Want to stop malware from entering your organization? That's easy! Unplug your network from the Internet. Gartner says the Internet and Internet applications are now the primary source of malware infections. If unplugging from the Internet isn't practical for you, then consider installing a secure Web gateway to defend your enterprise Web perimeter. John Boline from Hagerman & Company did just that, and the results have been - in his words - "quite impressive."
According to Gartner, “The Internet and Internet applications will be the primary sources of malware infections in the enterprise in 2008 and beyond. However, most organizations do not effectively filter malware from Web traffic. Detecting and preventing malware infections will increasingly require a network gateway at the Internet edge.”
I don’t know if John Boline read that statement from Gartner before he went looking for a Web gateway product. Probably not. But Boline did start shopping for a solution after his company had a couple of events that let the IT department know they had a problem.
Boline is a service manager at Hagerman & Company, a provider of CAD/CAM products and services. Hagerman is headquartered in Illinois and has offices in 18 other U.S. cities. The company runs all Internet access from its branches through the corporate office. About a year ago, some employees were downloading work materials off a legitimate Web site that just happened to be infected with malware. Before long, local PCs at Hagerman were also infected and started serving up undesirable content. The devices had to be cleaned manually.
This sort of incident kept repeating itself. Boline says the company suffered a rate of malware infection of about one machine every week. The time and effort to clean these PCs was growing. He resolved to find a solution that would stop the malware from entering his network at the Web gateway.
Boline read an article about Webgate from Mi5 Networks and decided to check it out. He talked to an Mi5 systems engineer about Hagerman’s network configuration. Hagerman has one router going to the Internet in general, and another router that handles traffic to and from the branch offices. Above all else, Boline didn’t want to have to reconfigure his network to accommodate a Web security product. Once he was assured that Webgate could work in this scenario, Boline decided to evaluate the product for a month.
Boline installed Webgate and deployed it first in “monitor” mode, then in “block” mode. Setting up the gateway was straightforward, and minor configuration issues were resolved in half an hour. After that, he says the results “were amazing.” He saw devices on his network that were infected with malware and no one knew it; Webgate automatically cleaned them. Boline now uses Webgate to block access to undesirable sites, such as gambling, shopping, adult oriented, and even pop-up ads. The device allows content filtering within the parameters of their accepted use policy, screening out sites that have no legitimate business use.
Webgate also scans a Web site’s content before that content ever gets to the end user’s PC. That’s an important feature these days, as drive-by malware is cropping up on all sorts of legitimate Web sites to deliver payloads to unsuspecting visitors. This is what happened to Boline’s colleagues that prompted his search for Web gateway protection.
Boline has customized a warning for his users if they try to visit a blocked site or encounter infected content. They see a Hagerman & Company logo, along with a message that says that the content or Web site has been blocked for security purposes.
By the very nature of its business – selling sophisticated CAD/CAM solutions – Hagerman & Company is quite knowledgeable about IT solutions. It’s a compliment to Mi5 Networks when a customer like Hagerman & Company likes a product so much that they are considering reselling the product to their own customers. As Boline puts it, “This is one product that lives up to the marketing materials we read about it.”
An unexpected benefit that Hagerman & Company saw from deploying Webgate is the recovery of network capacity. Initially, Boline thought he’d see additional overhead from inspecting all Web traffic on his network. Since Webgate filters out rogue traffic and eliminated botnet infections, the company actually increased its network capacity by 20%.
Webgate is deployed as an appliance, and it comes in various sizes and configurations. The core subscription includes features such as anti-botnet, file leakage detection, antispyware (Compare antispyware products), and an enterprise policy engine and enterprise reporting. Add-on modules include URL filtering, antivirus (Compare antivirus products), application control and a malware removal agent that leverage both third party and Mi5’s own technologies.
Gartner just placed Webgate in the visionaries quadrant of the Secure Web Gateway (SWG) Magic Quadrant report for 2008. Check it out if you have barbarians at your (Web) gate. (Compare Secure Web Gateways products)