Interop: IronPort's S-Series Blocks Suspicious Content At The Web Page Component Level

Here at Interop 2008 in Las Vegas, IronPort (a division of Cisco) is showing off its latest security solutions -- the S650 and the S350 Web Security Appliances. The S-Series was a <a href="http://www.bestofinterop.com/finalists/">finalist</a> in this year's Best of Interop competition. In the new security appliance, the company leverages its <a href="http://www.senderbase.org/">SenderBase</a> anti-spam reputation management technology to determine what parts of a Web page (if any) to let through

David Berlind, Chief Content Officer, UBM TechWeb

May 1, 2008

2 Min Read
InformationWeek logo in a gray background | InformationWeek

Here at Interop 2008 in Las Vegas, IronPort (a division of Cisco) is showing off its latest security solutions -- the S650 and the S350 Web Security Appliances. The S-Series was a finalist in this year's Best of Interop competition. In the new security appliance, the company leverages its SenderBase anti-spam reputation management technology to determine what parts of a Web page (if any) to let through to users' browsers. In the video below, IronPort product manager Samantha Madrid tells me more about the S-Series.

These days, it's not uncommon for the Web pages we visit to pull their content from multiple Web servers from across the Web in order to finish rendering themselves. The problem is that we never know when some Web page we visit might attempt to deliver a malicious payload to our PCs. We might be visiting a reputable site. But, if that site is pulling content from third parties, it's harder for that site to guarantee that all the components on a Web page are safe.

Through a variety of technologies, most modern browsers do a pretty good job of preventing sudden infection by way of malicious components. But, in some cases, there are systems out there in enterprises that aren't running the latest browsers. In other cases, users may be misled into downloading malicious software (the equivalent of manually overriding a browser's safeguards).

About five years ago, IronPort started SenderBase as an anti-spam technology. As Madrid explained to me in the video, pretty much all spam comes with a Web address embedded into it. Once you have some idea of which Web addresses are associated with spam (an association that SenderBase keeps track of), you can make certain assumptions about any traffic that's associated with those Web addresses (or the IP addresses they resolve to). Originally, those "associations" were used to help filter e-mail (one type of traffic) suspected of being spam from business networks. In this newer S-Series, IronPort looks for Web page components whose source resolves to the same suspicious domains found in the SenderBase database. If there's a match, it allows the Web page to finish loading, but without those "matching" components.

The S-Series does way more than just this (in the area of Web security) and you should listen to Madrid as she rattles off all the S-Series' other features.

About the Author

David Berlind

Chief Content Officer, UBM TechWeb

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights