Gilian’s G-Server is a final barrier against Web site defacement that can potentially cost companies millions.The founders of Gilian Technologies started the company in 1998 to answer the need for Web sites with critical content to protect against catastrophic intrusions …
Gilian, founded in Herzliya, Israel, and now headquartered in Redwood City, California, manufactures an innovative security appliance, called the G-Server, designed specifically to combat defacement of sites by hackers.
The damage that can result from such defacement can be enormous. In today’s global information economy, an attack on a Web site could put a company with a public image to protect in serious jeopardy. For example, a hacker entering false information about a pending FBI investigation into a company’s 10-K on its Web site could panic investors and set the company’s fund raising back months or years.
“Site defacements victims have included the (U.S.) State Department, the FAA and NASA,” said Jeff Leeds, Gilian’s director of marketing. “Even companies in the security business, such as Network Associates, have been defaced.”
The G-Server operates differently from firewalls, which were originally designed to protect corporate networks from all outsiders.
Rather than monitor access to the equipment – the task already performed by firewalls and administrators – the G-Server works by monitoring every transmission of Web data sent out by the server, and checking its digital signature against one created by the author.
If the objects match, the G-Server sends the information on to its destination. But if the signatures don’t match, indicating an unauthorized alteration, the G-Server replaces the Internet transmission with an archived copy of the original data, and alerts the site’s administrator by e-mail, phone, or pager. The user still receives the transmission without a noticeable delay.
In an well-publicized case last year, the G-Server defeated an attack by the infamous Nimda worm on the site of one of its major customers, Centex Title & Insurance in Dallas. The worm was defeated within two or three hours without any negative impact on content or service.
“Every time a site is accessed, the G-Server retakes the digital summary and compares it in real time,” said Jeff Leeds, Gilian’s director of marketing. “One small change on a G-Server would make it fail. It could be somebody who has completely defaced the site. The G-Server will catch it and stop the content from leaving the site.”
The point of the G-Server isn’t to replace the firewall, Leeds said. The G-Server’s “exit technology” is designed to protect Ports 80 and 443, which are of-necessity left unprotected by the firewall and allow access to the portion of the site with dynamic content, such as customer transactions.
“Firewalls were designed originally to protect corporate networks; they were not designed to protect Web servers,” Leeds said. “The issue is that you have to have two ports left open.
“It’s akin to having a retail store with guards, cameras, anti-theft tags and other forms of security,” Leeds said. “You still have a retail store with those safeguards, but if you close the doors completely and not let anyone in you don’t have a retail store anymore. You have to leave those two ports open and they need to be protected.”
Gilian has also perfected technology that allows the G-Server to operate without an IP address, making it impossible to detect on the network and, thus, impossible to hack.
Gilian was founded and is still led by Rafael Feitelberg, Assaf Topaz and Shaul Levi, entrepreneurs with backgrounds in research and development and marketing. Gilian’s research and development team is still based in Herzliya, Israel, and is made up of software, communication and Internet security specialists trained in the Israeli Defense Forces and at the Technion – Israel Institute of Technology in Haifa.
Some of Gilian’s largest U.S. customers include Centex, Lockheed Martin, DreamWorks, and the Veterans Administration.
Privately held Gilian has received funding from Steamboat Ventures LLC, the venture investment arm of The Walt Disney Company, and has received second-tier funding from an international list of VC firms, including Ascend Technologies, Deutsche Bank Capital Partners, Evergreen Partners, Intel Atlantic, Itochu Technology Inc., and Pitango Venture Capital.