Site Search
Trustwave WebDefendEnterprise security solution for o Web Application Servers
|
 |
The WebDefend web application firewall appliance goes beyond vulnerability scanning efforts, secure coding initiatives, and network security solutions by providing organizations with continuous, real-time web application-specific security.
WebDefend is an advanced web application firewall that offers customized, behavior-based security for each protected application. Only WebDefend uses a patent-pending profiling system and multiple, collaborative detection engines to ensure the flow of mission-critical traffic while supplying complete protection for applications to keep the organization’s confidential information safe from targeted attacks and leaks.
Dynamic Application ProfilingThe patent-pending Adaption profiling system automatically builds a customized, positive security model for each protected application to understand its acceptable behavior. In addition, Adaption can profile HTML, XML and SOAP and WebDefend can monitor uncompressed or compressed web traffic. The system maps all levels of application behavior, so there is no need for detailed knowledge or secure coding. As the application is updated, WebDefend automatically detects the changes, learns them, and adjusts the profile. Adaption automatically relearns HTTP constraints along with the existing information it profiles and relearns about individual web application parameters.
Inbound and Outbound Traffic AnalysisOnly WebDefend offers inbound and outbound traffic analysis through the patent-pending, bi-directional ExitControl traffic analysis engine. ExitControl inspects both incoming and outgoing traffic to block hacker-informative error messages and prevent application defacement and data theft. Pre-defined and customizable BreachMarks within the ExitControl engine represent patterns that identify a specific type of information, such as credit card or Social Security numbers. Organizations can set BreachMark policies to alert on and prevent the loss of matching data.
Out-of-the-Box PCI ComplianceWebDefend includes pre-packaged rule sets specifically designed for organizations working to comply with the Payment Card Industry Data Security Standard (PCI DSS). These rules ensure the proper configuration of security mechanisms for attack prevention as well as logging of all payment card usage for compliance. PCI-specific reports provide an immediate view of the system’s overall level of compliance as well as details of sensitive information use for audit purposes. |
|||||
 |
|||||
 |
|||||
 |
|
Application Security Defect DetectionWebDefend uniquely identifies and reports on application security defects caused by insecure coding techniques. These defects, such as missing images or hyperlinks and improper request handling, negatively impact the user experience by preventing application access or disabling the web server. Each protected application is passively monitored for anomalies in its responses. If necessary, corresponding inbound requests are analyzed to determine underlying causes. By assessing an entire application in its actual environment, WebDefend pinpoints defects that would otherwise go undetected during a code review or vulnerability scan. |
|
Full Monitoring and Blocking CapabilitiesA full suite of monitoring and blocking capabilities allow organizations to customize WebDefend’s response to threats. A simulation mode facilitates deployment by indicating what WebDefend would prevent, without requiring full blocking functionality to be enabled. WebDefend’s blocking capabilities include blocking packets in in-line mode, logging out malicious users, integrating with popular web servers for attack blocking and network firewalls for IP blocking, and TCP resets.
SSL Attack Detection |
|
|
WebDefend replicates and decrypts SSL traffic streams without terminating the original encrypted session. Immediately after decryption, WebDefend inspects the traffic entering and leaving the web environment, providing full visibility and attack detection capability without compromising performance.
|
|
Intuitive Management ConsoleThe easy-to-use WebDefend Management Console provides a single point of sensor configuration and management. Organizations can immediately use the console, without any initial training, to gain full visibility into their web applications’ architectures and security. The instructive console helps organizations understand the context in which events are generated and remediate problems quickly. For every event detected, a detailed description pinpoints the vulnerability, offers insight into its meaning, and assists with its resolution. The console offers multiple event views, allowing organizations to examine entire transactions and see the error messages presented to users. Events can also be filtered, so only exceptions are shown. Powerful reporting tools help to communicate web application security defects to development, meet compliance requirements, and track the effectiveness of WebDefend policies.
|
|
Product line
| Model |  |
|
|
|||||||||
| GX60i System | GX110i System | GX120i System | ||||||||||
|
CPU
|
1 x Quad Core |
2 x Quad Core |
2 x Quad Core |
|||||||||
|
Network
|
Silicon Dual Port Copper Bypass | Silicon Quad Port Copper Bypass | Silicon Quad Port Copper Bypass | |||||||||
|
Disc
|
No RAID | RAID - 1 | RAID - 1 | |||||||||
| Max number of web site (unic IP & Port combo) | 20 | 60 | 60 | |||||||||
|
Troughput
|
50Mb/s (40% SSL) | 150Mb/s (40% SSL) | 200Mb/s (40% SSL) | |||||||||
| Deployment | In-line / Out-of-Line | In-line / Out-of-Line | In-line / Out-of-Line |
 |