Microsoft Web Server Security System Unveiled By eEye Digital

Enterprise Web Protection (EWP) combines SecureIIS, which provides application-level intrusion-prevention, with REM, which acts as a central console for management of security events and policies on the Web servers.

"SecureIIS becomes an agent on the server, and the core enterprise offering is the console," said Firas Raouf, COO of eEye Digital Security, based here.

EWP addresses the needs of distributed enterprises with multiple IIS servers, he said, adding, "This continues to be an area that our clients are very concerned about--how to be protected before a patch is installed and before a vulnerability is discovered."

SecureIIS inspects incoming and outgoing Web server traffic, looking for "attack-like" patterns rather than relying on signatures to identify attacks, Raouf said.

With the REM console, administrators can apply security policies for all IIS servers or on an individual basis. REM also collects attack data from the servers and puts them into a central database, and can generate overall Web server security reports.

"If you have more than five IIS servers in different locations and need to consolidate the events and reporting information to a centralized console, this is your solution," said Thomas Brennan, president and CEO of Federal Systems Group, a solution provider in Whippany, N.J., of the integrated EWP solution.

The centralized reporting abilities of EWP, which starts at $20,000 for a five-server deployment, will help Federal Systems' federal and state clients strengthen their critical infrastructures and provide ongoing systems vulnerability management, he said.