September 30, 2008

Hot topics :

BinarySEC

Product Watch

Behavioral Application Firewall for Apache on Linux

BinarySEC provides Web application firewall functionality for the Apache Web server on Linux boxes. It is designed as an Apache module, with the ability to intercept, analyze, and if necessary block malicious transactions leveled against the Apache server.

The key feature of BinarySEC is its behavioral-based analysis algorithms (no signature updates required); which the vendor states enables it to prevent such attacks as XSS, SQL injection, PHP code inclusion, directory traversal, etc. The product operates in a three step fashion; intercepting the HTTP request, forwarding it to a baselining/analysis engine for enrichment of the baseline and/or identification of abnormality, and then, if the transaction is deemed abnormal, blocking the transaction and returning an error message to the end user. The vendor states that the product requires a learning period of "a few days," during which the administrator can configure the product to monitor and alert on potential attacks only (no blocking). Following the learning period, the administrator may then switch the product to apply inline blocking of the suspect transactions if they desire. Alerts can be recategorized by the administrator via a one-click process in the event of false positives; a process that the vendor states may commonly occur during the learning phase and immediately following functional changes to the Web application or the Web site.

The vendor notes that the module itself takes up 128 MB RAM and consumes about 2% of the CPU on an average machine. Installation requires no network changes.

Other features include support for the analysis of SSL traffic without decryption; a GUI installer; a traffic and alerts display tool; an administration GUI (with support for the monitoring of multiple servers, sites, and domains); and forensic identification features.

BinarySEC is available now. Pricing starts at $890 for the protection of two sites; with volume discounts available.

A free trial version can also be downloaded for unlimited-time usage on a single Web site; the free trial is limited, however, to the analysis of only 5,000 transactions per day (transactions following the 5,000 are not analyzed or blocked).

Contact the vendor for further information.

product submission by EITPlanet Staff

fact sheet

ID#:	1200592241
date posted:	Jan. 17, 2008
category:	Security:Intrusion Detection/Prevention
platform:	Linux 2.4+ w/Apache (1.3/2.0/2.2)
vendor:	BinarySEC (binarysec.com/)
vendor's information: Download BinarySEC about BinarySEC about BinarySEC

Security

Latest category updates via our RSS feed

Partners
Partner With Us

More IT Management
CIO Update
Datamation
eCRMGuide
DRM Watch
eSecurity Planet
ITSMWatch
Intranet Journal
Inside ID
Grid Computing Planet
bITa Planet
IT Career Planet
Project Manager Planet
Semantic Web

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info

Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers

Solutions

Whitepapers and eBooks
IBM Whitepaper: Service Component Architecture Enabling XML Web Services for Java Programmers IBM Whitepaper: Innovative Collaboration to Advance Your Business Intel Article: Using Power & Display Context in the Intel Mobile Platform SDK Internet.com eBook: Real Life Rails IBM SCA Center Article: Simplifying Composite Applications with Service Component Architecture Intel PDF: Quad-Core Impacts More Than the Data Center Internet.com eBook: The Pros and Cons of Outsourcing Go Parallel Article: Scalable Parallelism with Intel(R) Threading Building Blocks Intel PDF: Analysis of Early Testing of Intel vPro in Large IT Departments Internet.com eBook: Best Practices for Developing a Web Site Intel PDF: IT Agility through Automated, Policy-based Virtual Infrastructure IBM CIO Whitepaper: The New Information Agenda. Do You Have One?		Microsoft Article: BitLocker Brings Encryption to Windows Server 2008 IBM Whitepaper: Service Component Architecture & Java EE Integration Microsoft Article: RODCs Transform Branch Office Security Go Parallel Article: James Reinders on the Intel Parallel Studio Beta Program Avaya Article: Advancing the State of the Art in Customer Service IBM Whitepaper: How are other CIOs driving growth? Adobe Acrobat Connect Pro: Web Conferencing and eLearning Whitepapers Avaya Article: Avaya AE Services Provide Rapid Telephony Integration with Facebook Go Parallel Article: Getting Started with TBB on Windows HP eBook: Storage Networking , Part 1 MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts
Go Parallel Video: Intel(R) Threading Building Blocks: A New Method for Threading in C++ HP Video: Is Your Data Center Ready for a Real World Disaster? HP On Demand Webcast: Virtualization in Action Go Parallel Video: Performance and Threading Tools for Game Developers Rackspace Hosting Center: Customer Videos		Intel vPro Developer Virtual Bootcamp HP Disaster-Proof Solutions eSeminar HP On Demand Webcast: Discover the Benefits of Virtualization MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits
Download: IBM WebSphere Application Server V7.0 Feature Pack for Service Component Architecture Actuate Download: Free Visual Report Development Tool Microsoft Download: Silverlight 2 Software Development Kit Beta 2 30-Day Trial: SPAMfighter Exchange Module Red Gate Download: SQL Toolbelt		IBM SCA Download: Start Building SCA Applications Today Iron Speed Designer Application Generator Microsoft Download: Silverlight 2 Beta 2 Runtime MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos
IBM IT Innovation Article: Green Servers Provide a Competitive Advantage Microsoft Article: Expression Web 2 for PHP Developers--Simplify Your PHP Applications		Featured Algorithm: Intel Threading Building Blocks - parallel_reduce MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES