Two-year-old Stratum8 is trawling for resellers in North America, Europe and Asia in a bid to capture a good chunk of the Web application firewall market.
According to IDC, the Web application firewall market is expected to grow to $763 million by 2006.
In that vein, the Santa Clara,
Calif.-based start-up company launched a channel program for security-focused VARs, catering to the e-commerce, government and Internet security space.
Under the plan, resellers will get help peddling Web application security solutions based on the APS-100 product. The channel program offers lead generation, sales and technical training, a listing on the Stratum8 authorized reseller Web site, access to the reseller extranet, as well as co-marketing and co-sales support.
The APS-100 is delivered as a preconfigured 1U device that integrates into any network, says Rich D’Angelo, vice-president of worldwide sales for Stratum 8. Essentially, the product comes in right after the firewall. “”We are in the data path, which means we need to perform at line speed, which we do at 40 megabytes per second . . . It’s important we do no harm, that we don’t affect the overall performance of the actual applications running on the Web farm.””
He says most hacker attacks occur at the Web application level – the Gartner Group says 80 per cent of all hacker attacks occur at this level. “”There are a lot of Web sites under siege. A lot of Web sites have lots of information on it and it’s one of the few areas that’s not as secure as some of the other pieces of the network – and it’s getting hacked all over the place.””
Typical defense mechanisms like patching and vulnerability assessments just don’t cut it, he says. And while security products today are all about protecting the network, Port 80 is often left open and vulnerable, he says. “”These hackers are pretty smart and they know that they can get in through Port 80 and once they get into the application, they can do a lot of damage. So this is a serious problem that more and more companies are beginning to recognize the challenge and the threat.””
Other ideal candidates for this type of product include defense, financial services, online banking and healthcare. “”These are complex applications doing some real complex things and high valued transactions be it dollar or confidential information – where the risk of exposure, the risk of being contaminated, is disastrous. And that’s when you need real-time protection.””