Many IT security professionals face conflicting demands from management and network users when it comes to web security. The need for speed is always in demand, but delivering that speed while enhancing web security for a broader, more dynamic threat environment is quite challenging. Following are some of the most frequent obstacles to achieving this goal:
- A lack of additional IT budget to shore up network security
- Network constraints that conflict with security issues around cloud computing
- Performance degradations across the network due to additional hosted service
The options for overcoming these obstacles to proactive, multi-layered web security are either unappealing or insufficient. For example, one defense against the widespread proliferation of malware is to install anti-virus scanning at the gateway, capturing malware before it ever enters the network. But scanning every page and object at the URL can slow down web page delivery and affect both throughput at the device and the user experience at the browser. Finally, desktop or browser-based scanning solutions only catch threats once they are in the network. By the time these solutions alert users, today’s malware could have already inflicted great amounts of damage to the organization’s computing infrastructure and/or compromised sensitive data from within the organization.
URL Filtering is Not Enough
Since the 1990s, reputation services have been helping organizations block unwanted or bad traffic to ensure that threats never enter the network. By identifying and blocking threats at the perimeter, reputation services help prevent attacks, reduce the on-premise IT footprint required to scan traffic, and lower the costs associated with the bandwidth, hardware, and other resources required to block threats. As web technologies and the web itself have grown more sophisticated, early generation reputation services have become less effective in identifying and blocking threats.
Effective Security is Proactive and Multi-Layered
The most effective approach for defending against the web’s dynamic threats is a proactive, multi-layered approach to web security. Being proactive requires that the web security solution reach into the Internet cloud, obtain the latest threat data from multiple threat-monitoring sources, and prepare a network’s perimeter in the event that one of the threats presents itself to the network. Effective defense is multi-layered, applying additional measures of threat scanning, depending on the type of content that attempts to enter the network.
Our Reputation Enabled Defense leverages the cloud-based intelligence of millions of global sources and users. This shares information about threats associated with URLs and domains in real-time to automatically block new threats before they enter an organization’s network. By scanning for hostile content and blocking malicious URLs at the connection level, this type of solution bridges the web security gap left exposed by simple URL filtering, provides safer web surfing and faster web performance.