Monday, 06 April 2009 19:03

Websense Secures Web 2.0

Web pages are not the static entities they once were; neither are they solely comprised of material sourced from within the publishing organisation.  For threat-detection systems, this can be a problem.

Today Websense announces the V10000.  Based on what is essentially off-the-shelf hardware, this 1U device is designed to protect the organisation from a whole new style of threat brought by the impact of Web 2.0 technologies.

In the old Web 1.0 days, websites were essentially static - their content derived from well-defined sources within a single organisation.  This is no longer the case.  Mashups and other indirect construction techniques mean that a Web 2.0 site might be composed of content from any number of sources.

Some of those sources might host malware.

Consider a simple case – iGoogle for instance.  There are an endless supply of gadgets which may be joined together to form a personalised interface.  Few, if any are under Google's control.

This means that simplistic identification of unsafe sites by name alone is no longer enough.

The Websense V10000 takes a much more proactive position when it comes to such sites – each sub-component is analysed separately and, potentially, only 5 of the 8 gadgets on some mashup site will be delivered to the user.

This device also takes on the features of previous Websense devices, permitting time-sensitive access to certain categories of site (shopping or travel sites for instance) and banning others outright.

"Effective protection in today's Web 2.0 world requires the ability to analyse Web content in real-time to recognize threats and inappropriate content 'on the fly,' even content never before classified," said John McCormack, senior vice president of product development.  "The Websense V10000 secure Web gateway appliance leverages our unprecedented visibility into the threat environment to deliver more effective protection from inbound threats and outbound data loss."

That's right, it can also analyse outbound data.  Not just phone-home type traffic, but also employee messages which might indicate non-approved activity.

The V10000 takes advantage of a simple hardware platform by offering innovative software. 

Taking advantage of advanced virtualisation technology, the device is able to run multiple web security applications concurrently.  This means that as the requirements grow, additional hardware may be added and some of the functionality migrated.  Additionally, as new functionality is developed, deployment is simple.

Devin Redmond, Websense's Vice President of Business Development, told ITWire that a single device can handle a continuous stream of around 200Mbit/sec.  This can be much higher in a multiple device environment where there might be a 1-to-1 match between hardware and security modules.

The system has these features:

Secure Web Gateway to classify dynamic Web content and identify and protect against Web 2.0 security risks, in real time.

Application protocol control to provide check-box management for more than 125 application protocols to reduce risk security risks. For example, application protocol control helps prevent spyware "phone home" conversations and other outbound threats.

The V10000 includes the Websense Web proxy and cache to inspect, optimize and control Web traffic.  This adds the native ability to inspect and manage SSL encrypted Web communications.

Built-in extensibility for future-proofed security-- The architecture of the V10000 includes advanced virtualization technology to deliver built-in extensibility and support for additional Websense security solutions.

The V10000 is priced at $US16,000 (Australian pricing is yet to be made available) and will be available in the latter half of April.  Visit the website for more information.

WEBINAR event: IT Alerting Best Practices 27 MAY 2PM AEST

LogicMonitor, the cloud-based IT infrastructure monitoring and intelligence platform, is hosting an online event at 2PM on May 27th aimed at educating IT administrators, managers and leaders about IT and network alerts.

This free webinar will share best practices for setting network alerts, negating alert fatigue, optimising an alerting strategy and proactive monitoring.

The event will start at 2pm AEST. Topics will include:

- Setting alert routing and thresholds

- Avoiding alert and email overload

- Learning from missed alerts

- Managing downtime effectively

The webinar will run for approximately one hour. Recordings will be made available to anyone who registers but cannot make the live event.



Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.


David Heath

David Heath has had a long and varied career in the IT industry having worked as a Pre-sales Network Engineer (remember Novell NetWare?), General Manager of IT&T for the TV Shopping Network, as a Technical manager in the Biometrics industry, and as a Technical Trainer and Instructional Designer in the industrial control sector. In all aspects, security has been a driving focus. Throughout his career, David has sought to inform and educate people and has done that through his writings and in more formal educational environments.



Recent Comments