Blue Coat Content Analysis System (Blue Coat CAS)

Content Analysis System (CAS) is the system implementing expanded security measures.

The traffic passing through it is scanned by two anti-virus engines from three available (if the user pays for two licenses and will reconcile from 30% decline in production of the gateway).

Within the CAS the module Kaspersky Whitelisting — the solution of Kaspersky Lab for verification of the passing executable files and scripts on "white list" is implemented what allows to save time and not to check obviously reliable files, and, if desired the owner, to implement the Default Deny mode, i.e. to prohibit the admission of any files, except entering "white list".

Scheme of interaction Content Analysis System

Files on which security a system cannot make the decision can be blocked or go to "a virtual sandbox".

The CAS includes traditional security measures – scanning on viruses of all entering and outbound traffic, blocking of attempts to connect to websites from "black list", work with "white list". Besides a system has new functionality which was not implemented on a network gateway earlier.

Advantages of Blue Coat CAS

Is three the components allowing Blue Coat CAS to be an effective security system of the class SWG. First, it is intellectual multilevel protection. At the first boundaries a system filters threats using "white lists" and anti-virus scanning of traffic. Further the revealed suspicious content goes to deeper analysis. Such complex use of several tools allows to reveal at once all known malware and to protect from an absolute majority of network threats.

The second component – the coordinate analysis of malware. The CAS sends unknown or suspicious files to Blue Coat Malware Analysis Appliance (a malware analysis system) or to "sandboxes" of third-party producers.

And the third component is a protection of all network of customers. Information obtained during the analysis of threats goes to the Blue Coat ProxySG system which automatically blocks new threats at the level of the gateway. Besides, the Security Analytics Platform system (the analytical platform of security) builds complex profiles of threats and estimates the complete scale of the attack. Further data are sent to all 15 thousand to the companies – clients of Blue Coat Systems in the form of updates worldwide.

2014: The technology of white lists and the anti-virus engine of Kaspersky Lab are integrated in new generation the solutions Content Analysis System S500

The technology of white lists and the anti-virus engine of Kaspersky Lab are integrated in new generation the solutions Content Analysis System S500, developed by Blue Coat Systems company — the old technology partner of Kaspersky Lab. The new gateway of security is intended for protection of corporate IT infrastructure both against the known threats, and against zero day attacks.

The technology of white lists developed by Kaspersky Lab allows to verify the executable files transferred via the gateway with the special white list representing the knowledge base about existing applications. The list contains data about more than one billion files checked and guaranteed not constituting danger, and constantly is replenished with data on again appearing programs. Thanks to this technology the gateway of security does not spend time and resources for verification of each application, and investigates only potentially dangerous objects. Besides, the technology of white lists allows to include on the gateway the Prohibition by Default mode at which the executable files which are absent in the white list will be forbidden to be transferred. This function is especially relevant for information systems of critical infrastructure.

In turn, the anti-virus core of Kaspersky Lab combines signature and heuristic methods for protection against the various malicious software. Thanks to existence of technology of white lists in the solution the engine scans only those files which do not contain in the database, saving thus the power and resources of the gateway.