 |
|
DAILY NEWS AND INFORMATION
FOR THE GLOBAL GRID COMMUNITY /
|
Breaking News -
Security:
NetContinuum Raises Bar In
Application Security
NetContinuum Inc, a leading provider of ASIC-based Web security appliances,
announced the new 4.0 version of its flagship NC-1000 Web Security Gateway.
With this release, NetContinuum becomes the first company to incorporate a
full ICSA-certified network firewall (stateful inspection) and application
firewall (deep inspection) into a single, tightly integrated solution. As a
result, NetContinuum customers can now enforce airtight security policies for
each unique application based on an in-depth understanding of the network,
application and data stream.
"NetContinuum's integration of a complete network firewall with high
performance application-level security is a great move that positions them
extremely well for the future," said Eric Ogren, senior analyst with the
Yankee Group. "Businesses can dramatically enhance the security of their Web
applications by deploying a single device that addresses the critical aspects
of deploying secure Web applications."
Powered by the largest security ASIC ever built, the NC-1000 Web Security
Gateway is now the only product an organization needs to protect the entire
Web application environment across all ports, protocols and layers. In
addition, while most security products degrade network performance,
NetContinuum's unique architecture offloads compute-intensive processes from
backend servers and actually improves the efficiency of Web sites and
applications as it secures them.
"We consistently hear from our customers that the ability to block all
attacks
is merely the baseline for application security products," said Gene Banman,
CEO of NetContinuum. "What's really allowed NetContinuum to gain significant
traction in this market has been our ability to provide value above and beyond
comprehensive attack prevention. We also reduce the complexity of the Web
environment and provide customers with a tangible return on investment -- a
requirement that tops every CIO's wish list."
Secures The Entire DMZ
With version 4.0, NetContinuum now begins its protection by completely
securing the DMZ perimeter at the network layer, allowing customers to set
separate network firewall policies for each unique application. As a result,
customers no longer have to purchase, deploy or manage two separate firewalls
in front of Web applications.
Next, NetContinuum extends this protection to the application layer with
Website Cloaking technology that hides all details of backend application
resources. As a result, critical information used by hackers and worms to
exploit vulnerabilities is completely inaccessible, stopping many Web attacks
before they even begin.
After cloaking the site, the NC-1000 enforces a positive security model to
ensure applications are used only in the manner intended by the developer. The
NC-1000 conducts bi-directional deep inspection of all application traffic to
build a dynamic profile of legitimate session behavior and block any requests
that do not conform. This prevents thousands of known and unknown attacks
without risking false positives or relying on complex configurations or
after-the-fact signatures.
Finally, for parts of an application where even tighter security policies
are
desired, NetContinuum makes it easy to set additional rules at the URL,
parameter, form field, and header levels. Unlike standalone Web firewalls that
inspect only Port 80, the NC-1000 allows policies to be set for all common DMZ
ports and protocols, including DNS and FTP.
Simplifies Application Security Management
Managing application security has historically been challenging for
security
professionals since they often have little control over the application
development and deployment process. Even with the emergence of Web application
firewalls, they still face the challenge of learning new, unfamiliar
products.
In addition, since security professionals often have limited information
about
the design of the applications they are tasked with protecting, they are
frequently concerned that setting the wrong security policy could
inadvertently block legitimate traffic. NetContinuum now simplifies this
process by making application security easy, intuitive and risk-free.
New Ease-of-Use Capabilities Include:
- Intuitive User Interface: By adopting the well-understood
look-and-feel,
terminology and management methods of a traditional firewall, the NC-1000 is
the first application security product that allows administrators to set
application-layer policies in the same way network firewall rules have been
set and managed for years.
- Web Address Translation: Just as traditional firewalls can manage and
hide
internal IP addresses with Network Address Translation, the NC-1000 now
extends this benefit to the application layer with Web Address Translation
(WAT). WAT enables organizations to securely externalize applications without
exposing internal namespaces. NetContinuum has submitted WAT for consideration
as an industry standard to the Internet Engineering Task Force. (See also
today's release "NetContinuum Submits Web Address Translation Technology to
Internet Engineering Task Force".)
- Passive Monitoring: NetContinuum is also the first application security
product to offer customers passive monitoring on a per-rule basis. Now, when
new security policies are needed, they can initially be set in passive mode,
allowing administrators to monitor the expected results risk-free before
activating deeper security inspection.
- Business-Level Security Reporting: New reporting tools present
comprehensive security data oriented around business applications rather than
ports, protocols and network segments -- concepts that often don't resonate
with business managers. This enables security professionals to track the
complete security posture of each application and demonstrate the tangible
value of the security environment.
Improves The Efficiency Of Web Applications
Security, while essential, cannot come at the cost of application
performance
and availability. While most security products degrade network performance,
the NetContinuum system was built from the ground up with modern Web
applications in mind. This next-generation architecture offloads compute-
intensive tasks such as TCP and SSL processing from backend servers and
actually improves the efficiency of Websites and applications.
Combined with NetContinuum's caching capabilities, end users experience
faster
response times. The NetContinuum platform also ensures maximum application
availability by conducting load balancing and real-time server health checks
for all protected applications.
|