Granular Application Control Beyond Ports 80 and 443
Many of the applications we rely on to conduct business, such as Skype, WebEx and others, use proprietary signatures and non-standard ports to communicate. But applications using these non-standard ports can introduce threats that result in data loss. Standard security solutions that try and manage content only through Ports 80 and 443, can’t give you the protection you need to secure your organization at the gateway.
Only iboss Web Security protects you from unwanted applications with application control that monitors traffic traversing all 131,070 ports on your network including UDP non-standard ports, which are a conduit for many of today’s advanced attacks. By combining comprehensive application control with deep packet inspection (DPI) and best-of-breed signature and heuristics, iboss assures that business –critical applications function smoothly, while unwanted applications and threats are blocked.
iboss delivers next-generation application protection at the gateway:
- Application scanning across all 65K non-standard UDP ports and protocols – prevents applications that use nonstandard data channels from gaining access at the gateway.
- Stream-based blocking – Only iboss can stop data transfers mid-stream, so even the most complex applications, running on stateless UDP protocols, can be stopped.
- Dynamically updated URL database – The iboss hybrid cloud database uses best-of breed URL and signature libraries that are updated in real-time, giving you immediate defense against proxy circumvention attempts and other threats.
- Trigger-based alerts – iboss Web Security provides trigger-based email alerts on keywords and events in real time, providing administrators with specific information on potential threats.
- HTTPS/SSL Enforcement – iboss uses a multi-layer approach to enforce encrypted streams. By intercepting and inspecting SSL certificate exchanges and certificate validity, iboss ensures that policies are applied where other solutions can leave you vulnerable.
- Advanced Protocol Management (SSH/RDP/FTP) – iboss manages these protocols and internal servers via your group policy settings which restrict access to authorized personnel only.
Unrivaled Defense against Unwanted Applications:
Torrent and File-Sharing
These applications are popular with hackers and use multiple ports and protocols designed to circumvent your network security. By tracking the signature footprint of these applications, iboss is able to control them and keep them from reaching your network regardless of how they communicate.
Dynamic Glype-Proxy Detection – Thousands of Glype proxies can be created daily, making them a very popular circumvention tool. By using signatures and heuristics, iboss can detect the latest proxies even if they’re not previously classified.
Proxy attempts to circumvent your Internet security solution not only violate your organization’s policies, they are potential avenues for delivering advanced threats such as viruses, botnets and malware. iboss offers a multi-layered approach to defending against proxies and proxy applications such as Ultrasurf, Hotspot shield and others:
Online gaming applications using non-standard data channels are easily blocked by iboss signature and traffic-pattern analysis. In addition, iboss technology allows you to apply your security policies to all devices and clients, including handhelds and gaming consoles, to conserve bandwidth and prevent productivity loss.
Set policies to block or schedule access to IM/Chat applications including ICQ, AIM, Yahoo Messenger, MSN Messenger, IRC, Jabber, iChat, and more. Filtering is conducted using the traffic signature, which delivers the most effective policy enforcement.