* eEye aims to protect IIS servers from known and unknown vulnerabilities In a previous issue of this newsletter, I discussed Microsoft’s security problems and, specifically, the vulnerabilities of Internet Explorer and Internet Information Server (see links below).The problems with the latter arise, I suspect, out of a product that has been developed and enhanced amazingly quickly but because of Microsoft’s interest in supporting its own technologies, has acquired a clumsy “kitchen sink” type of architecture. Be that as it may …I explored the question of what to do about IE in my Backspin column last week (link below). Today, I want to discuss a product that will go a long way in creating a safe IIS implementation.The product is called SecureIIS Web Server Protection from eEye Digital Security. The company claims that SecureIIS protects IIS servers from known and unknown vulnerabilities. This feat is achieved by auditing incoming and outgoing IIS data for anomalies – protocol exchanges that are not within expected limits. This is essentially a heuristic attack detection system. Even unpatched servers are protected from damaging “known” and “unknown” attack attempts, eEye says.SecureIIS inspects data exchanges at multiple levels within the server: As they come in from the network level, as they are handed off at the kernel level, and at every level of processing in between, to prevent issues such as buffer overflows, parser evasions, directory traversal and other attacks. SecureIIS provides centralized policy management for a group of secured servers. Policies can be defined and exported from the central machine and other machines can be set to automatically import that policy so that changes are propagated. The system also includes real time attack and response statistics and extensive logging.The product is priced at $1,295 per physical server and includes the first year of maintenance and a year of free upgrades and technical support. Related content news End of road for VMware’s end-user computing and security units: Broadcom Broadcom is refocusing VMWare on creating private and hybrid cloud environments for large enterprises and divesting its non-core assets. By Sam Reynolds Dec 08, 2023 3 mins Mergers and Acquisitions Industry news analysis IBM cloud service aims to deliver secure, multicloud connectivity IBM Hybrid Cloud Mesh is a multicloud networking service that includes IT discovery, security, monitoring and traffic-engineering capabilities. By Michael Cooney Dec 07, 2023 3 mins Network Security Cloud Computing Networking news Gartner: Just 12% of IT infrastructure pros outpace CIO expectations Budget constraints, security concerns, and lack of talent can hamstring infrastructure and operations (I&O) professionals. By Denise Dubie Dec 07, 2023 4 mins Network Security Data Center Industry feature Data centers unprepared for new European energy efficiency regulations Regulatory pressure is driving IT teams to invest in more efficient servers and storage and improve their data-center reporting capabilities. By Maria Korolov Dec 07, 2023 7 mins Enterprise Storage Green IT Servers Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe