How does Webgate Plus determine which commands are valid and which are not?
Webgate Plus uses an advanced pattern recognition engine that detects and blocks hundreds of attacks that exploit web server and web application weaknesses. For example, Webgate Plus: • blocks buffer overflow attacks that can result in Denial of Service (DoS) attacks or the installation and execution of attack programs. • blocks attacks that exploit published vulnerabilities in web servers and application servers • prevents insertion of Trojan horses that cause web applications to issue unintended commands • prevents exploitation of mis-configured servers and sever applications The patterns are stored in a file that is loaded into memory for rapid access. Webgate Plus automatically detects when new patterns are available and downloads them from the FAS site. Since the patterns are coded as regular expressions a single expression is capable of blocking many existing and even new methods of attacks. As a result, pattern uploading is not done on a regular basis.
