Security vendor Aladdin Knowledge Systems has added an element to its eSafe secure web gateway that it claims can block the operation of 'anonymous' proxies.
Anonymous proxies (or anonymisers) are websites that allow users to connect to the Internet through an external website, thereby allowing users to bypass local network security restrictions.
This bypass mechanism was originally designed for safe, anonymous Web surfing (for example to access MySpace, YouTube etc), but it does of course present a security loophole for businesses and other establishments as it opens a computer to malware that is typically filtered out by a gateway device.
“Anyone can subscribe to an anonymiser for $9.99 a month,” said Ofer Elzam, director of product management for Aladdin eSafe. “And that $9.99 subscription can bypass $100,000 in network protection. It’s an open invitation for hackers and cyber-criminals to enter your organisation’s network and take over.”
Aladdin said that its Content Security Response Team (CSRT) specialists blocked 100 percent of anonymisers in repeated lab tests using the anti-anonymiser technology that is now part of eSafe. It also claimed that competitive products did not stand up to proxy threats, allowing users to leave the protected network. Rival Symantec was not able to field a spokesperson at the time of writing.
Since proxy servers frequently change URL addresses, Aladdin believes it is impossible for URL filters to keep up with elusive proxy servers. However, its eSafe anti-anonymiser “goes beyond traditional filtering methods to also proactively block anonymous proxies based on their site code and communications behaviour - even if encrypted by SSL protocols,” said Elzam.
eSafe prevented users from leaving the protected network at any time, “maintaining network integrity and increasing productivity, as well as ensuring regulatory compliance that is extremely important for government, healthcare, education and other industries.”
Aladdin’s anti-anonymiser technology was being offered to new and existing customers at no additional charge.
While on the surface Aladdin’s claims sound impressive, one has to ask how many ordinary network users are actually using anonymising proxies in the real world? Of course, this happens when opening a VPN connection, but why would anyone do that on an unofficial basis on a corporate network?
Aladdin quotes a recent SearchSecurity.com poll, where 27 percent of respondents said they would consider using anonymous proxies and 9 percent said they were already using them.
Aladdin also says that 98 percent of US schools are currently blocking or limiting websites according to the CDW-G School Safety Index, and that “more students are using anonymisers to work around the network gateway.”
But using anonymous proxies requires users to have a certain degree of technical savvy, and it remains to be seen how many people on a corporate network are actually using a proxy to access something like YouTube. Indeed, if a person on a network is openly flouting the company’s security in such a way, then the use of a proxy filter will be the least of a company’s worries.