 |
 |
 |
|
 |
|
 |
 | ||||
| ||||
| ||||
|
| |||||||||
|
Many organizations attempt to deal with the increase in email threats and the evolving nature of Web and network attacks by using single—point security products that address each type of threat individually. For example, messaging and Web systems may rely on signature—based security solutions that are effective in stopping known viruses, yet fail to identify new malware that hasn't yet been seen (zero—day threats). The enterprise network may be protected by a firewall based on packet—filtering technology, providing a basic level of protection from malicious traffic, yet leaving the enterprise completely vulnerable to application—based attacks. According to Dmitri Alperovitch, principal research scientist with Secure Computing®, the best solution to both today's threats and future threats is a "reputation service." A reputation service can accumulate data from tens of thousands of sources across the globe to create highly accurate and up—to—the—second profiles of all messaging and web activity on the Internet. This real—time activity is then analyzed for deviations from expected "good" Internet behavior to create a reputation score for each sender or host. If a host is determined to be highly unreliable and most likely a spammer or other type of cyber criminal, then that host's traffic can be scored, tagged, and blocked, no matter how clever or devious the attack may be. Secure Computing's TrustedSource™ is the largest and most comprehensive sender reputation database in the world, with reputation information available for virtually every entity connected to the Internet. The resulting "network effect" of TrustedSource is to create a comprehensive repository of reputation information from tens of thousands of sensors in 68 countries, including IP addresses, domains, URLs, messages and image content. The need for a reputation—based and multi—layered security solution has evolved over the past few years from a reactive model, blocking only previously identified (and known) attacks, to the current proactive model that utilizes real—time, server—based reputation scoring to protect against all attacks, regardless of whether they've been encountered in the past. "People have migrated to this type of model because threats are no longer black and white—you also have shades of grey," said Alperovitch. "Organizations now understand that attacks spread very quickly, and for proper protection they must employ effective solutions that combine intelligence data from thousands of sensors around the world in real time, and use that information to identify and stop the broader spectrum of threats." Alperovitch points out that companies can't afford to take the time to discover and analyze attacks, create specific signatures, and then push them out as updates to appliances or software—based solutions in customer environments. "That model no longer works when they can be hit by a threat in a matter of seconds. You need something that is proactively identifying malicious sources, legitimate sources, malicious content and legitimate content without any human intervention, in real time and in a fully automated fashion that can instantly provide that information from a centralized location to the different devices around the world." Secure Computing's TrustedSource global reputation system addresses all aspects of Internet security threats, and is an underlying component of Secure Computing's Enterprise Gateway Security Solutions, including Messaging, Web, Network, and Identity & Access Management. For email, TrustedSource, embedded in Secure Computing's IronMail® and Edge™ messaging appliances, identifies known "bad" senders and content, and automatically blocks huge volumes of unwanted and infected mail at the outer edge of customers' networks, eliminating well over 80 percent of mail traffic before it reaches the mail servers. Other benefits include increased available network bandwidth, decreased load on messaging servers' processors, and a significant improvement in the overall security posture. While reputation systems originally focused their attention on messaging, safe Internet browsing also requires a similar approach to determine whether a Web site engages in good behavior, bad behavior or is deviating from known historical behavior. Integrated into Secure Computing's Web Gateway Security appliances such as Webwasher®, TrustedSource is able to profile billions of entities connected to the Internet worldwide in real time, and provide up—to—the minute host behavior analysis to create a reputation score which can be used to determine whether a connection from the enterprise network should be allowed. Secure Computing's Network Gateway Security solutions also leverage TrustedSource's reputation—based system. The Sidewinder® enterprise—class network gateway appliance and SnapGear® UTM solution for small— to medium—sized businesses and remote offices provide reputation—based security for the edge of networks; the bi—directional global intelligence feed from TrustedSource enables these devices to make proactive security decisions based on the real—time known behavior of global IP addresses. A reputation system can also be beneficial for identity and access management. Traditional user names and passwords are highly vulnerable to compromise, so the security community has evolved to two—factor authentication, where tools such as one—time passcode tokens and biometric measurements are also used to identify a person. Another way to authenticate a user is to look at the likelihood that this person is who he or she says they are. For example, a user could log in to a bank account located in San Diego, but the user name, password and token information is identified as originating from an IP address in Russia that has been associated with criminal activities. Because TrustedSource is aware of the reputation of this IP address, the authentication request from that login attempt can be blocked based on that critical information. Changes in the security landscape present an exciting new opportunity for security VARs and for those VARs who are interested in entering the security marketplace. VARs can best address this growing market opportunity for security solutions by arming themselves with Secure Computing's TrustedSource reputation service. It is up to VARs to be knowledgeable and a source of security information, education and advice on the best solutions for their customers. Alternative Technology, Secure Computing's specialty value—added distributor, has developed a Web site that is dedicated to VARs and their security education and enablement, including links to security solutions, reputation services and TrustedSource white papers, Webinars, demos and training opportunities. To tap into this wealth of information and to find out how you can get access to Secure Computing's state—of—the—art security industry solutions for your customers, visit www.alttech.com/a/8895 or call Alternative Technology at 866—728—1958. This advertorial is the first in a series of five that will appear in eChannelLine through the remainder of 2007. Look for future advertorials in the coming months that will address issues and opportunities in Messaging, Web, and Network security, and Identity and Access Management.
|
|
|||||||
| |||||||||
|
home | feedback | printer friendly version | email this article
©2009 Integrated mar.com Corporation | 1.800.465.2059 |
|
|||||||
 | |
1,469 | |
 | |
419,376 | |
 | |
49,763,951 | |
 | |
$57,402,670,680 | |
 | |