|
|
|
|
|
| |||||||||
|
Closing SSL Security Loopholes Did you know that most web security solutions cannot protect you against threats encrypted in SSL? The Secure Socket Layer (SSL) protocol is a standard for encrypting communications between browsers and web servers. Originally SSL was used to secure connections to websites that require confidentiality, such as banking and retail web sites. Today SSL is increasingly being used in "regular" websites that offer, for example, online memberships and webmail. Consequently, SSL encrypted sites suffer from a major security loophole, since network security proxies are not capable of scanning the encrypted SSL contents. Thus, SSL-encrypted content is secure from eavesdropping but may carry malicious content (e.g., webmail). Another security loophole in SSL is website authentication. While it may appear that a user is accessing his/her bank's website, he/she may actually be accessing a fictitious site rendered to look identical to the bank's site (e.g., phishing scams). Validation of SSL certification is meant to solve the authentication problem. However, even if the site's certificate is invalid, users still have the option to access the site, thus compromising the company network. Enforced Security in Encrypted SSL/HTTPS Traffic Finjan's Vital SecurityT Appliance NG-5400 offers the best proactive protection against Web attacks traveling inside encrypted HTTPS/SSL communications. This robust, high-performance appliance secures your network by decrypting SSL data and enabling content scanning, as well as enforcing SSL certificates. Vital Security Appliance NG-5400 is a key element of Finjan's Vital Security Appliance Series NG-5000 , a set of robust hardware-based security solutions for enterprises. When implemented together with Vital Security Appliance NG-5100 , these products deliver the only solution on the market capable of detecting a new unknown attack arriving via HTTPS/SSL, HTTP and FTP. Vital Security Appliance NG-5400 can also be implemented with third party security proxies. Additionally, Vital Security Appliance NG-5400 contains a white list of websites which can bypass the decryption mechanism. This solution protects user privacy by ensuring that the decrypted data remains protected and inaccessible. Vital Security Appliance NG-5400 also validates SSL certificates to assure they are trustworthy and ensures that corporate policies regarding certificates are enforced. Many users are not familiar with browser warnings about problematic certificates or certificate violations and can be fooled into a phishing attack. Vital Security Appliance NG-5400 protects against phishing and other types of attacks that use invalid, revoked or otherwise problematic certificates by enforcing your organization's certificate policies at the gateway.
Meeting the Security Needs of Enterprises
Finjan PartnerFinjan White Papers
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
