Web Threat Management
Published on Friday, 17 June 2011 13:41
Written by Scott O'Neill
Web threats today take a range of forms: phishing, malware, viruses, trojans, spyware and adware to name a few. What's different today compared to years past is that most of the time, these threats are delivered to your computer from the web (as opposed to an email, or a disk). Even if you are sent an email, it is more likely today that the threat is not attached to the email itself (email antivirus and spam filtering is pretty savvy about that) but rather as a link embedded in the email.
Think of the classic phishing email where you are enticed to click a plausible link - that link is pointing at a URI somewhere, and if it's a URI, Netsweeper can filter it! The delivery mechanism being through a URI somewhere on the web means that web filtering is now a mission-critical technology when it comes to defending your network from the host of web threats encroaching upon it.
Netsweeper Defends Your Network Against Web Threats
||Netsweeper's cloud-hosted AIs scan the content of a new URI in their own sandboxes as part of the categorization process. This allows the AI to find the web threat BEFORE it infects your network.
||The AI monitors what behaviors emerge from the URI. Is it trying to write files? Is it trying to download external files? Behavioral analysis from a URI provides information to catch new web threats.
||Netsweeper runs reputation based analysis, leveraging industry standard feeds for phishing, malware, etc.
||Netsweeper also uses a signature based engine to evaluate the URI for any files or programmatic content.
|Zero hour protection
||Based on the architecture of Netsweeper, new web threats are categorized by our AIs and immediately become added to our Master Category Name Servers, which in turn share categorization with all of the local policy servers at our customers. What this translates into is zero-hour protection for new and emerging web threats because all Netsweeper users benefit from the discovery of the threat. This happens continuously in real time (rather than relying on signature files or similar to be downloaded by your antivirus software).