Juniper Networks this week unveiled enhancements to the Web security software it obtained via the acquisition of Mykonos Software in February.
The new release of Mykonos Web Security software provides 30 new features and extensions designed to protect against a wider range of attackers and hacking techniques. The software is also designed to simplify configuration for security administrators, and improve scalability for increasing traffic volumes.
EMBEDDED: Insider's view into Web application abuse: 5 phases of an attack
Web applications and websites are some of the most popular targets for hackers because they remain the largest unprotected threat in corporate networks, Juniper says. The company says almost 75% of organizations have been hacked at least once in the past two years through insecure Web applications.
The Mykonos software uses deception to create detection points to identify malicious attackers as they attempt to hack their target. The software then dupes attackers by presenting false vulnerabilities to keep them around so it can learn as much about them as possible to prevent future attacks.
This technique uses attackers' actions against them by wasting their time on false vulnerabilities, making the hack costly, time-consuming and tedious for attackers to chase after bogus data.
Among the features in the new software release is the ability of the Mykonos product to detect a wider range of attackers and hacking techniques through new countermeasures. They include preventing brute-force authentication attacks that rapidly guess combinations of usernames and passwords to gain access to systems.
The Mykonos software prevents the attacker from using any compromised credentials even if an attacker happens to "guess" the correct password, Juniper says.
The software also now defends against directory traversal attempts that are used to map websites to gain additional information on how to attack them. Another new countermeasure is the integration of third-party software vulnerability protection, which helps prevent against known software vulnerabilities typically targeted by automated attack scripts.
For simplified use, the software has a new GUI for managing systems and a setup wizard tool that does not require assistance from a Juniper service representative.
Mykonos Web Security also now supports throughput greater than 1Gbps by enabling administrators to add multiple "slaves" to a clustering model. This allows the software to protect higher-volume Web properties, Juniper says.
The software is available now. Juniper sells the annual software licenses for $175,000 with all support and updates included.
Jim Duffy has been covering technology for over 25 years, 21 at Network World. He also writes The Cisco Connection blog and can be reached on Twitter @Jim_Duffy.
Read more about software in Network World's Software section.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.