Gilian Technologies Inc. said it has upgraded its G-Server Web security appliance by offering more options to managers on how G-Server can help them cope with possible Web-defacement problems.
The G-Server typically sits in front of the Web server and behind the firewall and automatically checks that Web content has not been defaced. It does this by making use of public-key technology that can generate a mathematical digest called the "hash" -- a kind of fingerprint of the content. G-Serve validates all content leaving the Web server by comparing it against the digital "hash" that's been made of stored Web content for the page. If content has been tampered with, the digital signature won't match that of the authorized content. Managers can decide to receive alerts about changed content or stop the content from being displayed at all and substitute a proxy statement.
The 2.5 version of G-Server that will ship in mid-January adds a way to validate incoming HTTP requests to see it they include illegal parameters, such as buffer overflows, says Jeffrey Leeds, G-Server's director of product marketing. "People have pointed out that we only look at the outbound traffic, so we're changing that," Leeds says. Incoming traffic would be blocked in the next version of the product. G-Server is also adding eEye Digital Security Inc.'s Retinal Scan product into G-Server to check for vulnerabilities.
Since G-Server sits in line with the network playing its role of Web-content inspector, the danger is that if it goes down, the Web server wouldn't be available to online visitors either. To allay those concerns, Gilian is introducing what it calls a "bypass card" so that two G-Servers can be tied together in a back-up mode for high availability. "Before, you needed a hub or switch and there was a three to five second lag," said Leeds.
Gilian has also changed what it calls its "signing tool" used by content developers to sign Web pages or stored CGI scripts that produce dynamic Web content on the fly. The tool now makes it easier to look at resources that have been signed and in addition works with Netegrity Inc.'s Web applet "so an attacker can't hijack your sign-on," said Leeds.
Gilian, which does research and development primarily in Israel, offers three models of the G-Server appliance. Prices range from US$24,900 for a model that supports 500 concurrent connections and five content-developer "signers," to a new model called the 400 XL that will cost $56,900 and support about 2,000 concurrent sessions.