Stratum8 Networks, Inc., based in Sunnyvale, Calif., is wrapping up beta tests of its Application Protection System (APS), software meant to protect Web applications from both known and previously unknown forms of attacks. The company will face off against the likes of Sanctum, KaVaDo and Gilian Technologies in the Web security market.
Web application security involves preventing intruders from breaking into networks via the Web server, such as by modifying URLs to gain directory or server access. Attacks can also be launched at the form level, such as by inserting extra characters and attempting buffer overflow attacks.
Bob Walters, Stratum8's CEO, says his company's differentiators are its focus on real-time security, performance and scalability.
By real-time security, he means that APS looks at 100% of traffic as it travels to a Web server and blocks all attempted intrusions as they happen. The claim also refers to the fact that the product does not rely solely on intrusion signatures, which must be developed ahead of time, to detect intrusions.
Engine Builds Own Rules
Rather, APS is a policy-based engine that essentially learns what is normal behavior for a Web application by observing it in action, then building its own rules base that blocks anything outside of that norm.
Due largely to this automated rules creation, Walters says, "I think we probably have more automation than our competitors, arguably far more." The five companies currently beta testing the product have collectively had to manually add only one rule, he says.
To protect against known forms of attacks, Stratum8 will employ signature-based intrusion detection technology from an as-yet unnamed partner.
In terms of performance, Walters says a single APS box can handle up to 750 transactions per second, or about 30M bit/sec of traffic. Added latency is less than 1 millisecond, according to testing performed for Stratum8 by the independent KeyLabs.
KaVaDo also touts its strength in the performance area. According to tests by another independent lab, The Software Testing Center of the Standards Institution of Israel, throughput for KaVaDo's InterDo server was 66.7M bit/sec and it handled a maximum of 929 transactions per second. Latency was likewise less than 1 millisecond.
Stratum8 is targeting the top 100 Internet sites as well as financial services, health care, manufacturing and retail companies that have large electronic commerce sites. In addition to public Web sites, the APS product is also useful for intranet applications, especially payroll. "In three of five beta customers, that was the most troubling site for them," Walters says.
The company recently announced a deal to use Rainbow Technologies' CryptoSwift encryption acceleration engine for applications that require SSL encryption. CryptoSwift will decrypt traffic so it can be analyzed by the APS, then re-encrypt if necessary.
APS is expected to be available early in the second quarter, most likely in April, Walters says. It will cost $25,000.
Loading Comments...