Protecting Internet Information Services Web servers from Structured Query Language (SQL) Injection, Cross-Site Scripting (XSS) and other threats, as well as meeting PCI, SOX and similar audit requirements are very important for any enterprise utilizing Microsoft (News - Alert) IIS. A good Web Application Firewall and Intrusion Prevention Solution would serve the purpose.
With an ongoing commitment to deliver consistently improved Web Application Firewall technology, Privacyware – a provider of PC security, web application firewall and security data analytics software – has released the latest version of its Web Application Firewall and Intrusion (News - Alert) Prevention Solution for Microsoft IIS - ThreatSentry.
The latest version of ThreatSentry IIS Web Application Firewall and Intrusion Prevention solution enhances Web application security and eases solution deployment with updated IIS Web application firewall. The solution, in brief, now features: native module architecture for IIS 7; enhanced database support; expanded filtering capabilities; and domain-specific configuration options.
According to Privacyware, its ThreatSentry is a Web application firewall and intrusion prevention solution that identifies and blocks web application threats such as SQL Injection, DDoS, Cross Site Request Forgery (CSRF/XSRF), XSS and other types of attacks. It also facilitates system administrators comply with regulatory demands such as Section 6.6 of the Payment Card Industry Data Security Standard (PCI (News - Alert) DSS).
Providing proactive, multi-layered defense for IIS, ThreatSentry prevents attacks from exploiting web application vulnerabilities via a complementary set of integrated core defense modules, namely Web application firewall, fully integrated firewall, behavior-based intrusion prevention, and anti-DoS/DDoS feature.
ThreatSentry’s Web application firewall is a driver-level firewall that provides full port blocking of untrusted IP Address. It delivers configurable rules-based control over HTTP/HTTPS request methods (OPTIONS, GET, POST, HEAD), URL Paths, URL Query String length, and HTTP Request Headers, rule-specific URL/s exclusion capabilities, and more. Its proprietary NDIS driver delivers flexible network IP blocking at TCP/IP and UDP (News - Alert) layers for all ports.
In addition, ThreatSentry is powered by an adaptive, behavior-based engine that analyzes Web traffic patterns to detect new threats and behavioral anomalies and deviations. Additionally, the solution’s configurable request frequency monitor blocks successive requests to individual or all site pages to reduce the risk of DoS and DDoS attacks.
Supporting Windows Server 2008/R2, 2003 and 2000 and IIS 7.x (native IIS7 module), 6 (ISAPI Extension) and 5 (ISAPI Filter) on 32 and 64 bit systems, ThreatSentry is priced at $649 USD per server.
Some of the key enhancements incorporated in to the latest version of ThreatSentry include: converted ISAPI filter and extension based architecture to a native IIS7 module to reduce errors and streamline the deployment process for administrators; added support for multiple ThreatSentry installations on a single SQL instance to enhance solution deployment flexibility; and added domain-specific URL Exclusion options to improve control over request filtering.
Recently, ThreatSentry was awarded the 2011 Golden Bridge Award for Innovation in Information Technology in the Web Application Firewall Category.
Want to learn more about the latest in communications and technology? Then be sure to attend ITEXPO East 2012, taking place Jan. 31-Feb. 3 2012, in Miami, FL. ITEXPO (News - Alert) offers an educational program to help corporate decision makers select the right IP-based voice, video, fax and unified communications solutions to improve their operations. It's also where service providers learn how to profitably roll out the services their subscribers are clamoring for – and where resellers can learn about new growth opportunities. For more information on registering for ITEXPO registration click here.
Stay in touch with everything happening at ITEXPO. Follow us on Twitter.