Blue Coat Systems has introduced their new Blue Coat Advanced Threat Protection solution, which the company is touting as the first to deliver a comprehensive Advanced Threat Protection lifecycle defense that blocks known threats, proactively detects unknown and already-present malware, and automates best practices for incident containment post intrusion.
“What is unique about this is how it responds to the shifting role security now plays in an organization,” said Sasi Murthy, senior director of product marketing at Blue Coat. “It provides an integrated solution that allows different elements of the business organization to link together in a much stronger way, helping security operations teams that run network work with incident response teams.”
Murthy said this really helps security participate fully in business initiatives.
“We have making a big investment in doing that, to a much higher degree than before,” she added.
Blue Coat says enterprise security is weakened, and breaches typically take a long time to discover, because security is weaker against zero day and unknown threats than known threats, and because advanced security operations teams – and their defenses — operate in silos and don’t share information across the entire security organization.
Murthy said that the Blue Coat Advanced Threat Protection solution addresses these issues through a three stage process, which responds to customer requests to advance their existing Blue Coat web gateway implementation, and fully integrates it with Blue Coat’s Solera Big Data analytics platform.
“The first stage is to block and prevent known threats on the network,” Murthy said. That makes use of the Blue Coat ProxySG gateway appliance. “When something unknown is discovered, it proceeds to stage two.”
Stage two features the new Blue Coat Content Analysis System, which is also newly announced, and which integrates with the ProxySG and orchestrates anti-malware protection and application whitelisting at the Internet gateway. This allows security teams to easily manage which sets of web activity go through preventative security systems.
“The Content Analysis System plays a key role in sandbox technology, which is attached at the gateway and allows for very rapid containment of content,” Murthy said. “That ability to sandbox in Blue Coat is new.”
Stage three is a handoff to the Solera Security Analytics platform (Solera Deep See before its recent acquisition by Blue Coat) to facilitate full remediation across the enterprise.
“The malware analysis can trigger analytics, and Solera can trace the incident,” Murthy said. “The Solera platform has been strengthened by its full integration into the Blue Coat network, which allows its engine to see more.”
Murthy said the unique combination of sandboxing capability, network forensics and commitment to an open ecosystem in advanced threat protection distinguishes the Blue Coat system from competitor offerings. It also sends the company off on the latest stage of a remarkable transformation, in which it has evolved from a longtime, but struggling, player in the WAN optimization and service provider caching markets into a Web security vendor with interesting technology. Their 2012 acquisition by a private equity firm took the company private, and infused it with cash needed to acquire key technologies like Solera.
“What we have now is a more sensible and relevant way of bringing business values to the forefront in security,” Murthy said. “This combination of the three stages is what is needed to enhance security participation in business.”