Improper web use costs businesses billions of
dollars in lost productivity and resource misuse
each year, and introduces the risk of compliance
violations and legal liability. Traditional
approaches to managing this challenge—using static
lists of categorized URLs—have become decreasingly
effective in the face of an increasingly dynamic and
growing Internet. More than 1 billion new webpages
are added every day, a staggering tribute to the
success of Web 2.0 and the popularity of
user-generated content. This content explosion,
combined with rapid content churn—more than 30
percent of the domains change on an annual basis—has
created a vast "dark web," with more than 80 percent
of content uncategorized by legacy solutions. The
dark web exposes organizations to the same risks and
costs that URL filtering was meant to address.
Cisco® IronPort Web Usage Controls, available on
all Cisco IronPort S-Series web security appliances,
provide industry-leading visibility and protection
from web use violations through a combination of
list-based URL filtering and real-time dynamic
categorization. This unique solution is powered by
Cisco Security Intelligence Operations (SIO), which
uses global Internet traffic visibility and analysis
to target categorization efforts and provide timely
updates, maximizing URL list-based efficacy.
List-based URL filtering alone cannot solve the
dark web challenge. To overcome this limitation,
Cisco IronPort Web Usage Controls include a dynamic
content analysis engine, which categorizes up to 90
percent of objectionable dark web content and
increases overall coverage on the most commonly
blocked content by up to 50 percent.
"The source of web content on high-traffic pages
is progressively more unknown. Social networking
sites, blogs, wikis and other interactive websites
are the second most-popular form of content on the
web...Failure to secure the web will have a chilling
effect on an organization's capability to benefit
from the Web 2.0 evolution."
Gartner, Inc.
"Why Malware Filtering Is Necessary in the Web
Gateway"
by Peter Firstbrook, Aug. 26, 2008
The Cisco IronPort Difference
Cisco IronPort email and web security products are
high-performance, easy-to-use, and technically innovative
solutions, designed to secure organizations of all sizes.
Purpose-built for security and deployed at the gateway to
protect the world's most important networks, these products
enable a powerful perimeter defense.
Leveraging Cisco SIO and global threat correlation
technology help to increase the intelligence and speed of
Cisco IronPort appliances. This advanced technology enables
organizations to improve their security and transparently
protect users from the latest Internet threats.
Features:
Industry-Leading Efficacy
Cisco IronPort Web Usage Controls use multiple layers for
URL categorization to provide the highest levels of efficacy
and coverage for the web, including the dark web. The
solution provides 65 URL categories and a comprehensive URL
database that encompasses sites in more than 190+ countries
and more than 50 languages.
Cisco SIO updates the database every five minutes, taking
advantage of its visibility into more than a third of global
Internet traffic to provide customers with the most
effective and timely coverage. URL updates are sourced from
automated web crawl¬ing and classification technologies,
combined with manual classification from Cisco's global
categorization team of professional researchers. Periodic,
automated aging out of unused domains and sites, along with
regular updates of millions of new URLs, helps maintain the
industry's highest-quality web filtering database.
In addition, data from thousands of participating Cisco
IronPort web security appliances (deployed globally) is
delivered to the Cisco SIO to classify uncategorized URLs.
Any miscategorization requests are responded to promptly,
often within minutes.
Dynamic Categorization: In Real Time and On-Box
The dynamic content analysis engine evaluates all
uncategorized web content—even content hidden in an SSL
tunnel—to make real-time categorization decisions. Advanced
heuristics are used to calculate a concept vector, which is
compared with an extensive library of model documents to
quickly and accurately determine the content category. The
engine is tuned to maximize catch rates for the most
commonly blocked objectionable content, minimizing the
liability and compliance violation risks for customers while
maintaining a low false-positive rate.
Rich Policy Controls and Comprehensive Reporting
Cisco IronPort Web Usage Controls provide rich policy
features to control access to the web. Controls available at
the URL category level include Block, Allow, Warn, and
Monitor, along with time-of-day-based controls. Integration
with existing AD or LDAP directories allows for user- and
group-level policies. Custom categories with support for
regular expressions allow flexibility in creating a
virtually unlimited number of custom white and black lists.
The solution provides comprehensive reporting, both
on-box and off-box. The reports are fully interactive,
allowing an administrator to start by looking at high-level
summaries, such as how many users are being blocked by
policy. With a single click, the administrator can drill
down and see what policies are being hit—or which users are
being blocked the most. With another click, the
administrator can see all of the traffic for a single user
that may have been hitting a given policy. This reporting
system allows administrators to quickly identify problems,
and either adjust policy or take other appropriate actions.
Logs can be exported for further analysis and forensics.
Also included in the solution is comprehensive alerting for
enterprise class support.
Fully Integrated Web Security
Cisco IronPort Web Usage Controls are fully integrated
into the Cisco IronPort S-Series web security appliance, the
industry's first and only secure web gateway to combine
traditional URL filtering, reputation filtering, malware
filtering, and data security on a single platform.
Documentation:
Download the
IronPort IronPort Web Usage Controls Data Sheet (PDF).
