ServerDefender AI 1.4.3

ServerDefender AI 1.4.3 is a great application which can provide IMMEDIATE PROTECTION for Web sites and applications running on the Microsoft IIS Web server by blocking Web attacks including SQL injection, buffer overflows, cross-site scripting (XSS) and request forgery (CSRF), directory traversal, zero-day, brute force, dictionary, denial of service and others.

ServerDefender AI then goes beyond mere signature blacklisting by learning, from your Web logs or by MONITORING TRAFFIC with your guidance, exactly what is legitimate traffic for your site -- and blocking anything else! An advanced BEHAVIORAL ENGINE (AI) organizes IIS server requests into a multi-dimensional baseline of normal system activity. Each server connection and request is scrutinized by the rule-set configured in ServerDefender AI and also by the behavioral baseline to identify and take action against any activity falling outside trusted parameters. ServerDefender?s ANOMALY DETECTION and intrusion prevention capabilities progressively improve as the baseline evolves automatically or based on input from Web administrators.

Combining attack countermeasures -- ranging from 404 error presentation, robust IP blocking at the IIS- or network-layer to IIS shut-down -- with reporting and real time alerts (via e-mail, SMS/text message, and instant messaging services), ServerDefender AI is the complete solution. The software monitors, analyzes, and detects ATTACK SIGNATURES in HTTP methods, URL characters and request elements, URL query strings, and specific HTTP request headers that lead to privilege escalation and a hacked IIS server. In short, only safe, trusted requests are allowed to the application and database layers of your Web site or app.

ServerDefender AI is fully COMPATIBLE with IIS 5/6 and Windows 2000/Server 2003. Download a 30 day trial version and lock down your Web servers and data today!

 Major Features:

1. Attack signature and behavioral learning Web application firewall protects against known, unknown, and new Web hacking attacks against Microsoft IIS Web servers, Windows operating systems, and popular Web application platforms like ASP.NET, ColdFusion, Java/JSP/J2EE, Perl, PHP, Python, Ruby -- and now, even Ajax and JavaScript
   
2. Configurable, predefined HTTP/HTTPS request event classifications offer signature-based defense, with specific rule enforcement by:
   
   • HTTP Methods (OPTIONS, GET, POST, HEAD, and all possible HTTP methods/operations)
   • • New! Supports local proxy servers using the XFF (X-Forwarded-For) request header
   • URL Paths (Any characters, extensions or symbols possible in a request URL)
   • • Request Throttling: Special Request Frequency feature in URL Path rules allows for control of requests per second to a given URL to avoid automated attacks on key entry points
   • URL Query Strings (Length of variables + Signature rules for detecting SQL injection and XSS)
   • HTTP Request Headers
   • IP addresses and address ranges (Whitelist/blacklist with duration control and included WHOIS lookup for accuracy)
3. Artificial intelligence (AI)-based behavioral engine in Training Mode reviews Web traffic patterns to establish a baseline of Trusted and Untrusted Events
   
   • New requests are screened against the baseline to determine if request should be trusted based on previous request history and training database
   • Offers both supervised and self-learning capabilities
   • Adjustable sensitivity levels and percentage of requests to be analyzed
   • Requires periodic event review, classification and retraining of database for maximum effectiveness
4. Extensive Threat Management Options when a request falls outside of an allowed or trusted profile, including:
   
   • Block request by serving HTTP 404 File Not Found response
   • Block IP for subsequent HTTP requests
   • Deny all ports for IP requests with Network IP Blocking feature
   • • Advanced Network IP Blocking via NDIS driver provides performant blocking at TCP/IP and UDP layers for all ports so hacker requests never get to IIS!
   • Stop Microsoft IIS Web services
5. Inactive monitoring mode allows for easy testing of ServerDefender AI without interrupting production Web serving
   
6. Multiple, configurable notification alert options for blocked requests in real-time via:
   
   • Pager
   • E-mail
   • SMS or text message
   • MS Messenger service
   • On-screen/audio security alert notification on Web server's desktop
7. Microsoft Management Console (MMC)-based UI Settings Manager with settings stored in Windows registry
   
8. Remote Deployment and Management to install, manage and monitor Web app security on multiple servers (settings applied across server, not by individual virtual server or site)
   
9. Full consolidated logging of events and request event details (with exportable log files)
   HTML reporting on most frequently requested URLs and request IP addresses
   
10. Compatible with IIS Lockdown, URLScan, major third party server-side scripting platforms like ASP, ASP.NET, PHP, JSP, ColdFusion, and Perl
    
11. Supports FrontPage publishing, Outlook Web Access (OWA), and other Microsoft platforms running on the IIS Web server
    
12. Super-fast, stable ISAPI filter with no noticeable server performance impact
    
13. Adjust settings without an IIS restart
    
14. Quick and easy installation and configuration
    

Requirements:

• IIS 6.0 / Windows Server 2003 (all x86-32 Bit versions;
• IIS 5.1 / Windows XP (not recommended for production use)
• IIS 5 / Windows 2000
• Note: IIS 7 / Windows Server 2008 not yet supported

 WareSeeker Editor