A Comprehensive Layered Defense Against Internet
In today's e-business environment, it has become increasingly more important for enterprises to provide
access to information via the Internet, while at the same time effectively manage and protect mission critical
Features & systems and information resources. Vital Security for Web's unique proactive defense detects Active Content
Capabilities and mobile malicious code, such as ActiveX and Java, as well as embedded and stand-alone VBScript and
Traditional anti-virus These scanners create a security profile for each Active Content, identifying potential hostile attacks or
provides the first line of suspicious commands. Using security policies, administrators can block mobile malicious code that intends
defense against signature to perform hostile attacks and stop new viruses, worms, Trojan horses and spyware even before the anti-
based, known viruses. virus signature database is updated. This unique feature, integrated with anti-virus engines, can detect and
Behavior Scanning and
log viruses and worms from their introduction through their entire lifecycle, resulting in a zero Window of
Analysis Inspection provides Vulnerability.
an additional, proactive, layer
of defense against new,
unknown viruses. Behavior Analysis Inspection Unique Proactive Defense
Content Filtering guards
against manual and automatic While firewalls protect against packet level Vital Security for Web protects the Internet
downloads of documents attacks, Web traffic and other application level gateway from new, unknown attacks, long
based on document activity can bring hostile active content into a before any anti-virus software signatures can
extension and MIME type. network undetected. Similarly, traditional anti- be updated. Active Content is scanned for
virus software can be effective against known potential hostile attacks or suspicious
Web Filtering and Content viruses and worms, but they are unable to
Control allows administrators
effectively protect organizations against new, commands at the gateway. Granular policies
to create an Internet access and strict security configurations can stop
policy, filter access to Web unknown viruses and active content in real-
sites based on URL time. Vital Security for Web does not depend new viruses, worms, Trojan horses or spyware
categorization and receive upon reactive anti-virus signature database from ever infectng your network, resulting in
automatic updates to the updates alone. These updates can take hours, a zero Window of Vulnerability.
database transparently. if not days. Instead, Vital Security for Web
uses its patented real-time proactive content
User Detection enforces
security policies on real
scanning and profiling technology to provide Web Filtering and Content
logged in users and not only day-zero defenses against new, unknown and
on fixed IP addresses. targeted attacks by mobile malicious code and
Active Content. Vital Security for Web Another option is integrated Web filtering,
Centralized management and represents the most effective way to combat allowing organizations to have full control
reporting provides over 100 Trojan horses, worms and malicious ActiveX, over Web traffic and Web content that enters
specific URL and time of day. Administrators
Customizable features allow
Vital Security for Web identifies and analyzes also have the ability to create Internet access
administrators to configure downloaded content as it enters the network. policies for both users and groups. Since Web
according to their unique All characteristics of the content are sites are constantly changing and new sites are
organizational needs. contextually examined for security violations
in real-time. Any content that violates the regularly born, Vital Security for Web
corporate security policies is logged and automatically updates its database of sites and
blocked at the gateway, while end-users are URL categories transparently in the
notified with an onscreen alert. Examples of background.
security policy violations include attempts to
delete or create files, open network
connections or modify the user's registry
Vital Security for Web offers an optional
integrated anti-virus scanner to detect
traditional, known viruses. An integrated log
captures all known viruses attempting to enter
the network and administrators can customize
policies to suit their needs. Signature database
updates are automatic and transparent.
Vital Security for Web
System Requirements Content Filtering Integrated Solution Reduces
Vital Security Server on Solaris Cost of Ownership
Vital Security for Web can be configured to allow or
Solaris 8 (fully patched) block other active content entering the network. It Vital Security for Web is an integrated, best-of-breed
Oracle v7.3.4. can detect executables, plug-ins and unscannable secure content management solution, providing:
1 GB free disk space is objects such as password protected zip files. It can
required for VS Server also be configured to allow or block the simple
300 MB of free disk space is Single Point of Management: Integrated components
required for Oracle Server download of documents or documents automatically with one management console provide
(an additional 70 MB is required during launched by the browser. Security policies on administrators with all of the information required
installation) downloads are enforced based on document to stop potential attacks from ever entering the
1 GB RAM extension and MIME type. network.
Vital Security Server on Windows
Single Vendor: Significant total cost of ownership
Windows 2000 Server or savings can result from purchasing a complete
Advanced Server, SP2 or above Management and Reporting solution from a single vendor.
Pentium IV 2.4 GHz processor
1 GB of free disk space during Vital Security for Web's management and reporting Integrated Components: Costs for purchasing an
installation capabilities provide administrators with high level and integrated solution can be as much as 40% less than
1 GB RAM detailed views of their network security. Enterprise- purchasing individual, stand-alone, software.
wide reports such as mobile malicious content
Vital Security Console
received, viruses stopped and top 10 Web sites
Windows NT 4.0 SP6a, 2000 SP2, blocked, empower IT managers with the information
98 SE or ME
Microsoft Internet Explorer 5 and they need to accurately adjust their security policies as Other Features
above their company grows and changes. Some of the X-Ray Mode: Operate in a pass through mode
Pentium IV 1.6GHz processor features include: designed to provide a clear view of active
50 MB of free disk space during content activity prior to implementation,
installation and 15 MB of free Granular Policy Management: Multiple security enabling the fine-tuning of security policies.
disk space at the end of the policies can be created for different users,
installation groups or departments. ICAP Support: Vital Security for Web fully
256 MB RAM (512 recommended) supports ICAP 1.0 so existing ICAP
Exception Handling: Enables administrators to environments don't need to change
Certificate Server and Oracle organizational topology in order to install and
"white list" approved content according to URL,
Client configure Vital Security for Web.
specific active content or a specific digital
Windows 2000 Server or certificate, without the need to compromise on
Advanced Server, SP2 or above the security levels for unknown and untrusted Single Point of Management: Graphical
Pentium IV 1.6GHz processor management console manages multiple
and above content.
Oracle Client v7.3.4.
distributed servers from a single location,
256 MB RAM Content Filtering: Blocks manual and automatic providing an enterprise-ready and scalable
(512 MB RAM recommended) downloads of active content documents based solution.
20 MB of free disk space is on document extension and MIME type.
required for certificate Server, and LDAP/NTLM User Authentication: Policies
30 MB for Oracle Client are enforced on real logged-in users, not only
Integrated Logging: All mobile code security
violations, viruses detected and cleaned, and on fixed IP addresses, to detect every HTTP
*Finjan Software was Web access violations are listed in a centralized request and the user behind the request.
awarded EAL3 certification log allowing the security administrator to track
new and unknown attacks. Digital Certificate Filtering: Allows
from the SAIC for Vital administrators the ability to detect, filter and
Enhanced Logging: Every HTTP request, assign policy for digitally signed content.
Security 5.6 for Web.
security policy violation, resource misused,
performance and throughput, etc., can be High Availability: Local Vital Security for Web
logged, allowing detailed analysis of usage databases can operate independently from the
attacks, Web traffic, Web content and security central database allowing Vital Security for Web
policy violations patterns. to remain active even if the primary database
server is offline. Vital Security for Web has the
Management Reports: More than 100 standard option to operate in load balancing mode.
reports are provided by Vital Security for Web.
Dynamic custom reports can also be created Malicious Code Research Center (MCRC):
C 2003 by Finjan Software, Inc., using the built in report generator. Administrators can send blocked active content
and/or its subsidiaries.
details to Finjan's Malicious Code Research
Printed in the U.S.A. Center for analysis and advice by our expert
USA VSWDS1.0 10.03 EN
Finjan, Finjan logo and Vital Security are
trademarks or registered trademarks of Finjan
Software, Inc., and/or its subsidiaries. All other
registered and unregistered trademarks in this
document are the sole property of their
For more information
The Finjan Software products described in this
on products, services or support, contact a local Finjan sales representative at www.finjan.com
document are protected by one of more of the
following U.S. Patent Nos. 6092194, 6167520,
6480962, 6209103, 6298446, and 6353892 and
may be protected by other U.S. Patents, foreign
patents, or pending applications.