subscribe: Daily Newsletter

 

Sophos stops users from circumventing Web filtering

0 comments

IT security and control firm Sophos has announced new key features to its
managed WS1000 web security appliance that enable organisations to keep pace
with evasive end-user tools, and the latest threats to security and
compliance.

Offered as a free and automatic upgrade, the new features include
multi-layer protection against anonymising proxies, which can be used to
avoid URL filtering controls, as well as providing HTTPS scanning and a host
of end-user enforcement and reporting improvements.
The latest research from Sophos highlights the worsening state of security
on the web. SophosLabs finds an average of one new malware-infected webpage
every five seconds – a threefold increase over 2007 – with 90% of
compromised pages being found on legitimate sites.
Exacerbating the situation for IT departments are tools such as anonymising
proxies.
Based on customer feedback, Sophos notes that this is particularly prevalent
and problematic in the education sector, where students often resist
controls and have advanced knowledge of web technologies.
In this environment, IT departments are subject to strict guidelines
designed to protect students from exposure to inappropriate or unsafe
content.
With fast, full spectrum managed threat protection – including URL-based
filtering, real-time malware scanning and content filtering – the WS1000 has
already established itself as a best-in-class solution in the marketplace
for web security.
The new features of the WS1000 include the Proxy Reputation Service. This
involves tracking the vast array of internet blogs, mailing lists and forums
that share anonymising proxy sites and services as they become available and
immediately publishing updates to the block list.
The real-time Proxy Scanner is a patent-pending detection engine that
decodes and inspects every web request for signs that the traffic is being
intentionally routed through an anonymising proxy.
HTTPS scanning enables scanning and filtering of SSL-encrypted traffic. This
has historically been a significant blind spot for security solutions. With
the addition of HTTPS scanning, Sophos can help organisations ensure that no
malware is being transferred or policies violated when communicating over
HTTPS in applications such as webmail.
Another new feature, SafeSearch Enforcement, ensures that the safe search
mode is enforced within major search engines such as Google, Yahoo! and MSN
to further protect networks from infected or inappropriate site results.
The updated WS1000 also offers enhancements to reporting.  New,
user-specific, activity reporting covers categories, sites visited and time
online and allows for behaviour tracking against acceptable use policies and
for conducting forensic audits.
"Web threat authors are one step ahead of traditional filtering solutions
leaving most businesses under-protected today," says Brett Myroff, CEO of
regional Sophos distributor, Sophos South Africa. "With the Sophos web
appliance, and in particular this latest release, organisations can reclaim
time and control over web usage and be assured they are protected against
the latest threat trends and productivity drains."