Transcript Granular Social Media Controls

ContentKeeper for K-12 Education
Solution Overview
Presented by
Date
Agenda
• Next-Gen Learning Requirements
• Why ContentKeeper for K-12 Education
•
•
•
•
Advantages of the Architecture
Proven Scalability
Feature Benefits
Closed Loop Collaborative Filtering™
• Demo/Questions
2
ContentKeeper Overview
•
Corporate Headquarters: Canberra Australia
•
•
•
•
•
Solutions:
•
•
•
•
Web Productivity & Security Solutions
Summary and Detailed Reporting
Proactive Malware Detection
Market Recognition:
•
•
Founded in 1999
Customers: Over 1000 global customers
and more than 4.5 million users
• 80% Australian Federal business
• Majority of Australian Education
business
Employees: 50+ worldwide
6 International Offices
Gartner SWG Magic Quadrant recognition since 2008
Focus: Developing high speed, scalable, fault tolerant, technologically
advanced solutions for large education, government and private
organizations
Next-Gen Learning Requirements
4
Next-Gen Requirements
• CIPA Compliance
• Support Social Learning
• Granular Social Media Controls
• YouTube for Schools
• Enable Mobility for all Devices
• BYOD and 1:1 deployments
• SSL Decoding & Content Scanning
• Smarter Balance/Online Assessment
• Proactive vs. Reactive Malware
Detection
5
Why ContentKeeper for K-12 Education
6
Architecture
• Physical Layer 2 Ethernet Bridge
Internal Network Plugs in here
•
•
•
•
•
•
Internet Plugs in here
Management Port Plugs in here
Highly Secure
(The only IP Address)
Highly Scalable
Highly Available
IPv6 Support
Highly Flexible: Start with filtering, extend as desired
All traffic coming to and from the Internet
7
Proven Scalability
• Scales beyond 10Gbit/s
• Australian Statewide Education
deployment
• 550,000 endpoints
• Scalability depends on
implemented policy
• Up to 60,000 users p/box
• Virginia Beach School District
• 60,000 endpoints
8
Features & Benefits Overview
Layer 2 Ethernet bridge
CIPA Compliance
Granular Social Media Controls
BYOD Web Access Controls for all Devices
1:1 Support for Windows, iOS/OS X & Android
Full SSL Session Decoding & Inspection
Elimination of Proxy Anonymizer issues
DLP/Content Scanning
Advanced Proactive Malware Engines
Delegated Administration & Reporting
9
Granular Social Media Controls
• Set Granular Policies by User on Specific Web
2.0/Social Media Application Activities
Level 2 Controls - Facebook
• Setup a policy for each required control group
• Assign level 1 & level 2 policies as required
• Enable/Disable, Read-only, Time-of-Day
• Admin Over-ride, Block, Don’t Log
YouTube for Schools Support
Level 1 Controls (Partial list)
10
BYOD – Web Access Controls
Who are they? Authentication
What are they doing on your network?
No Client side software allowed!
All devices iPad/iPhone, Android Windows, etc.
Monitor, Manage, Control & Secure
11
BYOD – Accountability & Reporting
12
Enable Mobility
• 1:1 Initiatives/Mobile
Users
• Enforce policy to mobile
users when they are away
from your network: 3G,
Wi-Fi, Bluetooth…
• Windows, iOS/OS X &
Android
13
Full SSL / HTTPS Decoding & Filtering
14
Why Malware is an Issue
92%
Malware attacks come
from the Web Vector
Increasingly
Targeted
On
Legitimate
Websites
Attacks
Increasingly
Dynamic
54%
Attacks last less than
24 hours
45%
Companies hit by
targeted attacks
83%
Malware comes from
legitimate sites
It’s not a matter of if, it’s
a matter of when…
Source: M86 Security; Panda; Osterman
Research; CSI Study
Result:
72%
Organizations hit by
Web attacks
15
Malware Attacks: Education Beware!
•
Education #1 vertical for malware
attacks
•
•
•
February, 2013, SC Magazine Report
182% above median vertical malware
encounter rate
Why?
•
•
Signature based Anti-Virus is largely
ineffective against today’s Web threats
Students push boundaries:
• Heavy users of malware targeted
websites like social networking
• Poor password security
• Common to click on / share anything
without levels of care or awareness
compared to workers in other
industries
•
Problems with proxy avoidance
(anonymous proxies) bypass rules and
protections – exposes network to
threats
Multi-Layered Advanced Threat Protection
Web Filtering URL Database
•Malware Category / Known Infected Websites
•Constantly updated via Closed Loop Collaborative Filtering network
Streaming Malware Defense (SMD)
•High Performance, Real-Time Malware Blocking
•Signature-based recognition of known malware
Behavioral Analysis Engine (BAE)
•Browser Sandbox
•Detects JavaScript exploits, browser vulnerability exploits, proactive heuristics
Cloud Sandbox (CSB)
•Cloud-Based Analysis of Unknown Files / Applications
•Virtualized Windows environment, full execution of files, detailed forensic
reporting
Threat Isolation
•Automatic Remediation / Quarantine of Infected Endpoints
•Triggered by characteristic infected endpoint activity, administrator notification
and endpoint lockdown
17
Proactive Malware Defense Technologies
• Behavioral Analysis Engine
(BAE)
• Browser object analysis
• Detects and analyzes
obfuscated code
• Cloud Sandboxing (CSB)
• Full Windows sandboxing for
all other files
• Full forensic reporting
• Additional tools provided
such as console drag & drop
for local files & URL links
• Threat isolation
CK-Console Based Tool
18
Closed Loop Collaborative Filtering™
• Automatic Global collection with hourly URL & real-time (malware
protection) updates
• Automatic discovery of new sites & new threats
• Social Media/Web 2.0 control set/UI updates
• Automatic local & cloud based analysis
• Automatic Categorization & threat rating
• Automatic Data Center Validation
• Automatic Distribution
• Automatic Re-Categorization
• Stringent, Automatic & manual Quality Control
Globally meshed, fully automated, 24x7 operation
Over 4 million users participating
Demo/Questions?
20
Reporting Overview
• The Advanced Reporting Module
allows you to drill down and get
detailed information on Internet
use and share those reports with
who you need to…
21