Web filtering and malware scanning in-the-cloud

Vioptim is a well established ScanSafe business partner and value added reseller, based in Scotland but working with businesses across the UK. ScanSafe, a Cisco company, is the pioneer and largest global provider of SaaS Web Security, ensuring a safe and productive Internet environment for your business.

ScanSafe solutions keep malware off corporate networks and allow you to control and secure the use of the Web. As a SaaS solution, ScanSafe eliminates the burden of purchasing and maintaining infrastructure in-house, significantly lowering the total cost of ownership.

Powered by its proactive, multilayered Outbreak Intelligence™ threat detection technology, ScanSafe processes billions of web requests and millions of blocks each month for customers in over 100 countries.  Headquartered in London and San Francisco, the company has received numerous awards, including SC Magazine’s “Best Content Security” solution for the last three years. In December 2009 ScanSafe was acquired by Cisco Systems and is at the centre of their security products portfolio.

Web filtering and real-time malware scanning

There are two distinct core products in the ScanSafe service. Web filtering controls when and where the users can browse according to corporate use policy and will provide blocks as well as warnings (called coaching pages) to allow the user to over-ride blocking where categories are being used for genuine business reasons. Real time malware scanning is the really clever bit though. ScanSafe's enormous computing power and systems architecture allows every page that is visited to be scanned in real-time to ensure that it doesn't harbour anything nasty. By looking at the HTML code to decide if it has been compromised it helps to prevent zero hour attacks, the ones that normal signature based anti-virus engines will miss. It's known as Outbreak Intelligence and is a key capability when compared to competitive products.

AnyConnect is ScanSafe's mobile solution for laptops. It involves the installation of a small, tamper proof, agent on the laptop which, when connected to the Internet, forces all browsing activity through the nearest ScanSafe tower. So, if you've just travelled to Singapore, that's where you'll be connected.  But because it's a SaaS solution, your corporate use policy will be known regardless of your location, so you will get the same security posture and use policy as you have from your desk.

This is the overall architecture:

and this gives a representation of how Outbreak Intelligence is used to identify and block malware: