Protect Web Services with the Teros 200

The Teros 100 Secure Application Gateway is one of the most effective security appliances on the market and has been chosen by the CRN Test Center as its 2003 Product of the Year. Teros' newest unit, the Teros 200, incorporates a dual-CPU design to double throughput and protect twice as many Web servers as the Teros 100. The device features transparent session failover capability to eliminate single points of failure and includes dual power supplies and two hard drives for redundancy.

Teros' adaptive technology guards against potential threats by differentiating them from normal Web traffic. The vendor's appliances learn an application's proper behavior and block any activity that deviates from the norm. The Teros 100 and 200 can therefore protect against undocumented attacks without relying on signatures.

Teros examines incoming and outgoing Internet traffic at the packet level to perform realtime security analysis. The units run a hardened version of Linux, which makes it easy to upgrade and add functionality.

Teros uses the HTML Interaction Model (HIM) process to control traffic between browsers and web servers. In the process, however, HIM can mistake some traffic as an attack, especially when Web developers have implemented nonstandard programming techniques. But Teros' learning mode lets solution providers trend and catalog both typical and atypical Web traffic to fine-tune network traffic policies.

Web services are a valuable business tool for automating business processes, e-commerce transactions and the exchange of valuable data. Unfortunately, Web service interfaces also give hackers new targets to attack. Teros' Web Services Security Gateway, incorporated into both the Teros 100 and 200, defends against the most common application-layer attacks such as buffer overflow attacks, SQL injection attempts and denial-of-service (DoS) attacks by using application learning and attack defenses.The Teros 200 provides integrated security for both traditional and Web services applications, simplifying management. The Teros appliance uses the Web Services Description Language (WSDL) to generate a list of operations supported by individual applications. Users may perform only those operations described by WSDL, and Teros blocks any attempt to invoke an operation that is not defined in the WSDL file. The network administrator can define which operations users can access.

Sensitive data such as Social Security Numbers or credit card numbers are easily recognized by Web service applications. When the Teros 200 recognizes this data, it automatically blocks unauthorized users from accessing the information. The appliance authenticates user identity to verify which users and applications can access the protected data. The Teros 200 is compatible with third-party identity management providers.

The Teros 200 also protects servers from malicious SOAP or XML attacks. Most SOAP messages are sent using SSL to ensure the confidentiality and integrity of the transmitted data. Teros provides hardware-based SSL acceleration, with support for authentication. It also defends against malicious SQL code used by hackers to extract critical data. If the appliance detects unauthorized SQL code, it can block the code or render it inactive. The device also blocks the requests of URLs, cookies or headers that are longer than the length specified by the network administrator to prevent buffer overflow. Using adaptive technology, Teros can detect and protect against denial-of-service attacks by identifying and blocking the packet floods that cause them.

Teros' two-tier channel program offers sales, marketing and technical support, a partner Web site with white papers and sales and marketing materials, and demonstration units. The vendor's dedicated sales representatives and system engineers also assist partners in sales and integrations. Margins average 35 percent, and the Teros-200 starts at $45,000.