(PRWEB) September 27, 2007
Armorlogic, the Danish web application firewall provider, announces Profense™ Base, the only automated web application firewall available for free.
And there is no catch. Free means free for commercial as well as non-commercial use, without time limitation. Profense™ Base offers the same filtering, load balancing and compression features as the paid version Profense™ Professional. The only differences are the added features and the support options available.
Both versions are white-list based web application firewalls. They protect the web site by determining allowable requests and inputs and disallowing everything else. This approach provides protection against zero day attacks, simply because they are not in the white-list and thus are disallowed. The access policy is automatically built by learning from traffic to and from the web site. The resulting policy describes acceptable use of the web site and includes positive validation patterns for web application input parameters. Positive input validation effectively prevent attacks targeting web applications like SQL injection and Cross-Site Scripting.
Customers looking for features like active/active clustering ("self load balancing"), automated cluster synchronization and automated push backup may consider upgrading to the Professional version which is competitively priced at € 5,000 for a cluster license including the first year of support.
With the free version is included the Limited support package. Customers running Profense™ Base with limited support have to download and re-install Profense™ when an updated version is available. Also the Limited support package does not include prioritized support.
To get the reasurrance of prioritized incident response and the convenience of not having to re-install when updates are available customers can upgrade their support package to get prioritized support and automated inline updates.
Unlike most competing alternatives Profense™ is a software appliance. It includes a hardened OS and installs on most standard hardware, including virtual platforms. A major advantage of the software appliance model is that it offers lower cost of disaster preparedness and recovery. If disaster strikes all that is needed to restore Profense™ is a backup and a piece of general purpose server hardware. For competitors appliance based solutions a new expensive specialized piece of hardware have to be procured or kept standby off-site.
The free version of Profense enters a market where automated web application firewalls are priced at €20,000 and up - for one unit. To ensure uninterrupted availability web application firewalls are typically run in clusters of two. The price of a Profense™ Base cluster is the price of the server hardware - less than €2,000 per node. To run the run the cluster in automatically synchronized active/active mode a Profense™ Professional license is needed. Including hardware and support the cost will be less than €10,000.
The flipside of the coin is that Profense™ is not delivered as a shrink-wrapped appliance ready for deployment. Customers have to procure a piece of server hardware, download an iso-image, burn a cd and install the software. With the server hardware ready this process takes less than 1 hour.
ISO images and software licenses are available from http://www.armorlogic.com.
Armorlogic ApS is a Danish software development company focused entirely on web application security. The company is founded in early 2005 by Srebrenko Sehic and Jakob Frydendal Gercke who prior to founding Armorlogic were both internet security specialists in Big 4 consulting.
Jakob Frydendal Gercke, CEO
+45 6088 0500 / +45 7027 7732