A strong foundation to fight strong attacks.Websense® web security gateways are built around three core components:
- Websense ACE, which uses seven security defense assessment areas to provide inline real-time protection from advanced threats and data theft.
- Websense ThreatSeeker® Network, which unites more than 900 million endpoints and analyzes 3–5 billion requests per day.
- Websense Security Labs™, with researchers working around the globe to provide the intelligence and technology that create the predictive analytics and defenses in ACE.
ACE is the Websense difference. The seven defense assessment areas in ACE provide inline real-time protection against advanced threats and data theft. Using security intelligence and analytics from ThreatSeeker Network, the seven defenses contribute to a composite score that is both predictive and contextual.
ACE defense areas include:
|Defense Assessment Area||Description|
|Inspects web content for open or obfuscated exploits, active scripts, kits and other malicious code.|
|Empowers social web controls and content classification of large, active social networks such as Facebook.|
|Classifies structured and unstructured data, and includes paring and decoding support to address outbound data theft.|
|Anti-Malware Engines||Applies multiple anti-malware engines to identify both general and specialized malware, including infected PDF files.|
|Reputation Analysis||Considers more than 20 characteristics to provide detailed assessment and accurate reputation scoring that encompasses contextual awareness.|
|URL Classification||Applies powerful machine learning to quickly and accurately identify a web page based on its content — including images, multimedia, and links.|
|Anti-Spam/Spear-Phishing||Provides matchless, proactive protection against traditional and emerging email threats.|
Ten new defenses raise the bar. The latest release of Websense web security solutions contains 10 new defenses that help redefine web security:
|New Defense name||Description|
|Criminal-Encrypted Upload Detection||Discovers outbound network transmissions of documents, payloads and data that are encrypted with custom-encryption methods.|
|Password File Data Theft Detection||Detects documents and data that include lists of network passwords such as Windows user passwords and documents that contain lists of usernames and passwords.|
|Drip (Behavioral) DLP||Analyzes multiple web requests over an administrator-defined length of time to detect “low and slow” data leaks. These evade traditional DLP solutions that analyze only one request at a time.|
|OCR Data-in-Motion Analysis||Analyzes text contained within images to protect against data theft and loss. Websense is the first to provide this on outbound communications within a web gateway.|
|Destination Geo Location||Provides destination geographical location for outbound communications and data theft incidents. Enables forensic reporting on who (user identity), how (malware sandbox analysis), where (geo-location) and what (data theft capture)|
|Advanced Malware Command and Control||Protects against outbound network transmissions from a compromised machine to a malicious command and control center.|
|Advanced Malware Payloads||Protects against inbound network transmissions of payloads intended to exploit a machine.|
|Potentially Exploited Documents||Protects against documents containing suspicious content that could lead to the exploitation of a machine.|
|Unauthorized Mobile Marketplaces||Protects against websites that potentially distribute applications that are unauthorized by the mobile OS manufacturer, the handheld device manufacturer or the network provider. (Traffic visiting websites in this category may be signs of jail broken or rooted phones.)|
|Mobile Malware||Protects against malicious websites and applications that are designed to run on mobile devices.|
Integrated DLP as a defense. An integrated enterprise-class data loss prevention (DLP) engine makes Websense web security gateways unique. Its defenses against data theft and loss include industry firsts, including the detection of criminal-encrypted uploads and password file data theft. The key to our DLP defense is containment, which leverages data-awareness and the context of each request to and from the web.
Integrated DLP also reduces infrastructure expenses and operating costs. It reflects the value of the Websense TRITON™ architecture, which unites web, email, data and mobile security to protect your data against the seven stages of advanced threats.
Seven Advanced Threat Stages
One platform, one architecture, one security vendor. Web security gateways are the top layer of defense against advanced attacks and data theft. By not allowing direct traffic between the web and users, Websense can provide unmatched visibility and the real-time defense assessments of ACE.
Your investment in Websense web security gateways is an investment in your security future. Our unified Websense TRITON architecture makes it easy to upgrade and expand into email, data and mobile security solutions. Plus our hybrid deployments — combining cloud security for remote and mobile users with on-site security at branch offices — enable an economy of scale for large offices and headquarters.