By Cat Yong
Security solutions provider, Blue Coat, finds caching continues to be useful in today’s world of hyper connectivity and instant gratification. John Yun, Blue Coat’s product marketing director for security explained, “When employees want to go to YouTube for example, instead of 100 concurrent downloads of the company video which takes up a lot of bandwidth, have it stored in a cache box for them to access.”
This beats hundreds of requests having to go to and fro between YouTube’s and a company’s servers. It saves bandwidth and time.
But caching is just one of some still very useful functions that Blue Coat has integrated into their hardware appliances. Proxy is another another key security component and in fact the Sunnyvale-based security provider have products like ProxySG and ProxyAV. According to Yun, they have gotten quite good at integrating components into their hardware appliances.
This may be somewhat of an understatement. An Infonetics Research report announced that Blue Coat leads the content security gateway Web/malware appliances, and have done so since 2006.
Yun said, “Our legacy and our claim to fame is our proxy capabilities, and we use this proxy platform to bring secured Web gateways (SWG) into customers’ networks.”
Other components like network-based antivirus, real-time analysis, and traditional URL filtering, could sit at the gateway of a campus network, and scan Internet traffic first before being allowed to go through to end users’ computers.
It sounds simple and ideally should be enough to stop any determined cybercriminal dead in their tracks. But sadly, this isn’t the case.
Yun described, “This industry changes on a daily basis. We can’t put a solution out there and expect it to be effective for the next 2 years without doing anything! It’s not like a traditional firewall.”
When zero-day isn’t good enough anymore
A lot of Blue Coat’s work revolves around blocking Web users from accidentally accessing malware via different poisoned sources like search engines or emails.
Yun said, “Our labs are constantly looking at the Web proactively to try figure out the latest trends and see how we can make our solutions up-to-date.
“It is not enough to be able to say, ‘Oh, I have anti-virus, so I am secure!’ You may be secure today, but what about next week? It’s a different story then. That’s what people need to understand – how fluid and dynamic the market really is.” A month without security incidents can be a very long time in this industry.
From Blue Coat’s point of view, proactive is the way to go. “What sets us apart from traditional security vendors is that they always look at attacks as they are happening or after they have happened. That’s how it has been for many years and what we are trying to do is be proactive about threats.”
There also exists a concept called malnet or a malware delivery network and Yun said, “It’s like the shady ‘neighbourhoods’ of the Internet, and what we realise is that a lot of attacks come from that part.
“So, we track malnets with our cloud-based Web Pulse engine – sometimes ‘neighbourhoods’ gets smaller, sometimes it gets bigger, sometimes another part of the Net becomes a little shady.” Web Pulse could be described as the cloud-based security intelligence collective which is ever growing and supports Blue Coat’s on-premise hardware appliances.
|
|
|
An ad about WebPulse on www.bluecoat.com |
Blue Coat’s Web Pulse engine tracks over 500 malnets on the Internet and the idea is to detect and block attacks before they happen, or negative-day defense. Yun explains about negative-day defense here.
In retrospect
The title of this article might/should provoke horrified reactions. Considering how much sensitive information we have on the Web, all the kinds of mischievous havoc cybercriminals are capable of wreaking, and how every day there will STILL be some cool new technology that necessitates the use of Internet connectivity and INCREASE our dependence (addiction?) upon it, it’s debilitating that we might never be more than a step ahead of criminals.
Whatever security vendors come up with, cybercriminals won’t be very far behind with sharp gnashing teeth. Uninfected servers and threats-free PCs would be the uncommon thing to expect. We can never ever be really safe.
Yun seemed to echo this sentiment, “You may feel that you have put up the latest product, but the question is: how is that product designed to keep up with the cybercriminals??
“We hope we are leading, but we understand that cybercriminals are just as innovative as security vendors. So we have to constantly innovate.”
Here’s to innovation that never ends.
(Enterprise IT News was in the Silicon Valley, California from 13th-14th September and took the opportunity to make a few visits to companies in the area. Blue Coat was one of them).
