Enterprises today face an increasing number of attacks through user’s Internet web sessions. It could be because users are visiting compromised or malicious websites that can lead to stolen identities, malware or botnet installation, data theft and exfiltration or even ransomware infections.
In addition, today over half of the web is encrypted. Does that make everyone safer? Yes, BUT we are also seeing an increase in bad actors using the guise of encryption to hide malware. Over 50% of cyber attacks use malware hidden in encrypted traffic.
The increase in encrypted traffic also leads to decreased visibility and control. Traditional web security solutions come up short especially in scaling with performance for SSL as well as their ability to offer easy to use analytics and insights.
Announcing our newest solution in the NetScaler Security portfolio: NetScaler Secure Web Gateway (NetScaler SWG).
NetScaler SWG Capabilities:
- NetScaler SWG solutionprovides Complete Visibility into encrypted traffic allowing security operations teams to inspect, analyze and control web traffic. NetScaler SWG solution acts as a forward proxy for all outgoing traffic enabling deployment of security policies with ease.
- NetScaler URL Threat Intelligence Subscriptionis a cloud-based service that blocks access to millions of malware and phishing websites. This subscription service is available as an add-on option to NetScaler SWG solution.
- NetScaler SWG solution with NetScaler MASprovides User Behavior Analytics based on user risk score.
Business Benefits for Security Operations Teams:
- Organizations can Reduce their Business Risk and Increase Employee Productivityby protecting their employees against cyber security threats like phishing, and malware threats.
- Security Operations teams gain deep visibility and real-time user behavior analytics to protect against malware threats.
- Organizations can Ensure Corporate and Regulatory Policy Compliance.
- Organizations have the visibility and control they need over encrypted traffic while ensuring compliance with their privacy, regulatory and acceptable user policies.
- Organizations can Increase their Operational Efficiency by using singe pane of glass view for real-time visibility, analytics, and reporting.
- Single pane of glass view through NetScaler Management and Analytics System (NetScaler MAS) provides real-time visibility, analytics, and reporting. Within seconds drill down to a per-user web usage view to understand events and correlated threats.
Through NetScaler URL Threat Intelligence Subscription, a cloud powered service, NetScaler SWG offers more than 180 categories of URLs and includes support for protection against unknown as well as phishing and other transient malicious websites.
NetScaler SWG can be deployed in transparent proxy mode for easy integration into the existing architecture without changing client or networking configurations.
NetScaler SWG with NetScaler MAS provides SecOps teams an easy-to-use analytics dashboards to quickly determine users risk scores, websites visited as well as bandwidth or resources used per user or website. This allows SecOps teams to fine-tune policies or quarantine users or websites as required while saving time and energy.
The dashboards provided by NetScaler MAS include the User Dashboard, which displays a summary of the activities performed by users in the enterprise. It provides key metrics that can be used to determine:
- Browsing behavior of users in the enterprise
- URL categories accessed by users in the enterprise
- Top five users based on their high-risk scores and bandwidth they consumed
- Browsers used to access the URLs or domains
- Amount of web traffic generated by users, based on the traffic reputation score
The User Activity Investigator pane in the above screen displays key information such as browsing behavior of the user, high-risk activity by the user, and the triggered events per URL category.
Clicking on the events brings up the user transaction level details.
Another dashboard in NetScaler MAS is the ‘Outbound Traffic Dashboard’ that provides a summary of the URLs or domains accessed from the enterprise network. It gives a holistic view of all the URLs or domains by number of transactions or data volume consumed.
NetScaler SWG Availability:
NetScaler SWG is offered as a dedicated appliance through our MPX or VPX family of platforms. An optional NetScaler URL Threat Intelligence Subscription service is offered which provides live categorization updates for websites and URLs. Here is the NetScaler SWG datasheet for more details.
For more information, visit: https://www.citrix.com/products/netscaler-secure-web-gateway/