"This is to detect and prevent an advanced persistent threat," says Richard Benigno, Stonesoft senior vice president, who adds that the appliance would typically reside on the network in front of an intrusion-prevention system or next-generation firewall. APTs are generally considered to be stealth attacks aimed at compromising enterprise networks for long periods of time to gain intelligence and steal critical data. The Evasion Prevention System starts at $20,000.
Stonesoft will also make available online a free tool it calls Evader, server-based software for Linux or Unix that lets organizations test their network security to see if it can withstand advanced evasion techniques. Evader is said to launch evasion techniques against the tester's own next-generation firewall, intrusion-prevention system or unified threat management device to show how it may be possible to evade defenses to deliver malicious code or exploit a weakness on a target host without detection. The tool, which is being demonstrated at the Stonesoft booth at Black Hat, is available for download online here.
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security.
Read more about wide area network in Network World's Wide Area Network section.