I did a quick review of SecureIIS (http://www.eeye.com/html/products/secureiis/), and it looks like it might do most of what I'm after. I'm assuming you've used this? Or is this a case of you only being aware of the tool ? Either way is good, but if you've used it, I'd be interested to hear your opinion regarding effectiveness and performance. Also, are there any tricks to installation? Does it need to be installed before the application server? Can it be easily installed afterwards? Do you have a ballpark figure on the cost for this? (I'll contact a sales rep after I have a little more data from the field... <grins>)
I'm wondering about the performance because the IIS, Cold Fusion Application Server, and MSSQL server are all on the same box (for now). If I add in SecureIIS, how badly will performance be affected? The data sheet (http://www.eeye.com/~data/publish/collateral/secureiis/secureiisDS.FILE.pdf) says performance is a non-issue because they implement it as an ISAPI filter, but I try not to take claims like this seriously until either I've proven the case, or someone reputable has... I'll consider you reputable on this <grins>) . As load/performance issues increase on the server, we'll move the database server to it's own box, but for now with only approx 40 users it isn't under a heavy load (well, it could use more memory, but it's only JUST tapping into swap space if we leave it running for more than a month between reboots). And of course, when we go 'live' with Internet access to this server, it'll be properly located in a DMZ to minimize any potential impact/hacks on the internal network. Thanks for any insight Cade (or anyone else that may have experience with SecureIIS). Shawn On Wednesday 16 February 2005 10:14, Cade Cairns wrote: > Wouldn't a product like SecureIIS be a better solution? How do you > intend to scan for known attacks? What about unknown ones? _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
