Gary Greig, network & infrastructure manager at ACE, said that zero-day attacks such as the recently devastating Blaster worm, centre on crackers using new viruses or taking advantage of previously unknown network vulnerabilities to exploit unprotected network entry points and swamp systems with malicious traffic.
The Packeteer Application Traffic Management product implemented by ACE Insurance is designed to monitor all incoming network traffic in real-time. If traffic anomalies are detected the system is configured to apply policies to limit bandwidth and connection rates available to that traffic source, or block malicious traffic altogether. This approach aims to contain any potential attacks until security patches become available from antivirus or operating system vendors.
"The havoc wreaked by Blaster on networks around the world had minimal impact on ACE's network," said Greig. ACE's application traffic management system set policies that quickly contained the exploit and minimised any problems, leaving the company "largely unaffected", he said.
The perimeter security technology rolled out by ACE is designed to block disruptive and bursty applications, detect rogue servers and infected hosts on the network, control outbreaks of viruses prior to inoculation, and contain denial-of-service attacks - all while maintaining the integrity of business-critical applications.