FAQ

About Blacklist

Q. What is the update frequency of Blacklist (Vulnerability countermeasure signatures)?

A. The update frequency is not fixed; however, it is done in every 3 months to 6 months approximately. The updated signatures are released when new measures are taken for vulnerability attacks that cannot be prevented by existing signatures.

Q. How does blacklist (Vulnerability countermeasure signatures) get updated?

A. Update information mail is sent in advance to users who have registered for maintenance service. Customer who has automatic update service activated gets new blacklist applied automatically, and all other customers have to manually update the blacklist.

Q. Is Server restarted at the time of updating the blacklist (Vulnerability countermeasure signatures)?

A. No, Server is not restarted.

About Licensing

Q. IIS environment and Java environment have been installed on a single Server. Please let me know the required number of licenses.

A. SiteShell Licenses are required as per the number of Servers, therefore, one License would be required.

Q. We want to install SiteShell in Development environment Server also. Is License required for the same?

A. You can install SiteShell instances in development environment equal to the number of licenses held for Production Environment. If you have SiteShell Licenses for Production Environment, then you are not required to additionally purchase Licenses for Development Environment.

Q. We have 2 Web AP servers in redundant configuration.. Please let me know the required number of licenses.

A. SiteShell Licenses are required as per the number of Servers, therefore, two Licenses would be required.

About Functionalities

Q. Would Firewall and IDS/IPS become unnecessary on deploying SiteShell?

A. SiteShell is a product aimed at protecting Vulnerabilities of Web Application. Firewall and IDS/IPS provides protection at different layers, therefore, Firewall and IDS/IPS would be required.

Q. If SiteShell is deployed, would it protect all types of Web Application Vulnerabilities?

A. SiteShell can protect all vulnerability attacks that can be detected by blacklist (Vulnerability Countermeasure Signature). Although SiteShell is equipped with a high precision blacklist, it cannot be guaranteed that all kinds of Web Application Vulnerability attacks will be protected.

Q. If SiteShell is deployed, would Web access response speed become slow?

A. Though it also depends upon Client’s environment, but on an average, Access speed is reduced by 12～20msec per access approximately.

Q. Does SiteShell support SSL communication?

A. Yes, SiteShell supports SSL communication. SiteShell make use of WebAP Server’s standard Filtering functionality (ServletFilter, ISAPI ,Apache module) for filtering, therefore, usually it checks SSL decrypted HTTP communication.

Q. Is Web Server used in the Operation Management Console bundled with SiteShell?

A. No, it is not bundled. Please prepare J2EE supported AP Server Environment (Tomcat etc) in advance.

Q. Is Operation Management Console a mandatory component while deploying SiteShell?

A. SiteShell is comprised of 2 major Components (SiteShell Protection Engine＋Operation Management Console）. Deploying only SiteShell Protection Engine would also be effective in protecting Vulnerabilities. However, this would create the need to carryout Log verification / Configuration change, directly in Text Editor, etc and operation would become a bit complicated.

Q. Should a separate Server be maintained as Operation Management Console Server?

A. A separate Server is not required. If you install J2EE supported Environment in WebAP Server, then it would serve for both SiteShell Protection Engine and Operation Management Console. In case you have multiple WebAP Servers, we would recommend you to deploy dedicated machine for Operation Management Console.

Q. Is there any provision for immediate notification of attack protected by SiteShell?

A. Attack detection can be notified to the Administrator by e-mail using the Mail Notification Functionality.

Top of this page