ServerFiles.com is a server software & hardware directory for Network administrators & IT professionals, listing networking & server software for Windows 2003, Windows 2000, NT and Linux; and now also listing networking hardware solutions focused on server based computing.
ThreatSentry is a Host Intrusion Prevention software application (HIPS), designed to protect Windows Web servers running Microsoft Internet Information Services (IIS). ThreatSentry is comprised of two components. The first is an Application Firewall, pre-configured with a knowledgebase of known exploitive techniques and attack characteristics. Administrators can establish explicit guidelines for permissible and/or denied activity. The application firewall is coupled with a neural-based Behavioral Engine that organizes server requests into a multi-dimensional baseline of typical system activity. Each server connection is scrutinized by the rule-set configured in the application firewall and the behavioral baseline to identify and take action against any activity falling outside trusted parameters. ThreatSentry’s intrusion prevention capabilities progressively improve as the baseline evolves automatically or based on input from the system administrator.
"Very Good addition to your Security Arsenal" - NSH [June 12, 2007] Product Rating: 4/5
I am using the application for the past couple of months, The application is very good described in the previous posts, I have nothing to add as advantages, but i have somet thoughts about some cons,
The application once it is in Active/Monitoing mode it no longer shows requests in the events log, examining the events after the training is also essential as you can retrain the application.
"My favorite IIS product that offers a superb protection" - Scott C. [July 14, 2006] Product Rating: 5/5
Very pleased with the product. Offers a superb protection and very flexible in terms of configuration for power users. My favorite feature - is integrated support for MS Exchange server over web. Has capability to block events based on time pattern which can be very effective against denial of service (DOS) attacks. Very attractive price. Highly recommended.
"great product" - ASP.NET guy [February 21, 2006] Product Rating: 5/5
A super product from a great company. Outstanding customer service, they are available for any questions you might have. Product works great, as outlined in previous comments. Buy it, you will love it.
"ThreatSentry note" - Steve Westfield [August 5, 2004] Product Rating: 5/5
Extremely easy to configure and works as described. Once trained (took ~15 minutes), shifts to monitoring and blocks all sorts of recon scans from hackers looking for vulnerabilities and other bad requests. No stability or compatibility issues noted. Price is low.
"Great Performance for the Price, saves Admin resources..." - Will R. [September 11, 2003]
I am on a team of administrators who cover a 6-server network running IIS. Our company has tried several software solution configurations but could not find the right combination that would provide optimal security while minimizing administrator intervention. We have been running a rules based security solution, but our administrators still had to spend a great deal of time analyzing incoming data that could not be categorized by existing rules.
We tried ThreatSentry 1.0 and it has successfully assisted in evaluating and categorizing potentially harmful ‘unknown’ data by training itself based on our system network behavior (‘Training Period’) and then monitoring all incoming data and categorizing the data based on all previous system behavior (‘Monitoring Mode’). All incoming data is stored in the Alert Log and can be reviewed/analyzed when necessary, which hasn’t been that often as we have found ThreatSentry to behave very similarly to our administrators concerning suspicious activity.
ThreatSentry has significantly reduced the amount administrator resources needed for incoming data analysis and has bolstered overall system security. Based on its price ($6-800 based on seat quantities) and performance, I highly recommend this solution.
"great protection for IIS, VERY easy to use" - Sam S. [July 25, 2003]
New application which I installed a few weeks ago. Application trains rapidly -- on my system the process took 1.5 days, (not particularly active server). TS transitioned into "Monitor" mode and so far has blocked typical types of "attacks" and unauthorized access attempts. TS by default adds the untrusted IP address to a blocked list, so no more attempts can be made. I have not used the app long, but it very cool that this protection is delivered without signatures or cofiguration on my part, just the application's own determination of what is normal for my environment. Very low maintenance and so far, very effective protection for my network.
Showing comments 1-6 of 6
Post your own comments/reviews/experiences with ThreatSentry to this page:
Disclaimer: The views and opinions of visitors published on ServerFiles.com do not necessarily state or reflect the opinion of ServerFiles.com.
