- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Top level protection for a web server and web applications.
- Weaknesses: The offering is a software product which can tax under-powered hardware.
- Verdict: A good product that fills a larger gap than most application level firewalls.
This product is one of two software-based offerings submitted for this month's Group Test. The Profense software includes a hardened OS and installs on most standard hardware. It turns a piece of general purpose hardware into a dedicated application acceleration and security gateway. This provides many functions, including automated application profiling, adaptive learning, and positive and negative filtering for out-of-the-box protection against attacks.
The software provides web server security through three engines. The beginning protection mechanism learns legitimate application requests for a web server application. As a website is learned, the software begins to compile a whitelist of accepted requests. This learning process creates a policy that provides protection against attacks targeting undisclosed vulnerabilities in standard software and custom-built applications.
The second layer of protection is a web application firewall. This is implemented in the network as a filtering gateway that validates all requests to the web systems. In this sense, the application functions like a secure reverse proxy, only allowing legitimate application requests through. Profense provides protection for a web server against many common web application errors, supports and secures XML web services, and also provides compliance with major best practice documents.
It provides modules that enable the web server to load web pages faster than other web servers.
The product also decodes (terminates) SSL sessions for the purpose of determining which traffic should be allowed to reach the target web server.
The tool ships with a series of PDF documents, which cover common installation, configuration and operation of the software.
Profense includes a basic no-cost support option, which is included in the first-year price. The free support offers eight hours a day/five days a week business support by phone, email and web; automated updates; and all upgrades. Additional years of support are priced at $1,490.
The list price of the Armorlogic offering is $5,950, which places it at the higher middle end of products tested this month.