ThreatSentry Win Web server Host Intrusion Prevention software defends IIS against new and progressive attack techniques, protects network weak points, overcomes lapses in patch management, and reinforces regulatory compliance. An ISAPI filter hosted in MMC, ThreatSentry compares server requests to a knowledgebase and an evolving system baseline to detect untrusted activity and prevent attacks on Microsoft IIS. Supports Win 2000/2003, IIS 5/6.
ThreatSentry 2.0 review
ThreatSentry Windows Web server Host Intrusion Prevention software defends IIS against new and progressive attack techniques, protects network weak points, overcomes lapses in patch management, and reinforces regulatory compliance. An ISAPI filter hosted in MMC, ThreatSentry compares server requests to a knowledgebase and an evolving system baseline to detect untrusted activity and prevent attacks on Microsoft IIS. Supports Win 2000/2003, IIS 5/6.
Unsurpassed Protection from Known/New, Internal/External Threats -
Advanced system/behavior profiling and comparative analysis engine enables ThreatSentry to extend the intrusion detection and prevention capabilities of conventional pattern matching, rules, and policy-based systems. ThreatSentry is invaluable in protecting IIS servers from an array of vulnerabilities including Directory Traversal, Parameter Manipulation, Buffer Overflow, Parser Evasion, High-bit Shellcode, Printer Protocol, Remote Data Services, and others. Alerts, IP blocking and other preventative mechanisms can be activated on demand or pre-configured based on corporate security policies.
Unparalleled Affordability and Ease-of-Use - ThreatSentry is an IIS ISAPI filter and Snaps-in to the Microsoft Management Console (MMC). It is exceptionally easy to use and affordably priced for enterprises of any size.
Logging, Reporting and Audit Features -
Review, sort, manage or export Security Alerts and Training Events. Track and audit reclassified events. Investigate Security event details via ThreatSentry Event details, WHOIS lookup, logs and reports.
Fully integrated Firewall blocks all network ports for IPs listed in the Blocked List.