Securing HTTP Traffic Throughout the Enterprise
More and more mission-critical resources are being delivered over widely dispersed networks of various sensitivity levels; along with applications, news, email, and numerous other applications and services. Internet servers that connect these private and public systems and information become potential gateways to proprietary and confidential data. All of this combines to heighten the risk of web-based attacks.
WebShield, a Commercial-Off-The-Shelf (COTS) data guard, provides secure web search and browse-down capabilities from high side networks to lower level networks. WebShield allows for the transparent protection of the entire network (i.e., not just a single local server). Because WebShield is a secure mechanism for complete information browsing and discovery, users' ability to carry out their missions and job requirements is increased. Users surfing lower level networks can be restricted to specific server and file types as defined by security policies. All requests, responses, and transfers go through security controls, such as, dirty word search, virus scan, and malicious content checks.
WebShield Enterprise Implementations
- Seamless cross domain content discovery – Users access a web-based federated search engine (for example, Vivisimo™) within his or her web browser to initiate a search request that can return results from multiple networks.
- Secure chat – WebShield reads and validates basic chat (XMPP) traffic through HTTP to facilitate multilevel chat.
- Web-based application data transfer – WebShield guards the access and sharing of data, such as geographic visualation application data, utilized by groups operating at different security levels.
- Real-time data access and manipulation – WebShield provides real-time data validations that enable organizations to keep one instance of informaiton at the lowest level necessary, eliminating data duplication.
- Multilevel web-based email – Users who perform most of their work from a high side workstation and have lower level email accounts can now access all email from a high side web-based email application.
- Secure wiki page authoring – When used with Raytheon's Trusted Gateway System , WebShield facilitates secure upload of files and images to a low side resident internal wiki.
- Included in the Unified Cross Domain Services Management Office (UCDSMO) Baseline List
- Evaluated for operation at Protection Level 4 (PL4)
- Supports service-based server-to-server access through HTTP
- Supports standard web browsers and requires no software installation on the user's desktop
- Provides seamless access to web-based resources at lower levels
- Includes customizable virus scanning, dirty word search, file typing, and active content blocking
- Increases productivity while maintaining a high level of security
- Provides accountability for user actions with a Strong Authentication option
- Supports local, site, and regional site-to-site load distribution and failover