VigilEnt Security Agent for Web Servers 3.0 provides intrusion detection and active monitoring for Apache, Sun Microsystems iPlanet, and Microsoft IIS Web servers.

by Wayne Kawamoto [September 5, 2002]

PentaSafe Security Technologies, a provider of enterprise security management software, announced general availability of its VigilEnt Security Agent for Web Servers 3.0, which should provide customers with comprehensive vulnerability management and intrusion management capabilities for Apache, Sun Microsystems iPlanet, and Microsoft IIS Web servers.

According to the company, Web servers are one of the greatest headaches for security professionals to properly lock down as they continue to be the most visible targets for malicious attacks. Web servers typically have default configurations that require extensive customization when installed to be considered technically secure. Compounding the issue of proper security for Web servers are the frequent patches issued by vendors and the complex corporate IT architectures that prevent consistent security settings from being adequately maintained.

The company says that VigilEnt Security Agent for Web Servers 3.0 proactively assesses Web infrastructures to identify vulnerabilities before they result in expensive downtime. And the most critical aspect of vulnerability assessment—patch management—is comprehensively addressed through configuration testing and reporting to identify missing patches.

VigilEnt Security Agent for Web Servers 3.0's n-tier architecture is also designed to provide customers with intrusion management capabilities without experiencing Web server performance degradation. Additionally, VigilEnt Security Agent for Web Servers 3.0 prevents Web server attacks by actively monitoring HTTP requests and applying protocol analysis and pattern matching before the request reaches the Web server.

VigilEnt Security Agent for Web Servers 3.0 is designed to offer the following vulnerability management:

• Scans the network to identify rogue Web server installations and security issues like vulnerable cookies, dangerous links or inappropriate content
  
• Runs tests on Web server configurations, access controls, CGI/vulnerable directories
  
• Performs system hardening checks
  
• Produces comprehensive information on: 1) why the vulnerability is significant, and 2) how to correct a vulnerability.

VigilEnt Security Agent for Web Servers 3.0 is designed to offer the following intrusion management:

• Actively Monitors Web Server Requests—If suspicious activity is detected, the request is blocked and the activity is logged.
  
• Real-time Alerting—Alerts can be sent to PentaSafe's VigilEnt Security Manager and then generate an email alert or an SNMP trap.
  
• Advanced Logging—Logs can be customized to record all or selected requests, which can then be encrypted and nonrepudiated.
  
• Turnkey Set of Rules—VSA for Web Servers 3.0 includes a turnkey set of rules that can detect and block known exploits as well as general classes of attacks, such as directory traversal attacks, buffer overflow attacks, and the Unicode attack.

—End