Malicious Mobile Code Fact Sheet from Finjan


Published on

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Malicious Mobile Code Fact Sheet from Finjan

  1. 1. ELIMINATE MOBILE CODE THREATS With Firewalls, PKI, Intrusion Detection and Anti-Virus Software Are No Longer Enough Mobile code, such as Java applets, JavaScripts, ActiveX controls and VBScripts are increasingly becoming an essential part of e-business. Mobile code enables interactive and feature rich web sites and e-mail content and is normally transparent to the user. However, there’s a dark side to mobile code. Because it can have broad permissions, mobile code can execute malicious activities such as: • Accessing confidential information • Acting as a transport mechanism for viruses • Running programs from client machines In today’s always-on environment, malicious mobile code is deemed to be the biggest threat to computer security systems. Nimda infected 70% of Fortune 1000 companies (all of whom had firewall and anti-virus software deployed). It caused one major brokerage firm to shut down their entire network for 11 days. "Finjan identified the problem early on with comprehensive “Finjan is the market products that are proving sound and easy to implement. To leader in proactive me, it's the clear leader. If I'm worried about security of mobile malicious mobile code security.” code, Finjan would be the company I'd talk to." - GIGA Information Group Key Features Total Protection from Malicious Mobile Code: Finjan’s Vital Security Solution protects against malicious mobile code attacks from: • ActiveX controls • Java applets • JavaScript – both embedded and stand-alone • VBScript – both embedded and stand-alone Vital Security also provides these additional security technologies to catch every possible policy violation from any type of attack: • Anti-Virus • URL Category Filters • URL Filters • Active Content Filters (e.g., documents, executables, plug-ins) • Certificate Filters • E-Mail sender Filters • Spam "Finjan currently offers the strongest enterprise defense against mobile code, with the most flexible performance and scalability characteristics." – Patricia Seybold, Seybold Group
  2. 2. Easy to Use Policy Management and Reporting to Simplify Security Administration • Policy Wizard to make adding, changing and deleting policies extremely simple • Granular policy engine with white and black lists to allow exceptions for safe sites • Over 125 standard reports out of the box • W3C formatted log files • X-Ray analysis to peek into your network without impacting your users • Automatically update policies from log entries Security Expertise to Help You Every Step of the Way • Malicious Code Research Center – our one-stop resource for information on malicious mobile code and alert notifications. Customers can send blocked active content details to Finjan’s Malicious Code Research Center for analysis and advice by our expert security engineers. How MMC Scanning and Filtering Works Protecting All of Your Computer Assets At the corporate network gateway Finjan’s Vital Security behavior analysis does contextual analysis of the entire mobile code packet rather than just scanning for key words or phrases. This produces far fewer false positives and eliminates loopholes for hackers to exploit. Vital Security for Web detects active content and protects incoming HTTP/FTP/HTML/HTTPS (SSL) traffic by scanning active content objects. Vital Security for E-Mail protects for SMTP and POP3 traffic. Both include the following: • Proactive content inspection and blocking of hostile active content objects, including executables, plug-ins, MS Office documents, embedded and stand-alone scripts • Learning from previous code analysis to streamline processing time • URL filtering by origin (source) and by digital certificates At the user’s desktop, Vital Security for Clients detects active content as it begins to run, monitors it during runtime and enforces your security policies, including: • Detection of start/stop events of active content objects in the system • Runtime monitoring of active content object activities at the operating system level • Runtime monitoring of Java Applets at the Java Virtual Machine level • Ability to control (kill) running active content objects • User only sees safe content; all potentially harmful content is blocked and eliminated before it gets to the screen Policies and Profiles Using Finjan’s policy management console, Vital Security Console, system administrators can configure and control a corporate-wide security policy for all Internet traffic in the network, including ActiveX, Java, executables, JavaScript, VB Script and embedded plug-ins. All Finjan Vital Security Solutions support security auditing through detailed log-based activity reports, which can be produced and viewed using the logging and reporting feature built into Vital Security Console. Vital Security allows the administrator to set a block/allow/scan policy for every active content type. For each type of code, an "Allow" policy passes it through without modification. A "Block" policy will block the active content object from being sent to the user. A "Scan" policy will pass the code through the appropriate code scanner, create a unique identifier for the code object, and compare the code profile to the policy.
  3. 3. The security profile contains all potentially sensitive resources and hostile operations that the active content object can act on or perform on the client’s desktop. Similarly, a security policy represents the parallel set of permissions to access restricted resources: • File system operations: Read, Read/Write • Network access operations: Listen, Connect, Send, and Receive • Registry operations: Read, Write • Operating System operations, such as creating, terminating, or changing the priority of processes and threads; accessing other applications that are running; loading dynamic link libraries, etc. • JVM and Browser operations that involve access to internal objects inside the browser or the Java Virtual Machine, such as using the browser services to send e-mail, read/write cookies, change the settings of the Java Virtual Machine Security Manager, etc. The Best Solution Finjan’s key benefit lies in its ability to proactively scan code coming from the Internet using our patented contextual behavior analysis technology, profile the code to determine which resource access operations it may attempt to perform and block code that attempts to perform operations that are not allowed according to the predefined policy. This is the heart of Finjan’s ability to block new attacks without any prior knowledge of them and close the Window of Vulnerability of traditional signature-based anti-virus software. The Finjan Vital Security Solution is the industry’s only integrated best-of-breed content security solution with contextual behavior analysis for malicious mobile code defense, traditional virus protection, integrated web content filtering, Internet access management, central management and reporting, spam control and our unique watermarking and document auditing technology. About Finjan Finjan Software’s Vital Security™ is the only complete and integrated Secure Content Management solution in which individual best-of-breed security applications work together in concert to proactively respond to changing security threats today and tomorrow. Supplementing traditional security methods, Vital Security defends enterprises against Malicious Mobile Code using intelligent behavior analysis and comprehensive policy management. Vital Security is designed with high availability and scalability, for enterprises of all sizes, including those with over 100,000 users. Finjan is recognized by analyst firm IDC as the leader in the worldwide Malicious Mobile Code security market. For more information, visit © 2004 by Finjan Software, Inc., and/or its subsidiaries WWW.FINJAN.COM Printed in the U.S.A. USA MMCFS2.0 03.04 EN Finjan, Finjan logo, and Vital Security are trademarks or registered trademarks of Finjan Software, Inc., and/or its subsidiaries. All other registered and unregistered trademarks are the sole property of their respective owners. The Finjan Software products described in this document are protected by one or more of the following U.S. Patents: 6092194, 6167520, 6480962, 6209103, 6298446, and 6353892 and may be protected by other U.S. Patents, foreign patents, or pending applications.