Port80 Software, makers of Web application firewalls for Microsoft IIS Web servers, will soon be releasing a new product that supports IIS version 7. They promise the new application firewall, ServerDefender VP, will protect enterprises from the top 20 Internet Security Attack targets listed by SANS. ServerDefender VP was actually released this month, says Port80's Chris Neppes, with support for versions 5 and 6 of IIS (servers 2000 and 2003). Support for IIS 7 will be available when Windows 2008 launches in February, Neppes says.
Port80 Software makes other application firewalls, but VP is different in that it is not signature based. It is behavior based. This means that it protects the application layer (ASPX, PHP, CFM, JSP, etc.) and databases from Web-based attacks by verifying that the behaviors of pages and applets flowing through the Web server do not vary from accepted norms. It won't for instance, allow a Web page to automatically run a script or install code on the users' machine. Neppes says that the VP product protects against SQL Injection, cross-site scripting (XSS) and request forgery (CSRF), directory traversal, brute force, denial of service and privilege escalation.
The cool thing about this software app firewall is its price … it will only set you back $350 per server.
Latest software headlines from Network World:
Basic to-do apps for iPhone and iPod touch
Microsoft: Make an Xbox 360 game and get paid
|
Does Verizon's Voyager stack up to the iPhone? |
|
|
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
|
|
