Firewalls - IAC - DTIC

More documents

Recommendations

Info

Section 3 Firewall Products – application Firewalls Forum Sentry XML Gateway Abstract Forum Sentry XML Gateway features include (1) Forum XWall technology that is equipped with data authentication as well as XML IPS to actively protect against XML viruses, data corruption and denial of Web service attacks. Forum XWall ensures critical applications are appropriately accessible and continuously available by allowing network administrators to enforce perimeter policies that check the integrity of data and control access to exposed enterprise Web services. XWall peers into the “XML packet” using a unique blend of threat detection and realtime preventative countermeasures. Specifically XWall protects Web services from vulnerability discovery (e.g. through WSDL scanning), probing attacks (e.g., through parameter tampering and replay attacks), coercive parsing (e.g., through recursive payloads, oversize payloads, and DoS attacks), external reference attacks (e.g., external URI references), and malicious content attacks (e.g., schema poisoning, SQL injections). The Gateway also secures Web services communication, and provides Web services mediation and virtualization, crypto-accelerated signature, encryption, and SSL security, native protocol support for HTTP, Tibco Enterprise Message Service, IBM MQ, Java Message Service, FTP, and SMTP, and stateful request and response message processing. The Gateway’s authentication and authorization capabilities include HTTP basic authentication, SSL X.509 certificate-based authentication, SAML, WS [Web Service]-Security, support for vendor identity plug-ins, and network and WSDL message-level access control. Data-level security policies are enforced through WSDL operation and URI filtering, content filtering using Xpath and regular expressions, digital signatures and encryption, composite schema validation, and antivirus scanning of attachments. Forum Sentry supports a wide range of Web services specifications including WSDL, SOAP, XML, XSLT (eXtensible Stylesheet Language Transformation), XSD (XML Schema Definition) Schema, DTD (Document Type Definition), XPath, UDDI (Universal Description, Discovery and Integration), XML Digital Signature, 58 Firewalls IA Tools Report – Seventh Edition XML Encryption, WS-Encryption, WS-Digital Signature, WS-Trust, WS-Policy, WS-I (Web Services Interoperability organization) Basic Profile, WS-Security Token Profiles, PKCS, CRL, and XKMS. Forum Sentry XML Gateway Type of Firewall aF (XML) oS appliance: Included; Software version runs on windows, Linux, Solaris, in a VM (VMware), or in an amazon Elastic Compute Cloud (EC2) amazon Machine Image (aMI) Format appliance or Software License Commercial NIaP Validated Common Criteria developer Forum Systems Information http://forumsys.com/products/xmlgateway. php
GreenSQL Express, Light, Pro, and Database Firewall Abstract GreenSQL offers a range of commercial database application level gateway/firewall products, including GreenSQL Pro, GreenSQL Light, and GreenSQL Express. GreenSQL commercial firewalls can protect Microsoft SQL Server, MySQL, or PostgreSQL databases and Document Management Systems. GreenSQL Pro includes database firewalling, auditing, caching, intrusion detection/prevention, monitoring, and logging and reporting solutions to protect databases and database-based document management systems from internal and external threats in real time. It enforces both positive and negative security policies, and rejects intrusion attempts for queries known or suspected to be unauthorized. The firewall’s automated learning mode can automatically generate a full set of policy rules based on the specific behavior of the database to be protected. GreenSQL Light provides the same protections to single databases. GreenSQL Express is a limited free version of GreenSQL that includes a rules-based database firewall and IDS/IPS that implements a single proxy. In addition to its commercial offerings, GreenSQL offers an open source GreenSQL Database Firewall—an implementation of the GreenSQL database proxy firewall designed for protecting MySQL and PostgreSQL databases against SQL injection attacks. The logic is based on evaluation of SQL commands using a risk scoring matrix as well as blocking known database administrator commands (“drop”, “create”, etc). GreenSQL Database Firewall Type of Firewall aF (database) oS Express, Light, Pro: windows Server 2008, windows Server 2003, Linux (Ubuntu, CentoS, debian); database Firewall: Linux (debian, Ubuntu, red Hat, Fedora, CentoS, SuSE, Mandriva), FreeBSd Format Software License Express, Light, Pro: Commercial; database Firewall: open source NIaP Validated Common Criteria Section 3 Firewall Products – application Firewalls developer GreenSQL, Ltd. (Israel) Information http://www.greensql.com http://www.greensql.net Firewalls IA Tools Report – Seventh Edition 59
Page 1:
Tools E XC E L L E NC E IN INF OR M
Page 5 and 6:
Table of Contents SECTION 1 u Intro
Page 7 and 8:
Panda GateDefender Integra SB .....
Page 9 and 10:
Forward The Information assurance T
Page 11 and 12:
SECTIoN 1 u Introduction 1.1 Purpos
Page 13 and 14:
• American National Standards Ins
Page 15 and 16: application. Application-level fire
Page 17 and 18: the computer network enclave, modif
Page 19 and 20: Subscriber Line/Asymmetric Digital
Page 21 and 22: PaCKET FILTErING & STaTEFUL INSPECT
Page 23 and 24: Abstract The GCIS [General Center f
Page 25 and 26: IPFIREWALL (IPFW) Abstract The IPFI
Page 27 and 28: Netfilter Abstract Netfilter is a p
Page 29 and 30: NuFirewall Abstract The NuFirewall
Page 31 and 32: Qbik WinGate Proxy Server Abstract
Page 33 and 34: Abstract Soft in Engines Bandwidth
Page 35 and 36: Abstract The TRENDnet 4-Port Gigabi
Page 37 and 38: Untangle Firewall Abstract The Unta
Page 39 and 40: Alt-N SecurityGateway for Exchange/
Page 41 and 42: Applicure dotDefender Abstract Appl
Page 43 and 44: Armorlogic Profense Web Application
Page 45 and 46: Axway MailGate Abstract Axway (form
Page 47 and 48: Barracuda ® Spam & Virus Firewall
Page 49 and 50: Bee Ware i-Suite Abstract Bee Ware
Page 51 and 52: Cisco ® ACE Web Application Firewa
Page 53 and 54: Cisco ® IOS Firewall Abstract Cisc
Page 55 and 56: Citrix ® NetScaler ® Application
Page 57 and 58: Deny All rWeb Abstract Deny All rWe
Page 59 and 60: Deny All sProxy Abstract Deny All s
Page 61 and 62: eEye SecureIIS Abstract eEye Secure
Page 63 and 64: Abstract BIG-IP Application Securit
Page 65: Abstract Fortinet FortiWeb provides
Page 69 and 70: Abstract The IBM WebSphere DataPowe
Page 71 and 72: Igaware Web Filtering Appliance Abs
Page 73 and 74: Abstract SecureSphere Database Fire
Page 75 and 76: Imperva SecureSphere Web Applicatio
Page 77 and 78: Abstract The Korsmeyer Extensible M
Page 79 and 80: ModSecurity Abstract ModSecurity is
Page 81 and 82: MONITORAPP Web INSIGHT SG Abstract
Page 83 and 84: Oracle ® Database Firewall Abstrac
Page 85 and 86: Abstract iBoss Home Internet Parent
Page 87 and 88: PrismTech Xtradyne I-DBC IIOP Firew
Page 89 and 90: Privacyware ThreatSentry Abstract I
Page 91 and 92: Qualys ® IronBee Abstract IronBee
Page 93 and 94: Abstract RedCondor Message Assuranc
Page 95 and 96: SafeNet ® eSafe Mail Security Gate
Page 97 and 98: seaan.net MXtruder Abstract seaan.n
Page 99 and 100: SpamTitan Abstract SpamTitan protec
Page 101 and 102: Trustwave WebDefend ® Abstract Tru
Page 103 and 104: webScurity WebApp.secure Abstract
Page 105 and 106: Alcatel-Lucent VPN Firewall Brick
Page 107 and 108: Astaro Security Gateways Abstract
Page 109 and 110: Abstract BluegrassNet Voice SP100 F
Page 111 and 112: Check Point IP Appliances Abstract
Page 113 and 114: Check Point Series 80 Appliance Abs
Page 115 and 116: Cisco ASA 5500 Series Adaptive Secu
Page 117 and 118:
Abstract Clavister offers a series
Page 119 and 120:
EdenWall Security Appliances Abstra
Page 121 and 122:
Endian UTM Software, Hardware, and
Page 123 and 124:
Fortinet ® FortiGate ® Appliances
Page 125 and 126:
GeNUGate Two-Tier Firewall Abstract
Page 127 and 128:
Gibraltar Security Gateways Abstrac
Page 129 and 130:
Global Technology Associates GB-War
Page 131 and 132:
Halon SX Series Firewalls Abstract
Page 133 and 134:
HP ProCurve Threat Management Servi
Page 135 and 136:
Abstract IBM Security Server Protec
Page 137 and 138:
Igaware Network Protector Abstract
Page 139 and 140:
Abstract The InJoy Firewall perform
Page 141 and 142:
IPCop Abstract IPCop is a Linux-bas
Page 143 and 144:
Abstract The Juniper Networks NetSc
Page 145 and 146:
Abstract Oracle Database Firewall c
Page 147 and 148:
McAfee Firewall Enterprise Abstract
Page 149 and 150:
Microsoft ® Internet Security and
Page 151 and 152:
Abstract NETASQ U-series appliances
Page 153 and 154:
NETGEAR ® ProSafe Wired and Wirele
Page 155 and 156:
NetSentron ® NS200 Lite and NS200
Page 157 and 158:
O2Security SifoWorks Firewall/IPse
Page 159 and 160:
Palo Alto Networks Enterprise Firew
Page 161 and 162:
pfSense Abstract pfSense is a free,
Page 163 and 164:
Abstract The substation-hardened SE
Page 165 and 166:
Abstract SECUI.com UTM appliances i
Page 167 and 168:
Abstract The SecureLogix ETM System
Page 169 and 170:
SmoothWall ® Advanced Firewall and
Page 171 and 172:
SOHOware BroadScan UTM Internet Se
Page 173 and 174:
Abstract StoneGate Firewall/VPN App
Page 175 and 176:
Trlokom OmniVPN and Katana Gateway
Page 177 and 178:
Ubiq-Freedom Abstract Ubiq-Freedom
Page 179 and 180:
Vordel ® Gateway Abstract Vordel G
Page 181 and 182:
WatchGuard ® Extensible Threat Man
Page 183 and 184:
Zentyal Gateway Abstract Zentyal Ga
Page 185 and 186:
Abstract ZyXEL’s ZyWALL Unified S
Page 187 and 188:
SECTIoN 4 u Personal Firewalls as w
Page 189 and 190:
Firewall Exceptions Information For
Page 191 and 192:
4.2 Personal Firewalls for Mobile D
Page 193 and 194:
SECTIoN 5 u Firewall Resources The
Page 195 and 196:
uXXu, Haiping, Abhinay Reddyreddy,
Page 197 and 198:
A.1 Acronyms and Abbreviations Acro
Page 199 and 200:
Acronym/Abbreviation Amplification
Page 201 and 202:
Acronym/Abbreviation Amplification
Page 203 and 204:
A.2 Glossary Term Definition applia
Page 205:
Term Definition APPENDIX Acronyms,
show all

Firewalls - IAC - DTIC

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?