StoneGate IPS can inspect encrypted web traffic to protect hosts and servers against hidden web attacks

(02/07/2009)

Traditionally, organisations’ network security relies mainly on the perimeter security enforcement, while encrypted web channels have acted as a means to bypass the security functions.

Stonesoft has introduced the new StoneGate IPS-1030 appliance with the unique capability of inspecting encrypted web traffic. This eliminates the traditional blind spot in network protection. The new appliance provides protection for both corporate network users and public web services against attacks hidden inside the encrypted web connection.

StoneGate IPS provides a controlled way to open the encryption in the network and to submit the encrypted web traffic for the same inspection as the clear-text data, thus eliminating the blind spot in the network protection.

The new, unique SSL inspection feature provided by StoneGate IPS 5.0 and IPS-1030 appliance gives the network security administrators an efficient tool to monitor the traffic inside of the TLS/SSL encryption and to protect against unwanted content. StoneGate IPS-1030 is designed to meet the perimeter protection needs of branch offices and managed security service providers (MSSPs) responsible for organisations’ network security.

“Until now, encrypted web traffic has been the “blind spot”, providing attacks, viruses or other unwanted content a way to get into client browsers and web servers by disguising themselves inside the encryption cloak. With our new StoneGate IPS 5.0, we have now tackled this challenge, offering our customers the most technologically advanced, comprehensive and effective protection against malicious traffic available on the market today. This is a real competitive advantage and I believe with its new features, the StoneGate IPS 5.0 and the new appliance IPS-1030 truly manifest our excellence in this dynamic and challenging area of network security”, said Ash Patel, country manager UK & Ireland at Stonesoft.

Client side protection

The StoneGate IPS detects and blocks attacks targeting the client web browsers inside an SSL tunnel, protecting workstations and internal networks from malicious web servers more efficiently than ever before.

Server side protection

On the server side, the StoneGate IPS detects and blocks attacks targeting the web server inside a SSL tunnel, protecting the server from being compromised by unauthorised users.

Whitelisting of domains

StoneGate IPS also allows the whitelisting of domains, for example personal online banking services that are excluded from decryption and inspection. This feature can be used when the remote site is well known trusted site or if legislation requires the exclusion of the site.

Benefits
* Protects internal client workstations from malicious web servers on internet.
* Protects public web services that are using encrypted connections.
* Helps organisations meet the PCI DSS requirements.

Related topics:  Encryption   Internet and Web security   Virus, Worm, Email security, spyware and malware 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources