What the heck is ZAP?
Secure Computing Releases Zero-hour Attack Protection (ZAP) Technology
16 February 2006
A major challenge facing the security industry today is defending against new zero-hour attacks and rapidly emerging attack variants that are continually released before patches or attack signatures are available.
Secure Computing Corporation has unveiled its Zero-hour Attack Protections (ZAP(tm)) security technology for the Sidewinder G2(r) Security Appliance. The latest release of the Sidewinder G2 Security Appliance is scheduled to ship in the first quarter of 2006, and differentiates Secure Computing from traditional firewall/UTM products by stopping zero-hour attacks automatically without waiting for anti-virus or IPS signature updates.
ZAP technology is based upon the positive security model, which allows only legitimate network traffic and denies everything else. "Negative model" security technologies like IPS gateways are extremely useful, but they allow everything through the gateway unless they recognize known viruses and attacks. The positive security model is therefore superior at preventing unknown attacks because it automatically eliminates exposure to many types of attacks-unknown as well as known. ZAP technology combines over 200,000 attack signatures with a positive security model for maximum protection.
Secure Computing's ZAP technology also includes other key defense-in-depth security techniques working simultaneously in the Sidewinder G2, including:
- SecureOS(r) self-defending platforms with patented Type Enforcement(r) technology - a preeminent example of the positive security model
- Event monitoring, analysis, and notification using the Sidewinder G2(r) dashboard and Security Reporter(tm)
- Traditional signature-based attack protections, including over 200,000 threat signatures
"Even with recent technological advancements, negative-model countermeasures have significant limitations when it comes to preventing unknown attacks," said Mark Bouchard of Missing Link Security Services. "The approach of enumerating all legitimate traffic and then denying everything else dramatically reduces an organization's attack surface area by inherently eliminating exposure to all sorts of attacks- unknown as well as known."
T. Paul Thomas, senior vice president of marketing and corporate strategy at Secure Computing added "The only way to defend against this accelerating threat is to deploy products based on the positive model of threat mitigation."
And in English this means what exactly?