Intrusion prevention without false positives or service disruption
Now you can proactively protect servers, databases, hypervisors and even VMs from the most sophisticated network attacks and evasions without false alarms, without signatures, without tuning and without having to reboot servers.
How it Works
Blue Lane’s unique application layer architecture was designed to secure all leading datacenter applications, databases and operating systems. Because Blue Lane understands and decodes ALL 130+ data center protocols and services, traffic is quickly inspected for pointers showing “vulnerability intent”. Then any traffic headed for a known vulnerability is decoded, analyzed and appropriate action taken (based on vulnerability targeted, protocol used and the nature of the attack) via Blue Lane’s patented controlled code execution.
There is no confusion between real exploits and suspicious traffic. Exploit countermeasures are applied without adding latency or requiring additional hardware assist. Even more importantly, server availability (session state) is maintained, even during an attack. Find out more by reading our ServerShield technology white paper.
With Blue Lane’s unique approach, evasions designed to exploit deep packet inspection network IPS can be rendered harmless with appropriate countermeasures without disrupting server sessions. These evasions include: IP fragmentation; cross-site scripting; SQL injection; and zero day polymorphic (mutating) attacks.
As your enterprise moves to virtualize production environments you can manage both physical and virtual infrastructure security from a single management interface, without forklifts, without false alarms and without layers of dedicated point security products for individual operating systems or databases or hypervisors or VMs.
One advanced architecture secures the entire data center, from physical to virtual, from Oracle databases to leading server operating systems and applications servers, embedded systems, hypervisors and VMs.
Blue Lane’s Application Layer Architecture: Unmatched Intelligence and Protection
Blue Lane lets innocent traffic pass while applying application layer, granular security policies to traffic that targets software vulnerabilities or violates preset policies.
No other network security product can understand and act on such a broad range of protocols nor proactively protect such a comprehensive array of data center software vulnerabilities, from Oracle databases to Windows servers and VMware hypervisors. Granular security policies can be enforced by user, by protocol, by application, by vulnerability, by VM cluster or even by port.
Blue Lane protects dozens of leading operating systems, applications and databases at the application layer, where evasion is extremely difficult. As exploits are identified by protocol, operating system, application and vulnerability targeted, appropriate action is taken (based on protocol, vulnerability and the nature of the attack) to ensure protection and maintain availability. There are no signatures or anomaly patterns used.
Blue Lane’s Best of Breed Approach
- Highly accurate – no signatures or tuning
- Comprehensive and real time – all protocols and known vulnerabilities protected
- Appropriate response – based on protocol, vulnerability and attack
- Exception-based – focuses processing power on malicious traffic
- Unified architecture – a single architecture protects physical and virtual infrastructure
Blue Lane has won top industry awards in security, including Best of Interop, Technology of the Year (InfoWorld) and Best of VMworld (finalist). Microsoft tested Blue Lane last year and reported " no false positives” in a press release published July 2007.
Contact us today for more information.
|
|
