1. ELIMINATE MOBILE CODE THREATS
With
Firewalls, PKI, Intrusion Detection and Anti-Virus Software Are
No Longer Enough
Mobile code, such as Java applets, JavaScripts, ActiveX controls and VBScripts are increasingly
becoming an essential part of e-business. Mobile code enables interactive and feature rich web sites
and e-mail content and is normally transparent to the user.
However, there’s a dark side to mobile code. Because it
can have broad permissions, mobile code can execute
malicious activities such as:
• Accessing confidential information
• Acting as a transport mechanism for viruses
• Running programs from client machines
In today’s always-on environment, malicious mobile code
is deemed to be the biggest threat to computer security
systems. Nimda infected 70% of Fortune 1000 companies
(all of whom had firewall and anti-virus software deployed). It caused one major brokerage firm to
shut down their entire network for 11 days.
"Finjan identified the problem early on with comprehensive “Finjan is the market
products that are proving sound and easy to implement. To leader in proactive
me, it's the clear leader. If I'm worried about security of mobile malicious mobile code security.”
code, Finjan would be the company I'd talk to." - GIGA Information Group
Key Features
Total Protection from Malicious Mobile Code:
Finjan’s Vital Security Solution protects against malicious mobile code attacks from:
• ActiveX controls
• Java applets
• JavaScript – both embedded and stand-alone
• VBScript – both embedded and stand-alone
Vital Security also provides these additional security technologies to catch every possible policy
violation from any type of attack:
• Anti-Virus
• URL Category Filters
• URL Filters
• Active Content Filters (e.g., documents, executables, plug-ins)
• Certificate Filters
• E-Mail sender Filters
• Spam
"Finjan currently offers the strongest enterprise defense
against mobile code, with the most flexible performance
and scalability characteristics." – Patricia Seybold,
Seybold Group
2. Easy to Use Policy Management and Reporting to Simplify Security Administration
• Policy Wizard to make adding, changing and deleting policies extremely simple
• Granular policy engine with white and black lists to allow exceptions for safe sites
• Over 125 standard reports out of the box
• W3C formatted log files
• X-Ray analysis to peek into your network without impacting your users
• Automatically update policies from log entries
Security Expertise to Help You Every Step of the Way
• Malicious Code Research Center – our one-stop resource for information on malicious mobile code
and alert notifications. Customers can send blocked active content details to Finjan’s Malicious Code
Research Center for analysis and advice by our expert security engineers.
How MMC Scanning and Filtering Works
Protecting All of Your Computer Assets
At the corporate network gateway Finjan’s Vital Security behavior analysis does contextual analysis of
the entire mobile code packet rather than just scanning for key words or phrases. This produces far fewer
false positives and eliminates loopholes for hackers to exploit.
Vital Security for Web detects active content and protects
incoming HTTP/FTP/HTML/HTTPS (SSL) traffic by scanning
active content objects. Vital Security for E-Mail protects for
SMTP and POP3 traffic. Both include the following:
• Proactive content inspection and blocking of hostile active
content objects, including executables, plug-ins, MS Office
documents, embedded and stand-alone scripts
• Learning from previous code analysis to streamline
processing time
• URL filtering by origin (source) and by digital certificates
At the user’s desktop, Vital Security for Clients detects active content as it begins to run, monitors it
during runtime and enforces your security policies, including:
• Detection of start/stop events of active content objects in the system
• Runtime monitoring of active content object activities at the operating system level
• Runtime monitoring of Java Applets at the Java Virtual Machine level
• Ability to control (kill) running active content objects
• User only sees safe content; all potentially harmful content is blocked and eliminated before it
gets to the screen
Policies and Profiles
Using Finjan’s policy management console, Vital Security Console, system administrators can configure
and control a corporate-wide security policy for all Internet traffic in the network, including ActiveX,
Java, executables, JavaScript, VB Script and embedded plug-ins.
All Finjan Vital Security Solutions support security auditing through detailed log-based activity reports,
which can be produced and viewed using the logging and reporting feature built into Vital Security
Console.
Vital Security allows the administrator to set a block/allow/scan policy for every active content type.
For each type of code, an "Allow" policy passes it through without modification. A "Block" policy will
block the active content object from being sent to the user. A "Scan" policy will pass the code through
the appropriate code scanner, create a unique identifier for the code object, and compare the code profile
to the policy.