The web-based ModSecurity management interface provides easy-to-use, anytime, and anywhere access to alerting, event analysis, and reporting capabilities. The ModSecurity management interface offers administrators a complete picture of their web applications’ operations and security by giving them in-depth event analysis. Detailed and summary reports for security, compliance, and audit requirements are available.

• Download the Datasheet

Key Features

Multiple Web Server Protection
The M1100 can be deployed as a transparent or reverse proxy in front of multiple web servers to insulate web applications from the vulnerabilities inherent in web server technologies. In this deployment mode, the M1100 monitors application traffic, performs a wide set of checks for web application attacks, and reacts in real time.

Out-of-the-Box Security
The ModSecurity Pro M1100's pre-packaged rule sets prevent information leakage and help organizations with their compliance efforts.¹ These easy-to-apply rule sets save time and provide immediate protection for production applications against targeted attacks. Individual rule sets can be applied on a per-web application basis for more customized protection. Included rule sets address:

• Information leakage protection;
• Automated detection of malicious activity;
• Payment Card Industry Data Security Standard (PCI DSS) compliance;
• Open Web Application Security Project (OWASP) Top 10 vulnerabilities;
• Microsoft Outlook Web Access protection;
• Platform-specific protection for Apache, IIS, PHP, ASP, ASP.NET, and others;
• Anti-virus protection for file uploads through integration with ClamAV.

Benefits

• Provides immediate protection for production applications against targeted attacks with plug-and-play installation.
• Prevents information leakage and helps with compliance efforts through pre-packaged rule sets for commercial application vulnerabilities and for PCI standards.
• Delivers alerting, event analysis, and reporting capabilities in an easy-to-use remote console for event viewing and sensor configuration capabilities.
• Does not require the network reconfiguration for deployment.
• Protects the flow of mission-critical web traffic in the event of a power or hardware failure with its embedded bypass card.