|
Network Access Control Appliance’s Original Behavioral Rules Keep Networks Secure and Available
Austin, TX - December 29, 2005 - Mirage Networks, developers of award-winning Network Access Control (NAC) technology, today announced that its behavioral threat detection technology detects and defends networks from attacks leveraging the widely-reported Windows Metafile (WMF) vulnerability. A patch is not yet available for this vulnerability, using the Mirage NAC solution is one way to easily and seamlessly protect the network.
“Our behavioral approach is repeatedly validated by its detection and mitigation of day-zero threats like this one,” said Scott Olson, vice president of marketing, Mirage Networks. “Even if a patch were available, IT administrators will be hesitant to implement it immediately, given the recent history of untested Microsoft patches bringing down networks. So IT has to decide between implementing untested patches, and letting the patch age, putting users’ machines and thus the network’s security in jeopardy.”
The yet unnamed attack is a blended threat, which: downloads spyware to mine infected machines for information; downloads a mail server to distribute itself and potentially cause distributed denial of service (DDos) attacks; and by way of site spoofing, phishes for personal and credit card information. Even fully patched Windows XP SP2 machines are vulnerable to this threat.
The core of Mirage’s NAC solutions is a set of behavioral rules, which detect behavior that is indicative of threat propagation. Since the threat downloads a mailer to distribute itself via email, the behavioral rules detect that the infected machine is engaging in behavior that is not characteristic of a clean machine. Mirage NAC then sends the infected device to a quarantine server, to enable remediation.
The company stresses that patching is necessary; however, relying on patching to protect networks from worm attacks is unrealistic. According to Gartner, best-of-breed organizations have control of only about 80 percent of the endpoints on their networks. The reality of mobile computing is that devices are not always patched in a timely manner, and inevitably, errors will occur.
About signature-based security approaches, Olson adds, “When you’re facing a day-zero threat, signatures to catch it are unavailable when the threat hits the networks. Essentially, for attacks like these, any system that requires reactive updates to vulnerabilities and threats can prove to be less than adequate at defending networking infrastructures. The only fail-safe is using rules that address how threats behave.”
Mirage Networks’ unique NAC approach ensures continuous monitoring of every network-attached endpoint. Its technology uses behavioral detection to find and surgically isolate endpoints either propagating threats or violating security policy. The out-of-band appliance detects, slows and isolates threats that are introduced onto the network by mobile computing, remote connections, and day-zero malware-complementing perimeter security solutions and giving companies a more complete, in-depth security defense infrastructure.
For more information about the WMF vulnerability, please visit www.microsoft.com/technet/security/advisory/912840.mspx.
About Mirage Networks
Mirage helps enterprises defend their networks from day-zero threats and policy violations with full-cycle Network Access Control technology. This patent-pending solution uniquely protects the network interior, controlling network access for any endpoint, no matter the operating system or device, without agents, signatures, rearchitecture, or high overhead, at every point in the network cycle. For more information about comprehensive internal network protection at a low total cost of ownership, visit www.miragenetworks.com.
|
