The first technology on Johnson's list of must-haves for IT security architecture: secure Web gateways.
A secure Web gateway is a security product that filters unwanted software and malware from user-initiated Internet traffic. The best secure Web gateways include URL filtering, malicious code detection and application controls for enterprise apps, such as Skype, instant messaging, email and marketing tools.
In the transcript from SearchCIO's recent webcast with Johnson, the Nemertes Research CEO outlines how to find the best secure Web gateway for your organization.
Let's start with some of the easy stuff. What is a secure Web gateway? Well, most of us know it's monitoring traffic to protect against the introduction of malware. Essentially, it's tracking where your users are going, what websites they're going to and whether they're fetching back things that they shouldn't be from these websites.
An example is the Chinese menu attack, which happened at the beginning of last year, where an attacker actually got into a financial services firm because they noticed the traders were very happy to order online from a Chinese restaurant. What [the hackers] did was infiltrate the restaurant and attach malware to the menu.
The traders would hit the site, download the menu, inadvertently launch an executable, and order hot and sour soup, and basically attack their own organizations while they were doing it -- without ever knowing. If they had had a secure Web gateway in place, that wouldn't have happened.
So, it helps to protect against both blended threats and advanced persistent threats. These are threats that target a particular organization. Obviously, the key in the Chinese menu attack is that the attackers knew that the traders went to a particular site. They knew this because they weren't just blindly doing an automated attack of the financial services firm, but it was actually a targeted attack.
Who makes it? Quite a lot of folks here. And by the way, there are lists. We provide vendor lists for each of these product categories. Please understand, these are some of the leading vendors. They are interesting because they have interesting technology in this space, but in no way is this comprehensive. There are plenty of vendors that aren't necessarily on these lists. We just want to give you a sense of what category of vendors we're talking about.
Where are secure Web gateways headed? The big one is that they're getting more tightly integrated with security analytics, including forensics and also user behavioral analytics tools. Because, obviously, this is important information if you know what sites your users are hitting. And, in fact, if a user starts suddenly hitting a bunch of websites that he or she never did before, that's the kind of thing you really want to be doing further analysis on, because that's going to indicate something's not right. So, that's secure Web gateways.