FFIEC News

Blue Ridge Networks Announces New Endpoint Anti-Malware Solution

(Sept 17, 2007)-- Blue Ridge Networks announced new technology, Blue Ridge/Secure TokenGuard targeted at a pervasive problem – eliminating the impact of known and unknown malware attacks on widely-used applications that if not prevented, can result in the loss of critical enterprise and personal data. Seeking advanced solutions for defense against malware has been a high-profile topic in the press and among compliance organizations worldwide, particularly as remote users increasingly access enterprises from insufficiently-protected personal computers.

Blue Ridge CEO Mike Fumai stated that “I’m proud to say that our R&D team has delivered many “firsts” in innovative technology over the years that are being used in some of the most demanding and sensitive mission-critical environments today. Blue Ridge/Secure TokenGuard is no exception.”

The Blue Ridge solution is unique in that it is always up-to-date since it operates with no virus definitions, but rather protects with a focus on authorization privileges. This is a superior approach, considering that users are often logged on in an “administrator” mode where the operating system does not block many malware attacks. In this unprotected scenario, applications can unknowingly be attacked with trojans, worms and other malicious bots that can then exploit other software programs. The solution grants user access to approved areas only, while allowing the user to continue functioning.

Further, unlike network-based solutions that require special hardware deployment, maintenance and management in networking infrastructure -- and in contrast to Host-Based Intrusion Prevention Systems (HIPS) -- Blue Ridge/Secure TokenGuard is “set-and-forget” endpoint protection. The TokenGuard solution utilizes built-in operating system access control protection. It is simple, effective and without complex rule definitions.

Hackers are targeting the applications that end-users employ daily. Secunia (www.secunia.com), a leading international vulnerability intelligence provider, reported highly-critical vulnerabilities that could have resulted in enterprise personal computers being “owned” by the attackers. The vulnerability reports included common enterprise applications such as Microsoft Office Word, Microsoft Office Excel, Microsoft Office Visio as well as browsers Internet Explorer and Firefox. Instant Message applications such as MSN Messenger can also be compromised, resulting in those applications becoming a medium for malicious users taking control over a user’s computer by permitting arbitrary remote code execution on the compromised computer. Even if an IM application is compromised, Blue Ridge/Secure TokenGuard prevents remote code execution from performing privileged operations that can take control of the system.

Interestingly, the new TokenGuard solution arose out of another encryption initiative where the unlikely benefits were discovered and then exploited for this superior prevention of malware attacks.

Blue Ridge solutions represent high standards of security strength as tested and certified by independent organizations. The company's products have earned: FIPS 140-2, Common Criteria, Joint Interoperability Test Command (JITC), ARMY TIC, and Department of Defense SPOCK certifications. Additionally, they comply with important HIPAA, HSPD-12, and PCI regulations.

Share or bookmarklet this web page at: