Symantec Web Security Service
What is it?
The Symantec Web Security Service (WSS) is a cloud-delivered network security service that enforces consistent internet security and data compliance, regardless of location and device. There are multiple parts to it such as web security, threat protection, malware analysis and information protection with the benefit of being cloud-controlled with high security and performance while using web applications.
Why is it necessary?
With the technical landscape constantly improving it makes sense that the way businesses interact with the internet is evolving as well. More companies are turning to cloud and web-based applications such as dropbox, office365, Salesforce, Gmail and Linkedin to help run their businesses. More employees are also using their laptops, tablets and mobile phones to access their work where ever they are rather than on-site.
This is causing cybersecurity issues as security specialists are no longer protecting one or two offices with an antivirus and a firewall, they are having to deal with their valuable data going offsite, out of their network, and ultimately out of their control. With data compliance rules getting stricter with new developments such as GDPR, and the constant evolution of more intelligent malware and complex web threats, how can companies be sure that their web traffic and networks are secure?
Why choose Symantec Web Security Service?
WSS is a solution to all of those issues, it provides one unified security system to deal with all company devices no matter the location. It reduces the complexity of the issue as it has one centrally managed system where you can set all of the policies and procedures that the company has and roll it out to all users if they are on the network, at home, or somewhere else entirely. It works well with cloud and web applications as well as having great integration abilities with other Symantec products such as SEP, SEP Mobile, and CASB, whilst remaining simple to deploy and very easy to use.
How does it work?
Below is the current network layout that is being used by most companies, everything is separate with SSL encryption and personal and IoT (Internet of things) devices are completely separate from everything else.
This means that any security policies on one site are not guaranteed to be the same on another one, there are multiple systems and people all doing roughly the same job but why have that when you could unite them into one system and manage by one person or one team of people?
Above is the diagram for the Web Security Services, here it shows the WSS sitting in between the users and the internet and the cloud applications. With this all the policies are made in with WSS and are rolled out across all devices, WSS sits between the greater internet and your devices effectively being a barrier between you and any malware or web threats and attacks that could come your way.
Threat protection
There are two main areas to WSS threat protection and Information protection.
The threat protection protects web traffic, its users and their devices with a cloud-delivered security service, it does this by
- Protects against advanced malware and zero-day attacks
- Deployed quickly and simply
- Uses web isolation to block any web browser/email/file threats
- Uses Symantec’s global intelligence network combined with scanning and sandboxing to block hidden malware
- Fast real-time malware protection
Information protection
The other main area of WSS is information protection, this is all about monitoring files, monitoring traffic, and making sure that all information passing through into the system is safe and trustworthy
- Continuously monitors all uploaded and downloaded files
- Automatically enforces policy controls to sensitive data
- Alerts admin and data owners when any data is put at risk or when something unusual or against policy has been discovered
- Inspects the SSL encrypted traffic to identify any security violations and to ensure data compliance
What are the core features?
The other main area of WSS is information protection, this is all about monitoring files, monitoring traffic, and making sure that all information passing through into the system is safe and trustworthy
- URL filtering, it processes all web requests and only lets reliable URLs through
- User authentication, authentication check at login so only accepted users are allowed onto the system
- Advanced threat protection, an anti-virus with white and black list capabilities, and Malware analysis, which uses sandboxes and web isolation if it’s unsure on a file or website and analyses all files and downloads for malware
- Broad connectivity, allows any device to be connected anywhere with over 55 service points worldwide any customer can access any data centre
- Intercepts SSL encrypted traffic, to uncover hidden to encrypted threats or malware