Intrusion Prevention for Microsoft Web Servers
SecureIIS? was developed to addresses the security weaknesses of the Microsoft Internet Information Services (IIS) web server application. With the proliferation of web-based applications, web servers have become portals into internal networks, which translate into a requirement of application-level protection, beyond what traditional network firewalls can provide.
By preventing intrusion before and between the time vulnerabilities are detected and accurate patches are issued by Microsoft, SecureIIS obviates this gap of exposure.
Unlike network firewalls that are unable to guard against web server vulnerabilities, SecureIIS integrates within the Microsoft web server application to inspect all traffic before it is processed. This allows SecureIIS to protects against both known and unknown attack types.
This is basically one of the earliest IPS developed.
It technically works as an ISAPI filter which handles te request directed to the IIS and drops it if dangerous, effectively stopping known or possible attacks for which a patch might or might not be installed on the protected machine.