Skip to page contents

---

Select language...       English English (US) Deutsch Español Français Italiano 中文 (Chinese)

Extranet    | | Legal & Privacy Notice | Search | Sitemap | 

---

---

Products and Solutions    Training    Support    Partners    How to Buy Contact | About us | Press & Media | Investor Relations

---

Press Releases | RSS Feeds | Events | Expert Insights | Newsroom | Brand Place | Contact Information | Use Terms |

---

• English
• 2010
• 2009
• 2008
• 2007
• 2006
• 2005
• 2004
• 2003
• English (US)
• Deutsch
• Español
• Français
• Italiano
• Suomeksi

---

---

Product News

StoneGate IPS detects and blocks attacks that use new evasion techniques announced by CERT/CC

HELSINKI, Finland – 16 May, 2007 – Stonesoft Corporation, an innovative provider of integrated network security and business continuity solutions, announces that the new StoneGate IPS versions 4.0 and later are capable of detecting and blocking attacks that use the new evasion technique reported by CERT Coordination Center (CERT/CC).

According to the CERT/CC vulnerability note published on 15 May 2007, the new evasion technique is used for bypassing intrusion detection/prevention systems that scan HTTP traffic. The attacker can bypass security controls of an IDS/IPS using encoded data with HTTP POST method. If the IDS/IPS does not decode Fullwidth Unicode encoded HTTP POST request data, an attack will not be detected and can cause damage within the web server.

“The new StoneGate IPS contains pretty effective normalization for HTTP client requests”, says Mika Rautila, Chief Technology Officer of Stonesoft. “IPS allows protecting corporate networks fast and without downtime. Bringing down business-critical services for maintenance means lost revenue, but with StoneGate IPS, security vulnerabilities can be patched without the need for unscheduled maintenance breaks.”

The StoneGate™ secure connectivity solution comprises of a Firewall and an Intrusion Prevention System (IPS). The StoneGate IPS, comprising of an IDS (Intrusion Detection System) and an IPS (Intrusion Prevention System), defends the network proactively by detecting malicious packets within regular network traffic and blocking them before any damage occurs. Implementing StoneGate IPS expands the defence further within networks enabling comprehensive, multi-dimensional network security. StoneGate Firewall and IPS work together to provide intelligent defence all over the enterprise network.

For more information:

Mika Rautila
Chief Technology Officer
Stonesoft Corporation
Tel. +358 9 476 711
Email: mika.rautila@stonesoft.com

About Stonesoft

Stonesoft Corporation (OMX: SFT1V) is an innovative provider of integrated network security and business continuity. Stonesoft is a global company focused on enterprise level customers requiring advanced network security and always-on business connectivity with low TCO, best price-to-performance ratio, and highest ROI. StoneGate™ Security Platform unifies firewall, VPN and IPS, blending network security, end-to-end availability and award-winning load balancing into a unified and centrally managed system for distributed enterprises. Founded in 1990, Stonesoft Corporation has corporate headquarters in Helsinki, Finland and Americas headquarters in Atlanta, Georgia. For more information, visit www.stonesoft.com.

Wednesday, May 16, 2007

---