At the Infosecurity 2002 conference next week in New York, Gilian Technologies will preview enhancements to its G-Server Web security appliance, including features to protect against incoming attacks as well as verify the integrity of Web applications before they execute.
Other enhancements in the G-Server 2.5 release on tap for mid-January 2003 focus on new failover capabilities, usability enhancements and support for password-protected sites.
G-Server traditionally focused on ensuring the integrity of Web pages as they were served up to each viewer, by verifying that a digital signature affixed to each page when it was first published is intact before allowing the viewer to see the page. With version 2.5, Gilian is adding a new feature, dubbed AppWatch, that also evaluates the integrity of incoming requests.
AppWatch looks for anomalies in HTTP and HTTPS requests, in both the content and header. Such anomalies may include the URL length, the number of query parameters or inclusion of malicious characters. Attacks employing such techniques can be used to conduct buffer overflow attacks and, ultimately, break into the corporate network.
"The primary goal is to ensure traffic is legal," as opposed to trying to identify every possible type of illegal traffic, says Jeff Leeds, director of product marketing at Gilian. "The whole idea is to prevent bad requests from making it to the Web server." A number of other Web application security vendors use the same sort of technique, including Entercept, KaVaDo and Sanctum.
Another new feature, AppProtect, checks to ensure that an application hasn't been tampered with prior to allowing it to execute. Just as G-Server uses digital signatures to ensure that only fully approved content is delivered to end users, AppProtect uses the same technique to protect the integrity of applications. If an application has been changed, it will not execute and a previous, digitally signed version will instead be swapped in. In this fashion, AppProtect prevents damage to a Web site or internal databases caused by intruders who penetrate via Web applications, which Leeds says is an increasingly common type of attack.
Other new features in G-Server 2.5 include:
A bypass option that enables the Web server to continue to function even if G-Server goes down, such as from a power failure.
Availability improvements, with sub-second failover from a primary to secondary G-Server.
Support for password-protected Web sites.
An improved administrative console, with enhanced user interface and the ability to manage multiple G-Servers from a single console.
Enhancements to the signing tool that make it easier to apply digital signatures to Web pages.
Gilian is also planning additional G-Server hardware models. In addition to the original 200XL, which will be upgraded with faster processors, earlier this year the company announced the 200R, which supports up to 500 concurrent connections. In January, the company will unveil the 400XL, a quad-processor box.
The G-Server 200R costs $24,900 while the 200XL goes for $39,900 and the 400XL will cost $59,900. Typical enterprise installations cost about $150,000, Leeds says.
Gilian Set to Unveil Enhanced Web Security Appliance
