Barracuda Advanced Threat Protection. Bringing a New Layer of Security for . White Paper

Similar documents
Total Threat Protection. Whitepaper

Evolution of Spear Phishing. White Paper

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments

Security Gap Analysis: Aggregrated Results

Symantec Ransomware Protection

WHITE PAPER. Applying Software-Defined Security to the Branch Office

WatchGuard Total Security Complete network protection in a single, easy-to-deploy solution.

How to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

The Mimecast Security Risk Assessment Quarterly Report May 2017

NetDefend Firewall UTM Services

Symantec Endpoint Protection 14

CA Host-Based Intrusion Prevention System r8

Backup and Archiving for Office 365. White Paper

Late Addition #1 EXECUTIVE DOCUMENT SUMMARY

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

TREND MICRO SMART PROTECTION SUITES

Symantec Client Security. Integrated protection for network and remote clients.

McAfee Complete Endpoint Threat Protection Advanced threat protection for sophisticated attacks

Maximum Security with Minimum Impact : Going Beyond Next Gen

EXECUTIVE BRIEF: WHY NETWORK SANDBOXING IS REQUIRED TO STOP RANSOMWARE

Cloud Security & Advance Threat Protection. Cloud Security & Advance Threat Protection

Symantec Endpoint Protection

Symantec Protection Suite Add-On for Hosted Security

SOLUTION BRIEF ASSESSING DECEPTION TECHNOLOGY FOR A PROACTIVE DEFENSE

Prevent and Detect Malware with Symantec Advanced Threat Protection: Network

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

A Guide to Closing All Potential VDI Security Gaps

TREND MICRO SMART PROTECTION SUITES

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Mitigating Branch Office Risks with SD-WAN

FIREWALL BEST PRACTICES TO BLOCK

Fighting Spam, Phishing and Malware With Recurrent Pattern Detection

MODERN DESKTOP SECURITY

Symantec & Blue Coat Technical Update Webinar 29. Juni 2017

Cisco Advanced Malware Protection. May 2016

IBM Security Network Protection Solutions

Kaspersky Internet Security - Top 10 Internet Security Software in With Best Antivirus, Firewall,

Security Landscape Thorsten Stoeterau Security Systems Engineer - Barracuda Networks

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

WHITEPAPER ENDPOINT DETECTION AND RESPONSE BEYOND ANTIVIRUS PROACTIVE THREAT HUNTING AT THE ENDPOINT

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

Kaspersky Security Network

Stop Ransomware In Its Tracks. Chris Chaves Channel Sales Engineer

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

WHITE PAPER. AirGap. The Technology That Makes Isla a Powerful Web Malware Isolation System

Securing Your Business Against the Diversifying Targeted Attacks Leonard Sim

ein wichtiger Baustein im Security Ökosystem Dr. Christian Gayda (T-SEC) und Ingo Kruckewitt (Symantec)

Herd Intelligence: true protection from targeted attacks. Ryan Sherstobitoff, Chief Corporate Evangelist

trend micro smart Protection suites

Enterprise Ransomware Mitigations

MESSAGING SECURITY GATEWAY. Solution overview

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Isla Web Malware Isolation and Network Sandbox Solutions Security Technology Comparison and Integration Guide

Cyber Security. Our part of the journey

Best Practices in Securing a Multicloud World

Endpoint Protection : Last line of defense?

Bitdefender GravityZone. Supreme protection against active threats for the SMB market

Securing the Modern Data Center with Trend Micro Deep Security

CounterACT Check Point Threat Prevention Module

What is Zemana AntiLogger?

SandBlast Agent FAQ Check Point Software Technologies Ltd. All rights reserved P. 1. [Internal Use] for Check Point employees

Advanced Threat Control

Next Generation Enduser Protection

Security for the Cloud Era

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

INSIDE. Symantec AntiVirus for Microsoft Internet Security and Acceleration (ISA) Server. Enhanced virus protection for Web and SMTP traffic

Consumerization. Copyright 2014 Trend Micro Inc. IT Work Load

Securing Today s Mobile Workforce

Agenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options

ENTERPRISE ENDPOINT PROTECTION BUYER S GUIDE

SIEM Solutions from McAfee

Securing Your Microsoft Azure Virtual Networks

ConnectWise Automate. What is ConnectWise Automate?

Juniper Sky Advanced Threat Prevention

Juniper Sky Advanced Threat Prevention

Securing Your Amazon Web Services Virtual Networks

JUNIPER SKY ADVANCED THREAT PREVENTION

Kaspersky Open Space Security

THE ACCENTURE CYBER DEFENSE SOLUTION

Securing Office 365 with Symantec

Cisco s Appliance-based Content Security: IronPort and Web Security

An Aflac Case Study: Moving a Security Program from Defense to Offense

Symantec Network Access Control Starter Edition

Proactive Protection Against New and Emerging Threats. Solution Brief

Symantec Network Access Control Starter Edition

Antivirus Technology

Symantec Network Access Control Starter Edition

Agile Security Solutions

An Aflac Case Study: Moving a Security Program from Defense to Offense

Protection - Before, During And After Attack

Symantec Security Monitoring Services

Copyright 2011 Trend Micro Inc.

Cisco Security: Advanced Threat Defense for Microsoft Office 365

What is an Endpoint Protection Platform?

CloudSOC and Security.cloud for Microsoft Office 365

The 2017 State of Endpoint Security Risk

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

Technical Brochure F-SECURE THREAT SHIELD

McAfee Public Cloud Server Security Suite

Transcription:

Barracuda Advanced Threat Protection Bringing a New Layer of Security for Email White Paper

Evolving Needs for Protection Against Advanced Threats IT security threats are constantly evolving and improving, especially as attackers compete to create new ways to exploit and discover new vulnerabilities. For this reason, it simply isn t enough to depend on a single strategy or technology layer to protect your networks, data, and users. Instead, a security solution that will remain relevant and effective over time must be built on an agile, versatile platform that evolves and incorporates new scanning technology, modules, and strategies designed to detect the rapidly evolving threats. Barracuda has built simple and easy-to-use email security solutions that protect our customers from new and emerging threats, without having to manage the complexities of multiple products and solutions. Barracuda Advanced Threat Protection Continuing to execute on this strategy, Barracuda provides an Advanced Threat Protection (ATP) layer to its security platforms. This service combines a variety of microservices to create a multilayered scanning strategy that efficiently filters both known and unknown threats. Barracuda ATP complements the native security infrastructure of network, email, and web environments with additional layers of sophisticated detection. It scans for malware, zero-hour exploits, and targeted attacks by screening and analyzing files in a secure cloud-based sandbox environment, to deliver security that is second to none. The Barracuda ATP service uses three distinct layers to scan, identify, and take action on threats: Layer 1 - Multi-opinioned anti-virus engine Powerful open source virus definitions. Barracuda Networks leverages the open source community to help monitor and block the latest virus threats. Real-Time Protection to immediately block the latest virus, spyware and other malware attacks as they emerge with virus and spam propagation activity reports at an early stage. Proprietary virus definitions. Barracuda Networks proprietary virus definitions are gathered and maintained by Barracuda Central, an advanced 24/7 security operations center that works to continuously monitor and block the latest Internet threats. Layer 2 - Static Analysis Powerful machine learning farm, via high volume and highly diverse global threat data. Leverages Vector Machine algorithm to deliver fast and accurate verdicts. Taught with 50 million+ endpoints in the field ingesting good and bad files plus millions of files everyday via email security workloads. Layer 3 - Dynamic Analysis Analyzes inbound email attachments in a separate, secured cloud environment, detecting new threats and determining whether to block such messages. Full-system emulated sandbox for remote analysis and detonation of advanced threats designed to evade detection. Analyzes attachments and files for advanced malware, zero-hour exploits, and targeted attacks not detected by Layers 1 or 2. Page 2 of 5

Threat Intelligence with 100% Coverage Barracuda Advanced Threat Protection combines behavioral, heuristic, and sandboxing technologies to protect against zero-hour and targeted attacks. ATP automatically scans email attachments in real time, and suspicious attachments are executed in a secure sandbox environment to observe behavior. In addition to blocking malicious attachments, ATP integrates new findings into Barracuda s real-time threat intelligence system, extending protection to all customers. Barracuda ATP leverages a powerful global threat intelligence system, which ingests vast amounts of diverse threat information from over 50 million deployed collection points around the world. Whenever new attacks occur against networks, web gateways, web applications, or email systems, that information is absorbed in real time and shared across Barracuda s products and user base. Example #1: Ransomware Outbreak In March 2016, eight variants of Locky appear across the internet. 7 of 8 variants were blocked by our Static Analysis Layer in less than one second. The remaining variant was blocked by our Dynamic Analysis Layer within minutes. Example #2: Methodical Attack via MS Word Public domain AV signature provider mistakenly categorized all.doc files as viruses. Large numbers of legitimate.doc files were blocked from transmission when they encountered an AV layer. Security vendors reacted by disabling AV technology from blocking.doc files affected by the false positive. The next day, Barracuda ATP Service detected a larger than usual amount of.doc files being sent over email. Barracuda ATP found 80% of these.doc files to contain polymorphic malware, able to change its signature to evade standard AV. Page 3 of 5

Lessons Learned The first lesson is that criminals are constantly watching the security industry, and are alert to opportunities that arise. In this case, they quickly realized that.doc attachments would likely receive reduced scrutiny, and launched large numbers of attacks within a matter of days. Another lesson is that multiple layers of protection are essential to keep you secure even when something goes wrong, as it did in this case. While traditional antivirus stopped being effective, the attacks were successfully stopped by a more dynamic layer of protection. Finally, it s a reminder that all users must remain vigilant at all times. Your first and best line of defense against many types of attack is a user base that is well trained to spot and respond to suspicious emails and attachments. Using ATP as an Effective Layer of Protection While many security vendors use machine learning in their threat detection systems, what they lack is volume and diversity. Machine learning requires high volumes and diversity of data to be most effective. When presented with high volume and a diverse set of data, machine learning farms are able to learn, evolve, and adapt when fed from a variety of data sources like web, email, and network data traffic. Barracuda s ATP infrastructure utilizes a hardware-accelerated machine learning farm that ingests data from more than 50 million endpoints in the field. Looking at over 900 attributes per artifact, Barracuda ATP is able to calculate and identify new and emerging threats in minutes. To put this into perspective, companies such as FireEye and Wild Fire scan at most 200 300 attributes. In a 2016 independent test of Advanced Threat Protection technology, only Barracuda achieved 100% effectiveness with zero false positives and zero false negatives. Other solutions scored as low as 86.5%, with 93.3% marking the midpoint score. The report also indicated that many attacks were detected immediately, some attacks took close to 24 hours to be detected, and other attacks were never detected by some products. Conclusion Public cloud service providers like Google (Google Apps for Work/Education) and Microsoft (Exchange and Office 365) provide native security to keep users safe from a wide array of threats. But these native features often do not include multiple layers of protection or the flexibility to adapt to a changing threat landscape. With the addition of Barracuda Advanced Threat Protection, users of email systems like Microsoft Exchange and Office 365 can easily add an effective, nimble, and adaptable solution to detect and prevent today s sophisticated, targeted, and zero-day attacks. Barracuda Advanced Threat Protection is available with and can be added to Barracuda Essentials, NextGen Firewalls, and Web Security Gateway. For more information visit: ATP for Essentials at https://campus.barracuda.com/product/ essentials/article/essentials/emailsecurityatp/ Page 4 of 5

About Barracuda Networks, Inc. Barracuda (NYSE: CUDA) simplifies IT with cloud-enabled solutions that empower customers to protect their networks, applications, and data, regardless of where they reside. These powerful, easy-to-use and affordable solutions are trusted by more than 150,000 organizations worldwide and are delivered in appliance, virtual appliance, cloud and hybrid deployments. Barracuda s customer-centric business model focuses on delivering high-value, subscription-based IT solutions that provide end-to-end network and data security. For additional information, please visit barracuda.com. Barracuda Networks Inc. 3175 S. Winchester Boulevard Campbell, CA 95008 United States US 2.0 Copyright 2016-2017 Barracuda Networks, Inc. 3175 S. Winchester Blvd., Campbell, CA 95008 408-342-5400/888-268-4772 (US & Canada) barracuda.com Barracuda Networks and the Barracuda Networks logo are registered trademarks of Barracuda Networks, Inc. in the United States. All other names are the property of their respective owners. t: 1-408-342-5400 1-888-268-4772 (US & Canada) e: info@barracuda.com w: barracuda.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback