 |
Winning company: Sanctum
Winning product: AppShield 4.0
Typically the top honor in this category goes to a security vendor that ships a VPN device, network firewall or intrusion-detection system that might provide security to the core network. We're branching out this year with Sanctum's AppShield.
While traditional firewalls thwart network-level attacks, they do little to address gaping holes in Web applications through which intruders can break into Web sites using form submissions or URL manipulations. Enter Web application firewalls, a new class of security product that attempts to put off Port 80-focused attacks by using blacklist- and whitelist-style input filtering.
In our testing of six software-based Web application firewalls conducted last summer, AppShield edged out some stiff competition because - in addition to fending off most Web-based attacks we tossed its way - it's got an airtight default configuration and a cool dynamic policy-generation feature (see review).
Sanctum's AppShield is geared toward Web server farm deployment, as evidenced by its fully distributed architecture. Product components include a crisp Java-based management console, a configuration server and one or more firewall nodes.
Because AppShield can run in a proxy mode, it provides some interesting security-oriented features that go beyond the usual menu of application firewall options, Lab Alliance member Thomas Powell notes. These features include URL mapping (including regular express matching), and the ability to globally prohibit direct downloading of image and multimedia files, often dubbed "leeching." Furthermore, for preventing repeated attacks that violate security policies, AppShield can notify a Check Point firewall that a particular IP address should be blocked at the network level. It uses the Open Platform for Security standard to do so.
"This interesting feature suggests the possibility of application firewalls eventually merging with authorization and access-control functionality to provide a complete application security framework," Powell says.
| Start a public discussion with other Network World users on this article (scroll up to send this article to a colleague). Log In | Register for an account (Why you should) |
Note: Register to have your user name appear; otherwise your comment will show up as "Anonymous."
*Anonymous comments will only appear once they are approved by the moderator.
Copyright 2008 Network World Inc.
|
Does Verizon's Voyager stack up to the iPhone? |
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
