skip to main content
We are excited to announce that the IIS.NET Forums are moving to the new Microsoft Q&A experience. Learn more >

ServerDefender VP IIS Web Application Firewall

Windows This is a Community Contributed Download

CategorySecure
LicenseFree to try
Supported byEmail, Phone, Knowledge base
Works WithIIS 6, IIS 7, IIS 7.5
DocumentationServerDefender VP IIS Web Application Firewall Documentation
Updated onApril 29, 2013
Uploaded byport80

Overview

Web applications are at the center of business online and are constantly threatened by common threats like SQL injection, XSS, and new, unknown zero day threats. Not only is ServerDefender VP’s host-based application security powerful, it's easy to use with slider controls to strengthen and loosen security policies. ServerDefender VP Web application firewall for IIS is designed to provide protection for websites and applications running on the Microsoft IIS Web server by blocking Web attacks including SQL injection, buffer overflows, cross-site scripting (XSS) and request forgery (CSRF), zero-day, brute force, dictionary, denial of service and others. ServerDefender VP is platform neutral and secures web application platforms running in .NET (.NetNuke, SharePoint, Exchange, etc.) and helps achieve PCI-DSS Compliance, while blocking common threats as well as zero day threats.

Features

  • Blocks top threats like SQL injection, cross site scripting (XSS), and cross site request forgery (CSRF)
  • Real-time security log monitoring to view threats and activity
  • Interactive security log viewer to visualize activity, perform incident investigation, block malicious users, and create exceptions
  • Email alerting to receive notice of a hack attempts for faster response time
  • Anti-hijacking control with hardened sessions
  • User input validation and sanitization
  • Fewer false positives with granular exceptions
  • Site-by-Site security control management
  • Advanced Bot detection and control
  • Detailed daily reports via Web and Email
  • LogViewer with highly detailed searchable and filterable security logs
  • Multiple configuration wizards to aid with proper set-up and deployment

Benefits

  • Powerful application layer security
  • Protection from known threats and zero day threats
  • SDVP's logic-based security means no signature list updates required
  • Premium PCI compliant Web application firewall protection
  • Advanced protection against common attacks such as SQL injection, cross-site scripting (XSS), and more
  • Highly customizable security policies
  • Site awareness at a glance
  • No training or complex installation required
  • Custom integration and testing services available

Requirements

The System Requirements for ServerDefender VP are as follows: A compatible version of IIS and Windows:
  • IIS 7.5 / Server 2008 R2 with Service Pack 2
  • IIS 7 / Server 2008 with Service Pack 2
  • IIS 6 / Server 2003 (all editions) with Service Pack 2
Compatible hardware:
  • x86 (32-bit)
  • x64 (64-bit)
Notes: The current ServerDefender VP 64-bit installer does not support scenarios in which one or more IIS application pools are running in 32-bit mode. Please contact Port80 Software Technical Support for additional information. IIS 5.0 Isolation (compatibility) Mode on IIS 6.0 / Server 2003 is not supported. For IIS 7.x / Server 2008 installations, the following IIS Role Services must be installed:
  • ISAPI Filters
  • ISAPI Extensions
  • IIS 6.0 Metabase Compatibility
  • IIS 6.0 Management Scripts and Tools