Breach Security Eliminates the SSL Blind Spot in Intrusion Detection Systems.CARLSBAD, Calif. -- BreachView(TM) SSL (Secure Sockets Layer) The leading security protocol on the Internet. Developed by Netscape, SSL is widely used to do two things: to validate the identity of a Web site and to create an encrypted connection for sending credit card and other personal data. Decrypts SSL Traffic On-The-Fly, Enhancing Existing IDS Deployments With 100 Percent Visibility Into SSL Network Traffic Breach Security Inc., an emerging leader in deployable application security solutions, today announced the availability of BreachView(TM) SSL, the industry's first add-on SSL decryption (cryptography) decryption - Any procedure used in cryptography to convert ciphertext (encrypted data) into plaintext. enhancement for existing intrusion detection systems This article is about the computing term. For other uses, see Burglar alarm. An intrusion detection system (IDS) generally detects unwanted manipulations of computer systems, mainly through the Internet. . BreachView SSL decrypts SSL traffic on the fly without terminating the SSL session and delivers clear text to the IDS sensor, for the first time eliminating the blind spot in most IDSs and extending IDS protection to SSL traffic on the network. According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. a 2003 report by Infonetics Research, SSL traffic as a percentage of total network traffic will grow from 41 percent in 2003 to 49 percent in 2004 in large corporate and government organizations where SSL is used. Yet intrusion detection systems only examine clear-text HTTP HTTP in full HyperText Transfer Protocol Standard application-level protocol used for exchanging files on the World Wide Web. HTTP runs on top of the TCP/IP protocol. traffic and ignore the encrypted en·crypt tr.v. en·crypt·ed, en·crypt·ing, en·crypts 1. To put into code or cipher. 2. Computer Science traffic -- unable to analyze it without impacting successful transactions and business operations Business operations are those activities involved in the running of a business for the purpose of producing value for the stakeholders. Compare business processes. The outcome of business operations is the harvesting of value from assets . This leaves the most important -- and high risk -- traffic on the network invisible to the primary security tools designed to identify and prevent attacks. BreachView is a software-based plug-in for existing IDS sensors. Once installed, it expands the visibility of the IDS to include the growing percentage of SSL traffic on large corporate and government networks. "Network intrusion detection systems A network intrusion detection system (NIDS) is an intrusion detection system that tries to detect malicious activity such as denial of service attacks, port scans or even attempts to crack into computers by monitoring network traffic. have always been blind to encrypted SSL traffic, creating conflict between two different security techniques," said Pete Lindstrom, research director at Spire Security. "With BreachView SSL, it is possible for companies to 'have their cake and eat it too' by providing a way to monitor encrypted traffic for attack and compromise information." BreachView SSL is a software solution that monitors network traffic before it reaches the IDS sensor. A BreachView SSL adapter extracts the SSL stream and delivers it to the BreachView SSL engine. After decryption, the SSL traffic is injected back to the IDS sensor as clear text and the network packets are analyzed by the IDS against the attacks and vulnerabilities database. The BreachView SSL decryption engine securely maintains the SSL key and certificate information and works without terminating the SSL session, a key feature in maintaining full non-repudiation. "When IDS systems were first introduced to the market the percentage of SSL traffic was tiny compared to today's usage," said John Payne, chief executive officer of Breach Security. "Today companies use SSL to protect the most valuable, important assets on their network and BreachView gives our customers IDS visibility into the traffic affecting those key applications and databases." BreachView SSL for Windows is available now. BreachView SSL for Linux will be available in October. An evaluation version of BreachView is available by request through the company's website at www.breach.com/breachviewtrial. The Breach Secure Partner Program also offers OEM (Original Equipment Manufacturer) The rebranding of equipment and selling it. The term initially referred to the company that made the products (the "original" manufacturer), but eventually became widely used to refer to the organization that buys the products and and co-marketing opportunities for IDS/IPS and other Internet technology vendors. More information about that program is available at www.breach.com/securepartner. About Breach Security Inc. Breach Security Inc. is an emerging leader in deployable application security appliances Security appliances protect computer networks from unwanted data traffic, intruders, email spam, enforce policies, and may also be used to create and manage VPNs. There are a number of types of security appliances. that protect corporate and government applications, databases and the web presentation layer from attack by automated and human intruders. Founded in 2004, Breach Security is backed by a world-class team of venture capital investors including Enterprise Partners Venture Capital, Evergreen Partners, Pitango Venture Capital and Ascend Technology Ventures. The company is headquartered in Carlsbad, Calif., with additional research and development facilities in Herzliya, Israel. More information can be found on the Web at www.breach.com. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion