Symantec Proxy SG Operating System (SGOS) Overcomes the Fear of Missed Intelligence

When we miss going out with friends, we joke about #FOMO on social media. But in the high-stakes world of network security, where intrusions undermine reputations, the fear of missed intelligence feels altogether different.

How does this happen when all of us feel so connected? It turns out there’s way too much happening on our networks for any one person or discrete database to track. With 28% of employees unknowingly engaging in some form of risky behavior while accessing websites or cloud-based apps, according to our mid-2019 study, there’s every reason to categorize risk and take proactive steps to eliminate threats.

A viable cyber security strategy must be adaptable to change, but it doesn’t have to be complicated. For example upgrading your ProxySG's operating system to the latest version, while tedious, can have a dramatic payoff in the form of new functionality that can improve your cyber defenses.  We think of it as an important building block to securing your workers and their intellectual property.

While you may focus on your Symantec ProxySG appliances, which provides on-demand cloud intelligence and real-time web content ratings to protect your enterprise from the latest threats, you may not have thought much about its underlying operating system and what version you are running. When something works like clockwork, you don’t always give it a second thought. Yet, upgrading SGOS allows you to move from the older Symantec WebFilter to the new, feature-rich Intelligence Services, of which are described in more detail below: 

1. Establishing Threat Risk Levels. Perhaps the most compelling reason to update your ProxySG server OS is to take advantage of Threat Risk Levels.  Categories, while critical to any security policy, are often misused in an effort to plug security vulnerabilities. Threat Risk Levels are based on the underlying metadata of a URL. Unlike categories, every URL can be given a Threat Risk Level regardless of the URL. Moreover, Threat Risk Levels can be used in combination with categories to easily create a policy that is customizable for your IT needs. This gives greater protection for “one-day wonders’ or sites that are short-lived, specifically designed to bypass content categories and carry out an attack.
    
2. A more performant intelligence feed database. Low latency is vital to the success of a cloud-enabled enterprise. Recognizing this, we have designed our proxy servers to process all web-bound traffic in real-time. Symantec Intelligence Services can preemptively stop zero-day attacks, preventing spyware and even botnet-infected systems, and detect phishing and malvertising threats. Intelligence Services categorizes the web pages requested on-proxy in fewer than eight milliseconds. Indeed, Symantec’s proxy architecture becomes even more highly performant when you update to the latest SGOS. 
    
3. CASB integration. Protecting against threats to cloud services and cloud-delivered apps is no longer a nice-to-have option. By updating your SGOS, you have the ability to integrate with CASB (Cloud Access Security Broker) and tap into our knowledge of tens of thousands of applications. You need to understand both the apps’ attributes and most of all the risk it may pose to your organization. And with CASB integration, you gain real-time visibility into—and the capability to block—unsanctioned cloud use, establish governance over cloud application data, and intercede against threats targeting cloud accounts. Once these capabilities are established, you can automatically protect regulated data with integrated encryption and multi-factor user authentication.
    
4. Geo-IP intelligence. Enterprises increasingly desire geolocation information and rely upon geo-IP intelligence to provide and assign risk ratings to millions of websites, particularly those in high-risk regions. One reason those services are becoming a necessity is because malicious actors love to launch “one-day wonders”—sites that exist for as few as 24 hours—to perpetrate attacks. 

With the latest version of SGOS, you can enable geo-IP intelligence delivered through Symantec Intelligence Services Advanced Web Bundle, and then implement country-specific or region-specific policies to manage network traffic flows. It’s the best way to ensure compliance with location-based policies.

Next Steps

By now it’s clear that ProxySG consolidates a broad feature-set that protects your enterprise from the ever-increasing sophistication and volume of threats in your web traffic. By updating SGOS, you’re opening a gateway to powerful additional services in the Symantec ecosystem. You’ll never have to fear missing out on valuable intelligence.