Inspecting IAG traffic

Applies To: Intelligent Application Gateway (IAG)

Whale Communications Intelligent Application Gateway 2007 (IAG) includes an application-level control engine that stops application-level HTTP-based attacks and enforces application data validation, thus preventing Web server exploits such as URL manipulation and buffer overflows. IAG provides the following:

• URL inspection—IAG inspects not only basic URLs, but parameters and any other incoming data as well. Application-level information can be inspected to the degree of exact lengths and types of URLs, parameters, methods, and their combinations, which are permitted and expected by the application server. For example, attempts to crash or compromise the server by sending very long URLs, unexpected parameters, or unexpected methods will fail. For more information, see Configuring URL inspection for IAG.

• Predefined URL rulesets—IAG supplies predefined, application-aware rulesets that are designed to protect the portal and the internal Web site and to meet the specific needs of each of the Web and browser-embedded applications you enable through the trunk. You can also create customized rules for proprietary applications. For more information, see Configuring IAG URL rules.

• HTTP filtering—You can configure IAG to check HTTP headers and filter requests, based on header types, sizes, lengths, character ranges and values. HTTP filtering uses positive logic; only explicitly allowed traffic is permitted to pass through the IAG server. Traffic that does not conform is automatically rejected. For more information, see Configuring HTTP filtering for IAG traffic.