Technical specifications
Where Does the Mykonos Appliance Sit?
What.s NEW in Jujitsu (Released February 2011)
Learn more »Intelligence Technology
- Abuse detection
- Abuse tagging
- Abuse profiling
- Abuse response
- Real-time incident management
Abuse Detection Processors
A library of HTTP processors that implement specific abuse detection points in application code. Detection points identify abusive users who are trying to establish attack vectors such as SQL injection, cross-site scripting, and cross-site request forgery. Some examples of processors include:
Authentication Abuse Detection |
Detects abuses against application authentication, including:
|
Cookie Abuse Detection |
Detects attempts to manipulate the application by changing cookie values . |
Error Code Detection |
Detects suspicious application errors that indicate abuse, including illegal and unexpected response codes. |
Suspicious File Request Detection |
Detects when an attacker is attempting to request files with known suspicious extensions, prefixes, and tokens. |
Header Enforcement |
Enables the policing of HTTP headers from the application to ensure critical infrastructure information is not exposed. Response and request headers can be stripped, mixed, or filtered. |
Input Parameter Manipulation Detection |
Detects attempts to abuse form inputs and establish vectors for injection and cross-site scripting attacks. |
Link Traversal Detection |
Detects attempts to spider the application for links to hidden and confidential resources. |
Illegal Request Method Detection |
Detects attempts to abuse non-standard HTTP methods such as TRACE and OPTIONS. |
Query Parameter Manipulation Detection |
Detects attempts to manipulate application behavior through query parameter abuse. |
Malicious Spider Detection |
Detects attempts to spider and index protected directories and resources. |
Cross Site Request Forgery |
Detects and prevents cross site request forgery attacks. |
Custom Authentication |
Allows companies to protect a page or portion of a site if a vulnerability is found. |
Abuse Recording
Full HTTP Capture |
Captures and displays all HTTP traffic for security incidents. |
Abusive Behavior Analysis
Abuse Profiles |
Maintains a profile of known application abusers and all of their malicious activity against the application. |
Tagging and Re-identification |
Enables application administrators to re-identify abusive users and apply persistent responses, over time and across sessions. |
Abuse Response
Abuse Responses |
Enables administrators to respond to application abuse with session-specific warnings, blocks, and additional checks. The responses include:
|
Policy Expressions |
Simple expression syntax for writing automated, application-wide countermeasures for the Appliance policy engine. |
Software and Hardware Deployment
- Reverse Proxy
- Load Balancing
- VMWare development availability . Distributed drop-shipped as a pre-built hardware appliance on HP hardware. For more information about server specifications, contact the Mykonos Sales Team
Platform Security
- Hardened kernel, locked-down ports, separate management interfaces, encrypted back-ups.
Management Console
Web-based Configuration |
Browser-based configuration interface for all appliance configuration and deployment options. |
Monitoring Console |
Monitoring Console . Web-based monitoring and analysis interface.
Multiple administrators |
SSL Inspection
Passive decryption or termination
Alerts, Reporting, Logging
- Email Alerts . Sends alert emails when specific incidents or incident patterns occur
- Command line interface for custom reporting
- Reporting Management System with user interface
- SNMP system logging
High Throughput, Low Latency
- Multiple sizes of product based on throughput required
- Low latency