BlueLane provides patch management safety net
PatchPoint appliance protects servers by patching applications on the network wireFollow @rogeragrimes
According to Blue Lane, the G/450 appliance does fast 2.4 Gbps wirespeed forwarding. Apache protection proxies are handled at speeds as fast as 1.4Gbps, with the slowest proxy, SMTP, coming in at 700Mbps. This speed is accomplished using an intelligent inspection engine that quickly filters out non-threatening traffic so that only the most suspect traffic is run through the upper layer inspection proxies.
We don’t need no stinkin’ patches
Blue Lane has an excellent vulnerability testing laboratory, and the PatchPoint appliances include protection against dozens of non-publicly released exploits along with more than a dozen other common vulnerabilities, such as SQL inject, fragmentation attacks, excessive requests, etc. They even have a file extension blacklist and can filter outgoing HTTP requests against a whitelist to protect servers when the administrator decides to browse to untrusted Web sites.
Click for larger view.
Second, it doesn’t protect against all exploits, usually just the patched ones, and only the vendors and products that Blue Lane monitors. Blue Lane does track exploits and patch releases, test vulnerabilities, and then use that information to update the appliances so they’ll have the most up-to-date patch information. Their long watch list includes Oracle, Exchange, Apache, IIS, Sendmail, IMAP, FTP, MS-SQL, MySQL, and many other common applications, but it cannot protect you against the myriad of exploits outside the realm of patching, such as password guessing, network sniffing, and so on.
Nevertheless, I was impressed with what Blue Lane has accomplished so far. Its patch proxies are highly effective, and even if it doesn’t cover every threat out there, PatchPoint certainly eliminates enough risk to be valuable. I highly recommend it to companies with 20 or more servers who are at moderate or high risk of external attack and sweating the diminishing patching thresholds.