ServerDefender VP Web Application Firewall for AWS
Security is the top concern for many organizations when deploying in the cloud. ServerDefender VP provides powerful security for AWS to give you peace of mind for your cloud deployment. SDVP security for AWS is:
Ideal for Cloud Security
SDVP is a host-based web app firewall that installs right on your cloud instance, and scans all traffic before it hits your site or application.
Built for the System Administrator
Sys admins have enough on their hands. We made SDVP easy to setup and manage, with simple controls and built in powerful reporting and alerting to make life easier, not more difficult.
Stop Common Threats and New Threats
SDVP doesn't use lists of attack signatures to match and stop threats. It uses a rules-based system to provide security against well known threats as well as new - unknown - threats.
Intuitive Controls to Quickly & Easily Secure
Intuitive user interface makes it easy to configure security and means no lengthy training sessions.
Customize to Your Security Needs
Control every aspect of your site or application's security, for a security policy that fits what you need.
Security for Popular Platforms
Custom pre-installed security profiles for SharePoint, .NetNuke, Outlook Web Access (OWA), WordPress, and Joomla to get started right out of the box.
Provides powerful security against top persistent threats like SQL injection and XSS.
Session aware security, tracks users' sessions to score any suspicious or threatening behavior - and block when necessary.
Interactive Log Viewer provides data on hack attempts in real-times.
ServerDefender VP also sends comprehensive daily reports of trends and security events right to your email.
You can’t always be watching, so SDVP sends alerts via email when hack attempts occur.
Reduce incident response time by temporarily blocking the offending IP right from the email.
Apps We Secure
Port80 provides security for a popular platforms like:
- Outlook Web Access
- & More...
Easy to Use Slider Controls
Want to get set up quickly? Just slide the enforcement and logging levels to your desired strength and you're good to go. Individual settings can be configured from Expert View.
Input Controls for SQL Injection and XSS Protection
Configure strength of input controls to prevent SQL injection and cross-site scripting. Not every field or form requires the same level of security, so we added custom input controls and exceptions for specific fields so you can get as specific as you'd like.
Session Management Controls for Hardened Sessions
Broken authentication and session management is a consistent threat in the OWASP Top 10. We've combatted this threat with hardened session controls to restrict sessions to a single IP address and set session timeouts.
Site Status Dashboard for Error Statistic At A Glance
Get quick insight to the number of and types of errors occurring on your site. Here, you can click a threat category (SQL Inject, XSS, etc) to jump to logs corresponding to those threats.
Out of the Box Security for Popular Web Application Platforms
Pre-built profiles with security controls built specifically for the most popular application platforms on IIS. Custom profiles for: Microsoft SharePoint, Outlook Web Access, DotNetNuke, WordPress, and Joomla.
Configure Buffer Overflow Controls
Buffer overflow attacks can overwhelm systems by sending huge amounts of malicious data at them. Limit the size of data allowed in: URL, user-agent, cookie name and value, Post-Limit, and more.
Powerful Access Control
Control access to resources by file type or URL, so only those who need access to sensitive data have it. Manage file uploads and allowable file types to prevent malicious uploads.
Secure Against International Threats and Block IPs
The threat from international hackers is persistent and growing. IP policy controls provide the tools to block specific IP address, IP ranges, or even entire countries.
Protection Against Bots and Script Kiddies
Protect against bots and script kiddies by configuring bot detection settings. Stop bots right in their tracks after a certain number of requests or errors. You can can also blacklist known bot user-agents
Server errors can divulge vital information that can make it easier to hack a system. Serve custom templates to prevent sensitive information from being divulged.
Why Secure with ServerDefender VP?
Providing security for your cloud instances is a high priority, but why should you choose ServerDefender VP?
- Host-based security built perfectly for cloud deployments
- Launch instantly secure cloud instance on AWS in minutes
- PCI compliant web application security for payment processing and ecommerce
- Protection for the application layer against web-based threats
- Developed and supported by a team of web security experts
- Powerful granular controls to configure security to your site or app's needs
- Better zero day protection with advanced rules-based security - that means no signature updates - ever
Powerful Security, Made Easy
ServerDefender VP Web application firewall is designed to provide powerful security against Web attacks in an affordable, easy-to-use package for IIS admins.
SDVP premium security will:
- Stop hack attempts against IIS
- Maintain Payment Card Industry Data Services Standard compliance
- Prevent data theft and breaches
- Stop unauthorized site defacement, file alterations and deletions
Dynamic IIS Security
The Internet is a dangerous and ever-evolving place. SDVP provides powerful Web app security to:
- Block top known threats like SQL Injection and Cross Site Scripting
- Learn to recognize and block new threats by analyzing all site traffic and flagging suspicious or malicious users
- Dynamically tightens security if attacks increase
- Deep packet analysis scans what's inside files, not just file types
- Differentiate between harmful and harmless traffic to prevent false-positives
- Granular rules let you shrink wrap security policies to fit your site's needs
- SDVP's Web application security requirements are based on the OWASP Top Ten Project
IIS Security Made Easy
SDVP's intuitive user interface makes securing your web apps easier than ever.
- Increase and decrease security levels with the click of a mouse using Enforcement Level slider
- Security enforcement level icons let you know how firm your security is set against individual threats
- Set rigid security without implementing complex rules
Security Information & Event Management (SIEM)
A Web application firewall that logs security data so you can see exactly what's happening on your sites - and alerts you when your away from your desk.
- Interactive LogViewer
See security events in real-time and customize security policies on the fly.
- Flexible Alerts
Alerts of web attacks sent right to your email (HTML and plaintext), SNMP, Windows Event Viewer (local and remote), and Syslog-NG.
- Global and Site-Level Monitoring
View security reports locally on your server or remotely via the Web.
- Daily Reports
Summaries of key site traffic trends and anomalies, emailed nightly.
PCI Compliant From Birth
The Payment Card Industry Data Security Standard (PCI DSS) based its Web application security requirements on the OWASP Top Ten Project. ServerDefender VP's security controls were modeled on that same project.
ServerDefender VP Web App Security Provides
- Easy to use controls
- Application-neutral - protect ASP.NET, ColdFusion, PHP or any other app on IIS
- Helps achieve PCI DSS, HIPAA, and other security compliances
- Stop hack attempts against IIS
- Prevent data theft and breaches
- Protection against code vulnerabilities
Available EC2 Instance Types
ServerDefender VP is available on Amazon Web Services as an Amazon Machine Image (AMI). It can be purchased through the AWS Marketplace.
- Available on all EC2 instance types
- AMI Operating System
- Windows Server 2008 R2
- Windows Server 2012