top four reasons to migrate to the content analysis system
Security Empowers Business
STEP UP ADVANCED THREAT PROTECTION Customers who purchased Blue Coat ProxyAV appliances received solid protection against web-based threats. But advanced threats continue to evolve and proliferate. Today more than 200,000 new malware samples are uncovered every day. CIO magazine reports that there are more than one million malicious and high-risk Android apps. Add to that the growing sophistication of targeted attacks and advanced persistent threats, and it is clear that traditional anti-malware alone is no longer enough. What’s needed is a deeper, more comprehensive defense that not only blocks the “known bad” but also protects against “unknown” zero-day threats and allows access to the “known good.” The Blue Coat Content Analysis System delivers all of this critical functionality while also harnessing intelligence from millions of actual users. It gathers, analyzes, and shares actionable intelligence with Blue Coat ProxySG appliances, the Blue Coat Security Analytics Platform for real-time threat profiling and remediation, and the Blue Coat Global Intelligence Network. The result is a new dimension of protection against advanced threats – and a new level of empowerment for your workforce and your business. Four Great Reasons to Deploy the Content Analysis System
2 Improve Control and Performance through File Whitelisting
1 Get More Accurate, Complete Protection through Dual
Anti-Malware Engines
Tests show that adding a second anti-malware engine results in a 12% increase in malware capture. The most complete coverage can be achieved with two engines on the perimeter and an engine from a third vendor on endpoint devices. That is why the Blue Coat Content Analysis System provides the option to use one or two anti-malware engines from anti-malware industry leaders (Kaspersky, Sophos, McAfee).
As a dedicated device, the Content Analysis Systems also scans all files at full throughput. Other solutions may claim high levels of anti-virus scanning throughput but ignore content they determine to be “safe” such as Facebook. Multi-purpose next generation firewall and unified threat management devices show a sharp drop in performance as anti-malware features are turned on.
The Content Analysis System provides “file whitelisting,” which accelerates access to “known good” files and also boosts the performance of anti-malware scanning. Specifically, the Content Analysis System accesses a whitelist database of more than a billion files, and this database is updated continuously. When a user requests a file, the Content Analysis System checks against this database and delivers it to the requester if it’s on the list. This increases the performance of anti-malware scanning and sandboxing by eliminating the need to analyze known good files. In fact, laboratory tests show that 29% of files entering the Content Analysis System will be classified as “good” by the whitelist. The whitelisting feature also provides the option to improve security even further by preventing users from downloading specific file datatypes of downloads that are not on the whitelist. A good example would be blocking any .exe files that are not known good files.
SOLUTION BRIEF
TOP FOUR REASONS TO MIGRATE TO THE CONTENT ANALYSIS SYSTEM
SOLUTION BRIEF
Security Empowers Business
3 Boost Performance and Accuracy through Orchestrated
Learn More
Learn more about the unique capabilities of the Blue Coat Content Analysis System. Take a closer look – and take the next step towards a new level of protection against advanced threats.
Sandboxing
The Content Analysis System serves as a broker between multiple sandboxes, simultaneously sending unknown or suspicious files to the Blue Coat Malware Analysis Appliance sandbox and third-party sandboxes. And, laboratory tests show that with the implementation of dual anti-malware engines and file whitelisting, the number of files sent to the sandbox is reduced by 37%. As a result, there are fewer false-positives and improved sandbox performance as fewer files need to be processed. The sandbox orchestration capability allows you to optimize your existing investments while building modern, defense-in-depth protection against advanced and zeroday malware. The Content Analysis System provides the option to improve performance and accuracy even further by allowing the selection of file datatypes to be sent to the sandbox for analysis.
Blue Coat Advanced Threat Protection
4 Protect Your Business and Your Investments with an Expandable Solution
Blue Coat Systems Inc. www.bluecoat.com Corporate Headquarters Sunnyvale, CA +1.408.220.2200 EMEA Headquarters Hampshire, UK +44.1252.554600 APAC Headquarters Singapore +65.6826.7000
The high-performance Content Analysis System is built for expansion. It provides the performance and defense-in-depth you need for today’s threat landscape without needlessly slowing the end-user experience. It handles the processing load needed for file scanning, protecting the ProxySG Secure Web Gateway from any impact due to spikes in new file downloads. The six current models, including a virtual model, have throughput ranging from 25Mbps to 1Gbps, letting you choose the right device for your network. It can scan files up to 5GB in size and analyze compressed archives up to 99 layers deep. When files are properly unpacked, the Content Analysis System gains the ability to reveal malicious content that may have been intentionally hidden, exposing intended behavior.
In addition, a best-of-breed strategy allows Blue Coat to partner with visionary security vendors to offer superior protection. Over time new features will be made available, including on-box and cloud-based sandboxing.
© 2015 Blue Coat Systems, Inc. All rights reserved. Blue Coat, the Blue Coat logos, ProxySG, PacketShaper, CacheFlow, IntelligenceCenter, CacheOS, CachePulse, Crossbeam, K9, the K9 logo, DRTR, MACH5, PacketWise, Policycenter, ProxyAV, ProxyClient, SGOS, WebPulse, Solera Networks, the Solera Networks logos, DeepSee, “See Everything. Know Everything.”, “Security Empowers Business”, and BlueTouch are registered trademarks or trademarks of Blue Coat Systems, Inc. or its affiliates in the U.S. and certain other countries. This list may not be complete, and the absence of a trademark from this list does not mean it is not a trademark of Blue Coat or that Blue Coat has stopped using the trademark. All other trademarks mentioned in this document owned by third parties are the property of their respective owners. This document is for informational purposes only. Blue Coat makes no warranties, express, implied, or statutory, as to the information in this document. Blue Coat products, technical services, and any other technical data referenced in this document are subject to U.S. export control and sanctions laws, regulations and requirements, and may be subject to export or import regulations in other countries. You agree to comply strictly with these laws, regulations and requirements, and acknowledge that you have the responsibility to obtain any licenses, permits or other approvals that may be required in order to export, re-export, transfer in country or import after delivery to you. v.SB-TOP4-REASONS-TO-MIGRATE-TO-CAS-EN-v1m-0215
STEP UP ADVANCED THREAT PROTECTION Customers who purchased Blue Coat ProxyAV appliances received solid protection against web-based threats. But advanced threats continue to evolve and proliferate. Today more than 200,000 new malware samples are uncovered every day. CIO magazine reports that there are more than one million malicious and high-risk Android apps. Add to that the growing sophistication of targeted attacks and advanced persistent threats, and it is clear that traditional anti-malware alone is no longer enough. What’s needed is a deeper, more comprehensive defense that not only blocks the “known bad” but also protects against “unknown” zero-day threats and allows access to the “known good.” The Blue Coat Content Analysis System delivers all of this critical functionality while also harnessing intelligence from millions of actual users. It gathers, analyzes, and shares actionable intelligence with Blue Coat ProxySG appliances, the Blue Coat Security Analytics Platform for real-time threat profiling and remediation, and the Blue Coat Global Intelligence Network. The result is a new dimension of protection against advanced threats – and a new level of empowerment for your workforce and your business. Four Great Reasons to Deploy the Content Analysis System
2 Improve Control and Performance through File Whitelisting
1 Get More Accurate, Complete Protection through Dual
Anti-Malware Engines
Tests show that adding a second anti-malware engine results in a 12% increase in malware capture. The most complete coverage can be achieved with two engines on the perimeter and an engine from a third vendor on endpoint devices. That is why the Blue Coat Content Analysis System provides the option to use one or two anti-malware engines from anti-malware industry leaders (Kaspersky, Sophos, McAfee).
As a dedicated device, the Content Analysis Systems also scans all files at full throughput. Other solutions may claim high levels of anti-virus scanning throughput but ignore content they determine to be “safe” such as Facebook. Multi-purpose next generation firewall and unified threat management devices show a sharp drop in performance as anti-malware features are turned on.
The Content Analysis System provides “file whitelisting,” which accelerates access to “known good” files and also boosts the performance of anti-malware scanning. Specifically, the Content Analysis System accesses a whitelist database of more than a billion files, and this database is updated continuously. When a user requests a file, the Content Analysis System checks against this database and delivers it to the requester if it’s on the list. This increases the performance of anti-malware scanning and sandboxing by eliminating the need to analyze known good files. In fact, laboratory tests show that 29% of files entering the Content Analysis System will be classified as “good” by the whitelist. The whitelisting feature also provides the option to improve security even further by preventing users from downloading specific file datatypes of downloads that are not on the whitelist. A good example would be blocking any .exe files that are not known good files.
SOLUTION BRIEF
TOP FOUR REASONS TO MIGRATE TO THE CONTENT ANALYSIS SYSTEM
SOLUTION BRIEF
Security Empowers Business
3 Boost Performance and Accuracy through Orchestrated
Learn More
Learn more about the unique capabilities of the Blue Coat Content Analysis System. Take a closer look – and take the next step towards a new level of protection against advanced threats.
Sandboxing
The Content Analysis System serves as a broker between multiple sandboxes, simultaneously sending unknown or suspicious files to the Blue Coat Malware Analysis Appliance sandbox and third-party sandboxes. And, laboratory tests show that with the implementation of dual anti-malware engines and file whitelisting, the number of files sent to the sandbox is reduced by 37%. As a result, there are fewer false-positives and improved sandbox performance as fewer files need to be processed. The sandbox orchestration capability allows you to optimize your existing investments while building modern, defense-in-depth protection against advanced and zeroday malware. The Content Analysis System provides the option to improve performance and accuracy even further by allowing the selection of file datatypes to be sent to the sandbox for analysis.
Blue Coat Advanced Threat Protection
4 Protect Your Business and Your Investments with an Expandable Solution
Blue Coat Systems Inc. www.bluecoat.com Corporate Headquarters Sunnyvale, CA +1.408.220.2200 EMEA Headquarters Hampshire, UK +44.1252.554600 APAC Headquarters Singapore +65.6826.7000
The high-performance Content Analysis System is built for expansion. It provides the performance and defense-in-depth you need for today’s threat landscape without needlessly slowing the end-user experience. It handles the processing load needed for file scanning, protecting the ProxySG Secure Web Gateway from any impact due to spikes in new file downloads. The six current models, including a virtual model, have throughput ranging from 25Mbps to 1Gbps, letting you choose the right device for your network. It can scan files up to 5GB in size and analyze compressed archives up to 99 layers deep. When files are properly unpacked, the Content Analysis System gains the ability to reveal malicious content that may have been intentionally hidden, exposing intended behavior.
In addition, a best-of-breed strategy allows Blue Coat to partner with visionary security vendors to offer superior protection. Over time new features will be made available, including on-box and cloud-based sandboxing.
© 2015 Blue Coat Systems, Inc. All rights reserved. Blue Coat, the Blue Coat logos, ProxySG, PacketShaper, CacheFlow, IntelligenceCenter, CacheOS, CachePulse, Crossbeam, K9, the K9 logo, DRTR, MACH5, PacketWise, Policycenter, ProxyAV, ProxyClient, SGOS, WebPulse, Solera Networks, the Solera Networks logos, DeepSee, “See Everything. Know Everything.”, “Security Empowers Business”, and BlueTouch are registered trademarks or trademarks of Blue Coat Systems, Inc. or its affiliates in the U.S. and certain other countries. This list may not be complete, and the absence of a trademark from this list does not mean it is not a trademark of Blue Coat or that Blue Coat has stopped using the trademark. All other trademarks mentioned in this document owned by third parties are the property of their respective owners. This document is for informational purposes only. Blue Coat makes no warranties, express, implied, or statutory, as to the information in this document. Blue Coat products, technical services, and any other technical data referenced in this document are subject to U.S. export control and sanctions laws, regulations and requirements, and may be subject to export or import regulations in other countries. You agree to comply strictly with these laws, regulations and requirements, and acknowledge that you have the responsibility to obtain any licenses, permits or other approvals that may be required in order to export, re-export, transfer in country or import after delivery to you. v.SB-TOP4-REASONS-TO-MIGRATE-TO-CAS-EN-v1m-0215
