Professional Documents
Culture Documents
Web Security:
A Buyer’s Guide
© 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco confidential. For channel partner use only. Not for public distribution. (1110R)
Web Security: A Buyer’s Guide
Buyer’s Criteria for Web Security • Analysis by the Cisco® Talos Security Intelligence and Research Group and Cisco
Collective Security Intelligence (CSI) teams
When evaluating web security solutions, organizations should assess the following criteria to • Identification of malware based on what it does, not what it looks like, allowing
ensure they will receive the deeply layered protection needed to defend their business from detection of even the newest zero-day attacks
today’s advanced threats and targeted attacks: • Cisco Advanced Malware Protection (AMP) to provide deeper visibility, control,
and retrospection
• Big data analytics and collective global security intelligence
• Reputation filtering
• Real-time malware scanning
Cisco Web Security Integration with Threat Intelligence
• Web usage controls Built on unmatched collective security analytics
• Application visibility and control (AVC)
Threat
I00II I0I000 0110 00 I00I III0I III00II 0II00II I0I000 0110 00 I00I III0I III00II 0II00II I0I000 0110 00 Research
• Data loss prevention (DLP) Intelligence I00I III0I III00II 0II00II I0I000 0110 00
Cisco®
I00I III0I III00II 0II00II I0I000 0110 00 I00I III0I III00II 0II00II I00I
I III0I III00II 0II00II I0I000 0110 00
Talos I00I III0I III00II 0II00II I0I000
I00I III0I III00II 0II00II I0I000
0110 00 Response
Cybercriminals are building 4 new pieces Talos Cisco® Web Security Appliance (WSA)
Appliance Virtual
Sandboxing
Cognitive
Threat
www Analytics
File
Retrospection
Client
Authentication
Campus Office Branch Office Roaming User Allow Warn Block Partial Block
Advanced WSA
DLP
microapplication content
• Granular control over application usage and behavior
• Identification and classification of hundreds of the most relevant and widely used Figure 3. “Cisco Web Security: Protection, Control, and Value.”
Web 2.0 and mobile applications, such as Facebook, and more than 150,000
microapplications, such as Facebook games
© 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco confidential. For channel partner use only. Not for public distribution. (1110R)
Web Security: A Buyer’s Guide
Requirement 7:
Web Application Visibility and Control Initial Disposition = Clean
Sandboxing
Actual Disposition = Bad = Too Late!!
Not 100%
Antivirus
Even with a layered approach to web security, some sophisticated attacks will manage to get
POINT-IN-TIME Blind to
through. Continuous analysis and retrospective security are needed to identify malicious files DETECTION scope of
Analysis Stops compromise
that have so far evaded detection, and to help determine the scope of the attack so it can
quickly be contained and remediated.
Retrospective Analysis
Cisco AMP is an add-on service to Cisco web security. AMP uses the vast cloud security CONTINUOUS
X Identifies
threats after
an attack
MONITORING
intelligence networks of Talos to provide superior protection across the attack continuum—
X
Analysis Continues
before, during, and after an attack. It is the industry’s only proven zero-hour antivirus solution
that protects against new viruses in less than 60 minutes. Initial Disposition = Clean Actual Disposition = Bad = Blocked
File Reputation Captures a fingerprint of each file as it traverses the Figure 4. “Cisco Web Security: Protection, Control, and Value.”
© 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco confidential. For channel partner use only. Not for public distribution. (1110R)
Web Security: A Buyer’s Guide
For more information on the Cisco web security portfolio, visit www.cisco.com/go/web-
Deployment
security. A Cisco sales representative, channel partner, or system engineer can help you
options
Appliance Virtual Hybrid Hybrid Cloud Managed evaluate how Cisco web security solutions will meet the unique needs of your organization.
Multidevice
support
Desktop Mobile Laptop Tablet
Cisco Cloud Web Delivers a simple web security solution that does
Security (CWS) not require any additional hardware; it can function
standalone or can provide increases protection by
connecting existing network equipment to cloud-
based web security services using existing browser
settings and PAC files
© 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco confidential. For channel partner use only. Not for public distribution. (1110R)