|
eEye Products:
eEye Resources:
Join Our Blog:
|
|
|
eEye
SecureIIS Web Server Security
|
|

|
eEye Digital Security Products |
| SecureIIS Web Server
Security |
eEye SecureIIS with Basic Maintenance* - 1 Year
*Includes Support via Forums,
Knowledgebase and Support Request Form
 |
#SECR-SFTW-SB-00001-1
Our Price: $995.00 |
|
eEye SecureIIS with Standard Maintenance - 1
Year
*Includes 8x5 Telephone and
e-mail Support
 |
#SECR-SFTW-SS-00001-1
Our Price: $1,195.00 |
|
eEye SecureIIS with Platinum Maintenance - 1
Year
*Includes 24x7 Telephone and
e-mail Support
 |
#SECR-SFTW-SP-00001-1
Our Price: $1,395.00 |
|
More eEye Digital Security
options and pricing below, click here
eEye SecureIIS Web Server Security Overview:
Forget panic-patching. Make zero day attacks a
non-event.
SecureIIS web server security delivers integrated
multi-layered windows server protection. SecureIIS provides
application layer protection via integration with the
IIS platform as an ASAPI filter, protecting against
known exploits, zero day attacks, and unauthorized web
access.

Web Server Protection - Complete zero day
protection for one of the primary portals to your internal
network.
Application Layer Protection - eEye Digital
Security pioneered the concept of application-layer
protection, which has revolutionized proactive security.
Unlike network-layer protection products, an application-layer
solution works within the application that it is protecting.
SecureIIS inspects requests as they come in from the
network layer, as they are passed up to the kernel,
and at every level of processing in between. If at any
point SecureIIS detects a possible attack, it can take
over and prevent unauthorized access and/or damageto
the web server and host applications.
IIS ISAPI Integration - SecureIIS was developed
as an ISAPI filter, which allows for a tighter integration
with the web server as compared to other application
firewalls. SecureIIS monitors data as it is processed
by IIS and can block a request at any point if it resembles
one of many classes of attack patterns; including SQL
injection and cross site scripting. Because of eEye's
extensive knowledge of the various ways in which IIS
servers and web applications can be attacked, as well
as the nature of an application firewall, even undiscovered
vulnerabilities are secured and thwarted.
Zero Day Protection - Unlike network firewalls
and intrusion detection systems, SecureIIS does not
rely upon a database of attack signatures that require
regular updating. Instead, it uses multiple security
filters to inspect web server traffic that could cause
buffer overflows, parser evasions, directory traversal,
or other attacks. Therefore, SecureIIS is able to block
entire classes of attacks, including those attacks that
have not yet been discovered. SecureIIS provides true
zero day protection for entire classes of attacks whether
known or unknown.
Compatibility and Key Features - SecureIIS
works with and protects all common web-based applications
such as Flash, Cold Fusion, FrontPage, Outlook Web Access,
and many third party and custom applications. Configurations
can be modified without having to restart the web server,
thus preventing disruption of the active website. SecureIIS
runtime logs provide detailed explanations as to why
requests were denied and allow for data to be exported
in any number of different formats including tab delimited,
text, and Excel. This activity can also be graphed in
real-time based on class of attack. Regardless of the
communications protocol, SecureIIS offers protection
without affecting service levels on your web server,
and even stops attacks on encrypted sessions based on
the ability to analyze the content of HTTPS sessions
before and after SSL encryption.
Designed by Security Research Experts - eEye
is recognized as one of the most trusted and respected
sources dedicated to improving IIS security. eEye's
research team is credited with having discovered several
high-severity IIS vulnerabilities that would have allowed
an attacker to gain complete remote control over a susceptible
server.
|
Fast Facts |
- Runs on Windows NT 4 (IIS
4), Windows 2000 (IIS 5), or
Windows 2003 (IIS 6, 32 bit)
- Integrated technology does
not affect server performance
- Compatible with common web-based
applications such as Flash,
Cold Fusion, FrontPage, Outlook
Web Access and more
|
- Protects against the following
classes of attacks: buffer overflow,
parser evasion, directory traversal,
general exploitation, high-bit
shellcode protection, cross
site scripting, and SQL injection
and more
|
|
Features and Benefits:
SecureIIS protects against the following attack
types:
SQL Injection - SecureIIS is designed
to filter the most common commands and characters
used in SQL injection attacks. This stops SQL injection
attempts dead in their tracks and can be verified
with
Retina Web Security Scanner.
Buffer Overflow Attacks - SecureIIS checks
the lengths of all client-supplied buffers. If the
data is larger than the maximum size allowed, SecureIIS
will drop the connection, thereby avoiding a buffer
overflow
Parser Evasion Attacks and High-Bit Shellcode
Protection - Insecure string parsing can allow
attackers to remotely execute commands on the machine
running the web server. SecureIIS checks for various
characters in a string that would allow an attacker
to add on commands to a normal value. If these characters
are found, SecureIIS will drop the connection. In
addition, normal English-language web traffic does
not contain high bit characters. SecureIIS will
drop all requests containing high bit characters,
which often signal a potential buffer overflow attack.
Directory Traversal Attacks - In certain
situations, various characters and symbols can be
used to break out of the web server's root directory
and access files on the rest of the file system.
SecureIIS checks for these characters and also blocks
access to specific directories and can even alert
when specified files or directories are accessed
or modified or even deleted.
RFC Compliancy and Other Attack - SecureIIS
prevents attacks from manipulating the HTTP protocol
in attempts to bypass security systems and exploit
security holes. SecureIIS has aditional checks in
place to identify and drop requests that contain
recognized patterns. Limitations are also placed
on the size of uniform resource locators (URL/URI),
HTTP variables, request methods, request header
size and other HTTP-related content and payloads
that try to use common commands like cmd.exe.
Enterprise Vulnerability Management

Designed for a range of small business, medium business
(SMB), to large enterprises, Retina Network Security
Scanner is available as both a network security software
solution plus a vulnerability management appliance solution.
- Centralized Vulnerability Managementt
Integrated vulnerability assessment, policy enforcement,
policy auditing; improving enterprise network security.
- Centralized Incident Management
Prioritized vulnerability management plus client
security threats and attacks; reducing security
risk plus network security response.
- Enterprise Security Reporting
With integrated vulnerability, attack and policy
information provided by Retina and Blink, REM provides
organizations with metrics and graphical representations
of their enterprise security posture.
- Executive Dashboard
Customizable reports and charts; integrated asset
management, client security, risk assessment, plus
vulnerability assessment.
Specifications:
SecureIIS Web Server Security integrates directly
with your Windows IIS Servers. SecureIIS requires the
following minimum system requirements:
- Windows NT 4.0, IIS 4.0 and Service Pack 6
- Windows 2000, IIS 5.0 and Service Pack 1 or
greater
- Windows 2003, IIS 6.0
- IIS Proxy Server is not supported
SecureIIS Screenshots:
 |
SecureIIS Quick Start Wizard
SecureIIS Quick Start Wizard walks you through
the initial steps to secure your IIS Web
server.
|
 |
SecureIIS Monitoring SecureIIS
allows you to manage and monitor which files
can be accessed via the Web.
|
 |
SecureIIS Site Security SecureIIS
gives you the ability to narrow or broaden
the scope of your protection.
|
 |
SecureIIS Log Viewer SecureIIS
Log Viewer gives you all the pertinent information
related to attempted attacks on your Web
servers.
|
Iris Screenshots:
 |
Decoding and Reconstructing Data
Iris lets you reconstruct data and display
all content that was captured. In decode
mode, captured data is reassembled in a
way that allows you to view each session
as if you were the actual session owner.
Many common protocols can be reconstructed
in this manner.
|
 |
Monitoring Network Activity
Iris provides a graphical user interface
(GUI) to allow network administrators to
capture and retrace the steps of any network
user. By monitoring both incoming and outgoing
network traffic, Iris functions as a complete
systems management watchdog.
|
 |
Session Reassembly Iris reassembles
HTTP sessions through the Iris decoder,
which allows it to be displayed as a fully
rendered web page. Iris not only shows you
the packet that created the session, but
a realistic view of the actual contents
of data sent within that session.
|
 |
Detecting Connection Attempts
Iris' Guard feature watches for a specific
connection sequence when a TCP session begins
and reports it if it meets the connection
criteria set in the Iris filters. This allows
you to watch specific connections to and
from any machine, and be alerted if Iris
sees a connection from an IP or TCP port
that Iris has been configured to monitor.
|
Pricing Notes:
- ** Pricing Valid For United States and Canada Only
**
- SecureIIS is sold as a one year subscription. The product
will not function after the subscription period has ended.
All licensed users may purchase additional subscription
time via the eEye Customer Portal.
- You may operate only one copy of SecureIIS on a single
server for each license purchased. SecureIIS will protect
an unlimited amount of unique websites within IIS.
- Product maintenance is included with every SecureIIS
subscription. Maintenance provides licensed users with version
updates and technical support.
|
eEye Digital Security Products |
| SecureIIS Web Server
Security |
eEye SecureIIS with Basic Maintenance* - 1 Year
*Includes Support via Forums,
Knowledgebase and Support Request Form
 |
#SECR-SFTW-SB-00001-1
Our Price: $995.00 |
|
eEye SecureIIS with Standard Maintenance - 1
Year
*Includes 8x5 Telephone and
e-mail Support
 |
#SECR-SFTW-SS-00001-1
Our Price: $1,195.00 |
|
eEye SecureIIS with Platinum Maintenance - 1
Year
*Includes 24x7 Telephone and
e-mail Support
 |
#SECR-SFTW-SP-00001-1
Our Price: $1,395.00 |
|
| SecureIIS Web Server
Security Renewals |
eEye SecureIIS with Basic Maintenance - 1 Year
Renewal
*Includes Support via Forums,
Knowledgebase and Support Request Form
 |
#SECR-SFTW-SB-00001-R
Our Price: $995.00 |
|
eEye SecureIIS with Standard Maintenance - 1
Year Renewal
*Includes 8x5 Telephone and
e-mail Support
 |
#SECR-SFTW-SS-00001-R
Our Price: $1,195.00 |
|
eEye SecureIIS with Platinum Maintenance - 1
Year Renewal
*Includes 24x7 Telephone and
e-mail Support
 |
#SECR-SFTW-SP-00001-R-R
Our Price: $1,395.00 |
|
|
|