IronPort Monday announced a new appliance designed to keep Web-based threats, including spyware, viruses, keyloggers, and phishing, from entering an organization.
The company's S-Series appliance, slated for availability this (northern) summer, aims to do for Web traffic what IronPort's existing appliances do for e-mail -- catch malware at the company's gateway. The S-Series Web security appliance will be demonstrated for the first time on Wednesday at DEMO 2006.
The appliance includes IronPort's Web reputation filters -- announced last month -- that assess each Web site encountered based on a number of factors to produce a detailed score for each site, ranging from negative 10 to positive 10, IronPort CTO Pat Peterson says. These factors include how long the site has been in existence, whether it contains downloadable code, changes in the volume of visitors to the site, and if the URL includes a typo of a popular domain and therefore may be masquerading as it. The Web reputation filters can block downloaded content from these sites, based on the customer-configured policies.
In addition, the appliance acts as an application proxy for HTTP, HTTPS, and FTP traffic, performing deep content inspection to detect malware mimicking end-user behavior. The S-Series monitors all network traffic across every port looking for 'phone-home' activity, where malware will try to pass along information about the client it resides on. By monitoring all ports, the appliance can catch spyware that often circumnavigates port 80, reserved for Web traffic, to sneak out of the network, says Tom Gillis, senior vice president of worldwide marketing at IronPort.
Scrubbing Web traffic for malware is a difficult task because filtering a user's Internet experience typically results in significant lag time, Gillis says. Since few companies have implemented this type of Web security, malware has run rampant on the Internet over the past year.
IronPort is leveraging the AsyncOS that powers its e-mail security appliances for the new Web product. It uses a stackless threading model and persistent memory allocation to be able to filter Web downloads without the user experiencing any latency, Gillis says.
Exact pricing for the S-Series has not yet been announced, but the company says a midsized enterprise would pay around US$25,000.