RE: Tech Article: HTTP Content Filter Analysis - Finjan SurfinGate V5.6

From: Menashe Eliezer (
Date: 02/04/03

  • Next message: GreyMagic Software: "Opera's Security Model is Highly Vulnerable (GM#002-OP)"
    From: "Menashe Eliezer" <>
    To: "Bugtraq" <>
    Date: Tue, 4 Feb 2003 02:57:10 +0200

    Finjan Response to Compass Security's
    "HTTP/S Content Filter Analysis - Finjan SurfinGate V5.6"
    Dated January 27, 2003

    Finjan Software, the leading provider of proactive content security
    management solutions for global companies, is pleased to be recognized by
    Compass Security as one of the leading providers of powerful content
    filtering capabilities for a comprehensive network security strategy. The
    publishing of Compass Security's "HTTP/S Content Filter Analysis - Finjan
    SurfinGate V5.6" provides some valuable analysis to system administrators
    trying to build a complete content security solution for their
    organizations. It is the philosophy of Finjan Software that multiple layers
    of protection using different technologies is the way to achieve that goal.
    Finjan's SurfinGate performs a content analysis in the gateway level, and
    Finjan's SurfinShield Corporate monitors the behavior of active content in
    runtime. Both of the products offer also content control features, e.g.
    blocking certain file types.

    SurfinGate 5.6 was released in February 2001. Since that time, the dangers
    of malicious mobile code has increased and become more complex. This has
    driven technological advancements in the area of proactive code inspection
    to be incorporated into our products. Our current product version,
    SurfinGate 7.0 for Web, was announced in November 2002 and is a much more
    robust security solution than the product released two years ago.

    Unfortunately, many of the conclusions of the Compass Security analysis are
    no longer accurate when applied to the current SurfinGate 7.0 for Web

    Some of the reported issues will be resolved in an upcoming service pack.
    The security of the products is constantly improved based on ongoing
    security evaluations by Finjan Malicious Code Research Center (MCRC). The
    new generation of Finjan Software products are flexible, and can be managed
    easily. Information garnered from our current installed base of over 1.6
    million users has a direct effect on the products. Finjan also holds
    bi-annual worldwide CAB (Customer Advisory Board) meetings to collect
    further input from the field.

    Finjan Software thanks Compass Security for the analysis, and invites it to
    test the new version.

    Detailed response can be found at:

    Menashe Eliezer
    Manager, Malicious Code Research Center
    Finjan Software
    Prevention is the best cure!
    Finjan Software
    This e-mail and any attached files are confidential and may be legally
    privileged. The unauthorized use, disclosure or copying of this email or
    any information contained within it is strictly prohibited. This also
    confirms that Finjan Software's SurfinGate for E-Mail has scanned this
    message for the presence of known viruses and potentially malicious
    Finjan Software - Prevention is the Best Cure!