=íç=ÄÉ=Åçåí~áåáåÖ=ã~äáÅáçìë=ÅçÇÉ=çê=çÄàÉÅíáçå~ÄäÉ=ã~íÉêá~äK=qÜÉ=roië= ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=íç=OQ=Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåÇçïI=íç= ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ=çå=íÜÉ=fåíÉêåÉíK= båÖáåÉÉêë=Éå~ÄäÉÇ=~ää=~î~áä~ÄäÉ=roi=Åä~ëëáÑáÅ~íáçå=Å~íÉÖçêáÉë=çå=éêçÇìÅíë= ìåÇÉê=íÉëíI=êÉä~íÉÇ=íç=ã~äáÅáçìëLÜ~êãÑìä=å~íìêÉI=çê=çÄàÉÅíáçå~ÄäÉ=ÅçåíÉåíK= «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PM
  • 31. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P qÜÉ=ëÉí=çÑ=roië=ï~ë=íÜÉå=~ÅÅÉëëÉÇ=~Åêçëë=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëíK=fÑ=~=roi= ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Å~íÉÖçêáÉë=Éå~ÄäÉÇ=çå=íÜÉ=éêçÇìÅíI=íÜÉ=roi= ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Éå~ÄäÉÇ=Å~íÉJ ÖçêóI=íÜÉ=éêçÇìÅíë=ìåÇÉê=íÉëí=ïÉêÉ=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ=~å=~äÉêíK=båÖáJ åÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=íÜÉ=éêçÇìÅí=~ë=íÜÉ=éÉêÅÉåíJ ~ÖÉ=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=çìí=çÑ=íÜÉ=ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ= êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK Criteria Evaluation by UI Inspection båÖáåÉÉêë=íÜÉå=éêçÅÉÉÇÉÇ=íç=Éî~äì~íÉ=íÜÉ=éêçÇìÅíë=ìåÇÉê=íÉëí=íç=ÇÉíÉêãáåÉ= íÜÉ=ÉÑÑÉÅíáîÉåÉëë=çÑ=íÜÉ=ìëÉê=áåíÉêÑ~ÅÉ=~åÇ=ÅçãéêÉÜÉåëáîÉåÉëë=çÑ=íÜÉ=ã~åJ ~ÖÉãÉåí=áåíÉêÑ~ÅÉK=qÜÉ=Éî~äì~íáçå=ï~ë=ÇçåÉ=Äó=áåëéÉÅíáåÖ=íÜÉ=ã~å~ÖÉJ ãÉåí=áåíÉêÑ~ÅÉ=çÑ=É~ÅÜ=éêçÇìÅí=ìåÇÉê=íÉëíI=~åÇ=~äëç=Äó=éÉêìëáåÖ=íÜÉ=éìÄäáÅäó= ~î~áä~ÄäÉ=ÇçÅìãÉåí~íáçå=Ñêçã=íÜÉ=îÉåÇçê=çÑ=íÜÉ=éêçÇìÅíK=cçê=É~ÅÜ=Å~íÉÖçêóI= qÜÉ=qçääó=dêçìé=ÉåÖáåÉÉêë=íÜÉå=~ëëáÖåÉÇ=~=ëìÄàÉÅíáîÉ=ëÅçêÉ=çå=~=ëÅ~äÉ=çÑ=N= EäÉ~ëí=ÉÑÑÉÅíáîÉF=íç=Q=Eãçëí=ÉÑÑÉÅíáîÉKF=aÉí~áäÉÇ=êÉëìäíë=ìåÇÉê=É~ÅÜ=Å~íÉÖçêó= ~êÉ=éêÉëÉåíÉÇ=áå=íÜÉ=ÑçääçïáåÖ=ëÉÅíáçåëK rë~Äáäáíó=ÅêáíÉêá~=ïÉêÉ=íÉëíÉÇ=Äó=ä~ìåÅÜáåÖ=íÜÉ=ã~å~ÖÉãÉåí=áåíÉêÑ~ÅÉ=~åÇ= çÄëÉêîáåÖ=íÜÉ=Å~é~ÄáäáíáÉë=çÑ=É~ÅÜ=ëóëíÉãK=qÜÉ=ëìÄàÉÅíáîÉ=ìë~ÄáäáíóI=ä~óçìí= ~åÇ=çîÉê~ää=ÉÑÑÉÅíáîÉåÉëë=çÑ=É~ÅÜ=ÑÉ~íìêÉ=Ü~ë=ÄÉÉå=~ëëáÖåÉÇ=~=î~äìÉ=ê~åÖJ áåÖ=Ñêçã=NI=äÉ~ëí=ÉÑÑÉÅíáîÉ=íç=QI=ãçëí=ÉÑÑÉÅíáîÉ=íç=áåÇáÅ~íÉ=íÜÉ=qçääó=ÉåÖáåÉÉêë= áãéêÉëëáçå=çÑ=É~ÅÜ=çÑ=íÜÉ=ìåáíë=íÉëíÉÇK= «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PN
  • 32. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Interaction with Competing Vendors Fair Testing Charter ™ ~åÇ=fåíÉê~Åíáçå=ïáíÜ=`çãéÉíáíçêë In accordance with The Tolly Group’s process, competitors were contacted and invited to participate in the test - to review the test plans, the product levels and configurations of their prod- ucts and to review and comment on their results. For more information on this process, please see: http://www.Tolly.com/FTC.aspx. Cisco Systems Inc., and Blue Coat Systems did not respond to the invitation. Trend Micro, Inc. and Secure Computing Corporation agreed to par- ticipate in the test, and were provided with a test plan. At the completion of testing, The Tolly Group provided Trend Micro and Secure Computing with the results of their products, and requested to provide comments. Secure Computing did not provide official comments on their results. Trend Micro representatives provided the following comments: Trend Micro's most current secure web gateway product, InterScan Web Security Virtual Appliance v3.1 (IWSVA), was not used in this test. The IWSVA product has improved functionality over the tested product (IWSS) in the following areas: 1. Implementation Model: IWSVA supports bi-direction transparent bridging so that no client or network re-configuration is needed. 2. Malware Detection: additional capabilities have been added to the IWSVA product to ensure the highest possible content-based malware detection rates, further enhancing the URL reputation-based malware detection already in the product. 3. Performance and Throughput: IWSVA running on a standard off-the-shelf 8- core server can support up to 10,000 users with full scanning and no notice- able latency. «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PO
  • 33. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Appendix: Product List Source: The Tolly Group, November 2008 Figure 14 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PP
  • 34. Terms of Usage USE THIS DOCUMENT ONLY IF YOU AGREE TO THE TERMS LISTED HEREIN. = This document is provided, free-of-charge, to help you understand whether a given product, technology or service merits addi- tional investigation for your particular needs. Any decision to purchase must be based on your own assessment of suitability. This evaluation was focused on illustrating specific features and/or performance of the product(s) and was conducted under con- trolled, laboratory conditions and certain tests may have been tailored to reflect performance under ideal conditions; performance may vary under real-world conditions. Users should run tests based on their own real-world scenarios to validate performance for their own networks. Commercially reasonable efforts were made to ensure the accuracy of the data contained herein but errors and/or oversights can occur. In no event shall The Tolly Group be liable for damages of any kind including direct, indirect, special, incidental and consequential damages which may result from the use of information contained in this document The test/audit documented herein may also rely on various test tools the accuracy of which is beyond our control. Furthermore, the document relies on certain representations by the sponsor that are beyond our control to verify. Among these is that the software/hardware tested is production or production track and is, or will be, available in equivalent or better form to commercial customers. When foreign translations exist, the English document is considered authoritative. To assure accuracy, only use documents downloaded directly from The Tolly Group’s Web site. All trademarks are the property of their respective owners. qÜÉ=qçääó=dêçìé=áë=~=äÉ~ÇáåÖ=ÖäçÄ~ä=éêçîáÇÉê=çÑ=íÜáêÇJ é~êíó=î~äáÇ~íáçå=ëÉêîáÅÉë=Ñçê=îÉåÇçêë=çÑ=fq=éêçÇìÅíëI= ÅçãéçåÉåíë=~åÇ=ëÉêîáÅÉëK qÜÉ=Åçãé~åó=áë=Ä~ëÉÇ=áå=_çÅ~=o~íçåI=ci=~åÇ=Å~å=ÄÉ= êÉ~ÅÜÉÇ=Äó=éÜçåÉ=~í==ERSNF=PVNJRSNMI=çê=îá~=íÜÉ=fåíÉêJ åÉí=~í ÜííéWLLïïïKíçääóKÅçãI=ë~äÉë]íçääóKÅçã= båíáêÉ=`çåíÉåíë=`çéóêáÖÜí=OMMU=Äó= qÜÉ=qçääó=dêçìéI=fåÅK ^ii=ofdeqp=obpbosba OMUPOSJñÑÅÑëNJââJMOaÉÅMU «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PQ