WebSecurity Appliances SG800Seriesnetworksecurity.us/data/BCS_sg800_ds.pdf · Framework (WKF) and...
Transcript of WebSecurity Appliances SG800Seriesnetworksecurity.us/data/BCS_sg800_ds.pdf · Framework (WKF) and...
Establishing and maintaining enterprise Web security ismore complex – and critical – than ever before.Enterprises increasingly depend on the Internet forbusiness critical content, applications and transactions.This growing use of the Web exposes organizations tonew threats, including viruses, rogue applications,malicious mobile code and other inappropriate Webcontent, all running uncontrolled over Port 80.
Blue Coat Systems’ SG800 Series represents the latest inperimeter defenses for securing and controlling Web-based content and applications. Delivered as a rackmountable appliance for simple installation andmanagement, the SG800 easily integrates with existingsecurity and network infrastructure to provide the nextessential element of Internet protection.
Introducing the SG800 Series
Port 80 Security Appliance:
• Hardened appliance
specifically designed to
protect companies from
Port 80 threats
• Optimized to provide line
speed, content-level
processing of Web objects
• Unique Policy Processing
Engine enforces granular
policies according to rules
set by the administrator
• Integrated URL Filtering
restricts access to
inappropriate content
• Policy-based “scan once,
serve many” model enables
real-time processing for Web
virus scanning
• Support for multiple,
simultaneous authentication
methods enables secure,
authorized access to Web
content
• Enables all downloads or
uploads of potentially harmful
content to be secured
Optimized Port 80 Security Appliances designed toprotect enterprises from Web-based threats
Web Security Appliances
SG800 Series
The Web Security Authority.TM
Contact Blue Coat Systems1.866.30.BCOAT408.220.2200 Direct408.220.2250 Faxwww.bluecoat.com
“Editors’ Choice Awards are selected based on a product’susefulness to enterprise end-users...Blue Coat Systems’security appliance fills a need for secure and reliableenterprise e-business activities.”- Editor, Communication News
OverviewInnovative Security SolutionBlue Coat Systems’ SG800 Series is the industry’sfirst security appliance to provide critical securityfor Web protocols and Port 80 content. Basedon a secure operating system, the SG800 is theideal choice for protecting Internet applicationssuch as Web browsing, instant messengerservices, personal Web-based email (eg. Yahoo!and Hotmail) and rich multimedia content. Theuse of these Web applications exposes theorganization to new security threats from Webviruses, hostile mobile code and inappropriatecontent - all of which use HTTP, or Port 80, as an“open door” into the network.
Based on an award-winning operating system,the SG800 Series is optimized for Web securityfunctions including Web virus scanning, contentsecurity, URL filtering and bandwidthmanagement while providing end users with theresponsiveness they demand. The SG800 workswith existing routers, switches, firewalls andservers to reduce the complexity, cost, andmanagement needed for comprehensive Websecurity.
The Blue Coat Systems AdvantageBlue Coat Systems security appliancesincorporate proven software technology todeliver highly reliable Web security. Takingadvantage of our Web proxy caching expertise,Blue Coat has developed the Web KnowledgeFramework (WKF) and the Policy ProcessingEngine (PPE) – integral components of everySG800 appliance providing the foundation forscalable, policy-based security required intoday’s Web environments.
ApplicationsWeb Virus Scanning
“Scan once, serve many” model allows real-timescanning and scalability with existing virus serversolutions.
Content SecurityParses inbound Web and multimedia content andstrips out malicious mobile code and activecontent invisible to other security devices.
Content FilteringIntegrated URL filtering enables IT staff toprevent users from accessing inappropriatecontent.
Bandwidth ManagementProvides the content positioning, bandwidthsavings and bandwidth control needed to keepyour network running optimally and ensurecapacity is available for mission-criticalapplications.
Proxy ServerHigh-performance, scalable replacement forexisting proxy servers.
With Blue Coat Systems’SG800 appliances,organizations can addpowerful content-levelprotection to existingpacket-level protectionoffered by firewalls.
Web Security Appliances
SG800 Series
Blue Coat System Architecture: Policy Processing Enginemakes content-level security decisions based on theinformation embedded in the Web Knowledge Framework.The customized environment of the SG800 gives the PPE theability to make these granular decisions in real-time, unlikecompeting solutions that run on standard servers.
Product FeaturesThe SG800 combines patent-pending software withrobust hardware to deliver unmatched security,manageability and scalability. As a true appliance,the SG800 Series is easy to install and administer,and is supported by a world-class serviceorganization.
Key Software FeaturesPolicy Processing Engine – Patent-pending systemenables sophisticated security policies based onindividual users, groups of users, time of day,location, protocol, user agent, content type and other attributes.
Web Knowledge Framework – Core technologyunderstands critical information for every Webtransaction including network identifiers,authentication credentials, content types, protocols,methods, headers, browser types, url, location andtime. Provides the data used for processing andenforcement by the Policy Processing Engine.
Visual Policy Manager – Browser-based softwareapplication with an intuitive, graphical user interfacefor defining and managing security policies.
Comprehensive Authentication – Supports proxiedand transparent user authentication to multiple,diverse back-end authentication directories. Supportincludes RADIUS, LDAP and NTLM. Network levelauthentication enables identification of users basedon IP address, subnet, or other network identifier.
Intelligent Caching of Web Content – Proxy cachingtechnology ensures intelligent caching of content –including content requiring authentication at originservers.
Virus Scanning – ICAP (Internet Content AdaptationProtocol) support allows for scanning of Web-basedviruses delivered over HTTP and FTP throughintegration with leading anti-virus solutions.
Browser Identification – Apply corporate usagepolicies based on browser and media player versionto reduce risk associated with employees usingversions with known security flaws.
Denial of Service Attack Resistance – Distinguishesbetween valid and malicious connections to continueservicing legitimate users while resisting DOS attacks.
URL Filtering – Allows organizations to implementpolicies that manage, restrict and log access to Webcontent by user, group, or subnet through integrated,subscription-based solutions from Secure Computingand Websense™.
MIME Type Filtering – Allows organizations toimplement policies for both uploaded anddownloaded content by MIME type.
Streaming Bandwidth Control – Allows organizationsto define limits for the total amount of networkcapacity available for streaming media as well as themaximum streaming bandwidth individual users canrequest. Multimedia streaming types supportedinclude Real Networks, Microsoft Windows Media,Apple QuickTime, MP3 and Flash.
Content Transformation – Limit or strip and replacewhat information is available in content headers sothat information about the corporate network isn’tavailable on the Internet.
Configuration Management – Both graphical userand command line interfaces for managing,configuring, monitoring and upgrading Blue Coatappliances remotely.
Blue Coat Director – Separate managementappliance enables secure centralized configurationand policy management for all Blue Coat applianceswithin an organization.
Comprehensive Logging and Reporting - Providescomplete visibility and reporting to network andsecurity administrators detailing information and allevents managed and monitored by the SG800.
Web Security Appliances
SG800 Series The Web Security Authority.TM
Configuration & Specification Chart
Model 800-0 & 800-0B Model 800-1 Model 800-2 Model 800-3
System
Disk drives 800-0: 1 x 18 GB Ultra160 SCSI 1 x 73 GB Ultra160 SCSI 2 x 73 GB Ultra160 SCSI 4 x 73 GB Ultra160 SCSI800-0B: 2 x 18 GB
RAM 800-0: 512 MB 1 GB 1.5 GB 2 GB800-0B: 768 MB
Network Interfaces (2 on board) 10/100 Base-T (2 on board) 10/100 Base-T ethernetethernet (1) Optional expansion slot: 10/100 Base-T or 10/100/1000 Base-T or SX interface
Operating System Security Gateway OS
Operating Environment
Power AC power 100-240V, 50-60Hz, 2ADC power 38-72VDC
Temperature 5°C to 35°C (41°F to 95°F)
Humidity Less than 90% relative humidity, non-condensing
Altitude Up to 3047 M (10,000 ft)
Dimensions and Weight
Enclosure 19" Rack-mountable
Height 44 mm (1.72 in); 1 rack unit
Width 442 mm (17.4 in)
Depth 578 mm (22.75 in); mounting depth
Weight 800-0: 10.91kg (24 lb) 800-1: 10.91kg (24 lb) 800-2: 11.82kg (26 lb) 800-3: 13.64kg (30 lb)
800-0B: 11.82kg (26 lb)
Regulations
Emissions FCC Class A, EN55022 Class A
Safety CSA C22.2 No. 950 M95, UL 60950 3 Edition, EN60950
Support Standard warranty: 90-day software & phone support with 1-year hardware support; extended and upgraded support plans available
Copyright © 2002 Blue Coat Systems, Inc. All rights reserved worldwide. No part of this document may be reproduced by any means nor translated to any electronic medium without the written consent ofBlue Coat Systems, Inc. Specifications are subject to change without notice. Information contained in this document is believed to be accurate and reliable, however, Blue Coat Systems, Inc. assumes noresponsibility for its use, Blue Coat is a registered trademark of Blue Coat Systems, Inc. in the U.S. and worldwide. All other trademarks mentioned in this document are the property of their respective owners.v.DSSG800c703
Key Platform Features• Simple-to-manage appliance installs in minutes with little ongoing maintenance
• Configuration restoration allows system configuration to be archived, including all system settings, filtering and policies
• Removable, hot-swappable disk drives for true fault tolerance
• Field Serviceable and Upgradeable