Finjan Provides Vital Management in Security Appliances
Security vendors are finding that increased competition and new ideas in protection are starting to chip away at sales of on-premise appliances. The real question becomes, can security vendors re-invent themselves to do battle in a Web 2.0 world?
Finjan thinks it can and is focusing on ease of management as the means for accomplishing that goal with a concise interface that rolls up control of native and partner technologies into a single administration console.
The company has revamped its security appliance products to combat the latest threats, most notably Web 2.0 attacks such as embedded malware delivered via AJAX, Active X or other rich applications. The ability to block those threats inline is ever more important as companies come to rely on Web-based applications.
Finjan’s three Vital Security Web Gateway models – NG-5100 for SMB, NG-6100 for enterprise and NG-8100 for large enterprise – are pretty much the same, with the primary differences being throughput and number of clients supported.
All of the appliances offer:
* Web security including antivirus and antiphishing applications
* Productivity, liability and bandwidth control using a combination of URL filtering, content caching and application control technologies
* Data loss prevention (DLP) by inspecting outbound communications for sensitive/confidential data, even when hiding in HTTPS/SSL
* Centralised management via a Web-based console (including monitoring and controlling HTTP, FTP and SSL traffic) that can administer multiple appliances across the enterprise
* Logging and reporting focused of Web traffic visibility, activity and security
The Vital Security Secure Web Gateway uses Finjan’s behaviour blocking technology, which works at the application level to identify malicious code in incoming and outgoing Web traffic. The behaviour blocking technology is updated automatically, as soon as new threats are discovered via the Finjan security network. The behaviour blocking technology employs adaptive algorithms to combat zero-day threats for which no signatures exist. Any abnormal activity is analyzed and if that activity falls outside of the parameters set by policies, the behaviour will be blocked.
Behaviour blocking and support for SSL and HTTPS encrypted traffic proves to be a great marriage of technologies when it comes to DLP. Many market leaders leave DLP to other appliances and products, forcing enterprises to purchase multiple solutions to meet increasing security needs. Finjan on the other hand incorporates DLP into their security appliance and DLP processing becomes part of traffic control and Web security, which reduces latency, hardware footprints and management challenges.
Application security—antispyware and antivirus—is one of the many layers of security offered by the Vital Security Secure Web Gateway. The antispyware technology uses a combination of URL black lists and behavioural analysis to block both known and zero-day threats. Finjan partners with Kaspersky, Sophos and McAfee for antivirus engines, while Web filtering can be handled by either Websense or IBM Proventia.
The omission of anti-spam technology in the Vital Security Secure Web Gateway could be troubling for some, but it’s not that big of a deal since most enterprises handle spam at the mail server. The integration of antispam into an edge security appliance could prove redundant. What’s more, antispam technology is often more effective when integration into the e-mail clients.
Although the Vital Security Secure Web Gateway uses several different technologies, Finjan has done an excellent job of creating a management console that integrates policy management along with OEM technologies into a simple browser based application.
Solution providers will find integration of the Vital Security Secure Web Gateway straight forward; Finjan provides several deployment scenarios. Deploying the device does take some networking smarts, although that should not be a problem for any experienced integrator. Most of the deployment choices deal with proxy settings, caching options and ICAP configuration. All of that together creates an appliance that is configurable to meet the needs of the enterprise, as opposed to having to re-engineer gateways to work with security products.
Finjan’s X-Ray technology gives solution providers the ability to passively run Vital Security Secure Web Gateway to discover security problems. While many vendors offer a “monitor in place” type of deployment, few solution providers turn to that technology as a sales tool. X-Ray proves well suited to serve as a “proof is in the pudding” approach to selling a security appliance. X-Ray also proves to be a wonderful way to demonstrate the products DLP capabilities.
Just as many security appliance vendors are doing, Finjan is enabling the use of its Vital Security Secure Web Gateway in a hosted managed service. Here, Finjan’s excellent management console shines, since the ease of use designed for on-premise administrators proves perfectly suited for managed services that’s inspecting and blocking malicious traffic at the last hop before the enterprise perimeter.
Finjan is offering an aggressive channel program which offers margins between 15 percent and 20 percent for top-tier partners, along with plenty of training and marketing support. FInjan’s goal is to get the word out that there is another choice in the market than the well known players, while demonstrating that Finjan can do it cheaper, faster and easier than the competition.
Finjan has successfully pushed the envelope with the Vital Security Secure Web Gateway by integrating a full set of Web 2.0 security capabilities, along with traditional perimeter-based security, all supported by an intuitive interface that takes much of the hassle out of security management. Solution providers will find Finjan’s Vital Security Secure Web Gateway a viable alternative to competitive security appliances. The NG-5100 starts at $18,000 (£12,600) and includes support for 1,000 users and all available features.