Add to collection(s) Add to saved
  1. Arts & Humanities
  2. Communications
  3. Marketing

Solution Brief

advertisement 
Security
Empowers
Business
Today’s threat environment consists of a complex, constantly evolving mix of both known and unknown (or “zero
day”) malware. But no single security technology detects all malware. Handling the diversity of today’s malware
requires a layered security architecture in which multiple key technologies work together.
Solution Overview
How it Works
The Blue Coat ProxySG and Blue Coat Content Analysis System
work with FireEye’s AX series appliances to provide a layered defense
against both known and unknown malware. The ProxySG and Content
Analysis System protect against the massive volume of known threats
that populate today’s threat landscape, while the AX Series applies
sandboxing technology to analyze unknown files for defense against
unknown or “zero day” malware.
The ProxySG provides a first layer of network malware defense by
blocking websites known to be malicious or infected with malware.
ProxySG then forwards files sent from allowed sites to the Content
Analysis System, which applies whitelisting and dual malware engines to
forward “known good” files directly to users, and block known malware.
Unknown files are then sent to FireEye’s AX Series for sandboxing
analysis to detect unknown malware. When the AX Series identifies
malware, it provides feedback to the ProxySG and Content Analysis
System to enable automated blocking of newly identified malware files
and malicious websites.
Partner: FireEye
Partner Product: AX Series Appliances
Blue Coat Products: ProxySG, Content Analysis System
LB/WCCP
Internal
Network
ProxySG
ICAP/S-CAP
Content Analysis System
FireEye AX Series
SSH
SOLUTION BRIEF
BLUE COAT TECHNOLOGY
PARTNER: FIREEYE
SOLUTION BRIEF
Automated File Feed
Security
Empowers
Business
The AX Series is often used for forensic analysis of suspicious files
after an incident has been discovered by other monitoring systems.
But forensics represents only a portion of the AX Series’ potential
value to the organization. Blue Coat can help get more out of your AX
Series appliances by providing an automated feed of ALL unknown or
suspicious files downloaded by end users over the web. This automated
feed extends the value of AX Series from post-incident forensics to also
include proactive detection of malware that has gone unnoticed by other
systems.
Automated Enforcement and Alerting
After analyzing unknown files sent by Blue Coat, the AX series provides
Blue Coat with feedback regarding analysis results. This feedback
enables Blue Coat to take automated, policy-based enforcement
action that prevents new infections and initiates incident response. For
example, when the AX Series identifies malware, it sends alerts to both
ProxySG and the Content Analysis System. Then, based on policy,
ProxySG can immediately block origin websites while the Content
Analysis System blocks subsequent download of identified malware
files. Blue Coat can also be configured to initiate incident response by
automatically forwarding AX Series analysis results to SIEMs and other
security monitoring systems via syslog, SNMP, and email.
Improve Performance and Reduce False Positives
By pre-filtering malicious websites, known malware, and “known good”
files, Blue Coat significantly reduces the volume of files that must be
analyzed by FireEye. This load reduction not only improves AX Series
performance, but reduces false positive alerts.
Advanced Threat Protection Lifecycle Defense
Blue Coat’s Advanced Threat Protection Lifecycle Defense is
an open malware defense framework that enables customers
to easily combine key technologies needed to address today’s
complex threat environment. As part of this framework, the AX
Series integrates with the ProxySG and Content Analysis System to
protect against known and unknown threats. This foundation can
be extended to gain visibility into encrypted traffic and accelerate
incident response using the Blue Coat SSL Visibility Appliance and
Security Analytics Platform. To learn more, visit www.bluecoat.com/
advanced-threat-protection-solution.
Open Platform
Blue Coat’s open approach enables you to choose best-of-breed
solutions that best fit your needs. If you already own FireEye, you can
improve performance, reduce false positives, and automate malware
enforcement by integrating FireEye with Blue Coat. If you are selecting a
new sandboxing solution, you may select Blue Coat’s Malware Analysis
Appliance or go with the AX Series. You can even deploy and integrate
both systems simultaneously. With Blue Coat, you are not locked into a
single option.
For More Information
Learn more about Blue Coat technology partners on our website.
Blue Coat Systems Inc.
www.bluecoat.com
Corporate Headquarters
Sunnyvale, CA
+1.408.220.2200
EMEA Headquarters
Hampshire, UK
+44.1252.554600
APAC Headquarters
Singapore
+65.6826.7000
© 2014 Blue Coat Systems, Inc. All rights reserved. Blue Coat, the Blue Coat logos, ProxySG, PacketShaper, CacheFlow, IntelligenceCenter, CacheEOS, CachePulse, Crossbeam, K9, the K9 logo, DRTR, Mach5, Packetwise, Policycenter, ProxyAV, ProxyClient,
SGOS, WebPulse, Solera Networks, the Solera Networks logos, DeepSee, “See Everything. Know Everything.”, “Security Empowers Business”, and BlueTouch are registered trademarks or trademarks of Blue Coat Systems, Inc. or its affiliates in the U.S. and certain
other countries. This list may not be complete, and the absence of a trademark from this list does not mean it is not a trademark of Blue Coat or that Blue Coat has stopped using the trademark. All other trademarks mentioned in this document owned by third parties
are the property of their respective owners. This document is for informational purposes only. Blue Coat makes no warranties, express, implied, or statutory, as to the information in this document. Blue Coat products, technical services, and any other technical data
referenced in this document are subject to U.S. export control and sanctions laws, regulations and requirements, and may be subject to export or import regulations in other countries. You agree to comply strictly with these laws, regulations and requirements, and
acknowledge that you have the responsibility to obtain any licenses, permits or other approvals that may be required in order to export, re-export, transfer in country or import after delivery to you. v.SB-TECHPARTNER-FIREEYE-EN-v1d-0414
Related documents
Inquiry-Based Mini Lesson Plan “Teaching with Material Objects” – Wool Coat
Inquiry-Based Mini Lesson Plan “Teaching with Material Objects” – Wool Coat
T N W
T N W
My Own Lab Coat
My Own Lab Coat
Download
advertisement