Enterprise Web Application Firewall for IIS

Web applications are at the center of business online and are constantly threatened by common threats like SQL injection, XSS, and new, unknown zero day threats. Not only is ServerDefender VP’s host-based application security powerful, it's easy to use with slider controls to strengthen and loosen security policies.


Provides powerful security against top persistent threats like SQL injection and XSS.

Session aware security, tracks users' sessions to score any suspicious or threatening behavior - and block when necessary.


Interactive Log Viewer provides data on hack attempts in real-times.

ServerDefender VP also sends comprehensive daily reports of trends and security events right to your email.


You can’t always be watching, so SDVP sends alerts via email when hack attempts occur.

Reduce incident response time by temporarily blocking the offending IP right from the email.

  Industries We Secure

Port80 provides security for a variety of industries:

  • Finance
  • Government
  • Healthcare
  • Consumer / Retail
  • Education
  • & More...

Getting Started is Easy

Getting ServerDefender up and running only takes a few minutes. Checkout our step-by-step video guide.

Webinar 1: Getting Started with ServerDefender

Making it easier to secure your .NET applications.

ServerDefender VP Web application firewall is designed to provide powerful security against Web attacks in an affordable, easy-to-use package for IIS admins. Our web application firewall secures web application platforms running in .NET (.NetNuke, SharePoint, Exchange, etc.) and helps achieve PCI-DSS Compliance, while blocking common threats and zero day threats.

Learn More: Security You Can See »

Security Features

Security You Can See - Features That You Need

We tailored the changes in SDVP 2.1 based on customer feedbacks, so we could make the most user-friendly Web application firewall possible for IIS.

Slide Into Security

Overwhelmed by complex configuration options? We have you covered.

Slide Into Security

Standard View lets you slide left for looser security and slide right for firmer security. It's as simple as that.

Don't worry - SDVP's powerful and granular controls are just a click away in Expert View - for the most custom security experience for IIS.

Reports You'll Look Forward to Reading

Daily Reports with your site's most important security events and trends - everywhere you go.

Daily Report on iPad Daily Report on iPad

In SDVP 2.0 Daily Report emails are attractive and easy-to-scan, with the most important info bubbled right to the top. They highlight the vital data you need to keep informed about the security of your sites - even when you're not at your desk.

One Wizard to Rule Them All

With only one set-up wizard, your Web application firewall can be set up in minutes.

Configuration Wizard at Install Time Configuration Wizard at Install Time

Need to get up and running as quickly as possible? Go with the Config Wizard's Standard Mode - it will get you there in just a few screens. Have a lot of complex Web apps and need to tune each one's security just so? Expert Mode is right for you:

Additional Web App Firewall Features


Analyzes, detects and responds to suspicious activity, accurately differentiating between trusted and untrusted behavior to thwart hacker attacks.

  • Anti-hijacking control with hardened sessions
  • User input validation and sanitization
  • Fewer false positives with granular exceptions
  • Site-by-Site security control management
  • Advanced Bot detection and control
  • IP Blocking controls

Alerting, Visuals, and Setup

  • Multiple configurable alerting options; including email, SNMP, syslog
  • Detailed daily reports via Web and Email
  • LogViewer with highly detailed searchable and filterable security logs
  • Multiple configuration wizards to aid with proper set-up and deployment


  • Premium PCI compliant Web application firewall protection
  • Advanced protection against common attacks such as SQL injection, cross-site scripting (XSS), and more
  • Site awareness at a glance
  • No training or signatures required
  • Highly customizable security policies
  • Custom integration and testing services available

Learn More: Benefits »


Powerful Security, Made Easy

ServerDefender VP Web application firewall is designed to provide powerful security against Web attacks in an affordable, easy-to-use package for IIS admins.

SDVP premium security will:

  • Stop hack attempts against IIS
  • Maintain Payment Card Industry Data Services Standard compliance
  • Prevent data theft and breaches
  • Stop unauthorized site defacement, file alterations and deletions

Dynamic IIS Security

The Internet is a dangerous and ever-evolving place. SDVP provides powerful Web app security to:

  • Block top known threats like SQL Injection and Cross Site Scripting
  • Learn to recognize and block new threats by analyzing all site traffic and flagging suspicious or malicious users
  • Dynamically tightens security if attacks increase
  • Deep packet analysis scans what's inside files, not just file types
  • Differentiate between harmful and harmless traffic to prevent false-positives
  • Granular rules let you shrink wrap security policies to fit your site's needs
  • SDVP's Web application security requirements are based on the OWASP Top Ten Project

IIS Security Made Easy

SDVP's intuitive user interface makes securing your web apps easier than ever.

  • Increase and decrease security levels with the click of a mouse using Enforcement Level slider
  • Security enforcement level icons let you know how firm your security is set against individual threats
  • Set rigid security without implementing complex rules

Security Information & Event Management (SIEM)

A Web application firewall that logs security data so you can see exactly what's happening on your sites - and alerts you when your away from your desk.

  • Interactive LogViewer
    See security events in real-time and customize security policies on the fly.
  • Flexible Alerts
    Alerts of web attacks sent right to your email (HTML and plaintext), SNMP, Windows Event Viewer (local and remote), and Syslog-NG.
  • Global and Site-Level Monitoring
    View security reports locally on your server or remotely via the Web.
  • Daily Reports
    Summaries of key site traffic trends and anomalies, emailed nightly.

PCI Compliant From Birth

The Payment Card Industry Data Security Standard (PCI DSS) based its Web application security requirements on the OWASP Top Ten Project. ServerDefender VP's security controls were modeled on that same project.

ServerDefender VP Web App Security Provides

  • Easy to use controls
  • Application-neutral - protect ASP.NET, ColdFusion, PHP or any other app on IIS
  • Helps achieve PCI DSS, HIPAA, and other security compliances
  • Stop hack attempts against IIS
  • Prevent data theft and breaches
  • Protection against code vulnerabilities

Learn More: Requirements »


System Requirements

The System Requirements for ServerDefender VP are as follows:

  • A compatible version of IIS and Windows:
    • IIS 8 / Server 2012
    • IIS 7 & 7.5 / Server 2012
    • IIS 7.5 / Server 2008 R2 with Service Pack 1
    • IIS 7 / Server 2008 with Service Pack 2
    • IIS 6 / Server 2003 (all editions) with Service Pack 2
  • Compatible hardware:
    • x86 (32-bit)
    • x64 (64-bit)


  • For scenarios in which one or more IIS application pools are running in 32-bit mode on 64-bit hardware, you must use the 64-bit installer.
  • IIS 5.0 Isolation (compatibility) Mode on IIS 6.0 / Server 2003 is not supported.
  • For IIS 7.x / Server 2008 installations, the following IIS Role Services must be installed:
    • ISAPI Filters
    • ISAPI Extensions

Learn More: Overview »