Blue Lane ServerShield

How It Works

Deployment

Coverage

Features and Benefits

ServerShield for Oracle

InfoWorld's Review

How ServerShield Works

ServerShield is a network appliance-based application and protocol layer vulnerability shield that delivers comprehensive server protection from attacks against known vulnerabilities without the traditional signatures, tuning and false alarms common with older network IDS/IPS architectures.

ServerShield protects by performing a discovery of servers, including the applications, ports and protocols. Based on the discovery, ServerShield determines and provisions the relevant, application-specific protection for software vulnerabilities.

As traffic flows through ServerShield to the servers, individual sessions are decoded and monitored for vulnerable conditions. When necessary, ServerShield can even replicate the function of a software security patch by applying a corrective action directly within the network stream. This novel capability is one of many key features of Blue Lane's award-winning architecture. Other capabilities include sophisticated protection against polymorphic (mutating exploits) attacks, cross-site scripting and SQL injection.

As new software security patches are released by software application vendors, ServerShield automatically downloads the appropriate inline patches from Blue Lane. Updates may be applied dynamically without requiring any reboots of the servers or the ServerShield appliance. The result is fast protection against network attacks without compromising server availability.

Server Discovery (click to watch movie)

The first step after deploying ServerShield is to define the specific servers and applications that must be protected. A network scan identifies the applications to be protected.

Validation (click to watch movie)

Within the web-based interface of the ServerShield Manager, an administrator can easily validate that the appropriate inline patch and inline policy protection has been activated for each individual server application.

Event Detection (click to watch movie)

Once servers have been discovered, the protection has been validated and activated, any event that triggers an inline patch or inline policy correction is logged and reported as a security event.