One of the biggest concerns for IT administrators is web security and protecting the network they are responsible for. Most IT administrators do a pretty good job of protecting their networks from “the usual suspects”; however, there is one aspect which is often out of an IT administrator’s control – user browsing and surfing habits.
Most techies understand the web security risks posed by web browsing and we all take simple steps to mitigate these risks on a personal level. We can smell a phishing email from miles away, we ignore IM-based threats, and we suspect a Facebook worm as soon as we see a link getting posted over and over again. There are other ‘activities’ which we learn to screen out, but most users don’t. Malware authors exploit this lack of awareness to propagate their schemes – posing a security risk to the network.
‘But why is this dangerous?’ you may ask.
Although you may already have antivirus software installed on every endpoint, the extremely fast nature and growth of the internet makes it very difficult for a single antivirus to stop all threats.
‘So how do I limit the risk that casual user browsing poses?’
This can be done using multiple layers of web browsing protection – all working in tandem.
Proactive Protection – Automatic blocking of known malicious websites – powered by ThreatTrack
GFI WebMonitor™ 2011 R3 already scans every download with three antivirus engines. ‘But isn’t it better to stop a threat before a user can download an infected file?’ GFI WebMonitor now automatically blocks hundreds of thousands of known malicious websites – all of which are obtained through extensive monitoring of the latest threats through all of our sensors. This list includes websites which have been hacked temporarily and are currently distributing malware or malicious content such as spyware, adware, rogue software utilities, phishing scams etc. With the list being updated every hour you can be sure that the most recent threats are blocked.
Preventive Protection – Blocking Suspicious sites using Web Reputation
With ThreatTrack blocking we are automatically blocking those “known bad websites”. But that leaves us with a host of websites which could be malicious. How do we block websites which have not yet been detected? How do we prevent users from browsing websites which might turn out to be malicious? How do we know whether we should visit a website which we have never seen before? This is where Web Reputation comes in to address the ‘unknown’.
Web Reputation gives a score to websites to determine if these sites are safe to visit or not. It is like your safety consultant, who knows the unknown areas you’re thinking of visiting and is recommending whether you should visit or not. With Web Reputation we can advise you whether visiting a certain website may pose a risk. This is based on the experience we’ve gained from “monitoring” millions of websites and looking at their behavior. The advice is independent of categories and content. For example, any website not in our continuously growing 280 million website database is considered suspicious. There are many other factors we take into consideration, but based on experience we can safely say that you now have a security expert next to you and every user browsing the web.
With the above two features, and many others in GFI WebMonitor, including:
- Blocking of WebGrade Security related categories
- Scanning of downloads with multiple antivirus engines and including HTTPS scanning
- An antiphishing engine
- File download control
it has never been easier for SMEs to implement complete web security.