Consulting Products Contact Us

FuseGuard 2.0 - Web Application Firewall for ColdFusion

The FuseGuard Web Application Firewall for ColdFusion is a high performance, customizable engine that blocks all sorts of attacks against your ColdFusion applications.

Application License $349 per ColdFusion application	Server License $999 per server	Support Services $599 per year Up to 4 hours

Why use a Web Application Firewall?

A recent study by security firm Veracode found that "58% of all applications submitted for verification did not achieve an acceptable security score... Internally Developed applications fared the poorest, with failure rates as high as 88%."

Even the best developers in the world are capable of writing code that is not secure. Security vulnerabilities, like bugs are often unintended oversights. Just as no developer writes 100% bug free software 100% of the time, no developer can write 100% secure code 100% of the time.

Blocks Many Types of Attacks

The firewall comes with over 15 filters to help protect against vulnerabilities such as:

• Malicious File Uploads
• Cross Site Scripting / XSS
• SQL Injection
• Session Hijacking
• Cross Site Request Forgery
• CRLF Injection
• Path Traversal Attacks
• Password Dictionary Attacks

Easy to Add to Existing Applications

Adding protection to your existing web applications is extremely easy to do, even for entry level programmers. Additionally we can help you install it.

1. Copy the Firewall Files on to your server
2. Edit the configuration file to determine which types of attacks you want to block or log.
3. Add a few lines of code we supply to your Application.cfm or Application.cfc file

Customizable & Configurable

Because the firewall is written in ColdFusion, you will find it very easy to extend, and configure. Other firewalls have domain specific languages you need to learn in order to configure them properly. You already use CFML why not use that to configure your WAF.

You can also write your own custom filter in CFML that runs inside the firewall.

Checkout the Documentation and CFC API Reference

Thoroughly Tested

We've worked hard to create a high quality product. We've written hundreds of unit tests, and have researched web application security extensively to create a first of its kind security product for ColdFusion.

Run's Where You Need It

We support the ColdFusion Web Application Firewall on:

• Adobe ColdFusion 7, 8, or 9
• Open Bluedragon 1.0 and up
• Railo 3 and up

Using a database for logging is not required (you can log to file or email), we currently support these database platforms:

• MySQL 4 or Greater
• Microsoft SQL Server 7 or Greater
• Apache Derby (Included in CF8 or Greater, script for creating DB and Datasource Included)

Works on most shared hosting environments.

Licensing

There are two standard licensing options, however if you have a licensing need that doesn't fit within our model we would be happy to work out a custom quote.

• Application License - This license allows you to use the firewall on one web application on one server. An Application is defined as a collection of CFML code which runs off of a single Application.cfc or Application.cfm file.
• Server License - Allows you to use the firewall on an unlimited number of Applications residing on ONE physical server. The physical server may contain multiple J2EE server instances, and multiple virtualized operating systems.
• Clustered License - For Applications that are clustered or behind a load balancer. Contact Us for details and pricing.
• Cloud License - For Applications that run on a number of servers that changes dynamically. Contact Us for details and pricing.

Other Security Products & Services

• CFML Security Checklist Included Free with Firewall Purchase
• ColdFusion Security Consulting
• HackMyCF - A FREE Service that checks your ColdFusion server for remote vulnerabilites

ColdFusion is a trademark of Adobe Systems Incorporated.

Copyright © 2006-2010 Foundeo Inc., All rights reserved. customer login   privacy policy