Network security has become a critical business issue for organisations of all sizes. Today’s sophisticated web-borne attacks (malware), which can decimate an unprotected network in a matter of minutes, have a direct impact on businesses’ bottom lines, causing massive loss of valuable time and resources, reduced productivity and lost revenue. In addition, some types of web threats, such as Spyware, can expose or even lead to theft of confidential and sensitive business information.

Servo's experience is that organisations require security solutions that will enable them to take advantage of new web-based technologies to drive business, without compromising their network security and valuable business assets. Customers seek greater protection at the perimeter and also want to see a dramatic reduction in the frustrations experienced on local PCs and the ensuing operational drop in service helpdesk calls will bring.

Our customers realize that reactive, signature-based security solutions, e.g., Anti-Virus, are not sufficient to combat today’s complex threats using myriad propagation techniques. Since these solutions require time to create and deliver a signature update to their databases, they cannot offer immediate protection against new, unknown attacks. This leaves enterprises exposed and vulnerable for hours and sometimes days to new attacks, which can spread through corporate networks in a matter of minutes. The potential damage to your business from Spyware and other web-based threats – theft of information, compromised intellectual property, productivity loss, downtime and recovery costs - is significant.

It is because of this situation, that Servo is interested in obtaining customer feedback via this e-news article to the technology offered by Finjan - a core player in the world of perimeter protection from malware, spyware, phising, trojans and malicious code.

Finjan’s breakthrough behaviour-based technology is the ultimate solution for your business' web security needs. Finjan has further refined its patented technology to provide unbeatable security, while enhancing performance and flexibility:

Secure Your Network from Malicious Active Content without Compromising Performance

The ubiquity of Active Content technologies, such as Java applets, ActiveX controls, JavaScripts and executable files presents a difficult security challenge for enterprises. In most cases, Active Content is used for legitimate business applications such as web conferencing, e-commerce, and webmail. However, Active Content technology may also be exploited to carry malicious mobile code, which is downloaded and executed on a local system without the user’s explicit knowledge or consent.

Finjan’s behaviour-based technology identifies the combinations of operations, parameters, script manipulations and other exploitation techniques for a given piece of content before it begins to run on the target computer. By working at the application level, it determines the full set of behaviours that the content will exhibit when loaded into the web browser. Then, in accordance with each organisation’s specific security policy, Finjan’s system decides whether to pass, block or neutralise the content.

Finjan Highlights

• Detects complex application-level attacks by malicious code that easily elude packet level inspection solutions, e.g., firewall, intrusion detection and intrusion prevention systems
• Minimises over-blocking so that users can leverage the Internet as a business tool
• Deep code analysis and true type detection reveal malicious combinations of individually innocent functions
• Near “real-time code interpretation” and cached behaviour profiles for best performance
• Saves your business time and money, letting you conduct business as usual without the IT headaches associated with security incidents
• Flexible behaviour blocking engine can be customized to block specific types of malicious threats, such as spyware
• ONLY proactive Internet security solution that effectively combats and protects against new, unknown attacks driven by Active Content

Finjan’s unique behaviour-based technology is the ONLY solution on the market that can stop known and unknown web threats at the gateway, before they enter your network.

Advantages over Packet-Level and Other Types of “Proactive” Solutions

Many products claiming to be "proactive" actually monitor the patterns and tell-tale signs exhibited by the network traffic, rather than the content’s behaviour. Packet inspection products (e.g., intrusion detection and intrusion prevention systems), have difficulty in identifying complex attacks, such as spyware and phishing, that do not leave identifiable “fingerprints” at the network or data layers.

• Heuristics are used by Anti-Virus engines to identify variations of known viruses based on “telltale” signs, but are not intelligent enough to decipher obfuscated code and are prone to false-positives.
• Firewalls are no longer sufficient for preventing today's malicious code, because complex threats, such as Spyware and Phishing, enter the network via port 80 (HTTP) and port 443 (HTTPS) which are typically left open in the firewall.
• Intrusion Detection System products are designed to detect situations when the network has already been infected and at best can help to control the damage.
• Intrusion Prevention Systems and similar “smart packet filtering” solutions usually attempt to identify communication patterns (e.g., rate of transmission) of packets coming into the network, rather than analysing application-level behaviour.
• Only at the application level is it possible to understand the full context of the execution environment and accurately determine the real behaviour of a given piece of content once loaded into the browser. Finjan’s behaviour-based solution is unique in its ability to determine whether Active Content complies with your company's security policy - letting you conduct business as usual and keeping you a step ahead of the next attack

More information

If you want to receive more information or to discuss the technology with one of Servo’s consultants please email Finjan@servo.co.uk.