Platform Support
WAF Solution
- Web Application Firewall Appliance
- Software
- Plug-Ins
- Software as a service (SAAS)
Fighting Threats
- Penetration test and Code Review
- FW/SSL/IPS/Proxy/AV/AS
- Web Application Firewall
WAF Advantages
- IPS systems cannot even look into simple SSL
- IPS operate at the network layers, not the application layers
- Maintenance costs of the system should not be underestimated
dotDefender - Key Features and Capabilities
-
Software plug in
dotDefender is designed as an ISAPI filter for IIS, and as a module for Apache. Works as part of normal web server operation and process and is transparent to any external client accessing the website.
-
Plug and play
Installs in minutes on the web server. Once installed, automatically identifies, and provides immediate protection to all websites. Supports HTTP and HTTPS (SSL) traffic.
-
Multiple platform support
Deployed on IIS and Apache servers, 32 and 64 bit architectures. Supports MS-Windows 2003/2008 and various Linux flavors: RPM based, Debian based, FreeBSD.
-
Predefined rule base
Delivered with best practice security rules for website protection. The rules protect against many diverse attack types. Strong, accurate, finely tuned security rules result in low false positive rate.
-
Automatic update
Automatic updates include protection against zero-day attacks and emerging threats to ensure continuous protection.
-
Granularity
Easily customized security rules at multiple levels: field, form, application, website and server.
-
Flexible customization options
Ability to customize and fine tune the security parameters for each specific application. The regular expression based rules are easy to define and maintain.
-
Security profile per site
Each website may have its own security profile to suit specific application needs.
-
Optimized engine
Optimized engine designed for efficiency, consumes low CPU and I/O resources.
-
Comprehensive Logging
Logging of all blocked requests with full details: e.g., time and date, attack type, source of attack, blocking reason and many others. Provides real-time visibility of application security and allows for quick remediation.
-
Auditing
Keeps track of any changes made to dotDefender, including scheduled audits.
-
Notifications
Supports syslog notifications and e-mail notifications from central management.
-
Reports
Predefined set of reports: executive, standard and detailed including all information about attacks attempts. Dashboard for immediate system status. Customized and scheduled reports with unlimited flexibility and granularity. Standard reports for compliance with PCI, SOX, etc.
 |
 |
 |
 |
 |
 |
