Die Präsentation wird geladen. Bitte warten

Die Präsentation wird geladen. Bitte warten

Blue Coat Proxy - SSL - Interception Proxy

Ähnliche Präsentationen


Präsentation zum Thema: "Blue Coat Proxy - SSL - Interception Proxy"—  Präsentation transkript:

1 Blue Coat Confidential

2 2 © Blue Coat Systems, Inc Blue Coat Confidential

3 3 1.) Main Purpose

4 4 © Blue Coat Systems, Inc Blue Coat Confidential Proxy Services  Proxy Support HTTP, HTTPS, FTP, P2P, Telnet, SOCKS, DNS, TCP-Tunnel, IM (AIM, MSN, Yahoo!), MMS, RTSP, QuickTime Method-level control options  Content Filtering, Content Security, Spyware Prevention  IM Control, P2P Blocking, Phishing & Pop-up Blocking  Web Virus Scanning with ProxyAV  Streaming Control  Compression (HTTP & TCP/SOCKS)  Bandwidth Management  SSL Termination & Acceleration

5 5 © Blue Coat Systems, Inc Blue Coat Confidential Firewalls  Keep the Bad Guys Out Public Web Servers Intranet Web Servers Public Internet Firewalls block at the perimeter... Firewall But they are not designed to control at user level Users Hackers Internal Network

6 6 © Blue Coat Systems, Inc Blue Coat Confidential Restrict or control access to unproductive web sites Stop viruses from webmail (Yahoo, Hotmail, etc) and IM Keep intellectual property from getting out over IM “Splash page” for acceptable Internet use policy Stop web content such as.vbs,.exe Stop viruses from webmail (Yahoo, Hotmail, etc) and IM Keep intellectual property from getting out over IM Log and archive IM traffic by individual text messages Prevent downloading of copyrighted MP3 files Control pop-ups, ads, and spyware Public Web Servers Intranet Web Servers Internal Network Proxy  Keep the Good Guys Good Users Firewall Users Proxy Public Internet Restrict or control access to unproductive web sites “Splash page” for acceptable Internet use policy Stop web content such as.vbs,.exe Log and archive IM traffic by individual text messages Prevent downloading of copyrighted MP3 files Control pop-ups, ads, and spyware Total Visibility and Control of All Web Communications

7 7 © Blue Coat Systems, Inc Blue Coat Confidential Reporter Enterprise Policy Management Distribute Policy Monitor & Report Set & Enforce Policy Visual Policy Manager Director Corporate Web Policy

8 8 © Blue Coat Systems, Inc Blue Coat Confidential Energy, Oil & Gas Health & Pharmaceuticals Government World’s Major Institutions Trust Blue Coat Financial Mfg/IndustrialConsumer & Retail

9 9 © Blue Coat Systems, Inc Blue Coat Confidential Read Only Policy No comments, posting, upload/download, games, , chat, etc Global Policy Group Policy Limited Use Policy Can comment, post, upload, and chat, no games, downloads, etc Group Policy Expanded Use Policy Can comment, post, upload, download, , chat, but no games, etc. Full Use Policy No Restrictions Individual Policy Web Application Control Example Everyone Marketing HR/Recruiting CEO, CIO Different Policies for Facebook throughout an Organization

10 10 © Blue Coat Systems, Inc Blue Coat Confidential Web Application Policy Engine

11 11 © Blue Coat Systems, Inc Blue Coat Confidential 2.) Main Function

12 12 © Blue Coat Systems, Inc Blue Coat Confidential Caching Client Proxy Antivirus URL-Filtering Internet Clients Logging Authentication Protocol optimization BW management Compression Policy Protocol detection Byte Caching

13 13 © Blue Coat Systems, Inc Blue Coat Confidential Application proxy AOL-IM FTP HTTP & HTTPS MSN-IM Streaming Yahoo-IM ? TCP-Tunnel SOCKS Internet CIFS.mp3.xxx P2P Telnet/Shell DNS gral.se MAPI

14 14 © Blue Coat Systems, Inc Blue Coat Confidential List On box Database Authentication DACHSER LDAP Directory LDAP X509/CA Client Certifficate Internet Clients AD NT, W2000 or W2003 DC Directory RADIUS Server Directory Netegrity SiteMinder Directory Oblix Directory Policy Substitution

15 15 © Blue Coat Systems, Inc Blue Coat Confidential How We Secure the Web AAA: User logs onto network and is authenticated via NTLM, AD (Single-Sign-on), LDAP, Radius, Forms, local password.  Public Web Server Intranet Web Server Public Internet Internal Network 

16 16 © Blue Coat Systems, Inc Blue Coat Confidential How We Secure the Web AAA: User logs onto network and is authenticated via NTLM, AD (Single-Sign-on), LDAP, Radius, Forms, local password. Policy Processing Engine: All user web application requests are subjected to granular security policy   Public Web Server Intranet Web Server Public Internet Internal Network  

17 17 © Blue Coat Systems, Inc Blue Coat Confidential How We Secure the Web AAA: User logs onto network and is authenticated via NTLM, AD (Single-Sign-on), LDAP, Radius, Forms, local password. Policy Processing Engine: All user web application requests are subjected to granular security policy Content Filtering: Requests for content are controlled using content filtering based on granular policy    Public Web Server Intranet Web Server Public Internet Internal Network   

18 18 © Blue Coat Systems, Inc Blue Coat Confidential Content Filtering  Organizations need to control what users are doing when accessing the internet to protect from legal liability and productivity risks  Blue Coat and our partners enable enterprise-class content filtering Powerful granular user control using Blue Coat’s Policy Processing Engine  By user, group, destination IP and/or URL, time of day, site, category, lots more Multiple logging and reporting options Integrates with all authentication (LDAP, RADIUS, NTLM, AD, 2-factor, etc) Coaching, warnings, etc. High performance with integrated caching Drop-in appliance for easy to deploy and manage De-facto industry content filtering platform

19 19 © Blue Coat Systems, Inc Blue Coat Confidential Content filtering databases Websense Internet Clients SmartfilterSurfControl Your lists exceptions BlueCoat webfilter WebWasher Proventia Digital Arts InterSafe Optenet DRTR IWF

20 20 © Blue Coat Systems, Inc Blue Coat Confidential How We Secure the Web AAA: User logs onto network and is authenticated via NTLM, AD (Single-Sign-on), LDAP, Radius, Forms, local password. Policy Processing Engine: All user web application requests are subjected to granular security policy Content Filtering: Requests for content are controlled using content filtering based on granular policy    Public Web Server Intranet Web Server Public Internet Internal Network Bandwidth management: Compression, Bandwidth management and Streaming media Caching and Splitting.     

21 21 © Blue Coat Systems, Inc Blue Coat Confidential How We Secure the Web AAA: User logs onto network and is authenticated via NTLM, AD (Single-Sign-on), LDAP, Radius, Forms, local password. Policy Processing Engine: All user web application requests are subjected to granular security policy Content Filtering: Requests for content are controlled using content filtering based on granular policy    Public Web Server Intranet Web Server Public Internet Internal Network Bandwidth management: Compression, Bandwidth management and Streaming media Caching and Splitting. Web Virus scanning: Potentially harmful content entering network via HTTP, HTTPS and FTP is stripped or scanned by ProxyAV.       

22 22 © Blue Coat Systems, Inc Blue Coat Confidential Virus, Code & Script scanning Internet Clients ProxyAV Other ICAP servers Sophos Panda McAfee Kaspersky

23 23 © Blue Coat Systems, Inc Blue Coat Confidential ProxyAV ProxySG & ProxyAV - Large Enterprise/Network Core - Scan once, serve many (cache benefit) Internet Internal Network ProxyAV ProxySG Virus Scans HTTP, FTP with caching benefit ProxySG Load Balances Purpose-built appliances for speed “Scan once, serve many” to increase performance High-availability & load- balancing Purpose built operating systems

24 24 © Blue Coat Systems, Inc Blue Coat Confidential How We Secure the Web AAA: User logs onto network and is authenticated via NTLM, AD (Single-Sign-on), LDAP, Radius, Forms, local password. Policy Processing Engine: All user web application requests are subjected to granular security policy Content Filtering: Requests for content are controlled using content filtering based on granular policy    Public Web Server Intranet Web Server Public Internet Internal Network Bandwidth management: Compression, Bandwidth management and Streaming media Caching and Splitting. Web Virus scanning: Potentially harmful content entering network from web is stripped or scanned by ProxyAV. Spyware: Prevention is better than a cure.         

25 25 © Blue Coat Systems, Inc Blue Coat Confidential BlueCoat Spyware Prevention Solution Stops spyware installations –Detect drive-by installers Blocks spyware websites –On-Proxy URL categorization Scans for spyware signatures –High-performance Web AV Detects suspect systems –Forward to cleansing agent Internet Internal Network ProxyAV ProxySG

26 26 © Blue Coat Systems, Inc Blue Coat Confidential How We Secure the Web AAA: User logs onto network and is authenticated via NTLM, AD (Single-Sign-on), LDAP, Radius, Forms, local password. Policy Processing Engine: All user web application requests are subjected to granular security policy Content Filtering: Requests for content are controlled using content filtering based on granular policy     Public Web Server Intranet Web Server Public Internet Internal Network Bandwidth management: Compression, Bandwidth management and Streaming media Caching and Splitting. Web Virus scanning: Potentially harmful content entering network from web is stripped or scanned by ProxyAV. Spyware: Prevention is better than a cure.    IM Traffic Control: IM traffic is subjected to policies and is logged       

27 27 © Blue Coat Systems, Inc Blue Coat Confidential How We Secure the Web AAA: User logs onto network and is authenticated via NTLM, AD (Single-Sign-on), LDAP, Radius, Forms, local password. Policy Processing Engine: All user web application requests are subjected to granular security policy Content Filtering: Requests for content are controlled using content filtering based on granular policy     Public Web Server Intranet Web Server Public Internet Internal Network  Bandwidth management: Compression, Bandwidth management and Streaming media Caching and Splitting. Web Virus scanning: Potentially harmful content entering network from web is stripped or scanned by ProxyAV. Spyware: Prevention is better than a cure.    IM Traffic Control: IM traffic is subjected to policies and is logged Caching: Acceptable, clean content is stored in cache and delivered to requestor.        

28 28 © Blue Coat Systems, Inc Blue Coat Confidential How We Secure the Web AAA: User logs onto network and is authenticated via NTLM, AD (Single-Sign-on), LDAP, Radius, Forms, local password. Policy Processing Engine: All user web application requests are subjected to granular security policy Content Filtering: Requests for content are controlled using content filtering based on granular policy     Public Web Server Intranet Web Server Public Internet Internal Network  Bandwidth management: Compression, Bandwidth management and Streaming media Caching and Splitting. Web Virus scanning: Potentially harmful content entering network from web is stripped or scanned by ProxyAV. Spyware: Prevention is better than a cure.    IM Traffic Control: IM traffic is subjected to policies and is logged Caching: Acceptable, clean content is stored in cache and delivered to requestor. Reporting: All browser, streaming, IM & virus activity, can be reported using Bluecoat's highly configurable reporter.          

29 29 © Blue Coat Systems, Inc Blue Coat Confidential Reporter

30 30 © Blue Coat Systems, Inc Blue Coat Confidential 3.) The Reporter

31 31 © Blue Coat Systems, Inc Blue Coat Confidential  User Interface HTTP (HTTPS), web GUI Interface Telnet (Cisco CLI) SSH & Serial console Java Policy interface CPL, Policy Language SNMP MIBII + Traps Monitor network status and statistics  Reporting tools BlueCoat Reporter  Scalable management Centralized configuration management in Director Management

32 Blue Coat Confidential Reporting (example) 18.2 %Spyware (gator) 16.5 %Aftonbladet 9.5 %Ad’s (in top 40) 6.8 %https (encrypted)

33 Blue Coat Confidential

34

35

36 36 © Blue Coat Systems, Inc Blue Coat Confidential System-wide Management and Control  Blue Coat Director Centralized configuration of Blue Coat appliances – set up, policy, etc Centralized monitoring – appliance health, application use, user experience  Blue Coat Reporter Enterprise roll-up and analysis of application delivery information: appliances, application use, user experience Both Director and Reporter are proven, with thousands of nodes under management…

37 37 © Blue Coat Systems, Inc Blue Coat Confidential 4.) The Director

38 38 © Blue Coat Systems, Inc Blue Coat Confidential Director configuration Management Director (1) Configure and test “profile” system (2) Snapshot profile and save on Director (4) Push profiles and overlays to one or more systems “Profile” system Production systems (3) Create and edit overlays using GUI or CLI. Work- station Remotely and securely manage via GUI or CLI. Configuration Management Policy Management Disaster protection centrally Configuration Management Monitor and control Resource Management Monitor network status and statistics Profile Management Backup configuration Create overlays using GUI or CLI. Automate changes License Management

39 39 © Blue Coat Systems, Inc Blue Coat Confidential Director GUI

40 40 © Blue Coat Systems, Inc Blue Coat Confidential 5.) SSL Interception

41 41 © Blue Coat Systems, Inc Blue Coat Confidential Why SSL Intercept?  Increased granularity for content filtering SSL Proxy vs. SSL Interception  SSL Proxy alone can do content filtering (without SSL Interception) Explicit vs. Transparent interception  Deep level protocol inspection (HTTP) HTTPS is just encapsulated HTTP HTTP Headers, etc. are readable after SSL Interception  ICAPS handoff Antivirus (AV) inspection; RespMod Data Leakage Protection (DLP) inspection; ReqMod  Logging and Reporting for SSL/HTTPS

42 42 © Blue Coat Systems, Inc Blue Coat Confidential

43 43 © Blue Coat Systems, Inc Blue Coat Confidential

44 44 © Blue Coat Systems, Inc Blue Coat Confidential

45 45 © Blue Coat Systems, Inc Blue Coat Confidential

46 46 © Blue Coat Systems, Inc Blue Coat Confidential SSL Interception Model

47 47 © Blue Coat Systems, Inc Blue Coat Confidential Resources  SSL Proxy Deployment Web Guide https://bto.bluecoat.com/sgos/ProxySG/63/SSL_Proxy_Deployment _WebGuide/SSL_Proxy_WebGuide.htmhttps://bto.bluecoat.com/sgos/ProxySG/63/SSL_Proxy_Deployment _WebGuide/SSL_Proxy_WebGuide.htm  Configuring SSL Interception on the ProxySG Appliance https://bto.bluecoat.com/support/ssl-interception  Blue Coat Knowledge Base https://kb.bluecoat.com  Blue Coat Technical Support Case https://bto.bluecoat.com/support/sr/list  Configuring SSL Interception for Transparent Proxy https://kb.bluecoat.com/index?page=content&id=KB3700  Writing SSL Interception/Access Policy https://kb.bluecoat.com/index?page=content&id=KB3716

48 48 © Blue Coat Systems, Inc Blue Coat Confidential

49 49 © Blue Coat Systems, Inc Blue Coat Confidential

50 50 © Blue Coat Systems, Inc Blue Coat Confidential

51 51 © Blue Coat Systems, Inc Blue Coat Confidential Questions ??

52 52 © Blue Coat Systems, Inc Blue Coat Confidential

53 53 © Blue Coat Systems, Inc Blue Coat Confidential

54 54 © Blue Coat Systems, Inc Blue Coat Confidential


Herunterladen ppt "Blue Coat Proxy - SSL - Interception Proxy"

Ähnliche Präsentationen


Google-Anzeigen