Web Isolation

 View Only

When you can't tell good from bad 

Sep 12, 2015 12:00 PM

Entities are at the core of reasoning, with some scientists claiming it is the foundation of language and reasoning. Indeed in the textbook “Animal Cognition” it is written that categorization “must be so enormous an evolutionary advantage that it may well be universal among living organisms” (for a completely unrelated, yet fascinating view into human cognition and categorization, listen to this podcast).

It should therefore come as no surprise that categorization is at the heart of how organizations manage IT security risk. The fundamental approaches of detection (is this an attack or legitimate?), or reputation (has someone already classified this with a certain label?) are in essence an exercise of categorization. And nowhere is this more obvious than in secure web browsing policies: employees are restricted from going to web sites that might cause legal liability or be disruptive in the workplace (adult sites, gambling) or might be an IT security risk (known malware sites, file sharing, etc.). 

Unfortunately, in the specific case of IT security, threats resist our wish to fit websites snugly into tidy labels. It has been known for a long time that many malware infections occur through legitimate sites. For example, new research illuminates a technique that attackers use to serve malicious content through advertising served on legitimate sites such as the Huffington Post.

The approach of relying on classifying sites has weaknesses: new URLs are created daily and many of these cannot be classified because there is no reputation information available about them. Blocking these uncategorized sites has severe productivity and operational costs – employees inevitably will need access to these sites for their work, and it introduces the additional overhead of handling and approving these requests. 

Because detection, reputation and categorization are sometimes impossible, a long term sustainable approach to security is to isolate uncategorized and potentially risky websites. Web isolation executes all web sessions in a secure remote environment thereby preventing websites from delivering any potentially malicious content to endpoints. Web Isolation complements secure web gateways and additional security products to ensure safe web browsing without concern of malware infections.

For information on Symantec Web Isolation we invite you to download our data sheet.

Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Related Entries and Links

No Related Resource entered.