|
Zero
day attacks can devastate a network. These are the attacks that target
application vulnerabilities that are unknown to the application's
creators and for which no patch yet exists. By exploiting these
vulnerabilities, attackers can enter your network to execute code. In
the worst case, an attacker can exploit these flaws to gain complete
control of a victim's computer.
To be protected from
malicious zero day threats, you must have proactive zero day defenses
already in place when the attack is launched. You get this critical
level of protection with the Firebox® X family of Unified Threat Management security appliances.
What "Zero Day" is All About
There's a lot of buzz in the security industry about "Zero Day" attack
protection, but vendors differ substantially in the protection they
really provide.
- Zero Day threats are new or unknown attacks for which a patch or signature has not been written
- Zero Day protection,
therefore, means being protected against a new and unknown threat
before the vulnerability is discovered and the exploit is created and
launched
Zero day protection means being protected against a new and unknown threat during the window of vulnerability timeframe.
True Zero Day Protection is Built into the Firebox® X
The Intelligent Layered Security architecture of the Firebox X combines
key security capabilities able to defend against whole classes of
attacks. Some of these capabilities include:
- Protocol anomaly detection Blocks malicious traffic that does not conform to established protocol standards
- Pattern matching
Flags and removes high-risk files, such as .exe and scripting files,
viruses, spyware, and trojans from the system by fully inspecting the
entire packet
- Behavior analysis
Identifies and stops traffic from hosts exhibiting suspicious
behaviors, including DoS and DDoS attacks, port scans, and address scans
What Signatures Bring to a Security Solution
Some vendors make zero day claims but in reality their security solutions rely solely on signature-based scanning.
Signature-based
security technologies fingerprint each new attack after it emerges, so
protection comes when this fingerprint, or signature, is added to the
system. This is not zero day protection. By their nature, signatures
are reactive; they cannot protect against new, previously unknown
attacks until an update is available.
Signature-based
scanning provides a granular layer of protection against spyware,
viruses, worms, trojans, and blended threats by identifying known
malicious code within benign-looking traffic and files. But this
technique is only one piece of a complete solution. You need zero day
protection combined with robust signature-bases scanning to have
comprehensive Unified Threat Management.
The Window of Vulnerability
Signature-based solutions block what has already been identified. Your
network is still exposed from the time a new exploit has been launched
until a signature or patch is developed and then deployed.
Considering
the speed and destructiveness of today's attacks, even a few minutes
without protection can be devastating. The reality is, it can sometimes
be hours, days, even weeks before a signature or patch is developed and
deployed, making this window of vulnerability every IT manager's
nightmare.
» See our powerful Firebox X Unified Threat Management appliances
» Find out more about the intelligent layered security architecture of the Firebox X. Get the Intelligent Layered Security white paper.
|
