Blue Coat Secure Web Gateway Sales Playbook

Elevator Pitch
Blue Coat Secure Web Gateway combines layered defenses with flexible policy controls on a proven appliance platform known for its stability and performance that continues to lead the industry. Customers have a choice of on-premise, cloud or a hybrid deployment all protected by the WebPulse real-time defense.

The Value Proposition

Blue Coat provides unmatched layered defenses for web gateways that unites: Real-time web defense In-line threat analysis, including SSL Web content and filtering controls Integrated data loss prevention Remote filtering client or SaaS

Why ProxySG for your web gateway?

Proven 10 years web gateway experience with consistently ranked industry leadership. Trust Securing the largest enterprise networks requires focus and commitment. ProxySG is backed by one of the largest development organizations. Innovation Continued investment has resulted in revolutionary features like our real-time WebPulse cloud defense that unites 75M users.

Product Strategy
WebPulse is the next generation of web filtering and a new defense layer for Web 2.0 threats where web awareness, real-time inputs and immediate analysis is required 100% inline AV malware analysis (avoiding selective analysis by reputation or risk), plus a choice of leading AV engines, large files, deep archive analysis, 5min updates Rich media optimization and control with live stream splitting, video object caching and bandwidth management Reporter scale, role-based administration, customization ProxyClient (or Security SaaS) for remote users, plus K9 Web Protection for home use Director for device provisioning, license management and policy controls

How does Blue Coat do this?

Blue Coat provides a real-time web defense that unites over 75M users for greater awareness to new web threats and content. Newly detected web content is immediately sent to the WebPulse cloud service for analysis by real-time threat detection technologies, web rating machine analysis and human raters. If malware, phishing or web threats are detected, the master cloud database is updated to immediately protect all members of the community, no downloads are required as gateways and clients have on-demand security intelligence. No other web filtering solution provides a real-time web defense layer uniting URL filtering and threat detection technologies. WebPulse analyzes over 2B web requests per week and is supported by operation and rating analysis centers around the globe. The cloud protection from WebPulse extends to ProxyClient for remote users and K9 Web Protection for home users at no extra charge. A Cloud Security SaaS is also available for remote users or offices.

Inform and Educate

Our layered defenses require education. Bring in a security expert early to win; showcase the cloud defense. Key proof points and reports to leverage: Broadband Testing (BBT) Web Threat Test Report compares six web gateway filtering defenses for malware and phishing, over 12B URLs are tested, plus 937,000 unrated URLs, Blue Coat detects more than 2X. AVTest.org Web Gateway Test Report shows weakness of Websense and Cisco defenses with selective analysis, Blue Coat matches McAfee on known threats test. 2011 Web Security Report highlights the need for a realtime web defense layer with multiple examples and trends in web security. Customer metrics on effectiveness and web filtering best practices educate customers to optimize their deployment and what to expect for detection rates. Demonstrate real-time web ratings and phresh phish detections, review security categories noting call-home (botnet) detections, malware sources and phishing. Extend the real-time web defense to remote uses via ProxyClient or our Cloud Security SaaS. Demonstrate Reporter for web threat dashboards and detailed reports.

Sales Strategy
Educate customers, service partners, and resellers Frame the competition on key criteria for a real-time web defense and web gateway features Leverage proof points and reports Frequency of customer communications

Why Blue Coat?

Largest real-time web defense cloud service Largest development team for web gateway technology Largest choice of web gateway models Open choice of leading AV and DLP integration 400+ of the Fortune 500 trust their networks to us

For more information on Security Blue Coat Partner: https://bluesource.bluecoat.com Blue Coat Internal: https://intranet.bluecoat.com/marketing/ securewebgateway

2011 Blue Coat Systems, Inc. All rights reserved worldwide. Blue Coat, ProxySG, PacketShaper and IntelligenceCenter are registered trademarksInc. 2011. Systems, Inc. Reserved. Blue Coat Systems, of Blue Coat All Rights

Confidential. For Internal and Official Channel Partner Use Only.

Discovery
A Changing Internet
Social networking now dominates online communications Malware delivery now comes from hacked trusted sites Spear-fishing with zero-day vulnerabilities and exploits Fake AV and SW updates rated as top threats Malvertising moves up, attacks from stealth positions One click opens the door to cyber crime

Customer Pain Points

Web Threats and Malware

Discovery and Measurement Questions

How are you currently addressing web threats and controlling web access? How many remote users do you have? What are your proactive or real-time web defenses? How many defenses have update cycles? Are any real-time? How does a constantly evolving threats impact your strategy? How do you measure and mitigate the impact of recreational web use? What are your plans for enabling social networking? How do you filter web content for users? How do you handle exceptions? Tell me about your requirements for web application and operation controls? Reporting requirements for web applications and operations?

Blue Coat Differentiators

Stability and Performance backed by Blue Coats expertise with web gateways, web protocols and web content over the past 10 years Policy Flexibility respond to unique user and group demands, leverage custom URL lists and categories, plus remote user compliance Layered Defenses secure your network against the newest generation of threats. Your users may trust the web, your web gateway should not. Blue Coat Secure Web Gateway Includes: WebPulse real-time web defense: 75M users united in a cloud defense Analyzes over 2B web requests/week Immediate protection to block web threats Real-time web content rating service ProxyAV for 100% in-line threat detection ProxySG web filtering and content policy controls ProxyClient remote user filtering and acceleration Reporting dashboard and customized reports Centralized management with Director Integrated Data Loss Prevention choices Video/media stream splitting and caching to reduce bandwidth requirements and costs

Social Networking and Recreational Usage

Reporting and Compliance

What dashboards and reports do you have in place to analyze web gateway traffic? How do you analyze trends? How do you provide governance and compliance to remote users? Increases in remote users and desktops? How important are dashboards, role based management, or pushing ownership for adherence out to the business organizations? What concerns do you have about sensitive information leaking beyond the corporate perimeter? What concerns do you have about protecting customer information and confidentiality? How do you assess risk for litigation, loss of revenue, and damage to corporate reputation?

Data Loss Prevention

When to qualify closely...

Generic is OK believes generation 1.0 defenses are OK, trusts the web, oblivious to malware Small office(s) overburdened IT person, do not desire enterprise-class features in web gateway Shopping on price Even if the solution was free, would you install it on your network?

Next Steps

1. 2. 3.

For all opportunities, communicate the value of the WebPulse real-time web defense, testing results and customer metrics. For new opportunities, offer a network assessment to determine web threats, traffic categorization and call-home (botnet) traffic. Ask them to use K9 Web Protecton at home to become part of our real-time web defense.

Blue Coat Systems, Inc. 2011. All Rights Reserved.

Confidential. For Internal and Official Channel Partner Use Only.

Discovery and Building Solutions

Secure Web Gateway/SWG Solution Table Target Audience
C-Level CIO, CSO

Challenge
Reputation damage Protect customer information/compliance Legal expenses

Capability
Web threat prevention Leading solution to protect and optimize web traffic Data loss prevention integration Threat prevention Reporting dashboard and trend analysis Web media controls Bandwidth mgmt Real-time web defense 100 percent inline AV Reporting/Dashboard DLP and SSL inspection Remote client/SaaS Real-time web defense Security dashboard Policy flexibility Granular controls

Value
Reduce risk Migitate threats Protect data Meet compliance regulations F500 leading solution Reduced incidents User satisfaction Network perf. and ROI Remote user protection Visibility and control Threat protection Remote workers Bandwidth ROI

Competitive Tactics
Volume purchase discounts Reduced overall service fees Relationship and politics Enterprise mgmt consoles Product suites Relationship Price discounts Under bid deal Misinformation Challenge focus

Products and Integrations

Secure Web Gateway solution Cloud Service DLP partners Hosted service partners Secure Web Gateway solution Cloud Service TIP Partners SWG solution WebPulse cloud ProxyClient/SaaS Reporter Director SWG solution WebPulse cloud ProxyClient/SaaS Reporter Director

VP-Level

VP IT Operations, VP Global Networks

Protect resources Reduce admin. Bandwidth costs Adapt./flexibility Trend analysis Web threats Information leakage Acceptable use Remote workers

Director

Director of IT, Director of Security, Director of Network Opertations

Security Expert

Security Administrator, Security Specialist

Threat prevention Visibility/awareness Handling exceptions Desired controls

Threat protection User/group controls Supporting exception requests RBAC for web filtering

3rd party reports Fake threat demo. Skip policy reqs. Focus on one advantage

Managing Objections
Blue Coat is not a security vendor/threat lab. How can you protect my network? Blue Coat is an expert on web gateways, web protocols and web content. We run the largest realtime web defense with over 75M users, 300+ real-time rating libraries, real-time and background threat analysis, call-home (botnet) analysis, and real-time phishing detection. Broadband Testing and AVTest.org provides scores of our web gateway defense leadership. Blue Coat is not investing in security. What is the future direction of your company? Gartner Group notes that Blue Coat has the largest development organization for secure web gateway technologies. Blue Coat also just announced a new Security SaaS leveraging its leading WebPulse threat detection and web rating technologies, plus reporting and policy controls unmatched by the competition. Performance levels have increased 2X with OS and HW updates. Why does the Blue Coat solution cost more than the competition? Justify the extra expense. Gartner Group notes that WebFilter is one of the least expensive web filtering solutions and it includes the WebPulse real-time web defense, ProxyClient and K9 for home use by employees. Competitors often bid one year of subscription services, omit or lack key defense layers, under estimate the number of appliances for production. Blue Coat appliances have a minimum of five years of service.

Blue Coat Systems, Inc. 2011. All Rights Reserved.

Confidential. For Internal and Official Channel Partner Use Only.

Competitive Strategy

Websense

TRITON unified web, Email, DLP solution (all in one, really multiple servers) Web Filtering Leadership (legacy, only ONE category rating schema, over block) ThreatSeeker Cloud Defense (no real-time web ratings, limited inputs, human raters) V10K & V5K Appliances (selective AV with CommandAV, multiple consoles, issues) Company Focus on Security (publicly stated they are for sale, seeking buyers)

Palo Alto Networks

Next Generation Firewall (no real-time content analysis for threats or ratings) Applipedia (allow/block of 100s of web applications, limited operation controls) Inline AV (use stream based AV with IPS like signatures, no heuristics/behavioral) Web Filtering (no real-time inputs or ratings, poor malware & phishing detection) SSL Inspection (known performance issues, no defenses once open, nor DLP) Bandwidth Management (no caching, stream splitting, limited scope)

Leading AV Lab (failed last four AVTest.org tests Q111, Q1-Q2-Q310 for Win desktops) McAfee Web Gateway (Anti-malware impact on legitimate sites, over-blocking) Trusted Source Reputation Ratings (known to break/unreliable in real-time mode) ePO Enterprise Console (web gateway logs too excessive for integration) SmartFilter web filtering (no real-time inputs or web rating services, poor phishing det.) Helix Proxy (covers RTSP, MMS and QT, lacks RTMP for Adobe)

McAfee

M86/Finjan

Secure Web Gateway (strict default policy over blocks, must turn off rules) Threat Analysis/RTCA (limited to files and scripts, no real-time URL analysis/ratings) Inline AV (choice of Kaspersky, McAfee or Sophos, plus True File Type checks) Web Filtering (8e6 list, no real-time inputs or ratings, no real-time web defense) Threat Testing (very poor phishing detection, over block on malware detection)

SIO Labs (focus on network attacks from FWs, IDS and gateways, not URL focused) S-Series Web Gateway (selective use of AV engine by reputation, Facebook passes-by) Senderbase Reputation Ratings (evolved from email gateway, weak real-time defense ScanSafe SaaS (not integrated with web gateway policy or reporting) Web Filtering (no categories for malware, spyware, phishing, potentially unwanted SW)

Cisco/IronPort

Web Gateway (known performance/scale issues, heavy admin, poor reporting) Threat Analysis (generic AV and URL filtering, no real-time web analysis) Web App Controls (none, no operation controls, single category ratings only)

Microsoft TMG/ISA

Open Source Proxy (what version/feature, heavy admin, logs for reporting) Rich Media (limited stream splitting, no RTMP support, basic caching) Threat Analysis (plug in AV and URL filtering, no real-time web defense)

Squid

Top 3 Differentiators to Position

Real-Time Web Defense Real-time inputs and web ratings (75M users, 300+ libraries) Real-time threat detection and background analysis Multiple cloud defenses for remote users where it is not feasible to have on-premise technology (not possible to deploy 17+ defenses on laptops) Layered defense that combines cloud defenses with in-line threat detection, web controls and data loss prevention Cloud Security Service for remote users or offices Real-time, Multi-lingual Web Ratings Identifies web threats that hide behind multi-lingual dynamic links (site-to-site) Accurate coverage of mashed-up web content (sports/ gambling) with multi-category ratings (up to 4) Keeps pace with the growth of web content and two way publishing capabilities (blogs, forums) with realtime machine ratings New web application and operation controls for social networking 100% In-line Threat Detection (Five AV engine choices) Provides more depth and breadth for threat analysis than desktop AV with in-line threat detection at the gateway (up to 2 GB files, 99 layers of compression) In-line threat detection defenses have five minute update cycles that are not practical for desktops Adds depth to defenses by deploying a different threat detection engine at the gateway verses the desktop Eliminates tradeoffs required for performance over security (analyze everything, avoid selective analysis)

5/11

Blue Coat Systems, Inc. 2011. All Rights Reserved.

Confidential. For Internal and Official Channel Partner Use Only.