IMPERVA UNVEILS NEXT-GENERATION FIREWALL TECHNOLOGY.
Imperva, Inc., Foster City, Calif., a provider of application security solutions, has unveiled version 3.0 of the SecureSphere(TM) G4 Dynamic Profiling Firewall and MX Management Server application security appliances Security appliances protect computer networks from unwanted data traffic, intruders, email spam, enforce policies, and may also be used to create and manage VPNs. There are a number of types of security appliances. . This new version represents the first unified security platform to protect enterprise application and database assets from all attack vectors The approach used to assault a computer system or network. A fancy way of saying "method or type of attack," the term may refer to a variety of vulnerabilities. For example, an operating system or Web browser may have a flaw that is exploited by a Web site. , including Web application hacking See hack and hacker. , internal database breaches, and worm infections.
The SecureSphere Dynamic Profiling Firewall includes multiple layers of security including a built-in standards-based deep inspection firewall, industry-leading web and database firewalls, and unique protection from Zero Day worms via Imperva's patent-pending Worm Profiling capability. SecureSphere's core technology, Dynamic Profiling, is the only technology to address the dynamics associated with securing enterprise application and database environments without requiring manual configuration or tuning. Dynamic profiling automatically learns the behavior of applications to provide security that adapts as business needs drive changes to the environment.
"Applications consistently change over time. As a result, application security requires a solution that can continuously learn new application elements in real-time," said Shlomo Kramer, CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. of Imperva Inc. "With Dynamic Profiling, we are delivering an automated security model that also provides comprehensive protection from all of the critical threats to business applications and data."
The Next Generation of Firewall Technology
Users have found that traditional firewall technology has not evolved to meet the new threats posed as hackers and malicious internal users move from network abuse and worm attacks to attacks on the actual applications, business logic and critical data upon which enterprises rely. Instead, current firewall technologies, often categorized cat·e·go·rize
tr.v. cat·e·go·rized, cat·e·go·riz·ing, cat·e·go·riz·es
To put into a category or categories; classify.
cat as "deep inspection" or "intrusion prevention See IPS and IDS. ," focus on preventing worm storms on internal user segments.
"Today's mainstream firewalls are indeed getting smarter. However, in terms of 'application awareness,' they are generally limited to an understanding of the underlying protocols. They still lack insight into the actual business logic, associated data, and interactions between the two," said Mark Bouchard, senior program director at META Group, a leading provider of information technology research, advisory services advisory services
advisory services provided to the public, in their capacity as owners and managers of animals, are an important part of veterinary science. They may be provided by government bureaux, by commercial companies who deal in pharmaceuticals or animals or animal , and strategic consulting. "Thus, they are clearly not comprehensive in terms of meeting the security needs of business applications and databases."
SecureSphere's Total Application Security is based on Dynamic Profiling(TM), which creates a baseline of expected behavior to enable detection and blocking of attempted security breaches. Because application environments are highly dynamic, persistent learning technologies constantly update profiles to reflect recent changes without requiring manual tuning.
SecureSphere's Dynamic Web Firewall protects the application's external Web interface based upon the Web elements of the Dynamic Profile. These Web elements include legitimate URLs, HTTP HTTP
in full HyperText Transfer Protocol
Standard application-level protocol used for exchanging files on the World Wide Web. HTTP runs on top of the TCP/IP protocol. methods, parameters, cookies, response codes and hidden fields, among others. Based upon this understanding of normal user interactions with the Web server, the Dynamic Web Firewall is able to prevent attacks targeting all of the OWASP (Open Web Application Security Project) An organization founded by Mark Curphey in 2001 to help make open source software secure. With member communities around the world, OWASP projects are involved with specific programming languages, functions and Top Ten Most Critical Web Application Vulnerabilities
For more information, visit http://www.owasp.org.
SecureSphere's Dynamic Database Firewall relies on the database elements of the Dynamic Profile to detect unusual database queries of any kind. Database elements include legitimate SQL SQL
in full Structured Query Language.
Computer programming language used for retrieving records or parts of records in databases and performing various calculations before displaying the results. queries, valid IP addresses per SQL query, valid user names per SQL query, and more. The database firewall prevents direct unauthorized queries from internal sources. SecureSphere's Correlated Attack Validation algorithms can correlate database firewall violations with Web firewall violations to deliver overall system accuracy that is not possible by Web or Database firewalls working independently.
Zero-Day Web Worm Protection
With the delivery of 3.0, SecureSphere now brings unprecedented Zero-Day Web Worm protection by using the profile to identify behavioral attributes of a potential worm threat. This patent-pending technology can stop the propagation of web-based worms without relying on signatures or other computationally intensive worm-detection algorithms.
A zero-day worm is a self-propagating attack on a previously unknown vulnerability. According to according to
1. As stated or indicated by; on the authority of: according to historians.
2. In keeping with: according to instructions.
3. Nicholas Weaver and Vern Paxson Vern Paxson is an Internet researcher based at the International Computer Science Institute in Berkeley, California. His interests range from transport protocols to intrusion detection and worms. , two security researchers who work with the International Computer Science Institute (ICSI ICSI - International Computer Science Institute at Berkeley, CA. ), a nonprofit A corporation or an association that conducts business for the benefit of the general public without shareholders and without a profit motive.
Nonprofits are also called not-for-profit corporations. Nonprofit corporations are created according to state law. research group associated with the University of California at Berkeley (body, education) University of California at Berkeley - (UCB)
See also Berzerkley, BSD.
Note to British and Commonwealth readers: that's /berk'lee/, not /bark'lee/ as in British Received Pronunciation. , the direct economic damage of one plausible worst-case worm could be $50 billion or more.
For more information, visit http://www.dtc.umn.edu/weis2004/weaver.pdf.
Built-in Deep Inspection
Also included in 3.0 is a comprehensive Deep Inspection Firewall to protect critical server assets from packet level threats such as worms. The Deep Inspection Firewall is included with the purchase of SecureSphere and includes the following:
* Stateful network firewall to prevent network level access control to application resources.
* Comprehensive signature detection to prevent known attacks on commercial application software platforms such as web servers, mail software, etc.
* Protocol compliance to prevent known and unknown attacks that specifically target protocol vulnerabilities in commercial software.
Existing Customer Deployments and SecureSphere 3.0 Imperva's initial SecureSphere customer deployments include Financial Services The examples and perspective in this article or section may not represent a worldwide view of the subject.
Please [ improve this article] or discuss the issue on the talk page. , Government, Health Care and eCommerce companies around the world. With the delivery of 3.0 customers with active subscription contracts are entitled to all of the new features and functionality.
Pricing and availability
Pricing for the complete SecureSphere appliance solution starts at $35,000 for a complete dynamic profiling firewall and centralized cen·tral·ize
v. cen·tral·ized, cen·tral·iz·ing, cen·tral·iz·es
1. To draw into or toward a center; consolidate.
2. management appliance solution including 1 year of software subscription and support. Version 3.0 of the SecureSphere Dynamic Profiling Firewall will be available worldwide September 1st, 2004.
About Imperva, Inc.
Imperva, developer of the first Dynamic Profiling Firewall(TM), delivers Total Application Security solutions -- including protection from Web application, database, and worm attacks -- requiring no manual configuration or tuning. The firm's SecureSphere gateway appliances are deployed in leading financial, healthcare, and retail organizations around the globe. Led by Shlomo Kramer, a Check Point Software Technologies founder, Imperva is privately funded by Accel Partners, US Venture Partners, and Venrock Associates.
For more information, call 415/442-4038 or visit http://www.imperva.com.