Cybercrime is booming and money is the driving force behind the growth of targeted attacks against corporate networks to steal business data that can be sold on to other criminals.
Cybercriminals use the web as a highly effective attack vector for a wide range of illegitimate and malicious activities, including identity theft trough keylogging, financial fraud, espionage, and intelligence gathering. To illustrate the magnitude of this trend are the following examples:
- The FBI’s Internet Crime Complaint Center (IC3) registered its one-millionth official complaint in June 2007 after seven years of operations. Many of these complaints involved reports of identity theft, such as loss of personal identifying data and unauthorized use of credit cards or bank accounts.
- The retailer Marshalls and TJ Maxx (part of the TJX Companies) disclosed in January 2007 that computer hackers broke into its systems and stole customer data. The stolen credit card and debit card information was used by cybercriminals in several US States and overseas. As a result, the Company recorded an after-tax cash charge of approximately $118 million, or $.25 per share, with respect to the computer intrusions.
- In December 2007, more than 10,000 websites in the US were infected by a new variant of a Crimeware toolkit. The attack consisted of an extremely elusive Crimeware trojan that infected end users’ machines and then sent data from these machines via the Internet to its “master” – the cybercriminal.
- In December 2007, the Director-General of MI5 sent a letter to British companies warning them of an electronic espionage attack against their systems. This new wave of attacks generating from China, distributed malicious content using obfuscated code and a network of websites to bypass traditional information security technologies.
- In its Research Highlights Q3-Q4 2007, Websense classified 51% of the inspected sites as malicious are compromised legitimate Web sites. It also points out that these sites pose a significant risk because many security companies rely on Web site reputation to protect customers. Compromised sites have a good reputation, plus they have a built-in group of visitors to the site. This raises the effectiveness of the attacks and diminishes the need for the attackers to create lures to get traffic to the sites.
Today’s sophisticated web threats (Crimeware, obfuscated malicious code, spyware, Web 2.0/AJAX exploits, etc.) are especially designed to evade signature-based anti-virus or URL filtering solutions.
These threats have a direct impact on business performance, exposing enterprises to potential leakage of confidential information, reduced user productivity and network degradation. In order to protect their valuable business assets and sustain their bottom lines, enterprises need proactive real-time security solutions that are designed to protect against this new wave of dynamic web threats.
Active real-time content inspection protects the networks and vital information assets of small and medium enterprises around-the-clock.
Enterprises require high-performance solutions to provide content security for their networks and vital information assets. They require robust web security solutions that ensure their continuous business operations.
Vital Security Web Appliance NG-5100 is Finjan’s active real-time web security solution for small and medium-sized organizations. It utilizes Finjan's patented Active Real-Time Content Inspection engine, Vulnerability Anti.dote™, Anti-Spyware and SSL Inspection engines. Anti-Virus and URL Filtering engines are also available as optional modules. This solution provides the SMB/SME market with optimal and field-proven web security combined in an all-in-one, easy- to- install and “self-managing” appliance.
Vital Security Web Appliance includes the following integrated components:
-
Patented active real-time content inspection for detection and blocking of unknown threats.
-
Vulnerability Anti.dote™ performs virtual patching for zero-hour protection against known software vulnerabilities.
-
Anti-Spyware engine for stopping costly Spyware attacks at the gateway before they infiltrate corporate PCs.
-
SSL Inspection for "in-box" scanning of encrypted content in HTTPS traffic and enforcing SSL certificates.
-
Industry-leading Anti-Virus engines for protection against known virusess (optional).
-
Industry-leading URL Filtering engine for full control over your organization’s web browsing (optional).
-
All-in-one, cost-effective web security solution that eliminates the need for integration efforts.
-
Easy deployment and automatic updates reduce total cost of ownership (TCO).
-
Seamless integration with your existing network systems.
-
Centralized web-based management reduces overhead and accelerates provisioning.
-
Wizard-driven security policy decision-making system, with a single-click rules refinement enhancement, to easily set up and manage security policies.
-
Support of Cisco WCCPv2 and ICAP standards ensures interoperability with various networking and caching systems.
-
Integrated dashboard provides instant information on the system’s performance and risk level, using an extensive set of graphs and views.
-
Compliance with regulatory initiatives such as SOX (COBIT) DS5, PCI DSS 1.1, GLB Act, HIPAA, and FISMA.
|
