“This update offers new CSRF protection, improved DDoS defense and streamlines central management for multi-server deployments to deliver exceptional web application security and reduced administrative overhead.”
New Albany, OH (PRWEB) September 25, 2012
Privacyware, an innovative provider of web application firewall, pc security and security data analytics software, today announced it has released the latest update of its award-winning IIS Web Application Firewall and Intrusion Prevention solution, ThreatSentry. The product update strengthens DDoS defense, provides simultaneous filtering of 32 and 64 bit web application traffic on IIS 7 and centralized management enhancements.
ThreatSentry is the leading software–based Web Application Firewall and Host IPS for Microsoft Internet Information Services (IIS). ThreatSentry identifies and blocks web application threats such as Structured Query Language (SQL) Injection, DDoS, Cross Site Request Forgery (CSRF/XSRF), Cross-Site Scripting (XSS) and other types of attacks and helps system administrators comply with regulatory demands such as Section 6.6 of the Payment Card Industry Data Security Standard (PCI DSS). ThreatSentry supports Windows Server 2008/R2, 2003 and 2000 and IIS 7.x (native IIS7 module), 6 (ISAPI Extension) and 5 (ISAPI Filter) on 32 and 64 bit systems.
The ThreatSentry software update offers significant enhancements that improve web application security and extend administrative control. Key highlights of the new release include:
- Enhanced prevention capabilities for Cross-Site Request Forgery (CSRF or XSRF) attacks): Added HTTP Header checks (Referrer, Origin, etc.) to verify request authenticity.
- Enhanced protection from Distributed Denial of Service (DDoS) attacks: Re-architected database structure isolates logic governing web application page request frequency and supports greater volume of Blocked IP addresses.
- Added full mixed-mode request filtering support in IIS7: Allows simultaneously filtering of both 32 and 64 bit web applications hosted on the same server.
- Enhanced Centralized Management: Provides configuration and monitoring control over multiple servers from a single ThreatSentry master console.
“We focus on administrative, performance and security enhancements with each ThreatSentry update we release and this new build is no exception,” said Privacyware CEO Greg Salvato. “This update offers new CSRF protection, improved DDoS defense and streamlines central management for multi-server deployments to deliver exceptional web application security and reduced administrative overhead.”
ThreatSentry delivers proactive defense to secure IIS and prevents attacks from exploiting web application vulnerabilities through a complementary set of integrated components.
- State-of-the-art Web Application Firewall: Provides configurable rules-based control over HTTP/HTTPS request methods (OPTIONS, GET, POST, HEAD), URL Paths, URL Query String length, and HTTP Request Headers, rule-specific URL/s exclusion capabilities, URI Encoding support, Regular Expression support for parameter rules/filtering, etc.
- Fully integrated Firewall: Proprietary NDIS driver delivers flexible network IP blocking (featuring white list, black list and duration control) at TCP/IP and UDP layers for all ports.
- Behavior-based Intrusion Prevention: Adaptive, behavior-based engine (with sensitivity control) analyzes Web traffic patterns to detect new threats and behavioral anomalies and deviations.
- Anti-DoS/DDoS: Configurable request frequency monitor blocks successive requests to individual or all site pages to reduce the risk of DoS and DDoS attacks.
Pricing and Availability
ThreatSentry is available for purchase or 30-day trial download via the Privacyware web site: http://www.privacyware.com or through business partners worldwide. Starting at just $649 per server, ThreatSentry is priced to maximize constrained IT budgets and supports Microsoft Windows Server 2008/R2, 2003, 2000 and Internet Information Services (IIS) 7/7.x, 6, and 5. For more information, including special plans for data centers and Web hosting providers, please contact Privacyware directly or visit us online.
Privacyware (http://www.privacyware.com) is an innovative provider of award-winning web application firewall, pc security and security data analytics software. Privacyware products leverage conventional and advanced analytics technologies to help systems administrators, IT security and compliance personnel more effectively identify, understand and prevent malicious, unauthorized and/or deviant computing system activity. Privacyware is a member of the Microsoft Partner Network with Silver OEM and Independent Software Vendor (ISV) competencies.
Privacyware and ThreatSentry, Privatefirewall, and Adaptive Security Analyzer are registered trademark of PWI, Inc. All other registered or unregistered trademarks are the sole property of their respective owners. ©2012 PWI, Inc. All rights reserved.