MagniFire WebSystems Inc. officially announced its North American arrival on Monday, simultaneously introducing its flagship platform – TrafficShield – to the Western world.

While the New York-based security company has been operating in both Israel and New York since 2001, CEO Eitan Bauch said the company was waiting to refine its offering before officially launching into North America.

The TrafficShield technology is an application firewall that sits behind an existing firewall, Bauch explained.

“It offers security to the Web application and to the infrastructure behind [the Web application] that can be accessed behind the Web interface,” he said. “Our approach allows us to deal with current attacks and new emerging attacks.”

TrafficShield, Bauch said, uses a positive security model to protect Web applications from known and unknown attacks. It allows legal traffic into the application, while ensuring that any interaction that is not classified as legal, is blocked.

MagniFire said it is able to create an accurate policy of every legal user interaction within the Web site, denying everything else. The key, Bauch said, is the positive security application flow model, which is a map of every legitimate interaction of the user with the Web site. It also traces the flow of a user’s activity through the Web site, eliminating the need for application scanning and patching.

By using a positive security application flow model, MagniFire is able to use the map and “enforce it against the traffic that comes onto the site,” Bauch said.

Bauch added that most Web security companies, and MagniFire’s competition, don’t use the positive security or firewall-based security model, but instead deploy negative security, such as intrusion detection and antivirus programs.

“Security is like an onion, you have to have multiple layers,” he said, adding that MagniFire’s offering will work with other security devices.

For example, he explained that many companies have firewalls in front of their Web infrastructure and also have intrusion detection systems and encryption software, but they also need to have application firewalls, such as the TrafficShield.

“The Web and the Web infrastructure is the place where most attacks come from,” Bauch said.

The offering is based on a hardened Linux appliance and can be integrated into existing infrastructure.

Right now the company is targeting financial institutions in North America, but Bauch said within the next few years MagniFire would be targeting other verticals.

TrafficShield costs about US$25,000 and is available in Canada. MagniFire is on the Web at