BT deploys Blue Coat ProxySG appliances to protects its corporate network from Web 2.0 threats

(12/08/2008)

The use of social networking sites has soared over recent years, with an estimated 64 million people worldwide using the technology for both social and work related purposes. For many employers, an outright ban of such sites is simply not realistic and a growing number are now actively embracing the use of networking sites and other Web 2.0 tools such as P2P (Peer to Peer) and Wikis in order to encourage innovation and collaboration amongst employees and to boost productivity and motivation.

The challenge for these companies is to leverage the positive potential of these applications whilst protecting the corporate network from Web viruses, spyware and other software that could compromise network security. With cyber criminals increasingly targeting the Web and using legitimate, trusted Websites to spread malware and viruses, organizations need to have effective constraints and controls in place to keep pace with these changing threats.

Just such a challenge was faced by one of the UK’s largest employers BT, as it sought to implement a solution that would enable its staff to have access to applications such as Webmail, social networking sites and instant messenger without compromising the security of its network or the capacity of its Internet gateway. BT is one of the world’s leading providers of communications solutions and services operating in over 170 countries. Today, BT’s activities support almost 1.7 per cent of all employment in the UK.

They also required a solution that would tackle the challenge of increased traffic across the network, by accelerating the delivery of content and applications across the Web and reducing overall bandwidth consumption.

BT estimates that its employees currently make 135 million requests to external Websites on a daily basis compared with only 27 million a day just two years ago, an increase of 500 percent. Gordon Yule, network security manager at BT comments: “In recent years there’s been a blurring of the lines between work and home and we need to recognize these shifting patterns of behaviour to meet our employees’ expectations. We aim to be as flexible as possible as a company and part of this involves moving from a paternalistic to a more trusting policy when it comes to employee use of the Web at work. At the same time we have a duty of care towards our employees and must ensure that we secure our network and can block sites which are tasteless or offensive.”

A multi-layered approach to security

Following an extensive assessment of the many Web security products available on the market, BT selected Blue Coat ProxySG appliances to secure its data and infrastructure. The Blue Coat ProxySG appliance uniquely combines extremely granular levels of security - content filtering, content security and virus scanning - so that rules can be enforced based on a wide range of attributes and with great granularity such as type of user, application and nature of the site. In addition, rather than slowing traffic as it applies security and policy control, ProxySG appliances actually accelerate the acceptable content and applications. At the same time, the appliances reduce the amount of bandwidth being consumed by significant amounts.

This improved capability means that employees are now permitted access to Websites previously deemed as too dangerous, as the appliance can strip off attachments, prevent automatic downloads of executable software and scan Web pages for viruses or other malicious code. As a result BT now allows its employees access to sites that were previously off-limits, such as Myspace and Facebook and staff are also allowed access to their personal Webmail accounts from its network.

Gordon Yule comments: “Before using Blue Coat, we had a more blunt instrument of the ‘block all - allow all’ approach which didn’t take into consideration the needs of different departments or regions. Likewise our AV solution simply didn’t have the capability to scan everything. With Blue Coat we can now apply more finely tuned levels of policy across multiple Web security services.”

The granularity of policy control also allows BT to reflect differing needs amongst its global workforce: “We have to reflect this variety by applying flexibility in our policy controls, and we can now fine tune our policies to meet these requirements.”

Management of the Web Made Simple

Gordon Yule comments: “Switching over to the Blue Coat appliances involved installing the new devices into our complex network environment, this was facilitated by Blue Coat’s flexible architecture that allowed us to overcome many integration challenges”

From a management perspective the Blue Coat solution will mean savings in time and resources. BT line managers now have a “dashboard” of information which provides information on site category, URL, user, department, number of bytes downloaded, time of day or length of download.

The Future - Speed of Service

BT initially deployed ProxySG appliances at its facilities in the UK and such has been the success of the first phase roll out - which was completed over an 18 month period - which it now plans to deploy appliances in other locations throughout the world.

Blue Coat ProxySG appliances feature the company’s MACH5 technology, to optimize the performance of applications across the WAN (Wide Area Network).

BT is also now planning to use this technology to accelerate important business applications across the WAN including a Web-based HR solution, so that it can be accessed in branch offices with nearly the same performance as in its headquarters.

In addition to using Blue Coat for web security as part of managed service offerings to customers, BT also uses Blue Coat for WAN optimisation with select business partners to speed and secure their access to BT’s corporate applications. “These features will also prove invaluable as we make increased use of Web-based applications and other tools such as video streaming - without impacting on overall network performance,” Gordon Yule comments.

He concluded: “A key driver for us was to find a solution that is easy to manage, quick to deploy and enabled us to achieve our strategic objectives in terms of a more open policy towards the Internet. The Blue Coat solution enables us to simultaneously protect our network and create and enforce policy. We now have improved control of our network and can manage bandwidth while accelerating the delivery of content and applications.”

Related topics:  Internet and Web security   Network Security 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources