IronPort Web Usage Controls
Industry-leading visibility and protection from web acceptable use violations
Improper web use costs businesses billions of dollars in lost productivity and resource misuse each year, and introduces the risk of compliance violations and legal liability. Traditional approaches to managing this challenge—using static lists of categorized URLs—have become decreasingly effective in the face of an increasingly dynamic and growing Internet. More than 1 billion new webpages are added every day, a staggering tribute to the success of Web 2.0 and the popularity of user-generated content. This content explosion, combined with rapid content churn—more than 30 percent of the domains change on an annual basis—has created a vast "dark web," with more than 80 percent of content uncategorized by legacy solutions. The dark web exposes organizations to the same risks and costs that URL filtering was meant to address.
Cisco IronPort Web Usage Controls, available on all Cisco IronPort S-Series web security appliances, provide industry-leading visibility and protection from web use violations through a combination of list-based URL filtering and real-time dynamic categorization. This unique solution is powered by Cisco Security Intelligence Operations (SIO), which uses global Internet traffic visibility and analysis to target categorization efforts and provide timely updates, maximizing URL list-based efficacy.
List-based URL filtering alone cannot solve the dark web challenge. To overcome this limitation, Cisco IronPort Web Usage Controls include a dynamic content analysis engine, which categorizes up to 90 percent of objectionable dark web content and increases overall coverage on the most commonly blocked content by up to 50 percent.
"The source of web content on high-traffic pages is progressively more unknown. Social networking sites, blogs, wikis and other interactive websites are the second most-popular form of content on the web...Failure to secure the web will have a chilling effect on an organization's capability to benefit from the Web 2.0 evolution."
"Why Malware Filtering Is Necessary in the Web Gateway"
by Peter Firstbrook, Aug. 26, 2008
The Cisco IronPort Difference
Cisco IronPort email and web security products are high-performance, easy-to-use, and technically innovative solutions, designed to secure organizations of all sizes. Purpose-built for security and deployed at the gateway to protect the world's most important networks, these products enable a powerful perimeter defense.
Leveraging Cisco SIO and global threat correlation technology help to increase the intelligence and speed of Cisco IronPort appliances. This advanced technology enables organizations to improve their security and transparently protect users from the latest Internet threats.
Cisco IronPort Web Usage Controls use multiple layers for URL categorization to provide the highest levels of efficacy and coverage for the web, including the dark web. The solution provides 65 URL categories and a comprehensive URL database that encompasses sites in more than 190+ countries and more than 50 languages.
Cisco SIO updates the database every five minutes, taking advantage of its visibility into more than a third of global Internet traffic to provide customers with the most effective and timely coverage. URL updates are sourced from automated web crawl¬ing and classification technologies, combined with manual classification from Cisco's global categorization team of professional researchers. Periodic, automated aging out of unused domains and sites, along with regular updates of millions of new URLs, helps maintain the industry's highest-quality web filtering database.
In addition, data from thousands of participating Cisco IronPort web security appliances (deployed globally) is delivered to the Cisco SIO to classify uncategorized URLs. Any miscategorization requests are responded to promptly, often within minutes.
Dynamic Categorization: In Real Time and On-Box
The dynamic content analysis engine evaluates all uncategorized web content—even content hidden in an SSL tunnel—to make real-time categorization decisions. Advanced heuristics are used to calculate a concept vector, which is compared with an extensive library of model documents to quickly and accurately determine the content category. The engine is tuned to maximize catch rates for the most commonly blocked objectionable content, minimizing the liability and compliance violation risks for customers while maintaining a low false-positive rate.
Rich Policy Controls and Comprehensive Reporting
Cisco IronPort Web Usage Controls provide rich policy features to control access to the web. Controls available at the URL category level include Block, Allow, Warn, and Monitor, along with time-of-day-based controls. Integration with existing AD or LDAP directories allows for user- and group-level policies. Custom categories with support for regular expressions allow flexibility in creating a virtually unlimited number of custom white and black lists.
The solution provides comprehensive reporting, both on-box and off-box. The reports are fully interactive, allowing an administrator to start by looking at high-level summaries, such as how many users are being blocked by policy. With a single click, the administrator can drill down and see what policies are being hit—or which users are being blocked the most. With another click, the administrator can see all of the traffic for a single user that may have been hitting a given policy. This reporting system allows administrators to quickly identify problems, and either adjust policy or take other appropriate actions. Logs can be exported for further analysis and forensics. Also included in the solution is comprehensive alerting for enterprise class support.
Fully Integrated Web Security
Cisco IronPort Web Usage Controls are fully integrated into the Cisco IronPort S-Series web security appliance, the industry's first and only secure web gateway to combine traditional URL filtering, reputation filtering, malware filtering, and data security on a single platform.
Download the IronPort IronPort Web Usage Controls Data Sheet (PDF).