Solution Guide Unified Threat Management Integrated Multi-threat Guardian of Business Networks • Fast-response, Content-agnostic Anti-spam • Industry-leading Content Filtering Technology • Gateway-level Anti-virus Defense • Intrusion Prevention and Application Control
12
Embed
Integrated Multi-threat Guardian of Business Networks · Integrated Multi-threat Guardian of Business Networks ... for businesses to keep up with the changing threat landscape; ...
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Solution Guide
Unified Threat Management
Integrated Multi-threat Guardian of Business Networks
• Fast-response, Content-agnostic Anti-spam• Industry-leading Content Filtering Technology• Gateway-level Anti-virus Defense• Intrusion Prevention and Application Control
2
3
Table of ContentsOne Solution for the Most Robust Protection 4
Anti-Spam 5
Content Filtering 6
Anti-Virus 8
Intrusion Detection and Prevention 10
License 11
How Safe Is Your Network?Today, network attacks have become more sophisticated and targeted. Social networking applications have also opened up more channels for data breach than ever before. With the rise of BYOD (Bring Your Own Device), threats to business networks come from both outside and inside. It is now increasingly challenging for businesses to keep up with the changing threat landscape; and this is especially true for small- and medium-sized businesses, which do not have the staff and resources of larger corporations. Small- and medium-sized businesses need a solution that is efficient, inexpensive and provides an array of techniques to combat sophisticated network attacks.
Small- to Medium-sized BusinessesUSG 300USG 1000USG 2000
ZyXEL USG Advantages Adopted by over 450,000 companies around the world Market-proven security, performance and cost-effectiveness Industry-leading anti-virus, anti-spam and content filtering technology from Kaspersky, Commtouch and Blue Coat ICSA-certified VPN and firewall technology
One Solution forthe Most Robust ProtectionZyXEL’s Unified Security Gateways offer network security that just works. With a single ZyXEL USG, businesses get all the protection that they need. They effectively safeguard business networks from every possible threat with a wide range of security functions such as anti-virus, anti-spam, VPN, content filtering, IDP and firewall. Their all-in-one design helps businesses minimize management efforts and total cost of ownership (TCO), while maximizing network security.
ZyXEL’s high-performance Unified Security Gateways have been adopted by over 450,000 companies around the world for their robust protection, performance and cost-effectiveness. With the most comprehensive set of security features and industry-leading technology, ZyXEL’s USGs keep business networks efficient, safe and productive.
4
Small BusinessesUSG 20/20WUSG 50USG 100USG 200
Anti-Virus
USG
Firew
all
IDP
VPN
ContentFiltering
Anti-Spa
m
Certifications World-class Technology Partners
5
Anti-SpamThe number of active zombies per day ranges from 5 to 10 million, with 200,000 to 500,000 new zombies activated every 24 hours. Zombies alone produce an estimated 120 billion spam messages daily. Given the astounding volume and distribution rates of today’s spam, the importance of real-time protection cannot be overestimated.
ZyXEL Unified Security Gateways leverage Commtouch anti-spam technology to provide fast and effective protection against spam outbreaks. Commtouch’s anti-spam solution provides highly accurate detection results with real-time blocking of spam in any language or format, including image-based spam.
Commtouch Anti-Spam
Commtouch anti-spam can detect spam outbreaks in the
first few minutes of emergence. Commtouch’s Zero-Hour
Virus Outbreak Protection is based on its Recurrent Pattern
Detection (RPD) technology, which identifies spam based
on their unique distribution patterns instead of scanning
messages one at a time. This content-agnostic approach
allows for faster response times and spam detection in
IP Reputation Compiles historical and up-to-the-minute sender
reputation data from highly diverse traffic sources Identifies hundreds of thousands of new zombies daily
from over tens of millions of IP addresses Classifies billions of messages per week, in real-time
Zero-Hour Outbreak Protection Blocks or delays suspect messages hours before
commercial signatures are available Fully automated real-time solution with zero human
intervention Identifies outbreaks in any language, message format,
and encoding type
any language and format—including images, HTML, non-
English characters, single and double byte character sets, etc.
Combined with its IP reputation service, which tracks traffic
from over tens of millions of IP addresses, Commtouch’s
Detection Center in real-time. The result is instant, content-
agnostic protection from new outbreaks without any lag
in updates.
6
Content FilteringThe Internet is filled with threats to business networks. Social networking applications have provided new channels for data breach; while threats like malware, phishing and bots are constantly evolving and compromising legal websites. Businesses need an effective solution to prevent employees from surfing malicious websites unknowingly, resulting in data breach, business downtime and potential loss of money.
ZyXEL Unified Security Gateways leverage industry-leading content filtering technology from Commtouch and Blue Coat to screen access to websites that are deemed objectionable, not business related, or malicious. Commtouch and Blue Coat content filtering services feature comprehensive, cloud-based databases with field-proven speed and identification accuracy. These best-of-breed services enable ZyXEL USGs to provide business networks effective protection against ever-evolving malware, phishing and botnet traffic.
Commtouch Content Filtering
Commtouch’s content filtering solution utilizes its Data
Cloud infrastructure to provide highly relevant Web
coverage with uncompromising accuracy and zero-hour
security. With Commtouch’s solution, ZyXEL USGs can
provide real-time protection from emerging Web threats,
help businesses enforce HR regulation, and block or monitor
sites to maximize employee productivity.
Data Cloud Infrastructure Global and diversified data sources
process billions of transactions daily Massive, centralized database stores
security policies across the network more effectively and
improve employee productivity.
ZyXEL USG
8
Anti-VirusAlthough most computers in enterprises today are protected by endpoint anti-virus software, signature updates and software patches cannot keep up with the speed at which viruses and malware spread. An additional layer of anti-virus protection at the network gateway can solve these problems. Network-based anti-virus compliments existing endpoint anti-virus software and provides faster, more responsive protection against malware outbreaks.
ZyXEL Unified Security Gateways feature Kaspersky Anti-Virus (KAV) and ZyXEL Anti-Virus (ZAV) services that offer fast-response virus protection at the gateway. These anti-virus solutions feature centralized, cloud-based signature databases that provide real-time signature updates for instant protection against new threat outbreaks. Utilizing stream-based virus scanning technology, Kaspersky and ZyXEL Anti-Virus solutions inspect traffic without needing to cache incoming files. This technology enables ZyXEL USGs to deliver high-speed virus detection regardless of file size—blocking viruses before they reach computers or mobile devices in the network.
Kaspersky Anti-Virus
Kaspersky Anti-Virus features a broad database of virus,
Trojan, worm and spyware signatures, which enable ZyXEL
Unified Security Gateways to block malware threats right
at the gate. The Kaspersky Anti-Virus signature database
is updated daily, with additional “urgent” updates issued
dynamically to provide fast-response protection against
malware outbreaks. Together with ZyXEL USGs, Kaspersky
Anti-Virus provides robust anti-virus protection without
sacrificing network performance. This solution uses stream-
Unparalleled Performance High-speed scanning with hardware acceleration High throughput regardless of file size Low-latency detection during malware outbreaks Wire-speed virus scanning with stream-based anti-virus
engine
Robust Protection Efficient gateway-level defense against widespread
viruses, worms, Trojans and spyware Real-time malware statistics from Kaspersky Lab Daily and urgent signature updates for protection against
malware outbreaks
based traffic scanning technology, which, unlike traditional
anti-virus solutions, eliminates the need to cache incoming
traffic. This scanning method requires very little memory for
packet sequencing and reassembly, thereby providing high-
speed threat detection regardless of file size. With Kaspersky
throughputs and efficient gateway-level protection from
dangerous malware threats and outbreaks.
9
How It Works
When inbound network traffic passes through the ZyXEL
Unified Security Gateway, the embedded Kaspersky Anti-
Virus engine inspects the traffic at wire-speed based on
the signatures in the cloud signature database. Should
viruses, Trojans, worms or spyware be detected, the
Kaspersky Anti-Virus engine will decontaminate the traffic
before sending it to end-users. The Kaspersky Security
Network provides the cloud signature database with daily
and “urgent” signature updates (up to several times a day)
for real-time protection against malware outbreaks.
ZyXEL Anti-Virus
ZyXEL Unified Security Gateways also offer self-developed ZyXEL Anti-Virus (ZAV) services. ZyXEL Anti-Virus features stream-
based virus scanning technology and a large database of 15,000 malware signatures. Combined with existing endpoint anti-
virus software, ZyXEL Anti-Virus provides comprehensive, multilayered protection against threats.
KSN
Part
ner
Signatures
Checked tra�c
Cleaned tra�c
Unchecked tra�c
Signatures matching
Unsafe tra�c
KasperskySecurityNetwork
Internet
End-users
10
Intrusion Detection and PreventionWeb applications provide channels for data breach that are largely invisible to traditional port- and protocol-based firewalls. Many IM, P2P and social networking applications can dynamically hop ports or reuse other ports to avoid inspection and control. It is therefore a real challenge for IT staff to protect business networks from new Web threats and manage Web applications to benefit business operations.
ZyXEL Unified Security Gateways feature Intrusion Detection and Prevention (IDP) systems that compliment firewalls by providing proactive defense against Web threats and effective control over Web application usage. ZyXEL’s IDP engine can accurately inspect network activity and behavior regardless of port or protocol to provide more comprehensive protection against application exploits and granular control over Web applications.
Deep Packet Inspection
ZyXEL’s IDP engine is able to perform deep packet inspection
of multiple layers in the network by combining traffic
and protocol anomaly detection and packet inspection
technologies. ZyXEL’s traffic and protocol anomaly detection
technologies provide effective protection against unknown
attacks. They can detect traffic patterns that deviate from
common usage and violations of protocol usage against
published RFCs. ZyXEL’s packet inspection technology, on
the other hand, minimizes false positives by scanning for
attack patterns against a database of 2,500 application
and malware signatures. Scanning every packet of all
network traffic, ZyXEL’s IDP system is able to deliver more
comprehensive attack prevention for a new generation of
Web threats.
Intrusion Detection and Prevention Zone-based IDP inspection Customizable protection profiles Protection against 2,500 attacks Automatic signature updates Protocol and traffic anomaly detection and protection
Application Patrol Granular application, IM, P2P, stream base media & VoIP
access control User authentication support Supports 44 IM, P2P and common Web application
categories Real-time statistic reports
Application Patrol
Based on ZyXEL’s deep packet inspection technology, ZyXEL’s
application patrol feature provides granular control over
Web application usage. It is able to monitor and manage 44
IM, P2P and common Web application categories, and create
security policies according to application type and user
identity. With the ability to prioritize bandwidth for critical
applications and throttle or block other non-productive
apps, ZyXEL’s application patrol helps IT staff maximize the
business value of Web applications while minimizing risks.
11
LicenseModel Duration ZyXEL
Anti-VirusKasperskyAnti-Virus IDP Blue Coat
Content FilterCommtouch
Content FilterCommtouchAnti-Spam
USG 20001 year Yes Yes Yes Yes Yes Yes
2 years Yes Yes Yes Yes Yes Yes
USG 10001 year Yes Yes Yes Yes Yes Yes
2 years Yes Yes Yes Yes Yes Yes
USG 3001 year Yes Yes Yes Yes Yes Yes
2 years Yes Yes Yes Yes Yes Yes
USG 2001 year Yes Yes Yes Yes Yes Yes
2 years Yes Yes Yes Yes Yes Yes
USG 1001 year Yes Yes Yes Yes Yes Yes
2 years Yes Yes Yes Yes Yes Yes
USG 501 year Yes Yes Yes Yes Yes Yes
2 years Yes Yes Yes Yes Yes Yes
USG 201 year - - - Yes Yes Yes
2 years - - - Yes Yes Yes
USG 20W1 year - - - Yes Yes Yes
2 years - - - Yes Yes Yes
Model SSL VPN IPSec VPN Client Vantage CNM Vantage Report