Home >
With minimal effort and undetected by network security solutions, a successful hacker can manipulate a web application to steal the sensitive information behind it. Efforts to reduce these attacks—such as secure coding, vulnerability scanning, and penetration testing—are necessary, but have significant limitations. They are costly and only capture a single point in time. The ModSecurity Pro M1100 web application firewall resolves these issues by providing web applications with continuous, real-time, and essential security against targeted attacks.
Based on the world’s most deployed web application firewall with over 10,000 users, the M1100 offers essential web application security at an affordable price. The M1100 includes the mature, proven ModSecurity web application firewall on a hardened, Linux-based security appliance. The M1100 not only defeats a wide range of application-layer attacks, but also helps ensure compliance with government and industry standards and regulations, and provides real-time event analysis.
The M1100 can be deployed as a transparent or reverse proxy in front of multiple web servers to insulate web applications from the vulnerabilities inherent in web server technologies. In this deployment mode, the M1100 monitors application traffic, performs a wide set of checks for web application attacks, and reacts in real time.
The ModSecurity Pro M1100’s pre-packaged rule sets prevent information leakage and help organizations with their compliance efforts1. These easy-to-apply rule sets save time and provide immediate protection for production applications against targeted attacks. Individual rule sets can be applied on a per-web application basis for more customized protection. Included rule sets address:
The web-based ModSecurity management interface provides easy-to-use, anytime, and anywhere access to alerting, event analysis, and reporting capabilities. The ModSecurity management interface offers administrators a complete picture of their web applications’ operations and security by giving them in-depth event analysis. Detailed and summary reports for security, compliance, and audit requirements are available.
1 Some rule sets may be offered at an additional cost.
Organizations with multiple ModSecurity open-source and ModSecurity Pro™ M1100 commercial deployments invest a significant amount of IT resources to secure and monitor their web applications. Often, each sensor must be individually monitored to determine if an attack has occurred. As a result, vital IT resources are consumed and application vulnerabilities still may not be identified in a timely manner, potentially leaving the organization and its sensitive data exposed.
The ModSecurity Management Appliance addresses the ModSecurity community’s needs by allowing its members to remotely manage events from their distributed sensor deployments. Used in conjunction with ModSecurity and M1100 deployments, the appliance collects, aggregates, and displays alert information from up to 50 open-source and commercial sensors to provide real-time, detailed visibility into each web application.
The ModSecurity Management Appliance supports multiple remote sensors. The appliance is built upon a reliable, high-performance framework that can securely collect log and alert data for events from up to 50 open-source and commercial sensors in real time. This support provides administrators with a single source for web application security information so they can remediate issues immediately.
On-screen, detailed event views allow organizations to identify specific application vulnerabilities. The ModSecurity Management Appliance categorizes each alert based on type, provides insight into the sensor receiving it, identifies the source address trigger, and displays the type of attack. Administrators can re-categorize events into custom categories to help document and report on the organization’s compliance with government and industry standards and regulations.
The ModSecurity Management Appliance’s reporting capabilities help organizations meet their security, compliance, and audit requirements. Included reports detail events by type, date and time, or per sensor. All reports are formatted and available as PDF files. Reports can be scheduled, produced on-demand, and/or distributed via email to ensure that information is available when and where it is needed.
ModSecurity is the most widely deployed Web application firewall in the world with over 10,000 deployments. For more information, visit www.modsecurity.org.