Mi5 Secures Networks with Geographic Tracing of Botnet Traffic
Version 40 adds control for more than one hundred applications and protocols, including leading Instant Messaging, Peer-to-Peer, Voice over IP, streaming media, and other enterprise applications. In addition, 4.0 can trace the geographic location of Botnet traffic entering and leaving the network; provides centralized management, policy enforcement, and reporting across multiple devices; and enables new flexible deployment options through ICAP and UFP protocol support.
According to Gartner, Inc., "A Secure Web gateway (SWG) is a solution that filters unwanted software/malware from user-initiated Web/Internet traffic and enforces corporate and regulatory policy compliance. To achieve this goal, SWGs must, at a minimum, include URL filtering, malicious-code detection and filtering, and application controls for popular Web-based applications, such as instant messaging (IM)..."
To control web use and provide 100 percent coverage against web threats, Webgate now monitors, controls, and blocks over hundred web applications and protocols including all leading IM, P2P, VoIP, remote access, streaming media, database, gaming, e-mail/groupware, and file transfer products and tools. Webgate provides granular access and usage management capabilities including the ability to:
- Control activity by specific application and application category
- Monitor, allow, and block applications and downloads using application fingerprints
- Scan IM file downloads for malware or block all IM downloads
- Set and enforce identity-based policies organization-wide, at the departmental level, or by user, IP address, and Subnet
To detect compromised end-points inside the organization, Webgate inspects all web streams entering, leaving and circulating inside the network. This 360 degree perspective enables Webgate to automatically identify and shut down Botnet-hijacked machines.
Webgate 4.0 introduces new Geolocation capabilities that pinpoint the name and geographic origin of attacks for assessing their severity. Webgate Geolocation integrates with Google Maps and provides additional threat data to shed light on the source of botnet command and control infrastructures. This capability also assists organizations when reporting attacks to law enforcement agencies.
For automated configuration, policy management, monitoring, and reporting across multiple Webgate appliances, Mi5 Networks is introducing two dedicated Central Intelligence (CI) units: the CI-10 and CI-100. From the CI user interface, administrators can centrally manage all the Webgate appliances in their organization with the click of a mouse.
Users can create, change, and apply security policies; monitor global network activity and drill down into regions, locations, departments, users, etc.; and access the rich reporting database. CI-10 models can manage up to 10 devices in a 1U form factor. CI-100 units can manage up to 100 Webgate devices in a 2U form factor, and are equipped with redundant power supplies and disks.
To easily adapt to existing network topologies and provide organizations with an even more flexible set of deployment options, Webgate now supports ICAP and UFP protocols, which are used by over 75 vendors. For example, this capability enables customers to backhaul traffic from Juniper, Check Point and other firewalls at remote sites such as retail stores, branch offices, etc., to Webgate appliances at corporate or regional headquarters.