Sophos Monday unveiled an appliance that can block access to harmful Web sites to prevent malware infection as well as filter out banned Web sites for productivity purposes.
The company's WS1000 appliance, which supports as many as 1,000 simultaneous users, scans Web traffic to block user access to known sites where risk of spyware and other malicious code is high, says Ron O'Brien, senior security analyst at Sophos. In addition, the WS1000 is built to dynamically analyze Web browsing behavior to stop or warn users when they might be lured into a spam-based phishing attack to a Web site that may only go live for a brief period to steal personal information.
Competitors in Web content filtering include Websense and Trend Micro. While the Sophos appliance does some productivity filtering to block corporate access to sites that are off-limits, such as those focused on porn or gambling, the WS1000 is aimed more at security filtering to prevent incidents caused by users unwittingly visiting dangerous Web sites, says product manager Marc Borbas.
According to Sophos, many Web sites used in spam- and phishing-based attacks are active for only 15 minutes to capture personal data, and then they drop off the map. Sophos, whose expertise has been in antivirus and antispyware software, says it has developed a method to scan for Web content to block the path to malicious Web pages.
The rise of social networking sites where users post content alsois leading to greater risks of malware infection, O'Brien says. "Some recent examples include the German version of Wikipedia, Samsung's Web site forum and MySpace hosting user-authored content that was dangerous," he says.
The WS1000 appliance, which can block executable file types such as peer-to-peer file sharing or MP3 files, will make use of a Web scanning process Sophos does daily to identify malicious Web content.
The product costs US$4,500 for the hardware with an additional charge starting at $16,000 for 500 users.