Technology Appliances - Mi5 Webgate Product Features

Mi5 Webgate Features:

URL and Content Filtering - Mi5’s URL Filtering module is a complete content filtering solution, designed to enforce Acceptable Use Policies by blocking access to objectionable websites, content and applications. Mi5's URL Filtering Module gives organizations the ability to design specific internet use policies to maintain employee productivity, manage network bandwidth usage, lessen legal liability, and prevent exposure to web-based malware.

Mi5's URL database, provided by IBM, has more than 87 million web sites in 58 categories. The database is constantly updated with over 100,000 web pages added or updated every day, and updates are automatically pulled down to Webgate appliances on an hourly basis. IBM analyzes over 15 million web pages daily, through a sophisticated text and image analysis system.

Virus Protection - The combination of Mi5's powerful S2 Streaming Inspection engine with Sophos' high performance scanning technology lets you perform deep inspection of files coming into your organization from the web, without adding separate file scanning appliances or slowing browsing performance. Mi5’s Anti-Virus Module combines multiple detection methods to give the deepest protection against the widest variety of viruses. During the scanning process, the Sophos engine identifies the type of file, and then applies the relevant technique(s), including:

Pattern Matching - which can identify a virus by a specific code sequence. These patterns are created to ensure the engine not only catches the original virus, but also derivatives within the same virus family.

Emulation - which can detect polymorphic viruses as well as viruses contained within multi-layer attachments.

Advanced Heuristics - which are based on behavioral Genotype technology, and are used to ensure that variants of viruses are detected, even when minimal pattern information is available.

Spyware Protection - Mi5 provides the most comprehensive gateway spyware protection available today, not only preventing spyware from getting inside your network, but also preventing infected PCs from “phoning-home” sensitive data. Mi5 combines multiple signature databases and heuristics to provide complete protection. Mi5 is the only solution provider that can accurately identify infected PCs, and automatically dispatch a cleanup agent for pinpoint spyware removal.

Mi5 combines Sunbelt Software’s market leading anti-spyware technology with Mi5-developed signatures and heuristics. Mi5 can:

Inspect URLs and block spyware sites
Inspect active content (e.g. ActiveX, Java), and selectively block those elements from web pages
Inspect file downloads, and put a block page in front of a user if the file contains spyware
Inspect all phone-home traffic and block transmissions, regardless of what port or protocol are used by port-agile spyware
Accurately report which computers are infected and prioritize cleanup
Automatically clean infected PCs through the optional SpyWash module

Spyware Removal with Mi5 Spywash - Mi5 SpyWash provides automatic spyware cleanup of infected PCs without requiring software on every corporate desktop, or time-consuming manual cleanup procedures. Spywash is an ActiveX program that is automatically dispatched from a Webgate appliance to infected PCs, and doesn’t require a full executable install on every PC in the network. Mi5 SpyWash contains a spyware cleanup database that is updated hourly and backed up by Sunbelt Software's extensive spyware research capabilities.

Once Mi5 Webgate sees phone home traffic from a PC, it is clear that the PC is infected and that the existing desktop anti-spyware software has missed it. Mi5 SpyWash informs the user that their machine is infected, and the user can scan and clean their computer without IT involvement, interrupting their work, or restarting their PC. The user simply clicks a button on a web page, and the rest is automated from there. Once a PC is cleaned, the Webgate reports of infected PCs are updated, and Repair History reports are provided for every PC.

Botnet Protection - Botnets consist of a collection of software robots or "bots" living inside your enterprise that can be controlled through a remote server or set of servers (Command and Control, or C&C). Botnets are used for spamming, denial-of-service attacks, click fraud and identity theft. Mi5 has developed a series of patent-pending algorithms that use a combination of cues to detect and block bots. Mi5 looks inside your network for C&C communication, IP scanning, spamming and other botnet activity, and develops a “confidence score” for the traffic coming off bot infected PCs.

As soon as some activity is detected, Mi5 Webgate flags the PC as “suspected.” Once enough of Mi5’s algorithm triggers have been tripped, and Mi5 is confidant the machine has an active bot on it, Mi5’s Webgate flags the PC as “active” and blocks outbound bot communications. But since typically only 5-15% of bot infected PCs are active at any one point in time, Mi5 goes one step further, marking PCs that had active bot activity that are no longer communicating as “Inactive.” With that information, you can prioritize your cleanup work and focus on the Active bots first.

Mi5’s Webgate appliances not only block incoming Bot and Trojan infections, but also track the spread of botnet infections throughout your organization, and prevent bots from sending any data back out of your organization.

File Leakage Protection - Your employees have more choices than ever of places on the web to download and upload content. Not only is some of this content very bandwidth intensive, but these avenues can also pose a risk for unwanted content coming into or leaving your organization. Mi5's File Leakage protection is included for free with the basic Webgate subscription, and allows you to view and control nearly 300 different file formats in over a dozen categories. You can prevent employees from uploading or downloading audio and video files, from transfering CAD or Project files, or sharing databases you can't look within.

Network Deployment - Mi5 offers the most flexible deployment options, allowing you to block and/or monitor from a port span/tap, inline as a transparent bridge and/or via standard ICAP or UFP protocols.

Port Span/Tap - Unlike other solutions, Mi5 Webgate appliances can block (and monitor) from a port span/tap, offering a zero latency solution with the lowest network risk.

Inline - Mi5 provides hardware bypass on all models, so if anything happens while the appliance is inline, the network connection fail open and network traffic passes.

ICAP and UFP - Mi5 supports industry standard ICAP and UFP protocols, providing another option to integrate with your existing proxy and firewall infrastructure.

Built-in Web Reporting - Mi5’s built-in reporting system can be accessed securely via a browser, and comes with dozens of real-time and historical reports, as well as comprehensive custom reporting and alerting functionality. Easily discover who the offenders and infected PCs are, and what types of inappropriate websites and downloads are being accessed most often. Easily see what viruses have been blocked, and where the most popular sources of infection are. Powerful drill-down features allow you to move easily between reports and access data by category, URL, user, workstation, dates and more. Alerts can be set up for critical events, and any report can be delivered via email on a schedule you define.

Accurate User and Pc Identification - Mi5's TrueTracking™ function provides real-time integration with LDAP, Active Directory and Domain Controller servers, so you know exactly who accessed what, which PCs are truly infected, and have a full audit trail for all time.