IronPort launches new web security solution
Dubai, July 26, 2008
IronPort Systems, a business unit of Cisco and a leading provider of enterprise spam, virus, and spyware protection, has announced its new version of S-Series web security appliance.
Already the internet threat detection sector’s top web security appliance, the S-Series will augment its multi-vendor signature scanning and provide selective HTTPS scanning to provide unrivaled high-performance security policy enforcement at the enterprise level.
The upgraded S-Series will support anti-spyware signatures from Webroot as well as anti-spyware and anti-virus signatures from McAfee, to be processed via IronPort’s Dynamic Vectoring and Streaming (DVS) engine.
It will also be capable of performing selective HTTPS scanning, also through the DVS engine; this new function is vital given the more than 60 per cent annual increase in the use of HTTPS throughout the internet, a consideration overlooked in other Web security devices.
Hackers have in fact become adept at creating apparently legitimate sites that initiate matching HTTPS connections and then transmit malware that cannot be analysed by conventional security systems.
’Threat detection and management providers cannot afford to become complacent given the prevalence of malware- and spyware-delivering sites across the more than 10 billion active webpages currently in existence,’ said Ray Kafity, regional sales manager – Middle East, North Africa and Pakistan, IronPort Systems.
According to Kafity, between 2 to 10 per cent of websites are believed to be malicious. This huge number necessitates the development of better technologies and strategies that prevent loss of confidential information, potential financial damages, system downtime, and reduced employee productivity.
IronPort’s improved appliance will also include enhancements to its Web Reputation Filters, which currently have one of the highest capture rates of Web-based malware.
The S-Series Reputation Filters will add URL Outbreak Detection and Botsite Defense to their capabilities, thus making them the most comprehensive web security features in the reputation-based filtering market.
They are expected to play a crucial protective role for at least 7 per cent of computers connected to the internet, representing between 75 to 100 million machines, which are estimated to be part of some botnet or botsite system.
URL Outbreak Detection is designed to identify and block uniform resource locators (URLs) that have no reputation or signature and which are normally hosted on a botnet-controlled botsite.
Botsite Defense, on the other hand, will use a unique Layer 4 Traffic Monitor to analyse multi-port traffic to identify connections associated with botnet activity on an organization’s network.
’The intelligence of these botnets is astounding. A single botnet can produce thousands of malware-laden botsites that are active for anywhere from a few minutes to a few hours. The only effective defence is a Web reputation service that can detect the underlying deception and filter the sites out proactively,’ added Kafity.
The enhanced S-Series appliance will also rely on the IronPort SenderBase Network to provide a strong defence against malicious Web-based intrusions.
SenderBase has one of the largest email and web-traffic footprints in the industry, allowing IronPort to detect and block new URL outbreaks rapidly.
Real-time analysis of global Web traffic allows analysts in the IronPort Threat Operations Center to proactively publish reputation scores for such URLs prior to signatures being available from anti-malware vendors. - TradeArabia News Service