before: servers behind firewalls today: servers migrate out business drivers: e-business supply...
TRANSCRIPT
Why Are Web Servers Vulnerable?
• Complexity• Mix of software from different vendors• Web masters have administrative privileges
How Are Web Servers Attacked?
• Code injected through HTTP requests– Typically using a buffer-overflow vulnerability
• Attack used to:– Deface web site
– Install Trojan horse
– Plant backdoors
– Attack deeper into the organization
WaveBreaker Architecture
WaveBreaker Interception Layer
FileSystem
Network Registry Processes
IIS
Authorizer
Admin console
WaveBreaker Architecture
FileSystem
Network Registry Processes
WaveBreaker Interception Layer
IIS
Authorizer
Admin console
FileSystem
WaveBreaker Interception Layer
WaveBreaker Architecture
Network Registry Processes
OK
Authorizer
IIS
Admin console
WaveBreaker Architecture
FileSystem
Network Registry Processes
WaveBreaker Interception Layer
IIS
Authorizer
OK
Admin console
WaveBreaker Architecture
FileSystem
Network Registry Processes
WaveBreaker Interception Layer XWaveBreaker Interception Layer X
Authorizer
IIS
WaveBreaker’s performance overhead: Approximately 5%
Admin console
!
WaveBreaker: Product Highlights
• Intrusion-proof protection for Microsoft®-IIS based applications
• Prevents:– Opening backdoors– Planting Trojan horses– Web site defacement– Attacks deeper into the corporate network
• Attacks are blocked in real-time• Out-of-the-box security schemes provide instant
protection• Easily configurable to support any web application• Security logs alert security administrators of attack
attempts
Conclusion
• Business drivers and competitive market no longer permit keeping mission critical servers behind firewalls.
• Internet-facing web applications are and will be vulnerable.
• WaveBreaker can provide the shielding needed to deploy internet-facing servers.