The web is an essential tool for any business and as more and more companies adopt Cloud Applications, which run primarily over the web, there has never been a more important time to ensure that security products don’t hinder the speed and therefore the productivity gains of adopting the cloud for day to day operations. USS uses unique proxy-less technology to provide high levels of web security without compromising speed, by removing the need to route your web traffic via centralized data centers. This approach not only provides an unparalleled user experience but also removes some of the side effects of hosted proxies – such as masking your real IP address, incompatibility with services and ensures your sensitive web browsing data remains on your network.

We needed to allow the off-site users the ability to access the internet without going through the VPN, as it really hindered connectivity. But we wanted to ensure all users were as protected as possible. The secure web gateway allowed us to do this.

Hamish RossSenior IT Engineer - Thatchers

Power is nothing without control.

CensorNet USS Web Security gives you a “single pane of glass” view of all web activity across your company. It gives you the power to control all activity from one centralized cloud dashboard.

Designed to act as an umbrella for web security across head office, branch office and remote workers, CensorNet USS Web Security (USS) provides a single portal to discover, analyze and control web activity across multiple networks and devices.

Deployed as a cloud gateway or agent on devices, you get the best of both worlds between strong on-premise security and the advantages of cloud – centralized management and support for roaming users. The USS platform can scale up as your organization grows and provides a consistent web browsing experience, without latency and without compromising security.

CensorNet USS incorporates a wide range of web access control functionality such as real-time anti-malware scanning, URL reputation analysis of billions of web pages, multi-platform endpoint software and a sophisticated policy and reporting engine.

Protection. To the power of billions.

Using a database of billions of URLs CensorNet USS Web Security instantly protects users from inappropriate websites. On top of that we use human inspection of content in multiple languages as well as advanced image scanning technology. This ensures your users don’t see what you don’t want them to see.

It’s not just content blocking either. CensorNet USS Web Security takes care of malware with multiple layers of security. Our breakthrough online threat detection and predictive heuristics stop web-based malware threats fast.   The service learns from every user, and partners with the best in cybersecurity to take advantage of data from over 500 million users and 11 billion queries per day. Every connection, action, attempted attack and blocked threat adds to the base of information and improves the detection of anomalies for everyone. That enables us to analyze context and reduce the attack surface to reduce attack risks.

Reduce admin for the admin.

Imagine you could manage web access for corporate networks, branch office networks, standalone computers, remote workers, guest users and BYODs all from one place? With CensorNet USS Web Security you can. Managing web activity this way reduces IT admin substantially, making everyone’s life easier.

The hybrid cloud web filtering product has been designed to provide a consistent web access experience across multiple devices and networks – without proxying between the customer network or the endpoint and the cloud service. The easy to use yet powerful web dashboard provides a “single pane of glass” view of web activity across your organization.

Your users get fast, frustration-free web browsing on all their devices. And you get complete visibility and control.

Uniquely, the CensorNet USS platform uses a proxy-less approach which significantly reduces latency, preserves the user’s real IP address and maintains privacy by allowing the browser to maintain direct communication with the designated web server if the request is allowed. This results in a fast and unobtrusive experience which does not hinder productivity or cause frustration to end users.

undefined

Why choose CensorNet?

Selecting a security platform is an important decision
Our Unified Security Service is the only security platform that offers web filtering, email scanning, and cloud application control (CAC/CASB) in one single secure solution. All this is protected by user authentication, making life so much simpler! 

CensorNet enables you to monitor and control web, email and cloud application use, and provides your employees – whether in the office or mobile – with sophisticated 360-degree threat protection against cyber-attacks and accidental or malicious leaks of sensitive information.

The proxy-less architecture provides a fast and unobtrusive user experience that doesn’t hinder productivity or cause frustration. It is a cloud solution that meets your immediate needs and scales easily, without needing costly integrations or customizations to meet your goals.

360° Security - How do we do this?

Real-time anti-malware scanning at the network perimeter
Incorporating multiple layers of security including online threat detection, reputation and heuristics.

Scanning all inbound and outbound email
With multiple layers of protection, spam detection, phishing detection, multiple virus engines and content scanning.

URL Reputation 
For over 140 categories of web content - Covering billions of web pages in multiple languages; constantly updated for accuracy and protection. Includes Internet Watch Foundation (IWF) illegal site database and Home Office Counter Terrorism list as well as malware, phishing and compromised sites.

Automatic Unknown URL Classification 
Zero Day URLs are classified in real-time to ensure only acceptable content can be accessed.

HTTPS Inspection 
Control access to SSL encrypted content. Deep HTTPS inspection allows SSL encrypted content to be scanned for malware. Available on the USS Gateway component.

Anonymous Proxy Detection 
Preventing access to anonymous proxy sites.

Safe Search 
Enforcing safe search mode on popular search engines such as Google, Yahoo, Bing and YouTube. YouTube and Google App Restrictions are also supported.

BYOD Access Control 
Supporting BYOD by safely allowing BYOD access to the network via the built-in Captive Portal feature.

URL Overrides 
Administrators can maintain their own URL categories. These can be applied to create overrides and exceptions within filter policies; setting blocks to a category of websites but allowing specific exceptions.

Cloud Application Discovery 
Detecting cloud application usage and activity and revealing which applications are in use.

Sophisticated Policy Engine 
Attaching policies to users based on who they are, what Active Directory (AD) group they belong to, which device they are using, the type of device and the network they are connected to, and enforcing cloud application control down to specific actions within an app.

Cloud Application Risk Scoring 
Based on interception of web traffic and SSL inspection to provide a risk score.

IT Administration/Access Control

Sophisticated Policy Engine - Includes numerous different actions based on Active Directory (AD) attributes, device IP and MAC address, device type, tag and time.

Time Schedule - Policies can be applied on a rolling 7-day time schedule.

User Synchronization - Active Directory (AD) synchronization service ensures changes to Active Directory are replicated.

User Interface - A modern, clean and rich user interface provides an easy to use administration panel.

Advanced Role-based Access - Allows creation of multiple administrators with different levels of access to the administration interface.

Customized Notification Pages - Brand the notification pages (such as Access Denied, Captive Portal, etc.) with text, logo and terms of service information and spam quarantine notifications and disclaimers.

Reporting

Real-time Visibility - Productivity charts display instant visibility on compliance with defined access policies. Query in real-time web activity and cloud application use by user, domain, group and category. See exactly which users are doing what and drill down into activities that are triggering policy violations.

Report Builder - Administrators can customize their own reports based on many different criteria such as; time span, user, type of violation, device type. Reports can be saved and then exported to Excel or PDF. Even advanced automated reporting can be configured for admins to receive emails with customized reports.

Top Trend Reports - A selection of pre-defined trend reports with chart and table data.

Forty-two pre-set charts across malware, cloud applications, web and email services.

Email, Web and Cloud Application Logging - Analysis and reporting by user, group, application, device and action that covers more than one protocol. Provides the ability to monitor suspicious activity in one place with the logs already combined.

Architecture

undefined

Deployment

Software for Networks - Available as a download, CensorNet’s Cloud Gateway software can be deployed on a virtual or physical server in less than 30 minutes to extend security policies to your entire network.

Agent Software for Roaming Users or Standalone Devices - A Microsoft Windows and Mac OS X agent that enforces policies on the device. Tamper-proof and simple to deploy either with an install wizard or scripted via Active Directory (AD) Group Policy.

Email Security deployment is via a simple domain redirection.

Scalable - Highly optimized for large networks with global infrastructure and multiple data centers meaning that data at rest can be kept within a specific geographic region.

Deployment Modes - A gateway at the network that captures all traffic from domain, non-domain, guests and even BYOD devices. This can be set up to be a direct proxy set by an AD-group policy or specified in a WPAD file and agents for mobile and roaming users.

WPAD Support - Automatic creation of Web Proxy Automatic Discovery (WPAD) file based on network configuration.

WCCP Support - Deploy multiple gateways using WCCP.

Captive Portal - Allows existing domain users to access the network even if they bring their own devices (BYOD) and log in from those devices with valid user credentials.

Guest Portal - Enables your visitors to safely access your Wi-Fi and protects your network from any malware they may inadvertently bring in.