Datasheet
4
INTEGRATED WEB FILTERING SPECIFICATIONS (WEBSENSE)
URL database >25 Million – growing daily
Pages covered within database >3.9 Billion
New pages added 250,000 list changes every day
Number of categories covered 40 including phishing & fraud, spyware, Adult/Sexually Explicit, Alcohol & Tobacco, Criminal Activity,
Gambling, Hacking, illegal Drugs, Intolerance & Hate, Tasteless & Oensive, Violence, Weapons
Languages 70
Countries 200
ANTISPAM SPECIFICATIONS (SOPHOS)
SPAM list update frequency The antispam list is updated every 60 seconds.
Types of spam covered Botnet IPs, open proxies, known spam sources, and consumer IP ranges (usually dynamically assigned)
known to be spammy or governed by service provider usage policies prohibiting direct sending of email.
Mechanisms (spam traps etc.) used for
visibility and analysis
Reputation data is generated from millions of messages per day coming into Sophos’s worldwide spam
traps, analysis of queries and statistical customer feedback, DNS analysis, third-party relationships, and
other mechanisms.
IPS DEEP INSPECTION INTRUSION PREVENTION SYSTEM (IPS)
Methods of detection Two methods of detection:
1. Stateful Signatures
2. Protocol Anomaly (Zero-day coverage)
Six methods of detection:
1. Stateful Signatures
2. Protocol Anomaly (Zero-day coverage)
3. Trac Anomaly
4. Backdoor Detection
5. IP spoofing
6. Layer 2 Attack Detection
Worm protection Yes Yes
Trojan protection Yes Yes
Other malware protection Yes Yes
Reconnaissance protection Yes Yes
Client to server and server to client
attack protection
Yes Yes
Create custom attack signatures Yes Yes
Application contexts for signature
customization
90+ 300+
Stream Signatures for worm mitigation Yes Yes
Number of response options 1. Close: Severs connection and sends RST to
client and server
2. Close Server: Severs connection and sends RST
to server
3. Close Client: Severs connection and sends RST
to client
4. Drop: Severs connection without sending
anyone a RST
5. Drop Packet: Drops a particular packet, but does
not sever connection
6. Ignore: Aer detecting an attack signature or
anomaly, the Juniper Networks device makes a
log entry and stops checking – or ignores – the
remainder of the connection
7. None: No action
1. Close: Severs connection and sends RST to
client and server
2. Close Server: Severs connection and sends RST
to server
3. Close Client: Severs connection and sends RST
to client
4. Drop: Severs connection without sending
anyone a RST
5. Drop Packet: Drops a particular packet, but does
not sever connection
6. Ignore: Aer detecting an attack signature or
anomaly, the Juniper Networks device makes a
log entry and stops checking – or ignores – the
remainder of the connection
7. None: No action