Mar 17, 2011
St. Bernard Software, Inc., DBA EdgeWave, (OTCQB: EWVE), a leader in Secure Content Management (SCM) solutions, today announced the release of iPrism Web Security Version 6.5, which boasts powerful new outbound botnet detection and prevention through a unique partnership with ThreatSTOP, a leading industry expert in antibotnet technology. This capability enables organizations to prevent costly damage associated with botnets and bot-related malware. With this release, EdgeWave also introduces new anti-circumvention technology using a cloudbased Circumvention Defense Network (CDN) as well as numerous feature enhancements including improved transparent user authentication and expanded application control including Skype and FTP communications. All new features in iPrism Web Security Version 6.5 are available to current customers at no additional charge.
Outbound Botnet Protection via ThreatSTOP
Botnets are among the most dangerous and pervasive security threats, where it is estimated that as many as 25% of computers connected to the Internet may be infected, including 88% of F500 companies. These compromised machines surreptitiously steal user identities, leak private data, and spread new infections, which can cripple an organization. They also conduct illegal activities jeopardizing the organization’s eReputation, such as hosting phishing sites, proxy nets, pay-per-click fraud, launching denial-of-service attacks, and distributing spam. Bot-related malware is difficult to detect and nearly impossible to remediate by conventional antivirus techniques as their dynamic and adaptive capabilities enable them to self-propagate through their own established peer-topeer networks and avoid conventional reputation-based techniques by leveraging fast-flux DNS redirections and discreetly relocating the command and control hosts that assemble the compromised machines into a botnet.
By partnering with leading industry expert, ThreatSTOP, EdgeWave now delivers unprecedented defense against botnets with no known false positives and zero latency. With its latest release, iPrism Web Security delivers ThreatSTOP’s comprehensive and authoritative threat list, which is updated continuously and fueled by several industry-leading sources of botnet traffic threats. These sources are filtered and correlated against proprietary selection criteria and identify malicious hosts. iPrism inspects all outbound communication attempts using the ThreatSTOP data feed, so that botnets are detected immediately. With this additional layer of defense, iPrism customers are able to immediately identify and block infections. This feature helps to reduce expenses, minimizes data leakage, and enhances a company’s compliance enforcement.
“Customers require an additional layer of security to maintain proactive defense against today’s dynamically changing threat landscape,” said Ron Kaplan, Director of Product Management at EdgeWave. “We’re excited about our partnership with ThreatSTOP and the ability to support customers in building a comprehensive security strategy with new technology offerings. The latest release of iPrism Web Security is a testament to our ongoing efforts to protect organizations from new and evolving threats.”
Enhanced Circumvention Defense Network (CDN)
Various circumvention techniques also pose additional threats to organizations trying to enforce Internet access policies that mitigate legal liabilities, minimize data leakage, thwart security breaches and improve bandwidth use. The arms race between pro-censorship institutions and anti-censorship programmers has spawned a sophisticated selection of client-side applications that are increasingly accessible to enterprise users. These users’ private data and web usage can be hijacked by cybercriminals that in some instances, host the servers used by these tools and other anonymous browsing proxies.
An industry-first, EdgeWave’s CDN protects organizations from users’ circumvention attempts by combining cloud-based services with the iPrism Web Security appliance. EdgeWave employs a real-time cloud-based Research Lab to gather intelligence on thousands of externally-hosted non-Web servers that might be used to circumvent network security. CDN detects new releases of circumvention programs as they are deployed, so that customers no longer need to wait months for a new product update. iPrism dynamically captures IPs associated with any circumvention efforts and filters these IPs against known legitimate sites to mitigate false positives and prevents over/under blocking. iPrism updates continuously from CDN, where all communication attempts are inspected and enforced per policy. With CDN, iPrism customers can be confident that they have the strongest defense against circumvention and other network threats, so that they can stay one step ahead of potential security risks.
“The application reports showed 30 Botnet blocks and an eDonkey block,” said John Leonowich, Director of Technology Solutions, Mannington Mills, Inc. “The report also showed valid FTP activity, since our policy is to monitor FTP. It’s not a bad thing blocking security vulnerabilities while performing web filtering. Pretty cool.”
With this release, iPrism Web Security 6.5 also offers customers the following feature enhancements:
- Expanded Application Control – iPrism now detects and applies policy by user or network to Skype and FTP, helping reduce the risks associated with the use of unsanctioned applications. iPrism is port-agnostic when detecting use of these protocols.
- Enhanced User Authentication – iPrism ensures Microsoft best practices by utilizing customer’s existing Active Directory environment without any degraded security standards by eliminating insecure off-box third-party agents or configuration changes. New in v6.5, iPrism provides seamless support of 1-way outgoing trusts and nested groups with one or more domains. Also, new failed login options enable better reliability in the unlikely event that domain controllers temporarily cannot communicate with iPrism. Traffic is uninterrupted and policies remain transparently enforced.
- Custom Filter Enforcement in Hybrid Remote Filtering – iPrism customers can now push custom filters to the iPrism remote client. Unique in the marketplace, iPrism Remote Filtering delivers powerful Web security to remote and mobile employees without requiring any changes to the corporate network, endpoints, or exposing private user data into the cloud, making deployment simple, secure and seamless. By eliminating the need to VPN, access a server in the DMZ, or manage PAC files in browsers, corporate bandwidth is untouched, and zero latency is introduced. With this hybrid technology, comprehensive Internet security is delivered to any off-premises users while providing comprehensive and accurate policy enforcement across all employees, regardless of location.
Enhanced Network IntegrationiPrism provides a more seamless fit in various Cisco-enabled WCCP and Brocade-enabled load balanced environments.
iPrism Web Security Version 6.5 is available now. Existing iPrism customers can upgrade at no cost.
About EdgeWave, Inc.
EdgeWave Delivers the World's Safest Inboxes™ by eliminating email-borne security risks from targeted, socially engineered attacks. Our multi-layered Email Security Platform provides unparalleled predelivery protection, postdelivery detection and incident response to secure inboxes from today's proliferating messaging threats like ransomware, spear phishing, business email compromise and more. Headquartered in San Diego, CA, EdgeWave has more than 2,500 customers and over 3.5 million protected users worldwide.