• View Communities
    • Citrix Developer Network
      The place for unfiltered straight talk on Citrix products. Blogs, code downloads, best practices, APIs, and more can all be found here.
    • Citrix Ready Community Verified
      Does it work with Citrix? Application compatibility questions are a thing of the past with the new Citrix Community Verified site.
    • Blogs
      Learn the latest from the Citrix employees who are building application delivery infrastructure technologies.
    • Blogosphere
      The Citrix Blogosphere is a window into the thousands of conversations taking place about Citrix and Application Delivery.
  •  Sign In
The Citrix Blog
Blogs for tag 'app firewall'

Permalink | Twitter Post to Twitter | Comments (1) | Views (8530) |

15 Aug 2008 12:27 PM EDT
High Performance Citrix meets Number 1 Web Filter
[ Tags:  antivirus ,   hybrid ,   iprism ,   stbernard ,   eprism ,   proxy ,   bridge ,   netscaler ,   appexpert ,   apptips ,   tips ,   appdos ,   appfw ,   rnat ,   ssl ,   rewrite ,   client-ip ,   x-forwarded-for ,   apache ,   iis ,   headers ,   netscaler ,   number 1 web filter ,   web filter ,   web filters ,   web filtering ,   url filtering ,   internet filter ,   website filter ,   content filter ,   content filtering ,   im filter ,   p2p filter ,   im filtering ,   p2p filtering ,   email filter ,   email filtering ,   transparent proxy ,   citrix ready ,   security switch ,   application firewall ,   app firewall ,   website firewall ,   spam firewall ,   ssl offload ,   ssl vpn ,   content rewrite ,   external url ,   internal url ,   home page redirect ,   apache rewrite ,   server obfuscation ,   application obfuscation ,   http header ,   citrix web filter ]
posted by Craig Ellrod

The #1 Web Filter by St.Bernard is now Citrix Ready. The Highest Performance Web Application Solution from Citrix Systems can now be deployed with the the #1 Web Filter by St. Berdard. IDC ranked them #1, SC Magazine gives them high ratings, and you will agree when you plug this thing in. The Citrix Web Application Firewall protects inbound traffic destined to Web and Application Servers without degrading throughput or response time. Now, with St.Bernard's iPrism h-Series high performance appliances, you can also do outbound Web filtering, IM/P2P filtering, and antivirus detection. The iPrism Web Filter is optimized for the datacenter infrastructure and sits behind the firewall while it monitors traffic. St. Bernard's platforms are hybrid so that Web filtering, antivirus and IM/P2P filtering are all contained within one box - unlike other point solutions.

St.Bernard's iPrism Web Filter is easy to use and easy to manage. If fact, it's so easy, we had the device up and running in Proxy mode and then in Bridge mode in a matter of seconds. The management software auto-discovers the box, so you don't have to plug in a console cable - very nice!

It is far better than a transparent proxy because St.Bernard has engineered their filtering technology at the kernel level, so their bridge mode really is a bridge between interfaces, and not just a transparent proxy like other solutions in the market.

We deployed the iPrism Web Filter behind our NetScaler, and had the NetScaler perform NAT (Reverse NAT) for outbound connections to the Internet. The iPrism Web Filter adds another level of security that IT organizations sometimes look for to complement their existing base of high-performance Citrix Gear.


Citrix & St.Bernard Deployment Guide!






You can try this product for free.


The product demo is awesome.


As a hybrid unit, this is a steal.












NetScaler Developer Network!

Expand Blog Post
Permalink | Twitter Post to Twitter | Comments (0) | Views (9472) |

29 May 2008 01:21 PM EDT
Citrix Web App Firewall Blocks the Nihaorr1 Script
[ Tags:  appexpert ,   apptips ,   citrix ,   firewall ,   injection ,   netscaler ,   nihaorr1 ,   sql ,   tips ,   waf ,   xss ,   js ,   wasc ,   wafec ,   owasp ,   haoliuliang ,   lb ,   llb ,   slb ,   clustering ,   app firewall ,   web firewall ,   sql injection ,   web security ,   web site firewall ,   website firewall ,   web filter ,   content filter ,   application blocking ,   citrix load balancer ,   citrix load balancing ,   link load balancer ,   link load balancing ,   load balancer ,   load balancing ,   server load balancer ,   server load balancing ,   security load balancer ,   security load balancing ,   hardware load balancer ,   hardware load balancing ,   next gen load balancing ,   website load balancer ,   website load balancing ,   application load balancer ,   application load balancing ,   application switch ,   web application controller ,   application controller ,   application delivery ]
posted by Craig Ellrod

Hundreds of Thousands of Web Servers have been getting hacked, including several at the United Nations. The appearance is that the hack exploits a vulnerability in Microsoft IIS because of a Microsoft SQL Specific injection payload, however the attack is capable of infecting any type of web server open to SQL Injection and Cross Site Scriting (XSS) attacks.

Microsoft released some security bulletins (951306, MS08-006) stating vulnerabilities in their IIS web server,  alluding to the vulnerabilities recently brought to light. A script homed at nihaorr1.com based in China was found to be infecting many servers, and spreading quickly. Further research into the problem indicates that non-Microsoft types of servers may also be affected by the attack.

As of May 12, 2008, Google's Index had 1,700,000 infected pages.  The domains currently being injected that contain the malicious Javascript are:

  • nihaorr1.com
  • 2117966.net
  • aspder.com
  • haoliuliang.net
  • nmidahena.com
  • free.hostpinoy.info
  • xprmn4u.info
  • winzipices.cn
  • wowgm1.cn
  • killwow1.cn
  • wowyeye.cn
  • wowgm1.cn
  • winzipices.cn

This vulnerability and others like it can easily be stopped with a Citrix Web Application Firewall using default policies to block SQL injection and Cross Site Scripting. We setup a demo in our lab, to show how easy it is to configure and block this type of threat.

See the mailicious script in action:


Watch how Citrix Web App Firewall blocks the malicious script:


See how easy it is to configure the Citrix Web App Firewall:


Read about the Citrix Application Firewall here.

Buy the Citrix Application Firewall here.

Tap into the power of AppExpert

Expand Blog Post