Slide 1

Download Report

Transcript Slide 1 

McAfee SaaS Web Protection
Introduction
Rodman Ramezanian
Sales Engineer
July 7, 2015
Agenda
SaaS Web Protection
•
Features
•
Overview
Access Control Types
•
IP Range Authentication
•
Explicit User Authentication
•
WDS Connector
•
McAfee Client Proxy
Product Demonstration
2
Malware Continues to Grow…
New Malware Samples
14,000,000
12,000,000
New malware
samples grew 22%
from Q4’13 to Q1‘14
10,000,000
8,000,000
2013 new malware
sample discoveries
increased by almost
50% over 2012
6,000,000
4,000,000
2,000,000
0
Q1
Q2
Q3
Q4
Q1
Q2
Q3
Q4 Q1
Q2
Q3
Q4
Q1
2011 2011 2011 2011 2012 2012 2012 2012 2013 2013 2013 2013 2014
Malware continues to grow and get more sophisticated…
3
Source: McAfee Labs ,2014
McAfee SaaS Web Protection
Cloud-based service
• Faster to deploy, less expensive to own
• Zero-footprint, Always-on security for HTTP and HTTPS
URL filtering based on Trusted Source categories (GTI)
• Remove inappropriate content, reduce distraction, optimize bandwidth
• Over 100 categories
State-of-the-art Malware removal
• Behavior and intent based code analysis
• Much more effective than signature based approaches
Mobile User Web Protection with Simple Redirection Rules
• Transparent Authentication
• Location aware with McAfee Client Proxy
Flexible rules allow for appropriate controls
• Different access based on directory users and groups
• Change restrictions based on time of day
McAfee SaaS Web Protection
McAfee Firewall
ENDPOINT ACTIONS
CONTENT
MALWARE
LOGGING
POLICY
FILTER
• Proxy Setting, PAC files,
Redirects
• VPN Backhauling
• Authentication (IP, Explicit,
Transparent)
• MCP (McAfee Client Proxy)
•
•
•
•
•
•
•
•
•
Gateway Anti-malware
Anti-virus
• Posts
Security
& Gets
Policies
Anti-spyware
• Categorize
Category
Filtering
accesses
Global
Threat Intelligence
Block/Allow
Bytes
Transferred
Lists
File• Reputation
• Threat
Access
Filtering
times available
Behavior
Analysis
• User
User/Group
level access
Management
Exploit
Detection
Zero Day Protection
(Non) Portable executable analysis
McAfee SaaS Web Protection
Malware Removal
McAfee Firewall
MALWARE
REMOVED!
MALWARE FILTER
User
McAfee Data Center
SAAS Web Protection
Internet
Single management console
Administrative ease-of-use
How McAfee Global Threat Intelligence
Works
Threat Intelligence Feeds
Endpoints
Appliances
Servers
Firewalls
Other feeds
& analysis
McAfee Labs
Email Reputation
Engine
File Reputation
Engine
Web Reputation
Engine
Network Reputation
Engine
Vulnerability Information
ePO
8
IPS
Firewall
Email
Web
AV
AWL
DLP
Mobile
Why McAfee is Best to Deliver GTI
The Most Robust Telemetry Data in the Market
Queries
•
•
•
•
•
•
•
2.5B Malware Reputation Queries/Month
20B Email Reputation Queries/Month
75B Web Reputation Queries/Month
2B IP Reputation Queries/Month
300M IPS Attacks/Month
100M Ntwk Conn Rep Queries/Month
100+ BILLION QUERIES
Nodes
•
•
•
•
•
Malware: 40M Endpoints
Email: 30M Nodes
Web: 45M Endpoint and Gateway Users
Intrusions: 4M Nodes
100+ MILLION NODES, 120 COUNTRIES
9
July 7, 2015
McAfee SaaS Web Protection
Protection for Mobile Workers
• McAfee Client Proxy:
• Transparent authentication and redirection of web traffic to:
– McAfee SaaS Web Protection, on-prem Web Gateway or other proxy
• Location aware – passive if on network or connected by VPN
• Tamper-proof
• Configuration and deployment flexibility
– ePO
– McAfee SaaS Web Protection
• SaaS console
• 3rd-party deployment solutions
• Supports Windows OS
10
July 7, 2015
McAfee SaaS Web Protection
Protection for Mobile Workers
• IP Range Authentication:
• Specify up to 100 Public IP addresses within defined range
• Denied access if IP address is not contained within defined range
• No need to create individual user accounts in the control console
• Requires minimal setup:
– No installation required
– Implemented seamlessly
11
July 7, 2015
McAfee SaaS Web Protection
Protection for Mobile Workers
• Explicit User Authentication :
• User accounts are required to be made into control console
• When the user opens a web browser, a pop up is opened, asking for
Login ID & Password
• “Remember Me” option available
• Logged in explicitly
• We know who they are
• Have username
• Obtain user details/reports
12
July 7, 2015
McAfee SaaS Web Protection
Protection for Mobile Workers
• WDS Connector:
• User accounts are required to be made into control console
• Works with Active Directory to validate users
• Benefit of retrieving & using the user’s AD credentials, so no new
credentials need to be created for him/her
• Create user level reports (user info is available)
• Can apply customized schedule-based policies
13
July 7, 2015
Deployments Made Simple
McAfee Client Proxy – On Network
Corporate Office
Web Gateway
Appliance
?
Internet
Browser
MCP
Passive
14
July 7, 2015
Deployments Made Simple
McAfee Client Proxy – Off Network
Corporate Office
On-Network
Web Gateway
?
Off Network
?
Internet
Browser
MCP
Active
15
McAfee Data Center
SaaS Web Protection
July 7, 2015
Deployments Made Simple
McAfee Client Proxy off-network with a captive portal (eg. Hotel)
Corporate Office
Login
User Name
**********
On-Network
Web Gateway
?
Off Network
?
Internet
Browser
MCP
Active
16
McAfee Data Center
SaaS Web Protection
July 7, 2015