AppDefend Overview
AppDefend is an intrusion prevention system and web application firewall specifically written for the Oracle E-Business Suite Release R12. The purpose of AppDefend is to block most types of web attacks against Oracle E-Business Suite before they reach the application. AppDefend is a new concept in intrusion prevention - direct application protection. By directly protecting the application, AppDefend protection is more effective than generic web application firewalls. Utilizing Integrigy's proprietary Deep Request Inspection™ technology, every request and every parameter is analyzed for common web attacks, such as SQL injection and cross-site scripting (XSS).
AppDefend is designed specifically for the application it is protecting. Thus, when implementing for the Oracle E-Business Suite, there is no analysis or other configuration required to provide maximum protection for the application. Integrigy has already performed all this work for you -- all modules, all versions. AppDefend is highly configurable, but is delivered with a pre-defined configuration that should require little modification for most organizations. This allows for a highly effective web application firewall to be installed rapidly and avoid the lengthy tuning process associated with deploying a generic web application firewall for a complex application like the Oracle E-Business Suite.
AppDefend Features
Prevents Web Attacks
Detects and reacts to SQL Injection, XSS, and known Oracle EBS vulnerabilities
Virtual Patching
Blocks known Oracle EBS web security vulnerabilities
Limits EBS Modules
More flexibility and capabilities than URL firewall to identify EBS modules
Application Logging
Enhanced application logging for compliance requirements like PCI-DSS 10.2
Protects Web Services
Detects and reacts to attacks against native Oracle EBS web services (SOA, SOAP, REST)
User/Location Security
Limit application access based on users, responsibilities, and location
Unique Application Protection
Beyond a web application firewall, AppDefend is able to provide unique protection and security for the application. As an example, AppDefend is able to block access to thousands of unused web pages and servlets when deploying the Oracle E-Business Suite externally in a DMZ. When deploying a module like iSupplier, AppDefend will ensure only the required iSupplier web pages are externally accessible — thus dramatically reducing the surface area of the application from over 250 modules down to one.
AppDefend is implemented as a standard Java Servlet Filter and is executing within the Oracle E-Business Suite OC4J containers. By embedding within the OC4J containers, AppDefend is able to hook into the Oracle E-Business Suite request stream to detect security anomalies unlike any other web application firewall. AppDefend examines the incoming request and outgoing response, but also can inspect the internal application context to see application information such as application user names, responsibilities, functions, and internal errors. Using this information, AppDefend can block, alert, log, or sanitize incoming requests or outgoing responses based on over 30 different detection points.
AppDefend Specifications
Supported Applications
- Oracle E-Business Suite 12.0
- Oracle E-Business Suite 12.1
- Oracle E-Business Suite 12.2
Supported Operating Systems
- Linux (all supported distributions)
- Oracle Solaris
- HP HP/UX
- IBM AIX
- Microsoft Windows Server
Supported Integrations
- Syslog
- Splunk
- Restful Services