Profense™ Base - the free automated web application firewall

Profense™ Base web application firewall is available for free, also for commercial use. No time limits or limitations on feature functionality.

Positive filtering web application firewall Automated application profiling (learning) HTTP & HTTPS Load balancer with session persistence Compression and caching Active/passive with manual synchronization Support options available are the Limited and Basic packages. Get free Profense Base license key

See the feature matrix to compare features.

Support is upgradeable

With the free application layer firewall is included the Limited support package which does not include automated download and installation of updates. Customers running Profense™ Base with limited support therefore have to download and re-install Profense™ when an updated version is available. This does not involve loss of system and proxy configuration as backup features allow for full backup and restore but it does involve a certain level of inconvenience and the system have to be offline for a short period. Also the Limited support package does not include incident response targets which means that support incidents are not prioritized. This is perfectly OK for some but not acceptable for others.

Customers wanting the reasurrrance of prioritized incident response and the convenience of not having to re-install when updates are available can upgrade their support package to get prioritized support and automated inline updates.

Upgrading support is easy. In the Armorlogic Store upgrade options for specific product serial numbers are available. When purchasing an upgrade automated updates are available instantly for the product serial number chosen.

Profense™ Base is upgradeable

Customers looking for features like adaptive learning, combined positive/negative filtering, active/active clustering ("self load balancing"), automated cluster synchronization and automated push backup may consider upgrading to Profense™ Professional.

Upgrading is easy. By entering a Profense™ Professional license key in a running Base version the Pro features are instantly enabled.

Filtering

Positive URL filtering

Profense™ validates all parts of an HTTP request (including the path, query and segment) according to the defined access policy.

Positive query filtering

Profense™ validates all parts of a query in a URL request according the defined white-list access policy.

HTTP headers compliance checking

Profense™ can enforce pragmatic and strict standard HTTP headers compliance (RFC2068/RFC2616).

Web server cloaking and isolation

Profense™ completely isolates the web server from direct Internet requests and information and web system technology information is removed from web server responses.

Policy management

Automated Policy Generation

Profense™ automatically generates access policies for even complex web applications and web systems.

Regular expressions support

Profense™ has full support for standard PCRE (Perl Compatible Regular Expressions).

Global URL wild-cards

In order to simplify the ACL Profense™ supports the definition of URL wild cards based on regular expressions which matches URLs without parameters on a proxy global basis.
URL wild-cards are built automatically by the web site analyzer engine.

Global parameter wild-cards

Rules which match parameters on a global basis can be specified using regular expressions.
Parameter wild cards are built automatically by the web site analyzer engine.

Class based input validation

Filtering rules can be specified using classes for easy administration. Classes are defined globally and can be applied both when manually editing the access policy, when the access policy is built automatically and when rules are added or modified from log.

Load balancing

HTTP and HTTPS request switching

Load balancing is performed on layer 7 based on the http request.

Round robin load balancing

Requests are distributed equally in a round robin fashion to all active servers.

Session persistence

When a server is selected according to the methods above all subsequent requests for the same client can be sent to the same physical server in order keep state information for that client on that server. This method is also referred to as client stickyness.

Web acceleration

HTTP Compression

Dynamic compression of transmission data reduces bandwidth consumption by 30 to 60% and increases transfer rate by 50 – 100%.

Caching of static content

Caching of static documents off-loads web servers and improve the ability to handle peak situations.

SSL termination

SSL termination off-loads web servers from the burden of encrypting and decrypting. Re-encryption is optional.

TCP connection off-loading

When forwarding legitimate requests from clients to back-end web servers, Profense will reuse socket connections already established with the back-end web server.

Log functions

Attack classification

All rejected requests are classified in major attack groups (i.e. SQL-injection, buffer overflow, etc.) using a combination of cross validation, heuristic patterns and statistics.

External notification

Alerts can be sent to external syslog server or email. Alert levels are completely configurable and are mapped to standard syslog priorities (information levels).

Deny log

The management interface includes a comprehensive security log displaying all the necessary details about blocked requests, including the time stamp, IP address, HTTP methods, path and query segments, HTTP headers violations, attack classification and raw request data.

Traffic statistics

Traffic statistics are generated for 8 hour, 24 hour, week and month intervals. Data are displayed graphically and includes served requests, caching and compression ratio and web server response code ratio.

Customizable search criteria

Multiple search criteria can be specified using wildcards allowing for detailed drill down searches.

Customizable reporting

All log views (search filter sets) can be exported to printable reports or XML

Operation

Manual full and partial backup

A complete Profense™ installation or the entire configuration of a single proxy can be backed up manually with a few clicks in the management interface.

Easy restore

A complete Profense™ configuration including access policy for all defined proxies can be restored from an FTP-server or the file system with a few clicks in the management interface.

Scalability and availability

High availability

Profense™ can be run in active/passive configurations where two or more physical Profense™ nodes together comprise a logical Profense™ unit with automatic fail-over.