Stormshield (Arkoon Netasq) offers an effective countermeasure with Stormshield Endpoint Security  which guarentees the sustainability and stability of business activity for corporations and public organizations

Paris, February 23rd 2015 – Stormshield (Arkoon Netasq), a key player in cybersecurity, offers a pragmatic and operational security product range for companies that have yet to or are unable to migrate to a new system before support for Windows Server 2003 ends.

On July 14th 2015, Microsoft will stop providing support services and security patches for all servers running on Windows Server 2003.

Security-wise, the consequences may be dire for large corporations or public organizations. It would not require much for cybercriminals  identify and exploit vulnerabilities on Windows Server 2003: they simply need to wait until a vulnerability becomes public to insert relevant information into a malware program and exploit the vulnerability, in the knowledge that it will never be fixed. Windows Server 2003 is already in a weakened state, as Microsoft has  not providedthe necessary patches for countering a recent critical vulnerability, MS15-011.

What impact would attacks relating to Windows Server 2003 have on a corporation?

On servers that protect the corporate IS

  • Service disruptions: no more access to the web, mail and business applications
  • Data leaks
  • Liability of Directors involved

On web and mail servers

  • Business performance greatly impacted ( no longer possible to receive orders or contracts, or to issue invoices)
  • Corporate image damaged (credibility)

On obsolete servers hosting industrial systems, embedded systems or critical systems

  • Downtime: production line, banking applications (loans and insurance unavailable), core business applications (no more deliveries), etc.
  • Withdrawal of regulatory compliance associated with the obsolete operating system

Stormshield’s “Plan B”

Stormshield offers a countermeasure Stormshield Full Module, a unique complementary agent to conventional antivirus and EPP solutions that only needs to be installed on the server or the workstation in order to allow the system:

  • To detect the exploitation of vulnerabilities
  • To block exploitation codes (dynamic patching)
  • To benefit from proven protection from targeted attacks and APTs

Stormshield Full Module is a module in the Stormshield Endpoint Security range, a next-generation security solution for protecting and monitoring terminals (workstations, servers, payment terminals, USB keys and associated peripheral devices).

Stormshield’s unique technology proactively blocks APTs and unknown attacks on workstations, Windows servers and terminals. Based on a signatureless approach*, Stormshield Full Module prevents the exploitation of known and unknown (0-day) vulnerabilities, including those on obsolete (WindowsXP, Windows 2003) or systems that are not connected to the internet.

*No signatures or updates are required for on_going protection from new threats.

“Our clients require an operational solution specifically adapted to security issues relating to Windows Server 2003’s end of life. With our range, our clients will be able to schedule system updates with peace of mind and continue to use their infrastructures in total security,”
Matthieu Bonenfant, Product Marketing Director at Stormshield.

Stormshield Full Module has already proven its efficiency. Within two months of Windows XP becoming end of life (April 8th, 2014), the solution reported 85 critical vulnerabilities that Microsoft no longer provides fixes for. It blocked 100% of attacks that would have enabled unauthorized control of the workstation had these vulnerabilities been exploited.