Content

Applicure dotDefender for IIS

This completely unique offering from Applicure protects IIS- or Apache-based web servers running on a Microsoft Windows machine. However, while dotDefender has unique characteristics, many other offerings provide similar protection, and much more. The tool does provide a valuable service, but it does not protect enough to offset the headaches of managing an additional piece of software.

dotDefender is a software-based web application firewall, which provides protection against attacks by using three types of filters: pattern recognition is an engine that automatically detects and blocks attempts to hack a website. The security engine includes SQL injection and cross-site scripting, the top two security vulnerabilities in the Open Web Application Security Project Top 10.

The second filter is session protection: The session protection security engine focuses on the user session level. It impersonates the sending of large volumes of automatic requests that could potentially crash a server.

The final filter is signature knowledge base. This engine uses signatures to detect requests from known malicious sources, such as hackers and spammers. It identifies bad user agents and prevents hacking tools from gathering information about vulnerabilities in an application.

dotDefender is feature rich and includes logging and alerting capabilities. But unlike some of the other application firewalls, dotDefender requires almost the entire configuration be done manually and changed each time the site is altered.

Documentation PDFs are well written and easy to understand. However, the website offers little to no help if users have an issue.

Standard support and maintenance includes telephone and email support, bug fixes, live updates and new releases. The first year of support is included in the price of a perpetual license. Beginning in year two, there is an annual fee of 18 percent of the list price. Maintenance and support are included in the price of an annual subscription. 24/7 support is available at 25 percent of list price, and includes telephone and email support, live updates, fixes and new releases.

dotDefender's MSRP is $3,995, which places it at the less expensive end of the medium price range.
Product title
Applicure dotDefender for IIS
Product info
Name: dotDefender Description: Price: $3,995 (perpetual); $1,800 (annual subscription)
Strength
dotDefender fills a need.
Weakness
Many products provide this service and more.
Verdict
A good idea, but poorly conceived. The product is short on features and is overpriced for the market.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds