Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

SSL traffic security without impacting performance

Aladdin Knowledge Systems : 28 August, 2007  (New Product)
Aladdin eSafe 6 thwarts hacker attempts to exploit SSL benefits by inspecting SSL traffic.
Aladdin eSafe 6, a comprehensive platform for spyware control, Web browsing security, application filtering, and anti-virus, now offers a new option that allows organizations to inspect Secure Socket Layer (SSL) encrypted HTTP traffic (HTTPS).

As the levels of encrypted traffic continue to grow rapidly, hackers and malware writers are turning the benefits of SSL upside down to make their malware invisible to firewalls, intrusion prevention and gateway antivirus products. This new feature - eSafe Web SSL -- provides another valuable layer of security for eSafe customers that protects against threats that arrive from the Web and use the HTTPS protocol.

Delivered on the eSafe Hellgate appliance, eSafe Web SSL reveals malware threats hidden in encrypted traffic, helps enforce content security policy for all Web traffic, and enhances HTTPS certificate validation and authorization. All eSafe Hellgate appliances come preconfigured with best practices security configurations; ensure built-in load-balancing and fail-over with a new eSafe Cluster mode; and provide full flexibility to be customized as an organization's needs change.

"The Internet continues to be the #1 vector for malware attacks that infect the enterprise,' said Brian Burke, research manager for IDC's Security Products program. "Driven by monetary gain as well as corporate and government-sponsored espionage, these attacks exploit gaps in organizations' Web content security. eSafe's ability to fully inspect SSL communications as well as regular Web traffic gives enterprises a powerful new tool for hardening their Web security."

eSafe: Closing Ever-Expanding Security Gaps
Secure Socket Layer (SSL) communications remain a significant concern for organizations, as this concealed traffic serves as an open avenue for infecting organizations with numerous threats. The lack of manageability and filtering of SSL traffic can jeopardize compliance with existing privacy and confidentiality regulations. In addition, Trojans, viruses, spyware, digital contraband such as copyrighted material and confidential files, as well as inappropriate content can also be transported in and out of networks if SSL encrypted HTTP traffic is not monitored.

The new SSL content inspection technology inside Aladdin eSafe 6 answers organizations' SSL security concerns, providing constant, granular inspection of this once invisible traffic. The advanced technology allows all security policies that apply to HTTP traffic to easily apply to HTTPS encrypted traffic, halting malware from infiltrating networks through encrypted channels and closing the door to rogue applications. Specific advantages of the eSafe SSL solution include:

· Decryption and encryption of all inbound and outbound SSL ("HTTPS") traffic
· All certificates are inspected and allowed or denied at the gateway level based on security policies, not the discretion of the user
· Automatic revocation checking with CRL and OCSP support
· Easy one-click management of digital certificates
· Root and Client CA store
· Auto-add and categorize Root- and Sub-CA
· On-the-fly exception handling based on URL and certificate fingerprint
· Flexible black and white lists
· Supports unlimited, multiple accounts with role-based, multi-admin administration
· Extensive incident management capabilities
· Extensive reporting

"By offering deep inspection of SSL encrypted HTTP traffic, Aladdin eSafe stands apart from the competition, minimizing a threat that remains largely unaddressed even in the largest of organizations," said Tsion Gonen, vice president for the Aladdin eSafe Business Unit. "Our new inspection capabilities serve as an innovative accompaniment to the comprehensive eSafe solution that already offers a dramatic set of gateway-based content security features. We're proud to offer the industry's most thorough secure Web gateway solution."

The availability of eSafe's SSL inspection capabilities follows Aladdin's August 7th announcement of new anti-anonymizer technology that can combine with SSL blocking to provide any size organization with enhanced security.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo