Sophos Monday unveiled an appliance that can block access to harmful Web sites to prevent malware infection as well as filter
out banned Web sites for productivity purposes.
The company's WS1000 appliance, which supports as many as 1,000 simultaneous users, scans Web traffic to block user access
to known sites where risk of spyware and other malicious code is high, says Ron O’Brien, senior security analyst at Sophos.
In addition, the WS1000 is built to dynamically analyze Web browsing behavior to stop or warn users when they might be lured
into a spam-based phishing attack to a Web site that may only go live for a brief period to steal personal information.
Competitors in Web content filtering include Websense and Trend Micro. While the Sophos appliance does some productivity filtering
to block corporate access to sites that are off-limits, such as those focused on porn or gambling, the WS1000 is aimed more
at security filtering to prevent incidents caused by users unwittingly visiting dangerous Web sites, says product manager
Marc Borbas.
According to Sophos, many Web sites used in spam- and phishing-based attacks are active for only 15 minutes to capture personal
data, and then they drop off the map. Sophos, whose expertise has been in antivirus and antispyware software, says it has
developed a method to scan for Web content to block the path to malicious Web pages.
The rise of social networking sites where users post content also is leading to greater risks of malware infection, O’Brien
says. “Some recent examples include the German version of Wikipedia, Samsung’s Web site forum and MySpace hosting user-authored
content that was dangerous,” he says.
The WS1000 appliance, which can block executable file types such as peer-to-peer file sharing or MP3 files, will make use
of a Web scanning process Sophos does daily to identify malicious Web content.
The product costs $4,500 for the hardware with an additional charge starting at $16,000 for 500 users.
