Armorlogic
Encyclopedia
Armorlogic is a security software company founded in 2004 by a group of leading Internet security specialists from some of the world's largest Internet security consulting companies. The Company's product range includes a web application firewall and content load balancer. Armorlogic's flagship product is the standalone, network-based Profense Web Application Firewall recognized in the IT security industry for its ease of use, performance and support .
Armorlogic is headquartered in Victoria, BC with its main development office located in Copenhagen, Denmark.
and a web load balancer. The Profense Web Application Firewall is a software appliance
capable of operating on most x86 based hardware and in virtualized environments like VMWare
. Profense is designed to protect web applications, web sites and networks from hackers and vulnerabilities including the OWASP
Top Ten risks . The software aims to stop new threats and attacks before signature updates have been installed on the web server.
The web application firewall software includes:
On February 21, 2011 Profense version 3.0 was released . This release supports Armorlogic's goal of providing a feature full enterprise class product at affordable prices.
The Profense Load Balancer distributes traffic between web servers and assists compression and acceleration.
, Profense can be installed on most physical servers or as a VMware
appliance. Profense is based on a hardened OpenBSD
platform, regarded by many as the most secure operating system . Profense operates as a reverse proxy and has integrated load balancing and acceleration. Profense also utilizes Nginx
known for its consistent high performance and ability to handle extremely high numbers of concurrent requests. Profense 3.0 is now a 64bit operating system making it more appealing to medium and enterprise level companies who have migrated to 64bit server hardware.
Profense can protect Web applications and websites written in any language, including double byte languages such as Japanese, Korean, and Chinese.
section 6.6 requirements particularly v.1.2 which made it clear that installation of a Web Application Firewall meeting the requirements will satisfy that section. Profense is fully PCI DSS section 6.6 v. 1.1 and 1.2 compliant and offers protection against all the OWASP Top Ten vulnerabilities. Data privacy and integrity regulations and required security audits mandated by governmental and professional authorities, along with infections and damage caused by hackers, have also prompted increasing use of such security software .
Armorlogic is headquartered in Victoria, BC with its main development office located in Copenhagen, Denmark.
Products
Armorlogic makes the Profense products - a web application firewall softwareApplication layer firewall
An application firewall is a form of firewall which controls input, output, and/or access from, to, or by an application or service. It operates by monitoring and potentially blocking the input, output, or system service calls which do not meet the configured policy of the firewall...
and a web load balancer. The Profense Web Application Firewall is a software appliance
Software appliance
A software appliance is a software application that might be combined with just enough operating system for it to run optimally on industry standard hardware or in a virtual machine....
capable of operating on most x86 based hardware and in virtualized environments like VMWare
VMware
VMware, Inc. is a company providing virtualization software founded in 1998 and based in Palo Alto, California, USA. The company was acquired by EMC Corporation in 2004, and operates as a separate software subsidiary ....
. Profense is designed to protect web applications, web sites and networks from hackers and vulnerabilities including the OWASP
OWASP
The Open Web Application Security Project is an open-source application security project. The OWASP community includes corporations, educational organizations, and individuals from around the world. This community works to create freely-available articles, methodologies, documentation, tools, and...
Top Ten risks . The software aims to stop new threats and attacks before signature updates have been installed on the web server.
The web application firewall software includes:
- Session validation and CSRF protection
- Positive and negative filtering
- Data leak prevention and log data masking
- Automated policy building
- XML servicesWeb serviceA Web service is a method of communication between two electronic devices over the web.The W3C defines a "Web service" as "a software system designed to support interoperable machine-to-machine interaction over a network". It has an interface described in a machine-processable format...
, JSON and SOAP support - DoSDenial-of-service attackA denial-of-service attack or distributed denial-of-service attack is an attempt to make a computer resource unavailable to its intended users...
and DDoS mitigation - Load balancing, session persistence and compressionData compressionIn computer science and information theory, data compression, source coding or bit-rate reduction is the process of encoding information using fewer bits than the original representation would use....
- SSL client authentication
On February 21, 2011 Profense version 3.0 was released . This release supports Armorlogic's goal of providing a feature full enterprise class product at affordable prices.
The Profense Load Balancer distributes traffic between web servers and assists compression and acceleration.
Technology
Available as a software applianceSoftware appliance
A software appliance is a software application that might be combined with just enough operating system for it to run optimally on industry standard hardware or in a virtual machine....
, Profense can be installed on most physical servers or as a VMware
VMware
VMware, Inc. is a company providing virtualization software founded in 1998 and based in Palo Alto, California, USA. The company was acquired by EMC Corporation in 2004, and operates as a separate software subsidiary ....
appliance. Profense is based on a hardened OpenBSD
OpenBSD
OpenBSD is a Unix-like computer operating system descended from Berkeley Software Distribution , a Unix derivative developed at the University of California, Berkeley. It was forked from NetBSD by project leader Theo de Raadt in late 1995...
platform, regarded by many as the most secure operating system . Profense operates as a reverse proxy and has integrated load balancing and acceleration. Profense also utilizes Nginx
Nginx
nginx is a Web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage. It is licensed under a BSD-like license and it runs on Unix, Linux, BSD variants, Mac OS X, Solaris, and Microsoft Windows.- Overview...
known for its consistent high performance and ability to handle extremely high numbers of concurrent requests. Profense 3.0 is now a 64bit operating system making it more appealing to medium and enterprise level companies who have migrated to 64bit server hardware.
Profense can protect Web applications and websites written in any language, including double byte languages such as Japanese, Korean, and Chinese.
Security standards compliance
Demand for Profense and web application firewalls generally has increased with the introduction of the PCI DSSPCI DSS
The Payment Card Industry Data Security Standard is an information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards....
section 6.6 requirements particularly v.1.2 which made it clear that installation of a Web Application Firewall meeting the requirements will satisfy that section. Profense is fully PCI DSS section 6.6 v. 1.1 and 1.2 compliant and offers protection against all the OWASP Top Ten vulnerabilities. Data privacy and integrity regulations and required security audits mandated by governmental and professional authorities, along with infections and damage caused by hackers, have also prompted increasing use of such security software .
External links
- Armorlogic corporate website
- OWASP - web application firewall list
- Application Firewalls and Proxies - Introduction and Concept of Operations
- VMware - Virtual Appliances - Armorlogic
- ZION security - Cloud based Profense web application firewall
- SANS Blocking Attacks: Network-Based
- Southern Utah University chooses Armorlogic's web application firewall (Profense) to protect university data
- Profense web application firewall - product review