A quick visit to Ironport's website could make you wonder if they sell web gateway appliances anymore. The website focuses on DLP, their mid-year security report, and the cloud. In addition a lot of Secure Web Gateway manufacturers have acquired or announced intentions to start their own cloud services. Which could easily lead one to wonder if secure web gateways and proxies have a limited shelf life, and will soon be replaced by the cloud. The cloud has some obvious benefits. The first is of course, no hardware cost, so no capital expenditures. Everything is an operating expenditure, and you pay for the services on a monthly basis. This is great in a down economy when you're trying to cut capital expenditures.
But the question here is, whether the total costs over the life of the service exceed those of a hardware based solution, and what's the break-even point, at which point hardware would be cheaper? In addition what happens, when the economy picks up and the company wants to make capital expenditures? It may make it look like a cloud is preferable today, but it may not be tomorrow.
In addition, there's the usual complaints about a service offering, including the inability to schedule maintenance windows. With a service you're bound by the provider's operating windows, and you need to ensure uptime with a good SLA in place with the provider.
Finally a service offering has to appeal to all levels of organizations, from the smallest to the largest, as any size company could be their customer. That means the interfaces and the mechanisms for establishing policy for the secure web gateway is going to one that's easy to use, and has the widest appeal. While this probably works for small organizations, it's likely the policy engine will not be sophisticated enough to handle most large organization's needs around not only acceptable use policy across the organization, but the differences that may be necessary from department to department within the organization.
For these various reasons, it's probably not likely the cloud will take the place of the secure web gateway. Instead both will probably be offered for the foreseeable future, and each has its place, depending on the size and complexity of the organization.
Wednesday, December 15, 2010
Tuesday, December 7, 2010
The Move from Acceptable Use Policy to Protecting the Innocent
Web filtering really got its start as way to implement Acceptable Use Policy (AUP) in organizations that wanted to make sure their employees were spending their time on the Internet at websites that met corporate acceptable use guidelines. With the growth of the web and the spread of malware from email to websites, the focus for web filtering has really moved from implementing AUP to protecting the casual web user from malware and drive-by downloads they might get from good or bad sites.
The malware isn't exactly new, as much of what's prevalent today depends on techniques that have been in effect for years, but rather the subtlety with which they are released has changed. Rather than an anonymous email asking you to watch their video, it's a close friend's hijacked Facebook account that sends you a message asking you to watch their kid's latest accomplishment video. Click on the video and of course you'll be prompted to update your video codec, which actually downloads malware onto your computer.
An unsuspecting user will naturally trust the person they know rather than the one they don't, making the hijacked Facebook account much more malicious than a spam email asking you to watch some sexy video.
So with this evolution to targeted attacks, protecting the everyday user from malware and drive-by downloads is increasingly important for organizations, and the role the secure web gateway plays in the organization. That's why it's more important than ever to make sure your web filtering software and subscriptions are up to date, and using an accompanying anti-malware program that scans everything. Reputation based exceptions don't really work anymore, since even reputable sites can get hacked and host malware links.
The malware isn't exactly new, as much of what's prevalent today depends on techniques that have been in effect for years, but rather the subtlety with which they are released has changed. Rather than an anonymous email asking you to watch their video, it's a close friend's hijacked Facebook account that sends you a message asking you to watch their kid's latest accomplishment video. Click on the video and of course you'll be prompted to update your video codec, which actually downloads malware onto your computer.
An unsuspecting user will naturally trust the person they know rather than the one they don't, making the hijacked Facebook account much more malicious than a spam email asking you to watch some sexy video.
So with this evolution to targeted attacks, protecting the everyday user from malware and drive-by downloads is increasingly important for organizations, and the role the secure web gateway plays in the organization. That's why it's more important than ever to make sure your web filtering software and subscriptions are up to date, and using an accompanying anti-malware program that scans everything. Reputation based exceptions don't really work anymore, since even reputable sites can get hacked and host malware links.
Subscribe to:
Posts (Atom)
Posts
