Content Filter Application Guide

2011

• Complete solutions

• Comprehensive offering from a single vendor

• Proven leading edge technology

Fight the Malware Battle

2

Control Access to Web Content and Block Web Threats

Content filtering faces new challenges and opportunities.

As the evolving Web makes managing appropriate surfing

and bandwidth use more difficult, it also introduces new

security threats, that filtering may be ideally suited to address.

ZyWALL USG Content Filter, powered by Blue Coat, protects

user productivity, blocks malware downloads and Web

threats, and enables compliance. ZyXEL’s USG Content Filter

is continuously updated by Blue Coat’s WebPulse community

watch cloud defense, which detects hidden malware and

provides reputation and Web content analysis. ZyXEL USG

Content Filter is 100% user driven for relevance, creating an

unmatched realtime Web content rating service. The WebPulse

uses Dynamic Link Analysis (DLA) to check popular Websites

for attack injections and search engine results for bait pages,

both leading to Web threats via dynamic links. The WebPulse

provides cloud intelligence to ZyWALL USG appliances. USG

Content Filter leverages the next generation of Web filtering

technology by combining URL filtering and anti-malware

technologies together, into a collaborative cloud defense

architecture.

Overview

Table of ContentOverview 2

The Changing Threat Landscape 3

Features to Address the Threats 5

ZyWALL USG Content Filter URL Categories 6

3

The World Wide Web has become the main attack vector

for network threats because the Internet is a very attractive

malware delivery mechanism. With threats hidden directly in

the content such as cookies, add-ons and rootkits, it makes

malware exceptionally difficult to detect. Overall, the web

threats have huge potential including:

Unprecedented malicious code volume: malicious code

variants increased by nearly 300% in 2009.

Dangerous Web content: more than 40% of malicious

code threats target Internet browsers due to the increased

popularity of Web 2.0.

Social networking scams: 40% of social network users

have encountered malicious attacks.

Targeted attacks: web attacks can be extremely targeted

on a particular geographic region, industry, or company

but may not always execute right away.

Key issues for businesses

Malware has become a serious issue for business. If businesses

don’t start to prepare consolidated protection, they will suffer

the impact of malware directly.

Increasing security risks: when employees contact

potentially dangerous web pages that attempt to exploit their

visitors by installing and running malware automatically, it

increases network security risks.

Increasing IT costs: An infected machine increases IT costs

associated with control, removal of malware, and even

reinstall programs and restore the computer to its former

state.

Loss of crucial information or data revenue: malware is

frequently used to infect computers to steal sensitive

information which can be sold to a third-party or

competitors who could then use it to make a profit.

Why your current security solution is not enough

Malicious code is discovered “in-the-wild”. Signature based

security has two major challenges and drawbacks so that it can

cope with today’s high volume dynamic threat landscape.

Exponential malicious code volume challenges: signature-

based security has a complete but long process that a

signature vendor needs to detect and isolate the threat,

develop the signature, and push it out to the millions of

systems that use it. This process can take hours to weeks,

depending on the complexity of the security threat.

Web threats up the ante challenges: any element in daily

dynamic link avalanche can contain a malicious payload

even when they originate from trusted sites. By the time

security tools recognise targeted attacks, systems are

often already infected.

The Changing Threat Landscape

4

What is the best solution for today’s businesses?

The best solution can address the new threat landscape and

overcome the shortcomings of traditional security defenses

that will require two major features.

1 A common community

A fairly large population of community participants willing to

share insights about new threats in real-time.

2 The scale and ubiquity of the cloud

Cloud-based assets and services will supplement onsite

security gateways and signature databases, creating a defense-

in-depth architecture.

Based on these two features, cloud-based community security

is the best solution that collectively addresses the speed,

variety, and ever-changing nature of today’s threats with a

large diverse community, constant threat discovery, blocking

unknown Web content, real-time analysis, immediate signature

updates.

Identify new Web threats in real time: cloud-based tools

and researchers then perform a deep inspection of the

content, URLs, IP addresses, and protocols in real time.

Improve security efficiency and operations: the cloud-

based community security is designed for incident

prevention and analysing, rating, and blocking threats

before they penetrate networks and infect systems.

5

1 Awareness & Response

ZyXEL’s USG Content Filter provides over 6 billion ratings per day

for over 70 million users located in the largest enterprise and

service provider networks around the world:

WebPulse has eight operation centers to support cloud

defense analysis of over 1 billion Web requests per week

New Web content or links detected by Web gateways or

remote clients are sent in real-time to the WebPulse cloud

for DLA inspection where updates to the master Blue Coat

WebFilter database provide immediate protection

Blocks malware, Web threats, fake software updates, fake

AV offers, phishing offers

Blocks only Web threats using DLA inspection, allowing users

access to popular Websites and avoiding over blocking

Provides Web 2.0 filtering for mashed up web portals, blocking

panels and dynamic content per policy settings

Provides coverage in over 50 languages using proprietary

machine analysis knowledge algorithms and ?

USG Content Filter integrates with Google malware feeds and

other third party ratings for Web threats, phishing, scamware

and content ratings

2 Accuracy & Relevance

ZyXEL’s USG Content Filter is 100% user driven for Web content

rating inputs from a broad and diverse user community, without

the need for Web crawlers or artificial analysis:

For new customers the USG Content Filter quickly learns user

habits with real-time feedback for relevance – in new ratings

USG Content Filter analyses content, within image searches,

cached content, and translation services for accurate ratings

and compliance with its real-time rating service

USG Content Filter provides reputation ratings so policy

controls can opt for inline threat analysis, or blocking

downloads such as drive-by installers and executables from

these sites

3 Effectiveness and Security

Thanks to Blue Coat WebPulse technology, the USG Content

Filter provides Web 2.0 protection and content ratings with cloud

awareness from a global user community and an array of threat

prevention technologies in the cloud and on the USG gateway:

Downloads and patch cycles are no longer required as Web

gateways and remote clients are cloud connected for

immediate protection with rating updates

Leading edge Web 2.0 is defended by uniting edge Web 2.0

defense by uniting URL filtering with threat analysis in a cloud

architecture to rapidly find hidden malware downloads, fake

software updates, scamware and phishing attacks

4 Reporting and Visibility

Extend USG Content Filter with Vantage Report to provide

visibility and governance verification of web filtering policies:

The dashboard provides a quick view of real-time status of

the security threat at your fingertips. And there is a daily

report automatically sent to IT executives that help to keep

tracing the trend of security threat.

With the Vantage Report it is easier to centralise the

management of the security threat across multiple locations

and devices from a single console. The comprehensive reports

allow you to analyse the Internet access behaviour and find

any potential risks in your network. Also the logs archiving

and searching functions can help you to achieve the

regulatory compliance.

When you combine ZyXEL’s USG Content Filter and Vantage

Report it creates an unmatched enterprise-class filtering

solution for small and medium businesses.

Features to Address the Threats

6

ZyWALL USG Content Filter URL Categories,

powered by Blue Coat

The USG Content Filter database contains millions of website

ratings representing billions of web pages, covering more

than 50 languages, and organised into 79 useful categories,

including:

ZyWALL USG Content Filter URL Categories, Powered by Blue Coat

7

Blue Coat WebPulse Cloud-based Defence

Malware is constantly evolving, so you need a dynamic security

strategy that can keep up with the latest Web-based threats. To

help protect your network from sophisticated malware attacks,

the Blue Coat WebPulse cloud service leverages real-time URL

ratings from a growing community of 70 million users, supports

more than 50 languages, integrates multiple threat detection

engines and provides more than six billion real-time Web

content ratings per day.

As part of the ZyWALL USG Content Filter solution, the

WebPulse delivers fast and effective Web 2.0 threat protection

by incorporating custom script analysers, anti-malware and

anti-virus scanning, sandboxing and browser simulations and

other leading security technologies. As a result, the WebPulse

cloud service:

Dynamically analyses URL requests and immediately shares

threat intelligence throughout the cloud community

Leverages 16 advanced threat analysis tools to provide

immediate and continuous protection against known and

unknown Web-based threats

Delivers the latest security advances without requiring

software downloads or other update cycles

About ZyWALL USG

ZyXEL’s firewall concept is a security solution that covers

all areas of corporate communication. The firewall permits

only desired traffic to enter the network, while the Anti-

spam feature scans your e-mails and the content filter blocks

access to undesirable or dangerous websites. The anti-virus

service can block viruses, Trojan Horses and spyware, while

IDP detects and eliminates malware according to the activity

patterns. Depending on the device employed, the VPN

allow secure remote access via IPSec, SSL or L2TP tunnels.

VPN traffics can be controlled with firewall policies and

contents are protected by anti-virus and IDP functionalities,

while protocol independent application patrol locates and

regulates undesirable traffics; combined in one device,

these components guarantee that your network from

hacker attacks. ZyXEL always makes sure that its solutions

are effective, affordable and easy to handle: the ZyWALL

USG Series not only offers an unbeatable price/performance

ratio, but also low operating costs thanks to the simple

configuration, automatic updates of all services and free

firmware upgrades.

F o r m o r e p r o d u c t i n f o r m a t i o n , v i s i t u s o n t h e w e b a t w w w . Z y X E L . c o m

Copyright © 2011 ZyXEL Communications Corp. All rights reserved. ZyXEL, ZyXEL logo are registered trademarks of ZyXEL Communications Corp. All other brands, product names, or trademarks mentioned are the property of their respective owners. All specifi cations are subject to change without notice.

ZyXEL Communications Corp.Tel: +886-3-578-3942Fax: +886-3-578-2439Email: sales@zyxel.com.twhttp://www.zyxel.com

CorporateHeadquarters

ZyXEL BelarusTel: +375 17 334 6099Fax: +375 17 334 5899Email: sales@zyxel.byhttp://www.zyxel.by

ZyXEL BeneluxTel: +31 23 5553689Fax: +31 23 5578492Email: sales@zyxel.nlhttp://www.zyxel.nlhttp://www.zyxel.be

ZyXEL CzechTel: +420 241 091 350Fax: +420 241 091 359Email: info@cz.zyxel.comhttp://www.zyxel.cz

ZyXEL Denmark A/STel: +45 39 55 07 00Fax: +45 39 55 07 07Email: sales@zyxel.dkhttp://www.zyxel.dk

ZyXEL FinlandTel: +358-9-4780 8400Email: myynti@zyxel.fi http://www.zyxel.fi

ZyXEL FranceTel: +33 (0)4 72 52 97 97Fax: +33 (0)4 72 52 19 20Email: info@zyxel.frhttp://www.zyxel.fr

ZyXEL Germany GmbHTel: +49 (0) 2405-6909 0Fax: +49 (0) 2405-6909 99Email: sales@zyxel.dehttp://www.zyxel.de

ZyXEL Hungary & SEETel: +36-1-336-1640Fax: +36-1-325-9100Email: info@zyxel.huhttp://www.zyxel.hu

ZyXEL ItalyTel: 800 99 26 04Fax: +39 011 274 7647Email: sales@zyxel.ithttp://www.zyxel.it

ZyXEL NorwayTel: +47 22 80 61 80Fax: +47 22 80 61 81Email: salg@zyxel.no http://www.zyxel.no

ZyXEL PolandTel: +48 (22) 333 8250Fax: +48 (22) 333 8251Email: info@pl.zyxel.comhttp://www.zyxel.pl

ZyXEL RussiaTel: +7 (495) 542-8920Fax: +7 (495) 542-8925Email: info@zyxel.ruhttp://www.zyxel.ru

ZyXEL SlovakiaTel: +421 243 193 989 Fax: +421 243 193 990Email: info@sk.zyxel.comhttp://www.zyxel.sk

ZyXEL SpainTel: +34 902 195 420Fax: +34 913 005 345Email: sales@zyxel.eshttp://www.zyxel.es

ZyXEL Sweden A/STel: +46 8 5776060Fax: +46 8 5776061Email: sales@zyxel.sehttp://www.zyxel.se

ZyXEL SwitzerlandTel: +41 (0)44 806 51 00Fax: +41 (0)44 806 52 00Email: info@zyxel.chhttp://www.zyxel.ch

ZyXEL Turkey A.S.Tel: +90 212 314 18 00Fax: +90 212 220 25 26Email: bilgi@zyxel.com.trhttp://www.zyxel.com.tr

ZyXEL UK Ltd.Tel: +44 (0) 118 9121 700Fax: +44 (0) 118 9797 277Email: sales@zyxel.co.ukhttp://www.zyxel.co.uk

ZyXEL UkraineTel: +380 44 494 49 31Fax: +380 44 494 49 32Email: sales@ua.zyxel.comhttp://www.ua.zyxel.com

Europe

ZyXEL Costa RicaTel: +506-22017878Fax: +506-22015078Email: sales@zyxel.co.crhttp://www.zyxel.co.cr

ZyXEL USANorth America HeadquartersTel: +1-714-632-0882Fax: +1-714-632-0858Email: sales@zyxel.comhttp://us.zyxel.com

The AmericasAsia

ZyXEL China (Shanghai)China HeadquartersTel: +86-021-61199055 Fax: +86-021-52069033 Email: sales@zyxel.cn http://www.zyxel.cn

ZyXEL China (Beijing)Tel: +86-010-62602249Email: sales@zyxel.cnhttp://www.zyxel.cn

ZyXEL China (Tianjin)Tel: +86-022-87890440 Fax: +86-022-87892304 Email: sales@zyxel.cn http://www.zyxel.cn

ZyXEL IndiaTel: +91-11-4760-8800Fax: +91-11-4052-3393Email: info@zyxel.inhttp://www.zyxel.in

ZyXEL KazakhstanTel: +7-727-2-590-699Fax: +7-727-2-590-689 Email: info@zyxel.kzhttp://www.zyxel.kz

ZyXEL MalaysiaTel: +603-7960-0088Fax: +603-7960-8802Email: info@zyxel.com.myhttp://www.zyxel.com.my

ZyXEL PakistanTel: +92 213 4310194-5Fax: +92 213 4310196Email: info@zyxel.com.pkhttp://www.zyxel.com.pk

ZyXEL SingaporeTel: +65-6899-6678Fax: +65-6899-8887Email: sales@zyxel.com.sghttp://www.zyxel.com.sg

ZyXEL Taiwan (Taipei)Tel: +886-2-2739-9889Fax: +886-2-2735-3220Email: sales_tw@zyxel.com.twhttp://www.zyxel.com.tw

ZyXEL ThailandTel: +66-(0)-2831-5315Fax: +66-(0)-2831-5395Email: info@zyxel.co.thhttp://www.zyxel.co.th