Feature

Product Review: Applicure Technologies' dotDefender

Ezine

This article can also be found in the Premium Editorial Download "Information Security magazine: Everything you need to know about today's information security trends."

Download it now to read this article plus other related content.


Logging and ReportingC  

Reporting is dotDefender's weakest aspect. There was very little documentation about the reporting features. Logging provided information that would be useful to an IT administrator, but the reports wouldn't be very valuable to a business unit in regard to its PCI compliance or how its security posture is affecting its business.

Event reports offered basic statistics for individual websites, event categories and client IP addresses.

The logging capabilities are adequate, but lacked the advanced features we have seen in Web app firewall appliances. Log data can be exported to third party monitoring and reporting tools.


EffectivenessB  

Using a combination of signatures, session evaluation and pattern recognition, dotDefender examines HTTP requests, either allowing or denying them or in passive mode, logging only according to policy.

dotDefender effectively protected all our websites from a variety of common

    Requires Free Membership to View

ills found online, including Internet and browser worms, malicious websites with automated downloads, external vulnerability scans, cross-site scripting, SQL injection and DoS attacks.

Additionally, we were able to customize how suspect HTTP requests were handled. They could be denied, redirected or only logged. There is the option to return either default or customized error pages for denied requests.


Verdict

dotDefender is an inexpensive and no-frills way to protect HTTP sessions on a Web server.

Testing methodology: We tested dotDefender on Microsoft IIS on Windows Server 2003 hosting a variety of websites.

This was first published in July 2008

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: