Transcript eSafe Product Overview

eSafe – Secure Web Gateway
Shimon Gruper, CISSP – VP Security Technologies
Safe Harbor Statement
Except for statements of historical fact, the information presented herein constitutes forward-looking
statements within the meaning of and subject to the safe harbor created by the Private Securities
Litigation Reform Act of 1995. In some cases, you can identify forward-looking statements by
terminology such as "expect," "estimate," "anticipate," "intend," "predict," "believe," and similar
expressions and variations thereof. Such forward-looking statements include statements regarding
the intent, belief, current expectations or projections about future events of Aladdin Knowledge
Systems Ltd. Readers are cautioned that these forward looking statements are not guarantees of
future performance and involve known and unknown risks, uncertainties and other factors which
may cause the actual results, performance or achievements of Aladdin Knowledge Systems Ltd. to
be materially different from any future results, performance or achievements expressed or implied by
such forward-looking statements. Such factors include without limitation, general economic and
business conditions, the loss of market share, changes in the competitive landscape, failure to keep
up with technological advances and other factors over which Aladdin Knowledge Systems Ltd. has
little or no control. Aladdin Knowledge Systems Ltd. undertakes no obligation to revise or update
these forward-looking statements to reflect events or circumstances after the date hereof.
aladdin.com
Agenda
•
•
•
•
•
•
About Aladdin
Content Security Challenges
Introduction to eSafe
Delivery options
Implementation options
Support & Updates
aladdin.com
Aladdin Knowledge Systems (NASDAQ: ALDN) is a global provider of
software protection and network security solutions since 1985.
With a distribution network of more than 50 partners in over five
continents, Aladdin provides unmatched service and support to its
customers.
aladdin.com
Aladdin Snapshot
Founded:
1985, publicly traded since 1993
Headquarters:
Tel Aviv, Israel
Global Presence:
USA, UK, Germany, France, The Netherlands, India,
Spain, Italy, Japan and China
Employees Worldwide:
465
Strong Financial
Momentum:
Q4/07 revenues:
Q4/07 profits:
2007 revenues:
2007 profits:
$29.1M
$4.8M (Non-GAAP)
$105.9M
$17.6M (Non-GAAP)
Consistent growth in revenues and profits
World Renowned
Products:
aladdin.com
Global leader in Software DRM (Digital Rights
Management), fast growth, innovative Enterprise
Security products
Aladdin: Securing the Global Village
Our Mission
• To create value by enabling the secure use
and distribution of digital content
Our Vision
• To be the leading provider of innovative
security solutions to protect digital assets
and enable secure business
aladdin.com
Aladdin Product Lines
ENTERPRISE SECURITY
DRM
TARGET MARKET
Software Rights Management –
copy protection, IP protection
and secure licensing
solution for software vendors
Software
Publishers
and System
Vendors
Solutions for authentication
and password/digital identity
management
Enterprise
Education
Banking
Pharmacy
Government
Web gateway content security
and proactive email security
aladdin.com
Enterprise
and ISP’s
Aladdin – Strong in Europe
Geographical Segments:
Business Segments:
41%
59%
North America:
18%
aladdin.com
Europe:
61%
ROW:
21%
Web Content Security Challenges
aladdin.com
The shift in Content Security Threats
Internet
Trojan
Virus
1987
Trojan
Worm
2000
Spam
2003
Phishing
Spyware
Web
Threats
Mobile
Threats
2004
2005
2007
2008
From amateur virus writers to organized money making
professionals !
aladdin.com
2007 Was A Very Bad Year
1,000,000
• Over 1,000,000 unique malware in 2007
• Some estimate there are over 5.5 million In-The-Wild
malware (AV-Test.org)
• Thousands of new malware a day
aladdin.com
Source: AV-TEST Lab, Germany
aladdin.com
It’s all about money…
aladdin.com
aladdin.com
Cybercrime 'more lucrative' than drugs
“ Last year was the first year that
proceeds from cybercrime were greater
than proceeds from the sale of illegal
drugs… law enforcement cannot catch
up with it."
Valerie McNiven, US Treasury
aladdin.com
BotNets
aladdin.com
BotNet Controllers
aladdin.com
“Of the 600 million computers currently on
the internet, between 100 and 150 million
are already part of botnets”
Davos , January 2007
Dr. Vinton Cerf
aladdin.com
Why do threats increase?
aladdin.com
Security is not transparent!
I should probably
click ‘Yes’…
aladdin.com
Today’s Internet Threats
aladdin.com
The Web 2.0 Dilemma
Google
Apps
Facebook
MySpace
Bad
Gray
Good
aladdin.com
Malware 2.0 Inspection
Gray
Scripts
AJAX
HTML
Good
aladdin.com
Anti-virus ?
Natalya & Eugene
Kaspersky
aladdin.com
We’re trying our best to stay on top, but
unfortunately I must confess that the
detection level is slowly going down.
We develop new technology to stop
them and they develop new technology
to bypass. We still have the highest
detection rate, but we cannot stop
some malicious code. This makes us
scared if we will be able to stop them in
the future. There was a time when we
thought that antivirus technology was
enough, but that time has gone. It’s not
enough, obviously.
URL Filter?
No time for updates!
Threats Propagating Faster
2006 - 90% of the hosts within
10-minutes.
Hours
Minutes
Seconds
Vulnerabilities Exploited Faster
2003
2004
2005
2006
2007
Avg. exploit in 2006 5.8 days.
Months
Weeks
Days
2005
aladdin.com
2006
2007
Essential Solution Ingredients
Email
Antivirus
URL Filter
Desktop
Antivirus
aladdin.com
Essential Solution Ingredients
Email
Antivirus
Web
security
URL Filter
Desktop
Antivirus
Less than 20% of organizations have Web Security in place !
aladdin.com
Introducing the Secure Web Gateway
“The market is demanding a secure-Web
gateway (SWG) solution that provides not
only traditional URL-filtering but also
malicious software (malware) filtering, as
well as application control for Web
applications such as instant messaging (IM).”
Peter Firstbrook
aladdin.com
The Growing Web Threat
Recommendations
• IT organizations should recognize the increasing threat that
Web traffic represents and the limitations of existing
solutions at addressing this rising threat.
• Use URL filtering renewals and budget money to
upgrade to a secure Web gateway solution that is
capable of detecting and filtering malicious Web traffic.
aladdin.com
The Ultimate Network Security Solution
aladdin.com
Introduction to eSafe
aladdin.com
eSafe Web
Internet
Content Security
Network Security
Firewall
Web Surfing
VPN
• Spyware, Malware
• Inappropriate content
• Confidential data loss
• Unauthorized
applications (IM, P2P,
tunneling, etc.)
Network policies
IDS/IPS
Business policies
Enterprise
Network
aladdin.com
Security Golden Triangle
The balance is crucial for a
proper web security gateway
aladdin.com
What is the ultimate Web Security?
eSafe 4 Security Layers
aladdin.com
The Only 4 Layer Web Content Security
1
Content Access
Good Sites – Bad Sites
Good ActiveX – Bad ActiveX – Preinstalled only
2
3
4
aladdin.com
Dynamic Web Threats
File Analysis
Application Filtering
URL Filtering & IP Reputation
CRAWLING
ANALYZING
PROCESSING
Data Center
Security
Content Analyzing
Technology
Data Center
Hardware
• 500+ Crawlers
worldwide
• 3.8 Billion Indexed
Webpages / Images
• 120 Million
Pages per Month
• 800 Spam
Collectors
• Smart Search
Engine
aladdin.com
• OCR
• > 1,000 Servers
• 60 million URLs
• Full Text
Classification
• 45 Mbit / Sec
Internet Access
• 8 Updates per Day
• 98% Sites Known
• Object Detection
• 20 Terabyte Cache
• Logo Detection
• 12 Worldwide
Remote Servers
• 60 Categories
• Face Recognition
• Porn Detection
• Digital Fingerprints
• Processing Four
Million Webpages /
Emails per Day
• 150,000 URL
Updated per Day
The Only 4 Layer Web Content Security
1
Content Access
2
Dynamic Web Threats
Zero-day exploits
Malicious scripts
Pop-installers
- In “Grey” sites
- In Hacked sites
3
4
aladdin.com
File Analysis
Application Filtering
Real-time Deep Web 2.0 Content Analysis
• Real-time packet by packet analysis of all web content
• Inspects all HTML pages and all code in them (scripts,
AJAX, etc.) for “Web. 2.0” threats.
• Detects the following in all HTML and script code:
– Known vulnerabilities (exploit attempts)
– Known malicious code and variations
– Suspicious code.
• Inspects HTTP on any port and HTTPS on SSL port 443
aladdin.com
Transparent Real-time Content Modification
• eSafe removes only suspicious elements form web pages
containing suspicious code
• The rest of the content remains intact
• Avoid over-blocking of legitimate hacked sites, “grey”
unknown sites, etc.
• Web page content inspection , including HTML, and media
files, is done in real-time
• Performance of over 50Mbps / 3000 connections per
machine (scalable to ISP level)
aladdin.com
The Only 4 Layer Web Content Security
1
Download
2
Dynamic Web Threats
3
Signatures
Simple
Known family (heuristic)
Polymorphic, stealth
Suspicious Spyware / Trojan / Worm
4
aladdin.com
Communications blocking
Proactive eSafe AV engine
aladdin.com
eSafe CSRT - More Security
aladdin.com
42
Aladdin Blocks Sophisticated Web Attack
aladdin.com
The Only 4 Layer Web Content Security
1
Content Access
2
Dynamic Web Threats
3
File Analysis
4
Application Filtering
Worms
Browser Hijack
Spyware / Adware
Spyware protocols
Outbound Trojan
aladdin.com
Selective IM (chat / file)
Tunneling
Remote PC
P2P
Unauthorized Applications Traffic
•
•
•
•
•
•
•
P2P applications
Spyware
Instant Messengers
TCP Worms
Remote Control
Tunneling
…and more
aladdin.com
Application Filtering and Control
• eSafe’s AppliFilter™ helps protect and control:
• Over 500 Internet application protocols
• 20 application families
• 4 application family categories:
– Malicious applications: Spyware, Trojans, Worms, Key-loggers
– Unwanted applications: Adware and add-supported software,
anonymizing tools
– Exploits and vulnerabilities: TCP Exploits, drive-by attacks,
browser hijackers
– Controlled applications: Instant Messengers, IP Phone, P2P,
streaming, tunnelling
aladdin.com
Anonymous Surfing
aladdin.com
Anonymous Proxies Protection
• Content Security products offer “list-based” approach
against Anonymous proxies
• AppliFilter’s unique “Anonymous Web Proxy” filter catches
requests for anonymous proxies on the fly, providing
organizations zero-day protection against circumvention
and anonymity techniques.
aladdin.com
Delivery Options
aladdin.com
Delivery Options
HG-200
HG-400
HG-300
aladdin.com
Reduced complexity:
•Instant installation on any PC
•Hardened, secure & updatable OS
•Built-in web-based configuration GUI
Flexible Integration options
• Active Directory integration
– Microsoft AD
– Novel
• ISA Server integration
• ArcSight integration
• Installation modes:
–
–
–
–
–
–
Bridge
Router
ICAP
Forwarding Proxy
Native Proxy
Load-balancing / High-Availability Cluster
aladdin.com
eSafe Web SSL
– Enforces policy also on SSL
encrypted anonymizer sites
– Proactively identify and block
unknown anonymizers
– Blocks self-signed SSL sites (home-brew anonymizers)
– Validates certificate
policies, issuers,
revocations, etc.
aladdin.com
eSafe Reporter
•
•
•
•
Includes 34 canned reports
Specifically geared for Enterprise Customers
Works with MS-SQL
Generate scheduled reports and email them to
predefined group of people
aladdin.com
Implementation Options
aladdin.com
Real Enterprise Solutions
Central
Configuration
Branch office
HQ
Central
Logging
eSafe
eSafe
Local
Configuration
Central Reporting
Regional
Office
aladdin.com
Central
Monitoring
Real time monitoring
aladdin.com
Real-time monitoring
aladdin.com
Support & Customer Care
aladdin.com
Support services – Deluxe Support
• Security services
–
–
–
–
–
24x7 threats research (CSRT – Content Security Research Team)
Timely updates
Proactive security rules (XploitStopper™)
Email / SMS notifications
Emergency telephone support
• Technical Support Services
–
–
–
–
–
24x7 web / telephone support
Immediate escalation to R&D
Continuous case status update
Personal case supervision by Customer Care Director
On site visits (fee charged after 90 days warranty)
aladdin.com
Case Studies
aladdin.com
Large Enterprise Case Study:
US Defense Contractor
•
•
•
Distributed operation
70,000+ users
Challenge: no affect on user
browsing experience &
minimal admin overhead
Evaluated proxy solution but
selected eSafe for speed and
security
• Result:
– High security
– Increased productivity
– No performance impact
aladdin.com
Case Study:
US School District
•
•
•
10,000 students, teachers
and administrators in 30
separate schools
Struggling with spyware
control
IT resources stretched thin
by ongoing remediation
• Result:
– Virtually eliminated
spyware infections
– Time spent on desktops
remediation dropped by
95%
aladdin.com
Case Study – Managed Services
•
LSE: CW
•
Leading international communications
company
•
Trading with eSafe (as Energies) since
2003
•
Joint Services: Managed Content
Security Services (MSSP model), and
Clean Pipe services
•
Customers Include: Large enterprises,
Carriers, Public Sector and local Service
providers
“We monitor all traffic patterns throughout our network, we proactively defend you
from all malicious or accidental attack, delivering 'clean pipes' to all our customers'
corporate networks.”
aladdin.com
Case Study - ISP
•
NASDAQ: IGLD
•
Leading Israeli communications service
provider
•
Services: Internet, International
telephony and IT Integration Services
•
In January 2007, completed the
acquisition of 012 Golden Lines Ltd.
•
Jointly owns MSN-Israel with Microsoft
•
No. of subscribers estimated by 1M
aladdin.com
•
•
•
•
•
•
Service name: Safety Net
Target: Home, Small business
Launch: February, 2006
Successful Marketing Campaign leads
to a high acceptance rate: over 50%
Over 1,500 subscribers per week
Withdrawals: Marginal (less than 0.5%)
aladdin.com
Web Threat Analyzer
• Reveals security and productivity
threats
• Offers a realistic view of current, and
real web threat status
• Provides a full and comprehensive
Web-threat Audit report!
aladdin.com
Summary
aladdin.com
eSafe Advantages
• The only proven proactive threat protection
– Consistently blocks over 96% of previously unknown threats
– Eliminates over 99% of common and driveby spyware
– Prevents zero-day vulnerabilities and exploits
• Transparent deep web-content inspection
– Wire-speed inspection of web pages including all HTML
– Zero-latency with no impact on user experience
– Complements firewalls, IPS, and desktop antivirus
• Starting at 5 million processed web pages per hour
– Scalable for hundreds to millions of users
– ISP-grade content security performance
– Trusted by fortune 500 corporations
aladdin.com
Technology leader - Innovation is our key focus
eSafe MCSG – Mobile security gateway
2006
2005
2003
2002
2000
1998
1997
1st
100% Protection of Anonymizer Services
2007
1st
1st
Spyware Neutralizer – Clientless scanner
AppliFilter™ – Application filtering
1st
XploitStopper™ – Gateway exploits blocker
NitroInspection™ – Non-proxy HTTP gateway
1st
1st
eSafe Gateway – Anti-virus gateway
eSafe Protect – Sandbox anti-vandal solution
aladdin.com
1st
1st
Gartner Secure Web Gateway - Magic Quadrant
•
•
•
•
•
Aladdin is an early visionary entrant
into the SWG market.
Aladdin gets very high marks for
malware detection across all ports
and protocols.
The company was an early antivirus
vendor and continues to utilize its
own malware signatures in addition
to several real-time malware
detection techniques.
The product has an extensive list
(more than 1,000) of pre-developed
application filter policies.
The eSafe SWG is an in-line filter
and supports an extensive list of
deployment options that provide for
scalability for more than 20,000
seats.
aladdin.com
Frost & Sullivan – WW Anti-virus Report
“Aladdin Knowledge Systems content security
business unit’s growth has been outperforming
the average market growth rate…
Aladdin’s recent product innovations in the
integrated security area have proved the
company’s ability to react fast to changing market
demands.”
aladdin.com
More than 4,000 eSafe customers worldwide
aladdin.com
… more customers
aladdin.com
SOME EUROPEAN CUSTOMERS
aladdin.com
Thank you !
For more info:
www.Aladdin.com
aladdin.com