placement for flash
Skip Navigation LinksHome > Products > eSafe > Application Level Threats
Request Information
chat


Defending Your Network Against Application-Level Security Threats

 

Know Your Enemy

The first step in effectively protecting the systems on your network is to understand what you are protecting your network from. There are a wide variety of threats which continuously evolve and converge. You need to stay abreast of the changing threat landscape and take steps to ensure your network remains secure.

The current state of application-level threats can be categorized into five basic types. Your network and client security measures need to effectively detect and block these threats in order to keep your network safe and secure.

 

Threat 1: Gateway-level Malicious Code

Certain malicious codes such as CodeRed, Nimda, and MS Blaster propagate over the Internet but do not arrive as files. These threats spread over common network ports to insecure and poorly secured network shares, and exploit operating system and application flaws on vulnerable machines.

 

Threat 2: Peer To Peer (P2P) File Sharing

P2P (Peer to Peer) applications such as BitTorrent, eDonkey or Gnutella, pose the following threats to organizations:

  • Exposure to malicious code
  • Exposure of confidential information
  • Distribution of copyright protected material
  • Installation of unauthorized and pirated software
  • Distribution of inappropriate and non-productive content
  • Bandwidth consumption
 

Threat 3: Instant Messaging

Instant messengers such as ICQ and MSN Messenger can be a drain on employee productivity, with users spending time on non-productive, non-work related activity. They can also be a security threat, providing an entry point for spreading malicious code.

 
Threat 4: Adware/Spyware Applications

Spyware and adware components such as Gator, Cydoor, eZoola and more, can be found in most "free" applications. These hidden agents collect confidential and other information from PCs, sending it to unknown destinations. More insidious spyware may contain keystroke logging or rootkit functionality which can be a serious security threat.

 
Threat 5: Unauthorized Traffic Tunneling

Tunneling is a method used to circumvent firewall restrictions by disguising forbidden traffic such as P2P, remote computing and Telnet as ordinary Web surfing content. Tunneling can also be used by certain types of software, and even Trojan horses, to transmit uninspected traffic to a remote server.

 

For more detailed information about application filtering at the gateway level, please read the white paper:

White paper: Gateway Level Application filtering
 
 
© Aladdin Knowledge Systems, Inc. 1985-2008. All rights reserved.