Finjan offers mobile code security software

Finjan Software Inc. today announced the availability of SurfinShield Corporate 4.0, a robust desktop defense against hostile mobile code that can reside in Java, ActiveX, VisualBasic script, Internet cookies and various plugins. Major features include autolaunch blocking, enhanced centralized se

Finjan Software Inc. today announced the availability of SurfinShield Corporate 4.0, a robust desktop defense against hostile mobile code that can reside in Java, ActiveX, VisualBasic script, Internet cookies and various plug-ins.

Major features include auto-launch blocking, enhanced centralized security policy management and runtime code monitoring. The product is expected to ship June 7.

Hostile mobile code poses a threat to online users, said Steven Foote, senior vice president for operations at Hurwitz Group Inc., an analysis firm specializing in strategic business applications. Hostile mobile code can kill user applets, catch passwords and take over browsers without users' knowledge. Because attacks can be launched indirectly, through breaches of World Wide Web sites that targeted users visit, they can be difficult to trace.

Once in a browser, hostile code can launch e-mail and send messages or copy business plans, Foote said. Both types of attacks already have taken place.

"A lot of people don't know about the threat" posed by mobile code, said Jeanne Fuchs, an account manager with federal reseller Patriot Technologies Inc., Frederick, Md. Some customers who buy Finjan products "already have had a problem," she said.

The tools to launch mobile code attacks are easily obtained and can be operated by the "average high school student," said Bill Lyons, Finjan's president and chief executive officer. "Most people are vulnerable."Defense Department components are among the current users of Finjan's server product, SurfinGate.

Anti-virus products, based on recognition of known signatures, are inadequate against mobile code attacks, Lyons said. Mobile code defense should be based on security policy and should be "about prevention," he said. Unlike a virus attack, mobile code may invoke perfectly legitimate functions such as application launch and file copy, but they are functions that, for a given user, may violate security policy. A virus writer "wants to get his name in lights," whereas mobile code attacks are about stealing and espionage, he said.

Patriot, which carries Finjan products on its General Services Administration schedule, recommends a strategy of "multiple lines of defense," said Mark Williamson, director of the reseller's information security service. He finds, for example, that Finjan software "plugs and plays well" with CheckPoint Software Technologies Ltd. firewalls and Internet Security Systems Inc.'s intrusion-detection systems, which Patriot also sells. SurfinShield Corporate 4.0 ranges from $30 to $127 per seat on Patriot's GSA schedule.

-- Adams is a free-lance writer based in Alexandria, Va. She can be reached at cbadams.erols.com.

***

AT A GLANCE

SurfinShield Corporate 4.0

* Features auto-launch blocking, which bars hostile applets from launching applications such as Microsoft Corp.'s Excel, Word, Access and PowerPoint without the user's knowledge.

* Offers an enhanced "demilitarized zone," where Java applets and ActiveX controls can be monitored to detect possible violations of an organization's security policies. If necessary, suspicious code can be "killed."

* Isolates and monitors ActiveX controls as well as Java code.

* Offers improved security policy management and extends the Auto-Immune database to include ActiveX code. The database contains a list of suspicious applets and controls; this list is constantly updated and is available to all desktop clients.

NEXT STORY: Popularity Problems