Actu
New patent-pending technology in Sophos web appliance strengthens policy compliance and enforcement
July 2008 by Marc Jacob
IT security and control firm Sophos, announced new key features to its managed WS1000 web security appliance that enable organisations to keep pace with evasive end-user tools, and the latest threats to security and compliance. Offered as a free and automatic upgrade, the new features include multi-layer protection against anonymising proxies, which can be used to avoid URL filtering controls, as well as providing HTTPS scanning and a host of end-user enforcement and reporting improvements.
The latest research from Sophos highlights the worsening state of security on the web. SophosLabs today finds an average of one new malware-infected webpage every five seconds – a threefold increase over 2007 – with 90 percent of compromised pages being found on legitimate sites.
Exacerbating the situation for IT departments are tools such as anonymising proxies. Based on customer feedback, Sophos notes that this is particularly prevalent and problematic in the education sector, where students often resist controls and have advanced knowledge of web technologies. In this environment, IT departments are subject to strict guidelines designed to protect students from exposure to inappropriate or unsafe content.
With fast, full spectrum managed threat protection – including URL-based filtering, real-time malware scanning and content filtering – the WS1000 has already established itself as a best-in-class solution in the marketplace for web security.
The new features of the WS1000 include the Proxy Reputation Service. This involves tracking the vast array of internet blogs, mailing lists and forums that share anonymising proxy sites and services as they become available and immediately publishing updates to the block list. The real-time Proxy Scanner is a patent-pending detection engine that decodes and inspects every web request for signs that the traffic is being intentionally routed through an anonymising proxy.
HTTPS scanning enables scanning and filtering of SSL-encrypted traffic. This has historically been a significant blind spot for security solutions. With the addition of HTTPS scanning, Sophos can help organisations ensure that no malware is being transferred or policies violated when communicating over HTTPS in applications such as webmail.
Another new feature, SafeSearch Enforcement, ensures that the safe search mode is enforced within major search engines such as Google, Yahoo! and MSN to further protect networks from infected or inappropriate site results.
The updated WS1000 also offers enhancements to reporting. New, user-specific, activity reporting covers categories, sites visited and time online and allows for behaviour tracking against acceptable use policies and for conducting forensic audits.
