Site Management INFOtector Identifies and Manages Unwanted Accesses to Web Site Data

Published: March 9, 2005

INFOtector is a software platform that is installed on--or optionally for multiple server deployments, in front of--a Web server and intercepts all data access requests. The software can then identify in real time the nature of the request and the requestor, passing requests that are designated as "wanted" through to the server and applying specific, administrator defined actions to those requests determined to be "unwanted." Such actions can be denying access completely (returning a 404 response), redirecting the request to an alternate location, modifying and/or obfuscating the requested data before returning it, or delaying the request. The vendor bills their product both as a security filter, allowing for the automatic distinction of malicious harvester bots and controlling what they are allowed to retrieve from the site; and a load balancing tool, as the access requests can be throttled based on what type of data is requested.

INFOtector is able to identify data access requests based both on administrator defined parameters and learned behavior based on its AI engine. The INFOtector software operates in front of the Web server, and is therefore able to analyze--and take action against--the data access in real-time. The platform both analyzes past requests and monitors real-time requests to distinguish unwanted from wanted behavioral patterns; such analysis can be performed on specific data items, collections, or on the entire site (the default) itself. The platform can additionally provide information assisting with the identification of unwanted accesses for forensic analysis.

The platform can be installed without requiring any changes to existing Web content; and, according to the vendor, "...will result in a minimum of service interruption to the user or no interruption of service, depending on the type of service being offered and protected." The platform can be deployed on a single Web server for its protection; and for multiple-server sites, the platform can be installed on the individual servers with a central "co-ordinating INFOtector system" for the management of the site as a whole. Connectivity between the individual servers and the coordinating server can be by LAN or WAN.

When unwanted accesses are identified, multiple actions can be taken depending on administrator configuration. The request can be: completely denied, returning a 404 error to the requester; redirected to another page; modified, wherein the data to be returned is changed (language, pricing, or complete obfuscation, for example); or delayed. This latter capability provides the basis for Web traffic throttling or management, as it allows data access to a site to be prioritized into delivery priorities, delaying specific types of files so that other accesses receive a higher service priority. Delivery priorities can be applied to files, classes of files (extensions), or directory trees.

INFOtector is expected to be generally available at the end of March. Visit the vendor's Web site for further information.