Skip navigation
All Places > The Mimecaster Central Blog > Blog > 2019 > April
2019

The following blog is written byDan Sloshberg. Dan is the Product Marketing Director at Mimecast, taking the lead on the Mimecast API, GDPR and market intelligence. A Mimecaster since 2013 and over 20 years in tech, he is a frequent speaker on all things cloud, security, cyber resilience and GDPR.

 

In our cloud app and Internet-driven world, is there a better way to protect employees and your organization than using the cloud itself? This approach helps ensure that threats are detected and blocked before they ever reach your network. That’s better than waiting for something to land in your enterprise before it’s spotted, right?

 

This is the approach Mimecast has taken with our new web security service. It’s built on the same multi-tenant, cloud-native platform already used by tens-of-thousands of organizations for email security. 

 

Delivering security and monitoring at the DNS level, Mimecast Web Security helps to:

  • Protect against malicious websites and activity
  • Support the enforcement of acceptable web use policies
  • Consistently protect users both on and off the enterprise network
  • Minimize setup time, typically achieved in less than 60 minutes

 

These first two capabilities are respectively the #1 and #2 critical requirements of a web security service.[1]

 

How does Mimecast Web Security work?

 

  1. Employee web requests are sent to the Mimecast Web Security cloud service for inspection at the DNS level. The IP address is examined and either found safe or is blocked if deemed malicious or in violation of the acceptable use policy.
  2. Requests to suspicious sites are proxied to allow for deeper inspection including AV scanning of the site and contents (including file downloads).
  3. Office-based DNS traffic is sent via your internet gateway to Mimecast, while off-site requests (from roaming users) are sent to Mimecast using a locally installed security agent.
  4. Access logs and associated reports are generated by the Mimecast service and are available for review by appropriately privileged system administrators.

 

Multi-layered inspection

 

The Web Security service employs a multi-layered inspection system to protect against malicious sites and block inappropriate websites based on policy.

 

 

The value of having email & web security together

 

99% of malware is deployed using email and the web. Thus, combining email and web security protection can help organizations better protect themselves. By integrating Mimecast Web Security and Secure Email Gateway, you'll benefit from:

 

  1. Shared intelligence
    • The same threat intelligence is used to secure both email and web traffic
  2. Consistent protection
    • Targeted Threat Protection-Managed URLs for email apply to web as well
    • Advanced Similarity Checks used for email domains also apply to web
  3. Simple setup and management
    • A single Administration Console for email and web makes it easy to manage both technologies
    • Existing AD integration for Mimecast email security applies to the web
    • User accounts, roles and permissions for email also apply to web
    • Branding from email notifications also applies to the web
    • Combined admin audit reporting
  4. One vendor, one bill, one support route & team

 

Mimecast now helps our customers by addressing the top two cyberattack vectors – email and web – with a single, fully integrated, 100% cloud-based solution. Watch the Web Security demo video to find out more about how it works.

 

If you’re an existing Mimecast customer, you can start a free 30-day trial today.

 

__________________________________________________________________________

[1] TechValidate survey of Mimecast customers, March 2019

Mimecast recently conducted a survey of hundreds of our customers regarding their challenges with web security in general, and their current use of cloud-based web security systems, in particular. I also just posted a blog that goes into the results of this survey in more depth. We learned a number of interesting things, one of which was that the transition of web security controls to the cloud is not as far along as it is for email security. 

 

Gartner estimates that 65% of organizations already consume their email security services from cloud-based systems, such as Mimecast Secure Email Gateway. Our survey results showed that only 27% of our customers have made a similar transition for their web security controls. Interesting. But it does seem that a similar transition to the cloud is underway, just not as far along.

 

Just as we did for email, we are planning to help this transition along with our recently released Web Security service. To us, providing web security services is a very natural extension of our email security offering, in particular, URL Protect. Of course protecting against malicious or inappropriate websites needs to cover more than just links in emails!

 

What is your plan to start to use or expand your use of cloud-based web security controls?

We recently conducted a survey of Mimecast customers using our Internal Email Protect (IEP) service. As a reminder, IEP is the fourth member of our Targeted Threat Protection family. It focuses on inspecting, blocking, and removing malicious or otherwise unwanted emails and attachments that are internally generated (that is, internal-to-internal or outbound emails) or are inside your users' inboxes and archive. 

 

When used in conjunction with URL Protect, Attachment Protect, Impersonation Protect, and DLP, IEP completes the 360-degree protection for your email traffic. With it enabled, you have your inbound, outbound, and internal email traffic well secured.

 

The reality is that bad things do not just come from the outside. Sometimes compromised, careless, or malicious users or malware exists on the inside of your organizations. This is often how attacks spread or sensitive data can move to a place where it shouldn't.

 

We have summarized the results in an infographic here. And I have also provided an overview in a recent blog.

 

I would be interested to hear your comments, or better yet, your internal threat war stories that you are comfortable sharing with your peers here in the community!