Finjan

Vital Security Appliance NG-1400 - Advanced Network Protection Against Encrypted Internet Threats

Detect and block malicious content in webmail and other SSL traffic

Revolutionary web security appliance proactively protects SMBs against the next unknown attack

Closing SSL Security Loopholes

Did you know that most web security solutions cannot protect you against threats encrypted in SSL?

The Secure Socket Layer (SSL) protocol is a standard for encrypting communications between browsers and web servers. Originally SSL was used to secure connections to websites that require confidentiality, such as banking and retail web sites. Today SSL is increasingly being used in "regular" websites that offer, for example, online memberships and webmail.

Consequently, SSL encrypted sites suffer from a major security loophole, since network security proxies are not capable of scanning the encrypted SSL contents. Thus, SSL-encrypted content is secure from eavesdropping but may carry malicious content (e.g., webmail).

Another security loophole in SSL is website authentication. While it may appear that a user is accessing his/her bank's website, he/she may actually be accessing a fictitious site rendered to look identical to the bank's site (e.g., phishing scams). Validation of SSL certification is meant to solve the authentication problem. However, even if the site's certificate is invalid, users still have the option to access the site, thus compromising the company network.

Enforced Security in Encrypted SSL/HTTPS Traffic

Finjan's Vital Security Appliance NG-1400 offers the best proactive protection against Web attacks traveling inside encrypted HTTPS/SSL communications. Designed for small and medium-sized businesses (SMBs), this cost-effective appliance secures your network by decrypting SSL data and enabling content scanning, as well as enforcing SSL certificates.

Vital Security Appliance NG-1400 is a key element of Finjan's Vital Security Appliance Series NG-1000 , Finjan's next generation security offering for SMBs. When implemented together with Vital Security Appliance NG-1100 , these products deliver the only solution on the market capable of detecting a new unknown attack arriving via HTTPS/SSL, HTTP and FTP. Vital SecurityT Appliance NG-1400 can also be implemented with third party security proxies.

Additionally, Vital Security Appliance NG-1400 contains a white list of websites which can bypass the decryption mechanism. This solution protects user privacy by ensuring that the decrypted data remains protected and inaccessible.

Vital Security Appliance NG-1400 validates SSL certificates to assure they are trustworthy and ensures that corporate policies regarding certificates are enforced. Many users are not familiar with browser warnings about problematic certificates or certificate violations and can be fooled into a phishing attack. Vital Security Appliance NG-1400 protects against phishing and other types of attacks that use invalid, revoked or otherwise problematic certificates by enforcing your organization's certificate policies at the gateway.

Decryption and Scanning of SSL Content

• Allows security checks on SSL traffic protecting against encrypted malicious code
• Enforces an organization's certificate validation policy at the gateway, rather than leaving this critical decision to each individual user's discretion
• Maintains user privacy by securing decrypted data
• Provides an easy-to-use solution using Web-based management with highly granular customizable policies and an intuitive GUI
• Integrates seamlessly with Finjan's Vital Security Appliance NG-1100 or other security proxies
• Easy deployment and automatic updates reduce total cost of ownership

Finjan Partner

Finjan White Papers