New security measures for your Web gateway

William Tan, regional country manager, Thailand and Vietnam, for Blue Coat Systems

Join a community watch. Overwhelming malware threats in popular and trusted websites have changed the security-defence game. Users are now uniting into community-watch systems hosted in cloud services to protect each other. When one user detects malware in web content, his or her request updates the community watch, allowing the cloud service to protect all members. 

Change your "one against the Web" defence. On its own, your existing Web gateway cannot compete against computing grids run 24 hours a day, seven days a week by cyber criminals to find information for profit and continuously expand their reach. Signature defences and daily updates are from the dark ages. Your Web gateway should adopt a hybrid design by using community-watch services for protection in numbers, with five-minute updates. Why stand alone against Web-based threats when you can benefit from the united community defence of more than 50 million users?

Update policies created for productivity to enhance protection. If your Web gateway is more than one year old it was most likely deployed to increase user productivity by blocking objectionable and unproductive websites, thus removing the "time sink" danger of employees using the Web. However, the Web is now the leading infection point for malware, with more than 90 per cent of malware coming from trusted and popular websites. These popular sites suffer from injection attacks that lead to transparent malware downloads from unrated hosts. Most Web-gateway policies designed to increase user productivity allow access to unrated hosts, as well as allowing downloads. For better protection, Web-gateway policies need to change to block downloads from unrated hosts and sites with suspicious reputations, thus closing an access path for malware.  

Employ real-time Web-rating services. Web content is overwhelming old filtering methodologies for uniform resource locators (URLs) that use daily updates to static URL lists at customer sites. These solutions are now too late and too slow. No URL-filtering list provides a rating for all Web content, nor can URL lists keep up with frequent Web-content changes and newly published content. The update cycles across all categories every few minutes, so the old designs hit a wall.

For new Web content often seen within the two-way publishing environment the Web now provides, a real-time rating service can extend the value of a URL-filtering solution for your Web gateway. A real-time rating service also extends its value to remote users, providing on-the-fly Web-content ratings to enforce acceptable use policies at both the Web gateway and remote laptops. 

Protect your remote users. The former operational perimeters of the Web are constantly pushing outwards, and users can now access it in almost all locations, including airports, hotels, coffee shops and homes. Desktop purchases are being replaced with laptops as bands of remote users continue to increase. The network-design goal of protecting users with a Web gateway should now expand to include remote users outside the gateway. Remote-user protection should be enhanced by adding a client agent tied into a community watch from a cloud service. This will provide centralised policy management for Web-content filtering, plus malware blocking of known hosts detected by the community watch defence.