490 likes | 1.09k Views
Plays your digital media including music, videos, CDs, DVDs and Internet Radio ... MSN Hotmail Inbox Microsoft Internet Explorer. Joan_smith@yahoo.com Funny email from ...
E N D
Slide 1:A Day in the Life of Bob Kent
Visibility. Then Control. Hi everybody, Im [NAME} from Blue Coat Systems. Today, were going to talk about how to keep good employees from doing bad things on the Internet. And how you can gain Total visibility and control over all Web communications in your organization. So, Lets get started Hi everybody, Im [NAME} from Blue Coat Systems. Today, were going to talk about how to keep good employees from doing bad things on the Internet. And how you can gain Total visibility and control over all Web communications in your organization. So, Lets get started
Slide 2:Everything Web
Web Browser Has Become the Universal Client Answer is to control, not just block P2P file sharing Audio/Video Streaming Spyware Web email Instant Messaging P2P file sharing Web surfing Instant Messenger P2P file sharing Web browser has become the universal interface into critical business applications. This offers many advantages to your organization, Web-based applications and protocols are well known, relatively inexpensive and easy to deploy and manage. But they also create more opportunities for inappropriate use, decreased network availability, and back doors for viruses and malicious code. Traditional network security solutions are on or off, they either allow or deny access to content. Granular control is a new option, providing the benefits of a new technology to remove the risks. (explain control vs block, use IM and content filtering as examples;, blocking or simple allow and deny doesnt scale and often doesnt meet the needs of the business) For example next slide Web browser has become the universal interface into critical business applications. This offers many advantages to your organization, Web-based applications and protocols are well known, relatively inexpensive and easy to deploy and manage. But they also create more opportunities for inappropriate use, decreased network availability, and back doors for viruses and malicious code. Traditional network security solutions are on or off, they either allow or deny access to content. Granular control is a new option, providing the benefits of a new technology to remove the risks. (explain control vs block, use IM and content filtering as examples;, blocking or simple allow and deny doesnt scale and often doesnt meet the needs of the business) For example next slide
Slide 3:Web Creates Business Risk
The first story is worth reading a clean example of file sharing affecting network availability from a field consultant. The 2nd & 3rd stories highlight issues with pornography where security defenses were active. The remaining articles highlight Instant Messaging (IM) use issues, however the productivity gain with IM for businesses is large to block it would be analogous to blocking SMTP email in the early days of the Internet for internal use only. The Web does impact business, the goal is to keep the good guys good and focused on work while at the office. The first story is worth reading a clean example of file sharing affecting network availability from a field consultant. The 2nd & 3rd stories highlight issues with pornography where security defenses were active. The remaining articles highlight Instant Messaging (IM) use issues, however the productivity gain with IM for businesses is large to block it would be analogous to blocking SMTP email in the early days of the Internet for internal use only. The Web does impact business, the goal is to keep the good guys good and focused on work while at the office.
Slide 4:Introducing Blue Coat ProxySG
Purpose-built proxy appliance providing granular control with wire-speed performance Advise. Coach. Enforce. ProxySG is our flagship product that gives organizations total visibility and control of all Web communications. 1. Custom built OS, SGOS 2. Designed for object handling, the fundamental element of all Internet content 3. Ability to apply policy in real-time due to patent pending technologies, enabling wire-speed performance 4. Optimized performance by delivering approved, scanned content from an integrated cache ISCA certification means our solution has passed security analysis, vulnerability and intrusion tests, and provides secure administrative options with read-only logs. Because its an appliance, it installs easily and requires little on going maintenance or patching. ProxySG is our flagship product that gives organizations total visibility and control of all Web communications. 1. Custom built OS, SGOS 2. Designed for object handling, the fundamental element of all Internet content 3. Ability to apply policy in real-time due to patent pending technologies, enabling wire-speed performance 4. Optimized performance by delivering approved, scanned content from an integrated cache ISCA certification means our solution has passed security analysis, vulnerability and intrusion tests, and provides secure administrative options with read-only logs. Because its an appliance, it installs easily and requires little on going maintenance or patching.
A Day in the Life of Bob KentSlide 5:Now, were going to introduce you to Bob Kent and talk about how to keep good employees from doing bad things on the Internet. Now, were going to introduce you to Bob Kent and talk about how to keep good employees from doing bad things on the Internet.
Slide 6:Introducing Bob Kent
Bob works for Edge Corporation. Bob is a good employee, but unfortunately likes to do bad things on the Internet. Lets see what happens now that Edge Corp has installed Blue Coat proxy appliances At Blue Coat, we focus on the security threat from within: your employees. Your users. Some of which are like bob Kent who works for edge corporation They are actually considered good employees, but some times do bad things intentionally or unintentionally - on the Internet. At Edge Corporation, where bob works, the IT manager recently installed a Blue Coat proxySG over the weekend. (The #1 proxy appliance and the proxy product of choice according to Gartner). Lets now join Bob, a typical employee not too unlike you and me, and see how his Internet experience has changed when he comes to the office on Monday morning .At Blue Coat, we focus on the security threat from within: your employees. Your users. Some of which are like bob Kent who works for edge corporation They are actually considered good employees, but some times do bad things intentionally or unintentionally - on the Internet. At Edge Corporation, where bob works, the IT manager recently installed a Blue Coat proxySG over the weekend. (The #1 proxy appliance and the proxy product of choice according to Gartner). Lets now join Bob, a typical employee not too unlike you and me, and see how his Internet experience has changed when he comes to the office on Monday morning .
Launch Internet Explorer Browser Finds and displays information and Web sites on the Internet 10:45
Slide 8:Notice Bob likes to personalize his work environment (this is a picture of the sunset from his backyard) and not surprisingly, he likes to do a lot of personal activities while at work. Like many users, the first stop after logging on is the Internet Bob doesnt waste any time and fires up his browser .Notice Bob likes to personalize his work environment (this is a picture of the sunset from his backyard) and not surprisingly, he likes to do a lot of personal activities while at work. Like many users, the first stop after logging on is the Internet Bob doesnt waste any time and fires up his browser .
http://my.yahoo.comSlide 9:Bob visits Yahoo as his default home page but before delivering the Yahoo page, bob notices something new [MOUSE CLICK]Bob visits Yahoo as his default home page but before delivering the Yahoo page, bob notices something new [MOUSE CLICK]
Welcome Bob Kent to Edge Corp. intranet and Internet connection News of the Day: Employee meeting will take place in the restaurant at 3:00 pm today Before accessing the Internet, you must read and acknowledge our corporate acceptable use policy http://intranet.edgecorp.com/aup.html CLICK HERE TO ACCEPT AND ACCESS THE INTERNET Any IT problems, please email IT Support Desk or call extension 2875 IP address: 10.150.1.130 Date February 20, 2004 Time: 9:15 am CLICK HERE TO ACCEPT AND ACCESS THE INTERNET 10:46 http://www.mysite.com/?comply://my.yahoo.comSlide 10: A company sponsored splash screen. One of the capabilities in ProxySG is to create custom splash pages for HTTP , here Bob is welcomed, provided News of the Day and is provided a chance to review Edge Corps Acceptable Use Policy (AUP) and to accept it to access the Internet. Acceptance of an AUP may be a compliance benefit for your industry or organization. [MOUSE CLICK] Like most employees, Bob doesnt like to read through everything though. Hes a busy guy. So, he bypasses the opportunity to review the AUP and simply accepts the terms so he can get on about his business [MOUSE CLICK] Bob also knows that somebody is watching him. Now he is on Yahoo A company sponsored splash screen. One of the capabilities in ProxySG is to create custom splash pages for HTTP , here Bob is welcomed, provided News of the Day and is provided a chance to review Edge Corps Acceptable Use Policy (AUP) and to accept it to access the Internet. Acceptance of an AUP may be a compliance benefit for your industry or organization. [MOUSE CLICK] Like most employees, Bob doesnt like to read through everything though. Hes a busy guy. So, he bypasses the opportunity to review the AUP and simply accepts the terms so he can get on about his business [MOUSE CLICK] Bob also knows that somebody is watching him. Now he is on Yahoo
10:59 Yahoo! Microsoft Internet Explorer http://www.katysfriends.comSlide 11:[MOUSE CLICK] After looking through his default home page, Bob is off to visit KatysFriends.com. He visited the site last Friday and wants to see if any new postings or images are on the site [MOUSE CLICK][MOUSE CLICK] After looking through his default home page, Bob is off to visit KatysFriends.com. He visited the site last Friday and wants to see if any new postings or images are on the site [MOUSE CLICK]
http://www.sportspages.com Hello again, Bob Kent This is a message from the IT department. The website you are trying to access: www.katysfriends.com Is listed as a site within the category ADULT CONTENT and you are not allowed to visit this site. Our Internet Acceptable Use Policy is available here: http://intranet.edgecorp.com/aup.htmp For more help, email IT Support Desk or call extension 2875Slide 12:His access is denied. Thanks to on-box Content and URL Filtering on ProxySG which enforces corporate policy on inappropriate sites and blocks Bobs access to the ADULT CONTENT site he wanted to visit. Blue Coat partners with WBSN, SCUR and SurfControl to deliver on-box high-performance content filtering on an optimized appliance. Organizations such as CompUSA and the US Air Force have standardized on Blue Coat for content filtering. Another option here, would be to advise Bob that adult content is not allowed in the work environment, however if required for some reason he could be given an option to click on a CONTINUE well knowing his actions are being monitored. Fortunately for Bob, he has other interests. [MOUSE CLICK] Since he cant visit his adult friends web site, he decides its probably a good time to check on yesterdays sports scores and last nights game results at SportsPages.com His access is denied. Thanks to on-box Content and URL Filtering on ProxySG which enforces corporate policy on inappropriate sites and blocks Bobs access to the ADULT CONTENT site he wanted to visit. Blue Coat partners with WBSN, SCUR and SurfControl to deliver on-box high-performance content filtering on an optimized appliance. Organizations such as CompUSA and the US Air Force have standardized on Blue Coat for content filtering. Another option here, would be to advise Bob that adult content is not allowed in the work environment, however if required for some reason he could be given an option to click on a CONTINUE well knowing his actions are being monitored. Fortunately for Bob, he has other interests. [MOUSE CLICK] Since he cant visit his adult friends web site, he decides its probably a good time to check on yesterdays sports scores and last nights game results at SportsPages.com
http://www.amazon.com Hello again, Bob Kent This is a message from the IT department. The website you are trying to access: www.sportspages.com Is listed as a site within the category SPORTS This category of site is accessible by you before 9:00 am, between 12:00 and 1:00 pm and after 6:00 pm Our Internet Acceptable Use Policy is available here: http://intranet.edgecorp.com/aup.htmpAny For more help, email IT Support Desk or call extension 2875Slide 13: Here Bob is coached on the appropriate times to visit recreational sites like SPORTS, Notice that the time on Bobs PC reads 11;01. Its company policy to only allow access to leisure sites like sports, gambling, and other entertainmnet before and after normal working hours, or during lunch. , now is not the time to view sports Slowly, Bob is learning the AUP for his company something that he has avoided reading, Again, this is an example of advising and coaching. This is not a complete block. Its an example of a layered policy consisting of time of day and user and the site category requested. Blue Coat ProxySG can combine over 40 different triggers to create a specific policy action. Given the SPORTS site is currently off limits until lunch or after work hours, [MOUSE CLICK] Bob decides to visit Amazon.com to check on a new book he is interested in reading [MOUSE CLICK] Here Bob is coached on the appropriate times to visit recreational sites like SPORTS, Notice that the time on Bobs PC reads 11;01. Its company policy to only allow access to leisure sites like sports, gambling, and other entertainmnet before and after normal working hours, or during lunch. , now is not the time to view sports Slowly, Bob is learning the AUP for his company something that he has avoided reading, Again, this is an example of advising and coaching. This is not a complete block. Its an example of a layered policy consisting of time of day and user and the site category requested. Blue Coat ProxySG can combine over 40 different triggers to create a specific policy action. Given the SPORTS site is currently off limits until lunch or after work hours, [MOUSE CLICK] Bob decides to visit Amazon.com to check on a new book he is interested in reading [MOUSE CLICK]
http://www.cnn.comSlide 14:Bob is advised via a Pop-up that shopping sites are monitored a reminder to avoid watching eBay auctions and doing too much shopping while at work. Bob is nearly done with his donut and a cup of coffee and [MOUSE CLICK] decides to visit CNN as shopping is off limits. surely a news site is a good place to visit. [MOUSE CLICK] Bob is advised via a Pop-up that shopping sites are monitored a reminder to avoid watching eBay auctions and doing too much shopping while at work. Bob is nearly done with his donut and a cup of coffee and [MOUSE CLICK] decides to visit CNN as shopping is off limits. surely a news site is a good place to visit. [MOUSE CLICK]
http://www.cisco.com/jobs 11:32Slide 15:Bob is advised by a Pop-Up that he can visit news sites for only 15 minutes per day. Blue Coat ProxySG allows administrators to set time based quotas on specific users, specific sites and more. Even Bob is starting to get the idea now that work should be his focus however he is frustrated by his companys new control over his Internet use [MOUSE CLICK] and decides to visit Edge Corps main competitor Cisco to look for a job. [MOUSE CLICK]Bob is advised by a Pop-Up that he can visit news sites for only 15 minutes per day. Blue Coat ProxySG allows administrators to set time based quotas on specific users, specific sites and more. Even Bob is starting to get the idea now that work should be his focus however he is frustrated by his companys new control over his Internet use [MOUSE CLICK] and decides to visit Edge Corps main competitor Cisco to look for a job. [MOUSE CLICK]
Hello again, Bob Kent As valued member of staff, we want to make sure you are happy here at Edge Corp. If you would like an interview with HR to discuss your role, please email me. Best Regards, Lucy SmithSlide 16: Edge Corp does not want its employees visiting competitors job listings, so Bob is denied yet again and is given the opportunity to meet with Human Resources to discuss his role. Internet policy often involves cross functional organizations in defining policy and reporting. Here, at Edge corp, Lucy Smith has complete reoporting from ProxySG and, in addition to the IT staff, gets analysis on who is doing what on the Internet. With ProxySG, its also easy to create exceptions to any rule, in this case, allowing Lucy Smith, the HR manager to have access to job sites so she can keep tabs on hiring practices and employee benefits at competing companies. Bob cant even go find another job. Edge Corp does not want its employees visiting competitors job listings, so Bob is denied yet again and is given the opportunity to meet with Human Resources to discuss his role. Internet policy often involves cross functional organizations in defining policy and reporting. Here, at Edge corp, Lucy Smith has complete reoporting from ProxySG and, in addition to the IT staff, gets analysis on who is doing what on the Internet. With ProxySG, its also easy to create exceptions to any rule, in this case, allowing Lucy Smith, the HR manager to have access to job sites so she can keep tabs on hiring practices and employee benefits at competing companies. Bob cant even go find another job.
http://messages.yahoo.com/?action=q&board=fSlide 17: Its lunch time and Bob visits the Yahoo Finance pages for his favorite stock Ford (F). [MOUSE CLICK] Bob clicks on the option to post a message [MOUSE CLICK] Its lunch time and Bob visits the Yahoo Finance pages for his favorite stock Ford (F). [MOUSE CLICK] Bob clicks on the option to post a message [MOUSE CLICK]
I work for Toyota. Rumor here is that we are going to merge with Ford in 30 days.Slide 18:Public message boards and instant messaging communications are often open doors in organizations to leak confidential information. Right now though, Bob is not looking to leak information. Hes looking to do a little day trading to supplement his income from Edge Corp. [MOUSE CLICK] So,we see him here going to Ford Motor CO. Bob tries to post a message to the Ford stock bulletin board from his office system spreading rumors hoping to influence the stock price. [MOUSE CLICK] however ProxySG enforces Edge Corps AUP by stopping the action and updates Bob on acceptable use. Proxy SG uses method level controls to identify bob doing a post within HTTP. So, here is another example of layered policy, where ProxySG controls the HTTP post to a specific URL by a specific user Bob Kent. The IT Manager at Edge Corp couldnt just block all HTTP posts. They have several other employees who use posts to fill out web forms, register for seminars, etc activities that are appropriate. Public message boards and instant messaging communications are often open doors in organizations to leak confidential information. Right now though, Bob is not looking to leak information. Hes looking to do a little day trading to supplement his income from Edge Corp. [MOUSE CLICK] So,we see him here going to Ford Motor CO. Bob tries to post a message to the Ford stock bulletin board from his office system spreading rumors hoping to influence the stock price. [MOUSE CLICK] however ProxySG enforces Edge Corps AUP by stopping the action and updates Bob on acceptable use. Proxy SG uses method level controls to identify bob doing a post within HTTP. So, here is another example of layered policy, where ProxySG controls the HTTP post to a specific URL by a specific user Bob Kent. The IT Manager at Edge Corp couldnt just block all HTTP posts. They have several other employees who use posts to fill out web forms, register for seminars, etc activities that are appropriate.
http://by1fd.bay1.hotmail.msn.com/cgi/hmhome?curmbox=f000000001&a=be193d5af10ba083db9aaa48d79de108&fti=yesSlide 19:Well, with so many of Bobs normal activities now off limits, Bob decides to visit his personal web-mail account HotMail on MSN. Now, most of you probably have some sort of Web virus scanning on your corporate (SMTP based) email, but what about personal Web (HTTP) mail? People like Bob use services like Hotmail, Yahoo Mail and others specifically to circumvent SMTP virus scanning and he accesses these services during the workday using Edge Corp resources. An integrated solution from Blue Coat and our partners Symantec and Trend provides the performance Edge Corp needs for real-time virus scanning of HTTP content. Today though, Bob is not going to download a virus via web mail. [MOUSE CLICK] Instead, he uses personal Web mail to send a message and a confidential file to a friend of his. [MOUSE CLICK] Well, with so many of Bobs normal activities now off limits, Bob decides to visit his personal web-mail account HotMail on MSN. Now, most of you probably have some sort of Web virus scanning on your corporate (SMTP based) email, but what about personal Web (HTTP) mail? People like Bob use services like Hotmail, Yahoo Mail and others specifically to circumvent SMTP virus scanning and he accesses these services during the workday using Edge Corp resources. An integrated solution from Blue Coat and our partners Symantec and Trend provides the performance Edge Corp needs for real-time virus scanning of HTTP content. Today though, Bob is not going to download a virus via web mail. [MOUSE CLICK] Instead, he uses personal Web mail to send a message and a confidential file to a friend of his. [MOUSE CLICK]
Heres an Interesting file. Take a look. http://by1fd.bay1.hotmail.msn.com/cgi/hmhome?curmbox=f000000001&a=be193d5af10ba083db9aaa48d79de108&fti=yesSlide 20:As he writes a quick email he thinks perhaps this is not monitored and it sure provides a nice backdoor for information to be sent outside of the company. [MOUSE CLICK] He attaches the Edge Corp XLS file [ MOUSE CLICK]As he writes a quick email he thinks perhaps this is not monitored and it sure provides a nice backdoor for information to be sent outside of the company. [MOUSE CLICK] He attaches the Edge Corp XLS file [ MOUSE CLICK]
12:44 http://by1fd.bay1.hotmail.msn.com/cgi-bin/doattach BKent2003@hotmail.comSlide 21:As Bob selects the file attachment and clicks on OK, he is advised that the AUP does not allow file attachments being sent with web-mail accounts, the action is blocked, and he learns that unlimited access to web-mail sites is not allowed. As Bob selects the file attachment and clicks on OK, he is advised that the AUP does not allow file attachments being sent with web-mail accounts, the action is blocked, and he learns that unlimited access to web-mail sites is not allowed.
Windows Media Player Plays your digital media including music, videos, CDs, DVDs and Internet Radio 1:45
Slide 24:Bob hasnt had much success doing what he wants to do with his browser or IM client. So, Bob decides to watch a little streaming media entertainmentBob hasnt had much success doing what he wants to do with his browser or IM client. So, Bob decides to watch a little streaming media entertainment
1:46Slide 25:But again, Edge corp has enforced policy around streaming media use due to its capability of hogging bandwidth often causing performance problems for legitimate business applications. With ProxySG, Edge Corp can invoke specific policies for streaming media based on the origin site or user, and limit how much bandwidth can be used for streaming media.But again, Edge corp has enforced policy around streaming media use due to its capability of hogging bandwidth often causing performance problems for legitimate business applications. With ProxySG, Edge Corp can invoke specific policies for streaming media based on the origin site or user, and limit how much bandwidth can be used for streaming media.
Launch Kazaa 1:52Slide 26:Bob is new to P2P file sharing, and hes anxious to build up his personal library of music. If he cant stream his favorite music,why not just download the file to his computer? Hed rather use Edge Corps unlimited bandwidth and storage resources than his own resources at home. He loaded the KaZaa P2P software on his desktop last week .so he clicks on the Kazaa application in his task bar Bob is new to P2P file sharing, and hes anxious to build up his personal library of music. If he cant stream his favorite music,why not just download the file to his computer? Hed rather use Edge Corps unlimited bandwidth and storage resources than his own resources at home. He loaded the KaZaa P2P software on his desktop last week .so he clicks on the Kazaa application in his task bar
1:52 DisconnectedSlide 27:But again, Edge Corp has invoked comprehensive policies that control users like Bob Kent who already have the P2P software on their computers. With this slpash screen, Edge Corp communicates company policy on P2P to Bob, and warns him to uninstall the P2P client from his computer. ProxySG also stops additional users from being able to access and download P2P software sites, and gives Edge corp the added control of blocking all P2P file transfers except those file transfers from internal sites. P2P can hog network bandwidth, impact user productivity and create legal liability risk.But again, Edge Corp has invoked comprehensive policies that control users like Bob Kent who already have the P2P software on their computers. With this slpash screen, Edge Corp communicates company policy on P2P to Bob, and warns him to uninstall the P2P client from his computer. ProxySG also stops additional users from being able to access and download P2P software sites, and gives Edge corp the added control of blocking all P2P file transfers except those file transfers from internal sites. P2P can hog network bandwidth, impact user productivity and create legal liability risk.
Launch Internet Explorer Browser Finds and displays information and Web sites on the Internet 2:04Slide 28:Back to his desktop.. Bob decides what to work on next. [Click]Back to his desktop.. Bob decides what to work on next. [Click]
http://www.hotmail.comSlide 29:Its been awhile since hes checked his personal Web email box. [Note: Its useful in a larger crowd to ask the sidebar question: How many of you have personal Web email accounts with Hotmail or Yahoo! Mail ? Several will raise their hands. Then respond with the matter-of-fact statement: and all of you likely access that email box once or twice a day from the office.] Well, Bob is no different. He goes to Hotmail ..Its been awhile since hes checked his personal Web email box. [Note: Its useful in a larger crowd to ask the sidebar question: How many of you have personal Web email accounts with Hotmail or Yahoo! Mail ? Several will raise their hands. Then respond with the matter-of-fact statement: and all of you likely access that email box once or twice a day from the office.] Well, Bob is no different. He goes to Hotmail ..
Hi Bob Kent, Edge Corp employees are permitted to access personal, Web-based email accounts. However, all file attachments will be scanned and infected files deleted. CLICK HERE TO CONTINUE Any IT problems, please email IT Support Desk or call extension 2875 IP address: 10.150.1.130 Date February 20, 2004 Time: 2:05 pm CLICK HERE TO CONTINUE 10:46 http://www.mysite.com/?comply://www.hotmail.comSlide 30: .and is told that he is allowed to access personal Web mail accounts, but that all attachments are scanned and infected files deleted. He acknowledges the policy and clicks to continue .and is told that he is allowed to access personal Web mail accounts, but that all attachments are scanned and infected files deleted. He acknowledges the policy and clicks to continue
Bob_kent@hotmail.com Joan_smith@yahoo.com Funny email from Jack R. Mar 31 29KB Youvewon@Vacations.com Win A Trip for Two To Hawaii Mar 31 768KB Hotmail Staff Increase your email capacity Mar 30 1KB KJT607web@zwallet.com Heres Your File! Mar 30 29KB Sam Johnson Did you see the game last night? Mar 30 7KB Cassandra Love Call Me. Mar 30 540KB Joan_smith@yahoo.com Dinner with Peg and Alan on 4th? Mar 30 29KB Mary Smith Did you call mom and dad about photos? Mar 29 19KB Kyle Lissabet Win a free computer. Mar 29 760KB http://www.hotmail.comSlide 31:Bob glances through his inbox. He sees an interesting email .Win a Trip to Hawaii. Bob feels he is due for a vacation for all the hard work hes been doing lately at Edge Corp. He clicks on the email Bob glances through his inbox. He sees an interesting email .Win a Trip to Hawaii. Bob feels he is due for a vacation for all the hard work hes been doing lately at Edge Corp. He clicks on the email
Joan_smith@yahoo.com Funny email from Jack R. Mar 31 29KB Youvewon@Vacations.com Win A Trip for Two To Hawaii Mar 31 768KB Hotmail Staff Increase your email capacity Mar 30 1KB KJT607web@zwallet.com Heres Your File! Mar 30 29KB Sam Johnson Did you see the game last night? Mar 30 7KB Cassandra Love Call Me. Mar 30 540KB Joan_smith@yahoo.com Dinner with Peg and Alan on 4th? Mar 30 29KB Mary Smith Did you call mom and dad about photos? Mar 29 19KB Kyle Lissabet Win a free computer. Mar 29 760KB Youvewon@Vacations.com March 31, 2004 2:35 pm Bob_kent@hotmail.com Win A Trip for Two To Hawaii Free_trip.pif Bob_Kent@hotmail.com, Youve won a free trip to Hawaii. Download the Attached claim form to register and win your trip ! Bob_kent@hotmail.com http://www.hotmail.comSlide 32:Sure enough Bob thinks he as won a trip. Blindly following the instructions in the email, Bob goes to download the attachment from the unknown source.Sure enough Bob thinks he as won a trip. Blindly following the instructions in the email, Bob goes to download the attachment from the unknown source.
Joan_smith@yahoo.com Funny email from Jack R. Mar 31 29KB Youvewon@Vacations.com Win A Trip for Two To Hawaii Mar 31 768KB Hotmail Staff Increase your email capacity Mar 30 1KB KJT607web@zwallet.com Heres Your File! Mar 30 29KB Sam Johnson Did you see the game last night? Mar 30 7KB Cassandra Love Call Me. Mar 30 540KB Joan_smith@yahoo.com Dinner with Peg and Alan on 4th? Mar 30 29KB Mary Smith Did you call mom and dad about photos? Mar 29 19KB Kyle Lissabet Win a free computer. Mar 29 760KB Youvewon@Vacations.com March 31, 2004 2:35 pm Bob_kent@hotmail.com Win A Trip for Two To Hawaii Free_trip.pif Bob_Kent@hotmail.com, Youve won a free trip to Hawaii. Download the Attached claim form to register and win your trip ! Bob_kent@hotmail.com http://www.hotmail.com Free_trip.pifSlide 33:Sure, Windows gives the standard warning that some files may be harmful. But Bob disregards the message and selects open. Fortunately, Blue Coat solutions scan Web content such as attachments that come in through personal Web mail accounts which bypass existing email virus scanning infrastructures (SMTP-based email). Sure, Windows gives the standard warning that some files may be harmful. But Bob disregards the message and selects open. Fortunately, Blue Coat solutions scan Web content such as attachments that come in through personal Web mail accounts which bypass existing email virus scanning infrastructures (SMTP-based email).
http://www.sillysmilies.com Hello, Bob Kent This is a message from the IT department. Your PC has just tried to send information to a known spyware site: www.gator.com We have blocked the spyware from sending your personal information out of the organization (using our Proxy appliance), however your PC will run more slowly until the spyware is removed. We are about to redirect you to the spyware removal software to remove this and any other spyware from your PC, please click HERE to start. For more help, email IT Support Desk or call extension 2875Slide 35:ProxySG can recognize the spyware sites from URL filtering database. It can tell when a user is sending information out to those sites and open a pop-up window on the users PC to warn them. It can also block the sending of information to those sites. The user can then be redirected (as shown here) to the Spyware removal software or just told the link, if you prefer. The IT reporting tools can log the access, including the IP address of the PC infected and the user logged on at the time. ProxySG can recognize the spyware sites from URL filtering database. It can tell when a user is sending information out to those sites and open a pop-up window on the users PC to warn them. It can also block the sending of information to those sites. The user can then be redirected (as shown here) to the Spyware removal software or just told the link, if you prefer. The IT reporting tools can log the access, including the IP address of the PC infected and the user logged on at the time.
http://www.google.comSlide 36:Bob decides to visit Google. He really enjoys the Google image library. Lots of pictures many of them inappropriate for the workplace. [mouse click] Bob selects the Advanced Image Search button which allows him to set his own personal preferences for the images he will access via google. [mouse Click] He selects no filtering and types in the word breast. Bob decides to visit Google. He really enjoys the Google image library. Lots of pictures many of them inappropriate for the workplace. [mouse click] Bob selects the Advanced Image Search button which allows him to set his own personal preferences for the images he will access via google. [mouse Click] He selects no filtering and types in the word breast.
breast http://www.google.com/advanced_image_search?hl=en http://www.google.com/images?as_q=breast&svnum=10&hl=en&i=Google+Search&as_epq=&as_oq=&as_eq=&imgsz=&as_filetype=&imgc=&as_sitesearch=&safe=activeSlide 37:Bob is surprised at the results. Not what he was expecting. Notice that Edge Corp uses ProxySG to allow safe searching in Google, Yahoo and other search engines. Edge Corp is able to rewrite the URL to include a safe search preference which always overrides the preferences set by Bob.Bob is surprised at the results. Not what he was expecting. Notice that Edge Corp uses ProxySG to allow safe searching in Google, Yahoo and other search engines. Edge Corp is able to rewrite the URL to include a safe search preference which always overrides the preferences set by Bob.
Launch Microsoft OutLook 2:15
Slide 39:Bob attempts to get back to his email. But finds more distractions. Edge Corp anti spam and email AV dont stop access to embedded URLs within Bobs email that pull objects including inappropriate content - from the Web. Here Bob is reviewing his email in Outlook and quickly finds that graphic files are stripped when active content controls use HTTP to retrieve web based images in Outlook. An acceptable use for this technology is company stationary or URL links for company logos in email that are dynamically loaded upon preview or viewing mode. However the inverse is true with todays SPAM messages taking advantage of the preview window in Outlook to load web content just like a browser one reason a child should not openly view email without filtering as well as Bob at work looking for adult content. Bob attempts to get back to his email. But finds more distractions. Edge Corp anti spam and email AV dont stop access to embedded URLs within Bobs email that pull objects including inappropriate content - from the Web. Here Bob is reviewing his email in Outlook and quickly finds that graphic files are stripped when active content controls use HTTP to retrieve web based images in Outlook. An acceptable use for this technology is company stationary or URL links for company logos in email that are dynamically loaded upon preview or viewing mode. However the inverse is true with todays SPAM messages taking advantage of the preview window in Outlook to load web content just like a browser one reason a child should not openly view email without filtering as well as Bob at work looking for adult content.
Slide 40:User Experience Summary
Bob is considered a good guy at the office Every browser click has an affect on your business Reducing Bob-like actions is the job of ProxySG ProxySG provides the ability to: Advise Bob on Acceptable Use Policies Coach Bob on best practices and time allocations Enforce policy to control viruses, spyware, legal liabilities, adverse bandwidth use & reduced productivity We showed several examples of how you can keep good employees from doing bad things on the Internet. Whether you want to use ProxySG just to monitor and gain visibility into what your users are doing over your Internet connection, or you want to completely lock it down like Edge Corp does, its your decision. Many of you help define and enforce the Internet AUP that is right for your organization - we provide you the solution to do what is right for your organization. Three important actions from ProxySG should be noted from this user experience they are the value of advising, coaching and enforcing your AUP everyday on your network.. Keeping the good guys good is the challenge as Internet content grows and new capabilities like IM and P2P expand the opportunity for your business. The threats, liabilities and productivity losses associated with the Internet are significant - they require you to be able to granularly control them, allowing the productive aspects of the Internet to contribute to your companys bottom line. We showed several examples of how you can keep good employees from doing bad things on the Internet. Whether you want to use ProxySG just to monitor and gain visibility into what your users are doing over your Internet connection, or you want to completely lock it down like Edge Corp does, its your decision. Many of you help define and enforce the Internet AUP that is right for your organization - we provide you the solution to do what is right for your organization. Three important actions from ProxySG should be noted from this user experience they are the value of advising, coaching and enforcing your AUP everyday on your network.. Keeping the good guys good is the challenge as Internet content grows and new capabilities like IM and P2P expand the opportunity for your business. The threats, liabilities and productivity losses associated with the Internet are significant - they require you to be able to granularly control them, allowing the productive aspects of the Internet to contribute to your companys bottom line.
Slide 41:In Control with Blue Coat
Keep good employees from doing bad things on the Internet Everything web leads to increased risks Blue Coat is #1 proxy appliance leader (IDC) Custom, object based OS with caching enables wire-speed performance Shipped more than 20,000 proxy appliances worldwide Do you know what your users are doing on the network? Find out with a Web Traffic Assessment Plus learn more about Spyware prevention summarize summarize
Slide 42:The Business of IT
Applications Delivered over the Network Experienced by Users And Keep it Fast and Safe too!
Slide 43:The Power of the Proxy
Anecdotes USAF, SaudiAnecdotes USAF, Saudi
Slide 44:Real World Power of the Proxy
Problems Lack of Security and Control of Internet Use Server overload in Data Center Poor to unusable application performance in branch office Retail Branches Headquarters Switch Switch Router Router Router Switch Router Firewall Internet Internal Network Retail Branches Real example of a webified business Over 250 web based applications Customer Facing Partner Exchanges Employee Tools Streaming / e-mail / file / JAVA / XML / etc., (virtually anything Web enabled) Application Servers
Slide 45:ProxySG Protect. Control. Accelerate.
TechnologyPartners On-Proxy URL Filtering Web Anti-Virus Anti- Spyware Services IM, Streaming & P2P Control Reverse Proxy ProxyAV The ProxySG architecture consists of the following: Purpose-built custom operating system (SGOS) Secure, high-performance foundation built for web-objects with caching and enterprise reliability Secure Proxy with integration across multiple simultaneous authentication systems, and customizable logging options LDAP, RADIUS, NTLM, AD, 2-factor, etc. Transparent proxy implementation no changes required to clients Only proxy vendor to provide encrypted credentials acquisition for users and admins Policy Process Engine (PPE) that interprets policy to know who, what and when to control Leverages cache of approved or scanned content Advises, coaches and enforces acceptable use policies Security Services for todays content issues with the ability to expand Content Filtering on ProxySG has a lower TCO, increased performance with cached content, and granular policy controls Web Virus Scanning on ProxySG has a 10x performance improvement and lower TCO than software based solutions IM Control provides enterprise granular policy control for all leading IM vendors (AIM, MSN, Yahoo!) Peer-to-Peer file sharing blocking of traffic and client downloads Pop-Up ad blocking with the ability to accept use for enterprise applications (ex. Outlook Web Access) Technology Partners for a best in class choice of leading vendors Nine Content Filtering URL databases run on-proxy Virus Scanning ProxyAV with McAfee, Kaspersky, Sophos or Panda AV engines Integrated purpose built hardware appliances Performance, Scalability, Ease of management Enterprise Policy Management Policy administration (GUI or CLI), multiple appliance management Director, enterprise Reporter The ProxySG architecture consists of the following: Purpose-built custom operating system (SGOS) Secure, high-performance foundation built for web-objects with caching and enterprise reliability Secure Proxy with integration across multiple simultaneous authentication systems, and customizable logging options LDAP, RADIUS, NTLM, AD, 2-factor, etc. Transparent proxy implementation no changes required to clients Only proxy vendor to provide encrypted credentials acquisition for users and admins Policy Process Engine (PPE) that interprets policy to know who, what and when to control Leverages cache of approved or scanned content Advises, coaches and enforces acceptable use policies Security Services for todays content issues with the ability to expand Content Filtering on ProxySG has a lower TCO, increased performance with cached content, and granular policy controls Web Virus Scanning on ProxySG has a 10x performance improvement and lower TCO than software based solutions IM Control provides enterprise granular policy control for all leading IM vendors (AIM, MSN, Yahoo!) Peer-to-Peer file sharing blocking of traffic and client downloads Pop-Up ad blocking with the ability to accept use for enterprise applications (ex. Outlook Web Access) Technology Partners for a best in class choice of leading vendors Nine Content Filtering URL databases run on-proxy Virus Scanning ProxyAV with McAfee, Kaspersky, Sophos or Panda AV engines Integrated purpose built hardware appliances Performance, Scalability, Ease of management Enterprise Policy Management Policy administration (GUI or CLI), multiple appliance management Director, enterprise Reporter
Slide 46:Complete Range of Proxy Appliances
ProxySG 400 Series ProxySG 800 Series ProxySG 8000 Series Performance Remote Offices Up to 250 users 100-2000 users 1000 - 50,000+ users WAN Throughput ConnectedUsers Up to 15Mbps 15Mbps-80Mbps 80Mbps -300+ Mbps Corporate Headquarters ProxySG 200 Series Blue Coat provides you a range of proxy appliances to support smaller branch offices on up to the largest enterprise implementations. Each is based on our custom operating system, SGOS, meaning the same comprehensive set of functionality for controlling Web communications is provided in each platform. And, each enables the granular policy enforcement demonstrated today along with wire speed performance with very little maintenance and virtually no patching. Name drop: The entire country of Saudi Arabia is granted Internet access through our proxy appliances. [NOTE: Use Other customers that you are familiar with eg, CompUSA, US Air Force, etc] Blue Coat provides you a range of proxy appliances to support smaller branch offices on up to the largest enterprise implementations. Each is based on our custom operating system, SGOS, meaning the same comprehensive set of functionality for controlling Web communications is provided in each platform. And, each enables the granular policy enforcement demonstrated today along with wire speed performance with very little maintenance and virtually no patching. Name drop: The entire country of Saudi Arabia is granted Internet access through our proxy appliances. [NOTE: Use Other customers that you are familiar with eg, CompUSA, US Air Force, etc]
Slide 47:Thank You!