//
you're reading...
Security, Uncategorized

Balancing Web Security and Performance

 

Many IT security professionals face conflicting demands from management and network users when it comes to web security. The need for speed is always in demand, but delivering that speed while enhancing web security for a broader, more dynamic threat environment is quite challenging. Following are some of the most frequent obstacles to achieving this goal:

  • A lack of additional IT budget to shore up network security
  • Network constraints that conflict with security issues around cloud computing
  • Performance degradations across the network due to additional hosted service

The options for overcoming these obstacles to proactive, multi-layered web security are either unappealing or insufficient. For example, one defense against the widespread proliferation of malware is to install anti-virus scanning at the gateway, capturing malware before it ever enters the network. But scanning every page and object at the URL can slow down web page delivery and affect both throughput at the device and the user experience at the browser. Finally, desktop or browser-based scanning solutions only catch threats once they are in the network. By the time these solutions alert users, today’s malware could have already inflicted great amounts of damage to the organization’s computing infrastructure and/or compromised sensitive data from within the organization.

URL Filtering is Not Enough

 Since the 1990s, reputation services have been helping organizations block unwanted or bad traffic to ensure that threats never enter the network. By identifying and blocking threats at the perimeter, reputation services help prevent attacks, reduce the on-premise IT footprint required to scan traffic, and lower the costs associated with the bandwidth, hardware, and other resources required to block threats. As web technologies and the web itself have grown more sophisticated, early generation reputation services have become less effective in identifying and blocking threats.

Effective Security is Proactive and Multi-Layered

 The most effective approach for defending against the web’s dynamic threats is a proactive, multi-layered approach to web security. Being proactive requires that the web security solution reach into the Internet cloud, obtain the latest threat data from multiple threat-monitoring sources, and prepare a network’s perimeter in the event that one of the threats presents itself to the network. Effective defense is multi-layered, applying additional measures of threat scanning, depending on the type of content that attempts to enter the network.

Our Reputation Enabled Defense leverages the cloud-based intelligence of millions of global sources and users. This shares information about threats associated with URLs and domains in real-time to automatically block new threats before they enter an organization’s network. By scanning for hostile content and blocking malicious URLs at the connection level, this type of solution bridges the web security gap left exposed by simple URL filtering, provides safer web surfing and faster web performance.

Discussion

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: