9/23/2008 -- Cisco Systems Inc. this week unveiled a new Exploit Filtering feature for its IronPort S-Series of Web security appliances.

Cisco officials say the new feature safeguards against malware delivery via malicious Web sites, even in cases where compromised sites haven't been previously identified by means of URL filtering or signature scanning software.

According to IronPort's Threat Operations Center, compromised Web sites now account for seven-eighths of all Web-based threats.

There's a further wrinkle here, too, Cisco officials stressed: Increasingly, malware attackers are targeting trusted Web sites.

"With the addition of Exploit Filtering, we are offering uncompromised protection against one of the biggest invisible threats on the Web: the transparent passing of malware through legitimate Web sites," said Tom Gillis, vice president of marketing at IronPort Systems, in a statement. "By automatically filtering against exploited Web sites, IronPort continues to set itself apart from the competition in the Web-security appliance market. With this innovative approach to filtering, we can reassure our customers that their network security will not be jeopardized when browsing trusted sites, which are often targets of malicious Trojan and phishing attacks."

Traditional URL filters just can't get the job done, Cisco said, because infected sites can hide behind generic classifications (e.g., shopping, finance, entertainment). The new Exploit Filtering feature, on the other hand, uses IronPort's "Web-reputation technology" to scan sites in real-time and block malware payloads before they can be downloaded. --Stephen Swoyer