AV at the Direct2Net branch

Download Report

Transcript AV at the Direct2Net branch

2013 BCWF
CATEGORY CHANGES
John Ahlander
Sr. Director, Product Management
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
1
CATEGORY CHANGES SUMMARY
 Drivers:
•
•
•
•
Customer Requests
Competitive Alignment
Internet Trends
Internal Categorization Challenges
 Results:
•
•
•
•
4 New Categories
13 Category Name Changes
2 Category Removals
6 Category Definition Clarifications
 Full Release: November 12, 2013
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
2
CATEGORY ADDITIONS (4)
Internet Connected
Devices
• Servers used for management/monitoring of internet
connected devices (a growing trend)
• Examples: router mgmt., surveillance cameras,
home automation
Piracy/Copyright
Concerns
• Potentially illegal software or media downloads
• Split from the Hacking category to differentiate legal
vs. security concern
• Other companies also have this category
Computer/Information
Security
• Descriptions, tools for white hat/defensive security
• Pull from Hacking and Computers/Internet to allow
security teams to get to these sites
• Other companies also have this category
Marijuana
• Sites promoting Marijuana cultivation/use and
associated paraphernalia
• Split from “Illegal Drugs” to allow compliance in
different legal jurisdictions
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
3
CATEGORY NAME CHANGES (1-4)
Malicious Sources 
Malicious
Sources/Malnets
• Added “Malnets” to clarify inclusion in this category
Online Storage  File
Storage/Sharing
• Customer confusion on what is included
• Examples: Dropbox, Carbonite, HighTail, Mediafire
Web Advertisements 
Web Ads/Analytics
• Web ads and analytics have very similar
marketing/customer tracking purposes
• Examples: Double Click, Omniture, facebook “likes”
Non-viewable  NonViewable/Infrastructure
• After analytics moves, expanding to include safe
servers that provide internet infrastructure services
• Examples: CRLs, OCSPs, Shared auth,
classification services
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
4
CATEGORY NAME CHANGES (5-8)
Computers/Internet 
Technology/Internet
• Modernize name, since this includes many forms of
connected technology, not just “desktop” computers
(e.g. mobile devices)
Greeting Cards 
E-Cards/Invitations
• Customer confusion on why sites were in this
category
• “Greeting Cards” name did not localize properly
• Examples: hallmark.com, evite.com
Web Applications 
Office/Business
Applications
• Clarification of “applications” term, which can be
very broad. Only includes office productivity and
business enablement services.
• Examples: Google calendar, Salesforce,
Quickbooks
Chat/Instant Messaging

Chat (IM)/SMS
• Inclusion of SMS (mobile texting) to clarify category
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
5
CATEGORY NAME CHANGES (9-13)
Political/Activist Groups

Political/Social Advocacy
• Clarification for customers on sites included
• Remove emphasis on groups, since also individual
• Broaden to include social advocacy, not just political
Blog/Personal Pages 
Personal Sites
• Clarify to only include personal sites, regardless of
format
• Exclude non-personal blog (Blue Coat security blog)
Open/Mixed Content 
Mixed Content/Potentially
Adult
• Customer confusion on what “open/mixed” meant
• Always meant “mixed w/ pornography”, now clarifies
• Examples: Google image search, Youtube, Tumblr
Alternative
Sexuality/Lifestyle 
Sexual Expression
• Alternative nomenclature perceived as prejudicial
• Sexual topics, excl. pornography and sex education
• Examples: myriad types of fetishes, swingers
Illegal Drugs 
Controlled Substances
• Substances/Drugs controlled by law in different
regions of the world
• May be illegal in some location and not in another,
but generally controlled in most locations
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
6
CATEGORY REMOVALS (2)
LGBT
Pay to Surf
• No longer needed as a standalone category.
• No sites today in category. Removing container.
• Sites have been moved to the appropriate content
category (political, dating, news, porn, sex ed., etc.)
• No longer needed as a standalone category. Was
popular years ago, not now.
• Sites will go into either “Scam/Questionable” or
“Business/Economy” depending on legitimacy
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
7
DEFINITION CLARIFICATIONS (6)
Web Hosting
• Include blog hosting sites
Web Ads/Analytics
• Include Web API embeds (e.g. facebook
“like” button)
NonViewable/Infrastructure
• Include 3rd-party authentication
(google/twitter/facebook auth)
Health
• Include prescription medications
Financial Services
• Include insurance
Entertainment
• Move photographer sites to business
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
8
PROXY SG CONSIDERATIONS
If you have
ProxySG, what do
you need to do?
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
9
STAGED ROLLOUT
October 15th:
 Category names for new and renamed categories introduced
 Released as part of the normal WebFilter database download
 Will automatically appear in the policy editor
November 12th:
 Sites moved to their new categories
 Deleted categories removed from the WebFilter database
 Changes become fully effective
These two stages provide a 4-week window to update your local
policy to reflect the changes without disrupting service
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
10
CREATING POLICY FOR NEW
CATEGORIES
 New categories can be referenced in CPL policy at any time
 On October 15th, new categories will show up in the VPM
 No URLs will be assigned to these categories until Nov. 12th
 Policies for new categories will not take effect until Nov. 12th
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
11
POLICY CHANGES FOR RENAMED
CATEGORIES
 ProxySG will automatically track renamed categories
 When new names introduced, existing policy will still continue to function properly
 Old names treated as deprecated aliases for new names for policy evaluation
If you maintain policy via the VPM
 Category names will be updated automatically the next time policy is changed via VPM
• Both renamed BCWF categories and locally-defined categories with same names
If you maintain policy via CPL
 Recent versions of ProxySG automatically update the renamed categories in CPL
 In older versions of ProxySG, old category names in CPL will generate a benign warning:
• “Obsolete category name: ‘Illegal Drugs’ is now ‘Controlled Substances’”
• Warning can be resolved by updating policy to reference the new names directly
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
12
TESTING OPTIONS FOR
WEBFILTER ON PROXYSG
On October 15th, the following will be available:
 Test URLs for all categories in WebFilter database
•
•
•
•
A single test URL will be available for each new BCWF category
Format: testrating.webfilter.bluecoat.com/<category_name>
Example: testrating.webfilter.bluecoat.com/Spam
Full link list: sitereview.bluecoat.com/cattest.jsp
 Separate test DB
• Final state DB (new, renames, deletes) with single test URL
• sitereview.bluecoat.com/2013_BCWF_Update_Test_Database.jsp
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
13
YOUR POLICY IMPACT
Q: What are the policy recommendations for the new categories?
• Follow your acceptable use and security policies
• Review “Piracy/Copyright Concerns”, “Marijuana” categories for legal liability
• Review “Computer/Information Security” category for security
Q: How can I keep the same effective policy as before?
• Renamed categories will automatically map forward
• Use same policy (block/allow) for new category as you have with original category
o Internet Connected Devices split out from Computers/Internet
o Piracy/Copyright Concerns split out from Hacking
o Computer/Info. Security split mainly from Hacking, some from Computers/Internet
o Marijuana split out from Illegal Drugs
Q: What will happen if I don’t change my ProxySG policy?
• All renamed categories will function the same as before
• All new categories will be allowed (assuming a default allow policy)
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
14
PROXY CLIENT CONSIDERATIONS
If you have
ProxyClient, what
do you need to do?
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
15
PROXYCLIENT CONSIDERATIONS
Required ProxyClient components
 ProxySG Client Manager (CM) version 5.4 or later
 ProxyClient version 3.1.3 or later
Creating New Policy Reflecting New/Renamed Categories
 Oct. 15th: New/renamed categories appear in Client Manager
 Between Oct. 15th and Nov. 12th, update policy
 No URLs will be included in new categories until Nov. 12th
 Policy must be modified by Nov. 12th to work as desired
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
16
CLOUD WEB SECURITY SERVICE
CONSIDERATIONS
If you have Cloud
Web Security
Service, what do
you need to do?
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
17
STAGED ROLLOUT
October 15th:
 Category names for new and renamed categories introduced
 Will automatically appear in the policy editor and reporting
 Ability to update policy and custom reports
November 12th:
 Sites moved to their new categories
 Deleted categories removed from the WebFilter database
 Changes become fully effective
These two stages provide a 4-week window to update your policy to
reflect the changes without disrupting service
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
18
CREATING POLICY FOR
NEW CATEGORY NAMES
 Oct. 15th: new category names will show in the control portal
• Policy can be created using new category names
• No URLs will be assigned to new categories until Nov. 12th
• Policies using new categories will not take effect until Nov. 12th
 Renamed categories will automatically switch over
• Existing policy will function as before
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
19
PACKETSHAPER CONSIDERATIONS
If you have
PacketShaper,
what do you need
to do?
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
20
PACKETSHAPER CONSIDERATIONS
If you are running PacketShaper 8.6+ with URL categorization…
 Renamed categories will still hit their previously defined classes
• May want to change class name to match the new category name
 New categories will be auto-discovered, if configured
 Classes for deleted categories will no longer have hits
• It is recommended to update/remove classes with those categories
Note: None of these changes are required for the categorization to
continue working in PacketShaper, but they may be necessary to obtain
the full value of the new and changed categories.
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
21
IMPORTANT DATES
Milestone
Customer Notification
SiteReview Updated
Customer Pilot (Test DB)
New/renamed category names
Reporter 9.4.4.3 Released
Site data moves into new categories
& deleted categories removed
Date
Sep. 10, 2013
Oct. 8, 2013
Oct. 8, 2013
Oct. 15, 2013
Oct. 18, 2013
Nov. 12, 2013
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
22
RESOURCES
 Blue Coat Support
• [email protected]
 Online Resources
• FAQ: kb.bluecoat.com FAQ2806
• Category definitions and sample sites: sitereview.bluecoat.com
• Test categorizations: sitereview.bluecoat.com/testcategories.jsp
 Local Blue Coat Sales/SE
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
23
Questions?
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
24
THANK YOU FOR JOINING TODAY!
 Please provide feedback on this webcast to:
[email protected]
Webcast replay and
slide deck found here:
https://bto.bluecoat.com/training/custom
er-support-technical-webcasts
(requires BTO login)
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
25
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
26
CURRENT CATEGORY SET

































Abortion
Adult/Mature Content
Alcohol
Alternative Sexuality/Lifestyles
Alternative Spirituality/Belief
Art/Culture
Auctions
Audio/Video Clips
Blogs/Personal Pages
Brokerage/Trading
Business/Economy
Charitable Organizations
Chat/Instant Messaging
Child Pornography
Computers/Internet
Content Servers
Dynamic DNS Host
Education
Email
Entertainment
Extreme
Financial Services
For Kids
Gambling
Games
Government/Legal
Greeting Cards
Hacking
Health
Humor/Jokes
Illegal Drugs
Informational
Internet Telephony

































Intimate Apparel/Swimsuit
Job Search/Careers
LGBT
Malicious Outbound Data/Botnets
Malicious Sources
Media Sharing
Military
News/Media
Newsgroups/Forums
Non-viewable
Nudity
Online Meetings
Online Storage
Open/Mixed Content
Pay to Surf
Peer-to-Peer (P2P)
Personals/Dating
Phishing
Placeholders
Political/Activist Groups
Pornography
Potentially Unwanted Software
Proxy Avoidance
Radio/Audio Streams
Real Estate
Reference
Religion
Remote Access Tools
Restaurants/Dining/Food
Scam/Questionable/Illegal
Search Engines/Portals
Sex Education
Shopping
















Social Networking
Society/Daily Living
Software Downloads
Spam
Sports/Recreation
Suspicious
Tobacco
Translation
Travel
TV/Video Streams
Vehicles
Violence/Hate/Racism
Weapons
Web Advertisements
Web Applications
Web Hosting
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
27
NEW CATEGORY SET


































Abortion
Adult/Mature Content
Alcohol
Alternative Spirituality/Belief
Art/Culture
Auctions
Audio/Video Clips
Brokerage/Trading
Business/Economy
Chat (IM)/SMS
Child Pornography
Computer/Information Security
Content Servers
Controlled Substances
Cultural/Charitable Organizations
Dynamic DNS Host
E-Cards/Invitations
Education
Email
Entertainment
Extreme
File Storage/Sharing
Financial Services
For Kids
Gambling
Games
Government/Legal
Hacking
Health
Humor/Jokes
Informational
Internet Connected Devices
Internet Telephony
Intimate Apparel/Swimsuit


































Job Search/Careers
Malicious Outbound Data/Botnets
Malicious Sources/Malnets
Marijuana
Media Sharing
Military
Mixed Content/Potentially Adult
News/Media
Newsgroups/Forums
Non-viewable/Infrastructure
Nudity
Office/Business Applications
Online Meetings
Peer-to-Peer (P2P)
Personal Sites
Personals/Dating
Phishing
Piracy/Copyright Concerns
Placeholders
Political/Social Advocacy
Pornography
Potentially Unwanted Software
Proxy Avoidance
Radio/Audio Streams
Real Estate
Reference
Religion
Remote Access Tools
Restaurants/Dining/Food
Scam/Questionable/Illegal
Search Engines/Portals
Sex Education
Sexual Expression
Shopping


















Social Networking
Society/Daily Living
Software Downloads
Spam
Sports/Recreation
Suspicious
Technology/Internet
Tobacco
Translation
Travel
TV/Video Streams
Uncategorized
User-Defined
Vehicles
Violence/Hate/Racism
Weapons
Web Ads/Analytics
Web Hosting
Copyright © 2013 Blue Coat Systems Inc. All Rights Reserved.
28