August 4, 2008
Marshal Protects Customers From DNS Vulnerability
Secure email and Web gateway security provider Marshal today announced that all customers using WebMarshal, the company's secure Web gateway, are protected from threats that may be created from the recently disclosed Domain Naming System (DNS) security vulnerability.
"We know that many of our customers were alarmed when they read about the DNS vulnerability and we've been assuring them that if they are using WebMarshal, they are fully protected as long as they are using integrated malware scanners," said Bradley Anstis, VP of Products for Marshal. "Unlike Web security solutions that provide protection only through URL filtering, WebMarshal also provides real-time content scanning and analysis. These extra layers of protection keep malicious code embedded in websites from being downloaded and infecting desktop computers and servers."The recent disclosure of a significant DNS security vulnerability this month prompted operating system and DNS software vendors to create and release patches before details of the flaw were disclosed. Unfortunately, those details were leaked on July 25 before some vendors could produce security patches, leaving Internet users to question the safety of visiting Websites until all patches are in place.
The DNS security vulnerability makes it possible for hackers to "poison" the DNS cache, translating users' reputable Website requests into bogus addresses for sites that could contain any manner of malicious code. Because the site names would appear legitimate, active scans of the pages that are returned are necessary in order to block these exploits. The typical Web security products that companies use today are based on URL filters and will not detect the problem, leaving users vulnerable to any security threats that reside on the hacker's website.
WebMarshal's content filtering is also effective against anonymizer proxy sites, which allow employees to bypass URL filter rules put in place by companies to restrict access to offensive websites. On July 26, Binary Day published a list of more than 900 proxy sites that can be used to skirt around Web security products that employ URL filtering alone to help organizations prevent visits to unauthorized websites.
"WebMarshal is engineered to provide enterprise-wide protection from Web-based security threats at the gateway, provide Web access control to support corporate acceptable use policies, and prevent data leakage," said Anstis. "WebMarshal customers can rest assured that their company is protected from any DNS security issue that may arise and any other Web-based threat."
More about WebMarshal
WebMarshal is a 3-in-1 secure Web gateway that goes beyond URL filtering to combine technologies for Web access control, data leakage prevention and Web threat security into one easy-to-manage and highly scalable solution.
Marshal is a global leader in content security across multiple protocols, enabling organizations to secure their IT environment, protect against threats and comply with corporate governance needs. Marshal provides customers with a complete portfolio of policy-driven email and Internet solutions that integrate content filtering, compliance, secure messaging and archiving. Forty percent of the Global Fortune 500 companies use Marshal security solutions to secure their corporate messaging networks and Web access against internal abuse and external threats such as viruses, spam and malicious code. More than 7 million users in over 18,000 companies worldwide use Marshal solutions to protect their networks, employees, business assets and corporate reputation and to comply with corporate governance legislation requirements.
Marshal's Americas headquarters is in Atlanta, Georgia, with corporate headquarters in London (UK) and offices in Auckland (New Zealand), Houston (USA), Johannesburg (South Africa), Munich (Germany), Paris (France) and Sydney (Australia). More information is available at www.marshal.com.
Media Contact: Monica Shaw Carabiner Communications 770-367-9534 [email protected]