SecureIIS Web Server Protection Guarding Microsoft Web Servers

Similar documents
Avoiding the Top 5 Vulnerability Management Mistakes

WHITE PAPER. Attaining HIPAA Compliance with Retina Vulnerability Assessment Technology

WHITE PAPER. Take Back Control of Your Active Directory Auditing

Intrusive vs. Non-Intrusive Vulnerability Scanning Technology

Three Ways to Secure Virtual Applications

Understanding BeyondTrust Patch Management

WHITE PAPER. Best Practices for Securing Remote and Mobile Devices

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

Cisco Security Optimization Service

Symantec Protection Suite Enterprise Edition for Servers Complete and high performance protection where you need it

Simplifying the Challenges of Mobile Device Security

PCI Data Security Standards (DSS)

Building A Secure Microsoft Exchange Continuity Appliance

Virtual Patching: a Proven Cost Savings Strategy

Proven LANDesk Solutions

Barracuda Web Site Firewall Ensures PCI DSS Compliance

WHITE PAPER. Improving Efficiency in IT Administration via Automated Policy Workflows in UNIX/Linux

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

The New PCI Requirement: Application Firewall vs. Code Review

Retina CS: Using Strong Certificates

THE ROLE OF IDS & ADS IN NETWORK SECURITY

SYMANTEC MANAGED SECURITY SERVICES. Superior information security delivered with exceptional value.

Finally: Achieve True Principle of Least Privilege for Server Administration in Microsoft Environments

Architecture Overview

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

WHITE PAPER. BeyondTrust PowerBroker : Root Access Risk Control for the Enterprise

eguide: Designing a Continuous Response Architecture Executive s Guide to Windows Server 2003 End of Life

SAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts

Integrated Threat & Security Management.

Legacy Applications and Least Privilege Access Management

Application Security in the Software Development Lifecycle

Department of Education. Network Security Controls. Information Technology Audit

ISS X-Force. IBM Global Services. Angel NIKOLOV Country Manager BG, CZ, HU, RO and SK IBM Internet Security Systems

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

INTRUSION DETECTION SYSTEM (IDS) D souza Adam Jerry Joseph I MCA

SELECTING THE RIGHT HOST INTRUSION PREVENTION SYSTEM:

The Need for Real-Time Database Monitoring, Auditing and Intrusion Prevention

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

Did you know your security solution can help with PCI compliance too?

What Do You Mean My Cloud Data Isn t Secure?

How To Secure Your System From Cyber Attacks

Passing PCI Compliance How to Address the Application Security Mandates

Protecting Your Organisation from Targeted Cyber Intrusion

Managing Vulnerabilities for PCI Compliance White Paper. Christopher S. Harper Managing Director, Agio Security Services

Attaining HIPAA Compliance with Retina Vulnerability Assessment Technology

A Database Security Management White Paper: Securing the Information Business Relies On. November 2004

How To Protect Your Network From Intrusions From A Malicious Computer (Malware) With A Microsoft Network Security Platform)

IBM Internet Security Systems

Virtual Patching: a Compelling Cost Savings Strategy

Lifecycle Solutions & Services. Managed Industrial Cyber Security Services

Introducing IBM s Advanced Threat Protection Platform

Top five strategies for combating modern threats Is anti-virus dead?

Lumension Guide to Patch Management Best Practices

Zero-Day and Less-Than-Zero-Day Vulnerabilities and Exploits in Networked Infrastructures 1

Approved 12/14/11. FIREWALL POLICY INTERNAL USE ONLY Page 2

Network Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting

Table of Contents. Application Vulnerability Trends Report Introduction. 99% of Tested Applications Have Vulnerabilities

Managed Security Services for Data

Best Practices in ICS Security for Device Manufacturers. A Wurldtech White Paper

GFI White Paper PCI-DSS compliance and GFI Software products

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions

Putting Web Threat Protection and Content Filtering in the Cloud

Extreme Networks Security Analytics G2 Vulnerability Manager

Application Firewall Overview. Published: February 2007 For the latest information, please see

Best Practices in ICS Security for System Operators. A Wurldtech White Paper

Anti-exploit tools: The next wave of enterprise security

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

McAfee Server Security

How To Achieve Pca Compliance With Redhat Enterprise Linux

Building a Business Case:

Security Patch Management

Discovering passwords in the memory

Five keys to a more secure data environment

INSIDE. Securing Network-Attached Storage Protecting NAS from viruses, intrusions, and blended threats

Need to be PCI DSS compliant and reduce the risk of fraud?

TOP 10 WAYS TO ADDRESS PCI DSS COMPLIANCE. ebook Series

PENETRATION TESTING GUIDE. 1

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be!

Remote Services. Managing Open Systems with Remote Services

Cisco IPS Tuning Overview

ADVANCED THREATS IN THE ENTERPRISE. Finding an Evil in the Haystack with RSA ECAT. White Paper

How To Protect Your Network From Attack From A Network Security Threat

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

Transcription:

WHITE PAPER SecureIIS Web Server Protection Guarding Microsoft Web Servers When Bad Things Happen to Good Web Servers

Table of Contents Overview 3 SecureIIS Summary 3 The SecureIIS Difference 4 Installation and Configuration 4 Centralized Administration and Policy Creation 4 Centralized Events Management & Reporting 4 Technical Expertise in Protecting Microsoft IIS Web Servers 4 Other Technical Features: 5 Proven Results 5 Thomas and Betts 5 Suncor Energy 5 BRTRC 6 US Central Credit Union 6 About BeyondTrust 7 2 2013. BeyondTrust Software, Inc.

The value inferred from the minimal cost of SecureIIS...provides an inductive businessdriven justification for its purchase. - Arian Evans Overview Today s businesses require an added layer of protection to ensure that their Microsoft Internet Information Services (IIS) Web Server farms remain running without interruption even if a hacker mounts an attack, or the IIS Server is hit with an indiscriminate worm like CodeRed or Nimda. Further, this solution must be capable of protecting from newly launched attacks, such as the WebDAV buffer overflow vulnerability, should an attacker attempt to utilize an unknown zero-day exploit to compromise an IIS server. Security administrators should consider deploying BeyondTrust s Enterprise Web Server Protection solution, SecureIIS. In conjunction with BeyondTrust s Remote Enterprise Management (REM) Console, SecureIIS allows organizations the centralized data collection and reporting functionality required to keep up with the high speed of today s sophisticated attackers. Typical Web Server Protection Requirements: Maximum security of critical IIS web servers and content Maximized server uptime; Minimized downtime Ease of enterprise-wide installation and configuration Trusted web server protection without disabling IIS functionality Ability to employ a measured response to new security patches from Microsoft vs. reacting immediately to Microsoft advisories Reduced web management overhead SecureIIS Summary Developed by BeyondTrust as the first-ever Microsoft Internet Information Services (IIS) specific application firewall, SecureIIS operates within Microsoft IIS to actively inspect all incoming requests at each stage of data processing and prevent potentially damaging network traffic whether encrypted or unencrypted from penetrating Microsoft web servers. SecureIIS is a fully supported enterprise-level solution that is proven to save time and money while providing complete intrusion prevention security for Microsoft IIS web servers. SecureIIS is instantly deployable and provides enterprisewide assurance against known and unknown web server attacks, without disabling the functionality of IIS web servers or relying on a signature database of attacks. 3 2013. BeyondTrust Software, Inc.

The SecureIIS Difference This section highlights some of the key advantages of SecureIIS over the competition. While some solutions provide low-level protection against some types of attacks, only SecureIIS is able to reliably protect against known and unknown Microsoft IIS vulnerabilities. SecureIIS is the comprehensive layer of security Microsoft has been unable to provide in its web server offerings and aftermarket tools. Rather than shutting down valuable services to protect your IIS servers, SecureIIS provides a true ISAPI filter, scrutinizing every command that comes through your database. Installation and Configuration This section highlights some of the key advantages of SecureIIS over the competition. While some solutions provide low-level protection against some types of attacks, only SecureIIS is able to reliably protect against known and unknown Microsoft IIS vulnerabilities. SecureIIS is the comprehensive layer of security Microsoft has been unable to provide in its web server offerings and aftermarket tools. Rather than shutting down valuable services to protect your IIS servers, SecureIIS provides a true ISAPI filter, scrutinizing every command that comes through your database. Centralized Administration and Policy Creation A Central Policy created at HQ may maintain multiple SecureIIS installations. SecureIIS may be installed by a non-security focused administrator and utilize the central policy created by the security team insuring all web servers are equally protected across the enterprise and properly configured. In the case of free tools such as Microsoft URLScan/IIS Lockdown, advanced security personnel need to install and configure each instance of these tools via trial and error. If the IIS web servers are in different geographical location, advanced security expertise will be needed at that location to install Microsoft s tools. Security policy changes (whether minor and major) may be done on the fly with SecureIIS and implemented worldwide. Unlike URLScan/IIS Lockdown, when a change is made, SecureIIS does not have to be disarmed and the IIS Web Server does not have to be shutdown or re-started providing maximum uptime for customers and yielding substantial administrative cost savings. Centralized Events Management & Reporting Attacks are logged by SecureIIS and reported to a central, HQ-located database in which all logs from every IIS web server may be consolidated. Low end tools require all individual logs to be consolidated by hand via a database admin after they have been converted into a database readable format. This method requires the system administrator to collect all these logs from each individual machine for processing on a daily basis. In the case of SecureIIS, the event log data is automatically encrypted and relayed to the central database and all machines attack logs are consolidated in the REM reporting database for easy review and report generation. Technical Expertise in Protecting Microsoft IIS Web Servers BeyondTrust Researchers are the foremost authorities in Microsoft IIS web server security, having discovered 12 of the last 15 remotely exploitable high-risk vulnerabilities. BeyondTrust is recognized as the most trusted source in vulnerability research and proactive security solutions. 4 2013. BeyondTrust Software, Inc.

Other Technical Features: The following is a quick listing of other technical features provided by SecureIIS and not offered by Microsoft s add-on tools for IIS: Unknown vulnerabilities protection Central policy management Configuration modification without restarting IIS Different policy definition for each website of a physical server RFC compliancy verification Folder access validation File access monitor POST DATA protection Shellcode injection protection Real time statistics Built in Log viewer Log export Log centralization Multilanguage support Fully- supported by vendor and 100% enterprise-ready Proven Results The following represents a few recent deployments of SecureIIS and the customers impressions of BeyondTrust s web server protection solution: Thomas and Betts Thomas & Betts is the world s largest manufacturer of electrical wiring, cable wiring, heaters, power lines, and associated electronics. Thomas & Betts selected SecureIIS to protect its geographically dispersed Microsoft web servers and provide unequivocal web server protection for all its servers, even unpatched servers. SecureIIS was instantly deployed across the entire enterprise and saves the IT organization in excess of 2 months of patching, hotfix, and web support effort per year. Having SecureIIS gives our team time to properly test hotfixes and patches we are now proactive instead of reactive. I can roll the tested patches up into a comprehensive patch and install them properly without causing downtime that would hurt operations. Even if there is a patch that I don t know about, or a zero-day exploit, or something that a teenage hacker comes up with, I feel protected we re extremely pleased with the results - Jay W. Woody Suncor Energy Suncor Energy is a world leader in mining, extracting, and refining crude oil. Suncor Energy chose SecureIIS to protect its mission-critical web servers because it needed an enterprise-ready solution that could confidently safeguard its e-commerce, intranet, extranet, and corporate data assets. 5 2013. BeyondTrust Software, Inc.

BeyondTrust s SecureIIS provided Suncor with a proactive defense against known and unknown Microsoft IIS defects and vulnerabilities that were not addressed within Microsoft patches. The Suncor security team estimates that they have realized a 30% savings in working hours that used to be dedicated to web-server related meetings, discussions, patching, and testing. BeyondTrust has proven itself in the security community in terms of its ability to identify vulnerabilities, create innovative products and protect networks. It shows that BeyondTrust s main concern is helping the IT community protect their networks. These actions continually enhance our confidence in the products BeyondTrust creates. Even if we had just one server and only hosted 5 pages of information about our organization, we would still want SecureIIS on the network. Without SecureIIS, a Microsoft IIS web server is completely insecure. With SecureIIS, the front lines of our network are protected. - Michael Castro BRTRC BRTRC is leading government contractor that offers management and technical support services to a variety of federal agencies and select commercial clients. Founded in 1985, BRTRC currently hosts over 100 websites and provides endto-end web server programming for its demanding high-profile clientele. BRTRC and its customers rely on SecureIIS for complete web security. BRTRC (and all SecureIIS customers) were 100% protected against even the recent zero-day Web- DAV vulnerability impacting many government Microsoft IIS web servers. BRTRC estimates it has saved approximately $200,000 in administrative costs alone by using SecureIIS. The amount of time spent on patch management is equivalent to at least two man years. The amount of money we spent on SecureIIS is a fraction of what we would have invested in salaries just to keep up with patch management. I really like BeyondTrust s comprehensive approach to vulnerability management and the security process. BeyondTrust s solutions look at the network, the server, the individual products I feel confident in SecureIIS because BeyondTrust is so well versed across the board in understanding vulnerabilities from different perspectives and not just relying on vulnerability databases to protect customers from attack. - Rebecca Ryder, BRTRC US Central Credit Union The highly rated U.S. Central Credit Union is the nation s only wholesale corporate credit union. The credit union, working with its 32 member corporate credit unions, provides investment, liquidity, lending, payment and cash management services to more than 10,000 credit unions serving more than 80 million consumers. Not including development and testing, there are usually 15-20 Microsoft IIS web servers running in staging and production environments at any given time. All of these web servers are located in both public and private DMZ sectors of U.S. Central s network and protected by SecureIIS. In addition to blocking IIS attacks, SecureIIS has reduced overall staffing requirements at U.S. Central by limiting the need for accelerated regression testing and implementation of new configurations and patches on Microsoft IIS servers. Mature tool sets are still hard to find, and BeyondTrust has done an excellent job of providing mature tool sets that are consistent and congruent with U.S. Central Credit Union s security mission. The value inferred from contrasting the minimal cost of SecureIIS to the cost of a single, full-time employee to manually address all security-related Web server issues provides an inductive business-driven justification for its purchase. - Arian Evans 6 2013. BeyondTrust Software, Inc.

About BeyondTrust At BeyondTrust, we pledge to stay focused on providing the highest quality vulnerability management solutions available now and into the future. We regularly share our product roadmap with customers, as they wield the greatest influence on its course. And because we remain focused on vulnerability management, we are able to provide constant innovation and upgrades to keep our customers ahead of evolving threats. Customers are the common thread that drives everyone at BeyondTrust to build the best vulnerability management solutions on the market. From the first inquiry to our sales department, to interactions with our training and customer service staff, we are committed to providing dedicated, responsive and straightforward service to existing and prospective customers alike. With more than 25 years of global success, BeyondTrust is the pioneer of Privileged Identity Management (PIM) and vulnerability management solutions for dynamic IT environments. More than half of the companies listed on the Dow Jones Industrial Average rely on BeyondTrust to secure their enterprises. Customers include eight of the world s 10 largest banks, seven of the world s 10 largest aerospace and defense firms, and six of the 10 largest U.S. pharmaceutical companies, as well as renowned universities. The company is privately held, and headquartered in San Diego, California. For more information, visit beyondtrust.com. Contact Info North American Sales 1.800.234.9072 sales@beyondtrust.com EMEA Headquarters Tel: + 44 (0) 8704 586224 emeainfo@beyondtrust.com CONNECT WITH US Twitter: @beyondtrust Facebook.com/beyondtrust Linkedin.com/company/beyondtrust www.beyondtrust.com 7 2013. BeyondTrust Software, Inc.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information