Profense 2 Web Application Firewall
January 01, 2009
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Top-level protection for a web server and web applications
- Weaknesses: It is a software product, which can tax under-powered hardware
- Verdict: A good product that fills a larger gap than most application-level firewalls
The Profense 2 Professional Application Web Firewall product is one of two software-based offerings submitted for the review. The Profense software includes a hardened OS and installs on most standard hardware. Profense turns a piece of general purpose hardware into a dedicated application-acceleration and security gateway. The software provides many functions, including automated application profiling, adaptive learning and positive and negative filtering for out-of-the-box protection.
The software functions through three engines to provide web server security. The beginning protection mechanism learns legitimate application requests for a web server application.
The second layer of protection provided by Profense is a web application firewall.
Profense provides protection for a web server against web application errors, such as the OWASP top ten vulnerabilities. It also supports and secures XML web services.
The product decodes (terminates) SSL session for the purpose of determining which traffic should be allowed to reach the target web server. Profense also includes web accelerator technology, which improves overall web server performance both by lowering the web and application server workload - optimising and reducing bandwidth usage - and also through the process of offloading SSL operations from web servers to the Profense system.
Due to the many complex features included in the Profense application, the hardware that supports the application needs to be as powerful as possible to maximise performance benefits and protection mechanisms.
The solution includes a series of PDF documents that cover common installation, configuration and operation of the software.
Profense includes a basic no-cost support option that is included in the first year price. The free support offers eight hours a day, five days a week, business-day support by phone, email and web, automated updates and all upgrades. Additional years of support are priced at £1,006.
The list price of the Armorlogic offering is £3,975, which places it at the higher middle end of products tested.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry