Security for Web 2.0 at both the Gateway and the Desktop

Problem
As always, evolving Internet technologies present both opportunities and risks. Web 2.0 has introduced unprecedented interactivity through social networking, collaborative work environments, and online applications. MySpace, YouTube, Craigslist, and Wikipedia, as well as web services including sites like Amazon, eBay, and Gmail, encourage self-publishing. They also encourage high interaction between users through blogs, RSS feeds, podcasts, and other technologies.

Attracting huge numbers of visitors, these sites have become extremely attractive to hackers. What is more, the very technology that attracts user participation makes the sites more susceptible to corruption with malware that can bring down corporate networks or with spyware that can steal organizational data.

According to analyst Christian Christiansen, vice president for security products and services at IDC, criminals are increasingly attacking companies through Web 2.0 sites and services. "We're seeing a change in the threat environment," says Christiansen. "Instead of the threats, the malicious code, being distributed as email attachments, we're seeing more and more that they're being embedded in Web 2.0 links. In the past, what you saw was an immediate effect, now we're seeing much greater levels of subterfuge and much more sophisticated attacks." ["Web 2.0 is 'security risk,'" techworld.com, 10/7/07]

Solution
"Risk reduction requires policy managements and layered protection - at the gateway to the Internet as well as at the endpoint [desktops, laptops and servers]," says Christiansen. "You need a whole series of checks and balances."

Lightspeed Systems's Total Traffic Control delivers several layers of protection without sacrificing access to desirable Web-based tools.

Stopping malware at the Internet gateway
At the gateway, malware is stopped in two proven ways. First, Lightspeed's content filtering leverages an industry-leading 20+ million-entry database of websites, URLs and IP addresses. It is populated by Lightspeed customers who opt in to daily share the sites their users are visiting and by Lightspeed's unrelenting "army" of computers that crawls and downloads the entire Internet in regular cycles.

"In looking at the message headers, the program is very good at detecting what is spam and what is not."

Paul Rische
Director Technology, San Jose Unified School District

Each site is analyzed for content type and presence of malware including viruses, worms, key loggers, and spyware. Once analyzed, the sites are categorized and stored in the Lightspeed content database. Database updates are pushed out to customers daily.

Second, multi-pronged proxy blocking techniques prevent attempts to anonymously bypass the filter and expose the network to malware.

Stopping malware at the desktop
To protect against newly corrupted sites, Lightspeed's security suite includes a client Security Agent. The Security Agent consists of program permissions and antivirus software, which is updated daily with new virus signatures.

Web 2.0 site hackers employ script-type viruses because scripts are what enable such common features as videos and stock tickers. The Security Agent scans all scripts at the desktop level and prevents virus-infected scripts from executing. When visiting a site tainted with script-type viruses, the site's uninfected information will still display while the Security Agent stops the contaminated script from running.

Scanning for viruses at the desktop level is preferable over the gateway because only a particular machine's traffic is being checked—not an entire gateway's traffic. As a result, no latency is incurred.

Stopping malware at the email gateway
Finally, Lightspeed's security suite includes virus scanning at the email gateway where malware remains a prevalent threat. The Lightspeed antivirus software undergoes constant quality testing. Its foundation is an extensive collection of viruses that is built up daily through a wide variety of sources.

Summary
Lightspeed Systems's Total Traffic Control protects organizations from the risks of Web 2.0 while still allowing access to legitimate content by providing security at the Internet gateway, email gateway, and desktop.

Featured