AppDefend Overview

AppDefend is an intrusion prevention system and web application firewall specifically written for the Oracle E-Business Suite Release R12.  The purpose of AppDefend is to block most types of web attacks against Oracle E-Business Suite before they reach the application.  AppDefend is a new concept in intrusion prevention - direct application protection.  By directly protecting the application, AppDefend protection is more effective than generic web application firewalls. Utilizing Integrigy's proprietary Deep Request Inspection™ technology, every request and every parameter is analyzed for common web attacks, such as SQL injection and cross-site scripting (XSS).

AppDefend is designed specifically for the application it is protecting. Thus, when implementing for the Oracle E-Business Suite, there is no analysis or other configuration required to provide maximum protection for the application. Integrigy has already performed all this work for you -- all modules, all versions.  AppDefend is highly configurable, but is delivered with a pre-defined configuration that should require little modification for most organizations.  This allows for a highly effective web application firewall to be installed rapidly and avoid the lengthy tuning process associated with deploying a generic web application firewall for a complex application like the Oracle E-Business Suite.

AppDefend Features

Prevents Web Attacks

Detects and reacts to SQL Injection, XSS, and known Oracle EBS vulnerabilities

Virtual Patching

Blocks known Oracle EBS web security vulnerabilities

Limits EBS Modules

More flexibility and capabilities than URL firewall to identify EBS modules

Application Logging

Enhanced application logging for compliance requirements like PCI-DSS 10.2

Protects Web Services

Detects and reacts to attacks against native Oracle EBS web services (SOA, SOAP, REST)

User/Location Security

Limit application access based on users, responsibilities, and location

Unique Application Protection

Beyond a web application firewall, AppDefend is able to provide unique protection and security for the application.  As an example, AppDefend is able to block access to thousands of unused web pages and servlets when deploying the Oracle E-Business Suite externally in a DMZ.  When deploying a module like iSupplier, AppDefend will ensure only the required iSupplier web pages are externally accessible — thus dramatically reducing the surface area of the application from over 250 modules down to one.

AppDefend is implemented as a standard Java Servlet Filter and is executing within the Oracle E-Business Suite OC4J containers.  By embedding within the OC4J containers, AppDefend is able to hook into the Oracle E-Business Suite request stream to detect security anomalies unlike any other web application firewall.  AppDefend examines the incoming request and outgoing response, but also can inspect the internal application context to see application information such as application user names, responsibilities, functions, and internal errors.  Using this information, AppDefend can block, alert, log, or sanitize incoming requests or outgoing responses based on over 30 different detection points.

AppDefend Specifications

Supported Applications

  • Oracle E-Business Suite 12.0
  • Oracle E-Business Suite 12.1
  • Oracle E-Business Suite 12.2
     

Supported Operating Systems

  • Linux (all supported distributions)
  • Oracle Solaris
  • HP HP/UX
  • IBM AIX
  • Microsoft Windows Server

Supported Integrations

  • Syslog
  • Splunk
  • Restful Services

AppDefend Information