Security for Web 2.0 at both the Gateway and the Desktop

  • 08/25/09

Problem
As always, evolving Internet technologies present both opportunities and risks. Web 2.0 has introduced unprecedented interactivity through social networking, collaborative work environments, and online applications. MySpace, YouTube, Craigslist, and Wikipedia, as well as web services including sites like Amazon, eBay, and Gmail, encourage self-publishing. They also encourage high interaction between users through blogs, RSS feeds, podcasts, and other technologies.

Attracting huge numbers of visitors, these sites have become extremely attractive to hackers. What is more, the very technology that attracts user participation makes the sites more susceptible to corruption with malware that can bring down corporate networks or with spyware that can steal organizational data.

According to analyst Christian Christiansen, vice president for security products and services at IDC, criminals are increasingly attacking companies through Web 2.0 sites and services. "We're seeing a change in the threat environment," says Christiansen. "Instead of the threats, the malicious code, being distributed as email attachments, we're seeing more and more that they're being embedded in Web 2.0 links. In the past, what you saw was an immediate effect, now we're seeing much greater levels of subterfuge and much more sophisticated attacks." ["Web 2.0 is 'security risk,'" techworld.com, 10/7/07]

Solution
"Risk reduction requires policy managements and layered protection - at the gateway to the Internet as well as at the endpoint [desktops, laptops and servers]," says Christiansen. "You need a whole series of checks and balances."

Lightspeed Systems's Total Traffic Control delivers several layers of protection without sacrificing access to desirable Web-based tools.

Stopping malware at the Internet gateway
At the gateway, malware is stopped in two proven ways. First, Lightspeed's content filtering leverages an industry-leading 20+ million-entry database of websites, URLs and IP addresses. It is populated by Lightspeed customers who opt in to daily share the sites their users are visiting and by Lightspeed's unrelenting "army" of computers that crawls and downloads the entire Internet in regular cycles.

"In looking at the message headers, the program is very good at detecting what is spam and what is not."

Paul Rische
Director Technology, San Jose Unified School District

Each site is analyzed for content type and presence of malware including viruses, worms, key loggers, and spyware. Once analyzed, the sites are categorized and stored in the Lightspeed content database. Database updates are pushed out to customers daily.

Second, multi-pronged proxy blocking techniques prevent attempts to anonymously bypass the filter and expose the network to malware.

Stopping malware at the desktop
To protect against newly corrupted sites, Lightspeed's security suite includes a client Security Agent. The Security Agent consists of program permissions and antivirus software, which is updated daily with new virus signatures.

Web 2.0 site hackers employ script-type viruses because scripts are what enable such common features as videos and stock tickers. The Security Agent scans all scripts at the desktop level and prevents virus-infected scripts from executing. When visiting a site tainted with script-type viruses, the site's uninfected information will still display while the Security Agent stops the contaminated script from running.

Scanning for viruses at the desktop level is preferable over the gateway because only a particular machine's traffic is being checked—not an entire gateway's traffic. As a result, no latency is incurred.

Stopping malware at the email gateway
Finally, Lightspeed's security suite includes virus scanning at the email gateway where malware remains a prevalent threat. The Lightspeed antivirus software undergoes constant quality testing. Its foundation is an extensive collection of viruses that is built up daily through a wide variety of sources.

Summary
Lightspeed Systems's Total Traffic Control protects organizations from the risks of Web 2.0 while still allowing access to legitimate content by providing security at the Internet gateway, email gateway, and desktop.

Featured

  • stylized illustration of two children engaged in engineering activities, one using a tablet and the other assembling mechanical parts like gears and pulleys, set against a colorful background with abstract shapes

    Applications Open for DiscoverE STEM Grant Opportunities

    Discover Engineering is accepting applications for Engineers Week and Girl Day 2025, two grant opportunities dedicated to inspiring the next generation of innovators through experiential learning in the field of engineering.

  • blue, green, and yellow swirling lines of light form a dense, interconnected network

    New Amazon Nova Models Ramp Up Generative AI Performance

    Amazon Web Services (AWS) has unveiled Amazon Nova, a cutting-edge suite of foundation models (FMs) for generative AI.

  • A young person sitting on a couch in a bright living room during the daytime, holding a tablet, with sunlight streaming through large windows and pastel-toned furniture.

    Balancing Screen Time and Student Wellness

    Student mental health is in crisis, and excessive screen time is a significant factor. Here are four ways to help students find and maintain a healthy balance with technology.

  • stylized illustration of a global AI treaty signing, featuring diverse human figures seated around a round table

    First Global Treaty to Regulate AI Signed

    The United States, United Kingdom, European Union, and several other countries have signed "The Framework Convention on Artificial Intelligence, Human Rights, Democracy, and the Rule of Law," the world's first legally binding treaty aimed at regulating the use of artificial intelligence (AI).