Shawn, can you please keep us informed of your findings if you do go this route. I don't have any IIS servers, but I'm still curious to know how this works.
THanks Kev. On Thursday 17 February 2005 02:29, Shawn wrote: > I did a quick review of SecureIIS > (http://www.eeye.com/html/products/secureiis/), and it looks like it might > do most of what I'm after. I'm assuming you've used this? Or is this a > case of you only being aware of the tool ? Either way is good, but if > you've used it, I'd be interested to hear your opinion regarding > effectiveness and performance. Also, are there any tricks to installation? > Does it need to be installed before the application server? Can it be > easily installed afterwards? Do you have a ballpark figure on the cost for > this? (I'll contact a sales rep after I have a little more data from the > field... <grins>) > > I'm wondering about the performance because the IIS, Cold Fusion > Application Server, and MSSQL server are all on the same box (for now). If > I add in SecureIIS, how badly will performance be affected? The data sheet > (http://www.eeye.com/~data/publish/collateral/secureiis/secureiisDS.FILE.pd >f) says performance is a non-issue because they implement it as an ISAPI > filter, but I try not to take claims like this seriously until either I've > proven the case, or someone reputable has... I'll consider you reputable > on this <grins>) . > > As load/performance issues increase on the server, we'll move the database > server to it's own box, but for now with only approx 40 users it isn't > under a heavy load (well, it could use more memory, but it's only JUST > tapping into swap space if we leave it running for more than a month > between reboots). And of course, when we go 'live' with Internet access to > this server, it'll be properly located in a DMZ to minimize any potential > impact/hacks on the internal network. > > Thanks for any insight Cade (or anyone else that may have experience with > SecureIIS). > > Shawn > > On Wednesday 16 February 2005 10:14, Cade Cairns wrote: > > Wouldn't a product like SecureIIS be a better solution? How do you > > intend to scan for known attacks? What about unknown ones? > > _______________________________________________ > clug-talk mailing list > [email protected] > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > Mailing List Guidelines (http://clug.ca/ml_guidelines.php) > **Please remove these lines when replying _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
