This article can also be found in the Premium Editorial Download "Information Security magazine: Everything you need to know about today's information security trends."
Download it now to read this article plus other related content.
Price: Starts at $3,995 per physical server installation
If you're looking for quick and inexpensive Web application security, dotDefender offers protection against common threats through a software plug-in for IIS, Microsoft ISA and Apache servers.
dotDefender installed rapidly and much more easily than hardware-based Web application firewalls (see comparative review, March 2008). Since it's a plug-in, configuration and management for IIS and ISA is handled through the Microsoft Management Console. The Apache version installs as an inline module.
By default, dotDefender deployed in a protective operating mode, leaving us covered against the majority of common attacks we threw at it right out of the box. But, take the time to perform extensive testing on protected websites to ferret out any security settings that interfere with functionality.
Although the documentation to quickly get the product running was excellent, we would have liked to see a more in-depth user guide for advanced features.
Policies center on patterns and signatures. Patterns define what dotDefender looks for in terms of exploits, such as buffer overflows, SQL injection, cross-site scripting, cookie manipulation, etc. Each pattern includes two sub-menus: user defined, where custom rules can be created, and best practices, which includes a check box list of standard defenses/mitigations against known exploits.
Signatures are regularly updated by dotDefender and include a blacklist of compromised/hacked servers, anti-proxy protection, worms, bad user agents, spammer crawlers and MPack protection against infected websites.
Security profiles with unique policy settings can be assigned to different websites hosted on the same server.
This was first published in July 2008