Adapt a Multiple-layered, Multi-engine Defense Strategy: David Wigley

CIO: What has been the biggest change in the field of content security across organizations?

David Wigley:

Content Security, today, requires a comprehensive, multi-layered approach that utilizes multiple technologies. It must address not only the gateway but also the explosion in mobile device usage as progressive staff and management recognize the massive efficiency gain from it. They too demand to have access to these tools.

While antivirus vendors have effectively dealt with reactive malware threats on end-point devices, their ability to stop proactive threats and the flow of malware in dynamic data streams is very limited. Malware authors have become increasingly sophisticated and are utilizing the secure Web (SSL/TLS) to hide their activities within an encrypted tunnel. Polymorphic malware and advanced persistent threats make the landscape far more challenging.

ContentKeeper has been focused on both gateway and mobile solutions to address these threats. With its combination of selective SSL decoding and signature-based and behavioural/sandbox-based anti-malware engines, it can prove to be a strong defense against these threats.

CIO: But the secure Web gateway is a crowded market with players like Blue Coat, Cisco, and McAfee. What keeps ContentKeeper ahead in the game?

David Wigley:

ContentKeeper has a major technological advantage over these vendors. Their technologies are based on traditional proxy platforms which tend to be slow and very process-intensive. ContentKeeper is based on a layer-2, transparent bridge technology that provides approximately 10 times more speed and throughput over any proxy-based platform that runs on an equivalent hardware. This allows ContentKeeper to scale massively at a very cost effective rate. Hence, ContentKeeper is used for filtering in many large networks at multi-gigabyte speeds.

A fully functional product from over 15 years of continuous development, ContentKeeper has major advantages across all feature sets including high speed SSL decryption and inspection, sandboxing, Web 2.0 application controls, behavioral analysis, threat mitigation and BYOD and mobile protection. Importantly, most of it is achieved on ONE 1RU appliance. For the same level of filtering and protection, other vendors use farms of load-balanced appliances.

CIO: What is the top-of-the-line security demand by CIOs and CISOs of modern companies?

David Wigley:

Mobile protection, protection from BYOD devices, the need to decode the increasing amount of encrypted SSL traffic, and increased sophistication of malware are the main concerns of CIOs and CISOs today. ContentKeeper provides high speed, scalable malware protection and filtering to specifically address all these needs.

ContentKeeper's secure Internet gateway provides both reactive (signature-based) and proactive (behavioral and sandbox-based) defenses with its multi-layered, multi-engine approach to malware protection. None of the above vendors can filter multi-gigabit data streams as efficiently and cost effectively as ContentKeeper's secure Internet gateway.

CIO: But high profile attacks and new malware continue to threaten organizations.

David Wigley:

There is no such thing as full-proof security. No one technology can answer all security concerns. That is why ContentKeeper takes a multiple-layered and a multi-engine approach to malware defense. ContentKeeper incorporates traditional/reactive signature-based methods as well as the newer proactive methods. These work together globally within ContentKeeper's collaborative filtering community network to deliver the best possible, real-time protection available.

With thousands of deployments across the globe and our R&D using the in-house technology of closed-loop, collaborative filtering, ContentKeeper strives to work on real-time data from customers. Spread across various datacenters on the globe, we plug out latest vulnerabilities and bring down the level of risk associated with it.

CIO: What would you suggest to CIOs to build a secure IT infrastructure?

David Wigley:

Look at the underlying platform technology, because the selected security vendor cannot be changed easily. Proxy is an old technology now, they throttle high-speed networks and create unnecessary choke points. The layer 2 Ethernet bridge is the technology for today and tomorrow as it delivers the high-speed access required by modern businesses.

Wise IT administrators would avoid accepting yesterday's technology because they are owned and sold by what are in effect IT marketing juggernauts. They do not necessarily provide a state-of-the-art or cost-effective security solutions.

CIOs, CTOs and CISOs have complex problems to address. They must consider functionality in both standalone products as well as how those products integrate into their networking and overall processing environments. The maintenance and support offered is also a critical component of any IT strategy. The emergence and widespread use of mobile devices must be catered to.

ContentKeeper offers a hybrid solution for security, offering Web, gateway and mobile device solutions along with highly automated updates, maintenance and support.

CIO: Has ContentKeeper gone the cloud route? What are the pros and cons of this emergent consumption model?

David Wigley:

Cloud or no cloud, ContentKeeper provides a seamless environment where clients can have the best of both worlds. They can select a 100 percent cloud-based solution or a 100 percent on-site appliance-based solution. They can also adopt the hybrid approach which will no doubt dominate the seen in the years to come.

Large enterprises will primarily stick to on-site appliances to handle their LAN-based security load while utilizing integrated cloud-based services for mobile platforms, and for the more CPU-intense processing involved in security functions such as sandboxing. Users will be able to wander seamlessly both on-net and off-net while receiving the same protection regardless of where they are working. ContentKeeper provides this capability today.

Join the CSO newsletter!

Error: Please check your email address.

Tags mcafeesecurity

More about CiscoLAN

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Yogesh Gupta

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place