Public Relations

Asgent Announces Start of Sales for Data Security Solution “SecureSphere”

- Providing total product packaged service including onsite maintenance, integration and managed services -

December 21, 2012
Asgent, Inc.
（JASDAQ：4288）

Asgent, Inc. (President & CEO: Takahiro Sugimoto, located in Chuo-ku, Tokyo), a pioneer in network security and operations management solutions, announces the start of sales for the data security solution “SecureSphere” from Imperva Inc. (CEO: Shlomo Kramer, located in California, USA), targeting corporations that use the Web for business, such as finance and online shopping.

【WAF and the importance of Web security】

According to a report issued by the Ministry of Internal Affairs and Communications in 2011(※1), over one-third of the population (over 15 years of age) make purchases online, reinforcing the rising importance of Web business. However, attacks targeted at Web sites are also increasingly rapidly, with a report from the National Police Agency in December 2011 stating that damages from net hacking alone have surpassed 300 million yen(※2). As a result, how Web sites are protected is now a vital issue that all corporations must face and overcome. This is the reason behind the demand from corporations who use the Web for business, such as finance and online shopping, for WAF (Web Application Firewalls) that are specifically designed to protect Web applications.

WAFs not only block traffic that matches known attack patterns, they also check the content of the traffic between the host and the Web server to block any traffic that may differ from normal parameters. Specifically, traffic is checked to ensure that the correct URL is input, parameter values are within the normal range and if any special characters are being used. This enables Web servers to be protected from both known and unknown attacks.

【Data Security Solution “SecureSphere”】

With this background in mind, Asgent announces the start of sales for the data security solution, Imperva SecureSphere. Within the product lineup, the Web application security product “SecureSphere Web Application Firewall” is able to block attacks by a signature-based blacklist, a whitelist that includes correct HTTP methodology and the reputation service “ThreatRadar” (※3), which includes the IP address etc. for any host that has performed malicious activity in the past. Also, correlational attack testing incorporates multiple pieces of information regarding ‘grey zone’ traffic to determine if they are attacks. For example, if the parameters input into a Web page are larger than those defined in the whitelist, there is a possibility that it could just be user mistake. Therefore, other conditions (is there an anomaly in the TCP header, is the URL correct etc.) are confirmed to determine if the input parameters equate to an attack.

Also, generally whitelist creation requires many man hours to compile due to the sheer number of input character identifiers required for each target URL and parameter. SecureSphere Dynamic Profiling monitors network traffic and automatically creates a whitelist profile based on user behavior, reducing the amount of time and work required from initial configuration through day-to-day operations.

Asgent will sell Imperva database security products and file security products alongside the Web application security product “SecureSphere Web Application Firewall”.

【Product-Service package】

Asgent will also provide packaged services including (1) onsite maintenance, (2) integration services and (3) managed services (operations monitoring, fault response, security incident response and reporting) for all Imperva products. These services reduce the amount of burden on end users when implementing the products and also allow Asgent to incorporate knowhow gathered over many years of security consulting(※4) into proprietary security measures.

※1 MIC “2010 Information Communication White Paper Trends In Online Shopping”
※2 NPA “Cases of Internet Hacking as Regards Illegal Access Prohibition Law”
※3 Optional Service
※4 The Asgent security center has multiple analysts to analyze and create security incident countermeasures. Asgent is also involved with many committees such as the ISMS Conformity Assessment Scheme Steering Committee and committees associated with　the Ministry of Economy, Trade and Infrastructure. Asgent received the “Industrial Standardization Merit Award” in October 2012 for contributions to the development of Japanese Industrial Standards.

【SecureSphere】

■Projected Start of Sales

December 25, 2012

■Projected Sales Price

\3,325,000 (X1000 WAF)〜

■Sales Target

80 Sets (Initial Year)

■Lineup

・Web Application Security (SecureSphere Web Application Firewall)

Protects Web applications servers from attack. Provides multilayer defense by detecting violations on HTTP protocol level, using signatures to determine known attacks and detecting anomalies.

・Database Security (SecureSphere Database Activity Monitoring, SecureSphere Database Firewall)

Protects data stored on databases. Enables visualization of data usage, vulnerabilities and access privileges to prevent attacks and illegal usage. Also, determines excessive user privileges to confidential data as well as dormant user privileges.

・File Security (SecureSphere File Activity Monitoring, SecureSphere File Firewall)

Protects data stored on file servers. Monitors data access and blocks access that violates corporate policy. Also aggregates and provides reports on all access privileges allowing for excessive privileges to be prevented.

* All company names or product names are registered trademarks of their respective companies.