Aladdin's eSafe upgraded to halt proxy menace

Security vendor Aladdin Knowledge Systems has added an element to its eSafe secure Web gateway that it claims can block the operation of 'anonymous' proxies.

Anonymous proxies (or anonymizers) are Web sites that allow users to connect to the Internet through an external Web site, thereby allowing users to bypass local network security restrictions.

This bypass mechanism was originally designed for safe, anonymous Web surfing (for example to access MySpace, YouTube etc), but it does of course present a security loophole for businesses and other establishments as it opens a computer to malware that is typically filtered out by a gateway device.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Security vendor Aladdin Knowledge Systems has added an element to its eSafe secure Web gateway that it claims can block the operation of 'anonymous' proxies.

Anonymous proxies (or anonymizers) are Web sites that allow users to connect to the Internet through an external Web site, thereby allowing users to bypass local network security restrictions.

This bypass mechanism was originally designed for safe, anonymous Web surfing (for example to access MySpace, YouTube etc), but it does of course present a security loophole for businesses and other establishments as it opens a computer to malware that is typically filtered out by a gateway device.

"Anyone can subscribe to an anonymizer for $9.99 a month," said Ofer Elzam, director of product management for Aladdin eSafe. "And that $9.99 subscription can bypass $100,000 in network protection. It's an open invitation for hackers and cybercriminals to enter your organization's network and take over."

Aladdin said that its Content Security Response Team (CSRT) specialists blocked 100% of anonymizers) in repeated lab tests using the anti-anonymizer technology that is now part of eSafe. It also claimed that competitive products did not stand up to proxy threats, allowing users to leave the protected network. Rival Symantec was not able to field a spokesperson at the time of writing.

Since proxy servers frequently change URL addresses, Aladdin believes it is impossible for URL filters to keep up with elusive proxy servers. However, its eSafe anti-anonymizer "goes beyond traditional filtering methods to also proactively block anonymous proxies based on their site code and communications behavior - even if encrypted by SSL protocols," said Elzam.

eSafe prevented users from leaving the protected network at any time, "maintaining network integrity and increasing productivity, as well as ensuring regulatory compliance that is extremely important for government, health care, education and other industries".

Aladdin's anti-anonymizer technology was being offered to new and existing customers at no additional charge.

While on the surface Aladdin's claims sound impressive, one has to ask how many ordinary network users are actually using anonymizing proxies in the real world? Of course, this happens when opening a VPN connection, but why would anyone do that on an unofficial basis on a corporate network?

Aladdin quotes a recent SearchSecurity.com poll, where 27% of respondents said they would consider using anonymous proxies and 9% said they were already using them.

Aladdin also says that 98% of U.S. schools are currently blocking or limiting Web sites according to the CDW-G School Safety Index, and that "more students are using anonymizers) to work around the network gateway."

But using anonymous proxies requires users to have a certain degree of technical savvy, and it remains to be seen how many people on a corporate network are actually using a proxy to access something like YouTube. Indeed, if a person on a network is openly flouting the company's security in such a way, then the use of a proxy filter will be the least of a company's worries.