Firewall Security

Detail Firewall

Gateway Firewall

DATA LEAK PREVENTION

  • Context based detection and prevention of data leak.
  • Identifies who is accessing, which application, what content is send out and from where.
  • Set policies to monitor/block data leaks via Email, file upload and chats.
  • monitor & manage protocols of SAAS applications like Google, office 365,Yahoo, Rediff, Facebook.
  • Split profiling where only corporate login to SAAS applicationsare allowed and personal login blocked.
  • Set policies to allow read only access to corporate email/social networking.
  • Setup policies based on from,to, cc, bcc, subject of Gmail and other such SAAS applications along with BYOD and userSense information.
  • Scan for data leaks for all outbound data based onthe above context.
  • Block password protected zip & pdf file uploads.
  • User based policy control to prevent data leak.
  • Control over HTTP, HTTPS, SMTP, instant Messaging.
  • In-depthreporting of data moving out of network with real-time alerts, monitoring.
  • Protects company sensitive information like sales data, pricing information, or intellectual property.
  • Progressive security – allow access to applications yet have visibility and control over content going out.
  • Increased regulatory compliance -HIPAA, GLBA, PCI, or SO.
  • Provides global visibility through comprehensive and flexible reporting.

CLOUD SECURITY

  • Roming users comply to company policies even when they are not in the network.
  • Cloud client enforces and routes all traffic securely through the cloud firwall. (public or private)
  • Secures roming users even when they use insecure networks. (public wifi etc )
  • Central policies with ease of management for roaming users.
  • All processing done in cloud & hence no performance impact on end-point.
  • Connect /disconnect status report.

CENTRALIZED MANAGEMENT SYSTEM

  • Simplified management of firewall policies including DLP, content filtering, IPS, malware protection, application filtering, VPN from a central System.
  • Firewall can be managed throughglobal, group or individual policies.
  • Architecture provides flexibility in managing firewall centrally, yet delegation of individual firewall possible.
  • Backup taken centrally – restoration of a firewall can be done centrally.
  • Auto-synchronize all your firewalls at regular intervals.
  • Real-time visibility of threat summary and trends.
  • Intuitive and comfortable UI.

APPLICATION FILTERING

  • Control and visibility of layer 7 applications.
  • Enhance business-critical application performance by limiting bandwidth for non-business traffic.
  • In build application categories.
  • 2,500+ application signatures.
  • Sub-classification within a category supported.
  • Saves bandwidth and reduce infrastructure costs.
  • Protects corporate users including BYOD devices.

SYSTEM MANAGEMENT

  • Two factor authentication support for WebUI, CLI or console and browsing users with OTP.
  • Manage through a browser, SSHand terminal.
  • Single window policy managemen.
  • Role based administration.
  • On-application analytics.
  • User based firewall policies.
  • Policy inheritance. (oops)
  • Remote syslog and SNMP support.
  • Administration activity logs for auditing.

VIRTUAL PRIVATE NETWORK

  • Industry Standard: IPSec, L2TP&PPTP VPN.
  • VPN high availability for IPSec.
  • Strong authentication : RSA SecureID, VASCO tokens, Radius, LDAP &Active Directory.
  • Encryption : DES, 3DES, 3DES, AES encryption & Hash Algorithms : MD5, SHA1, SHA2.
  • Authentication : Pre-shared key, Digital Certificates.
  • IPSec NAT Traversal, Dead Peer Detection and PFS support.
  • IPSec VPN tunnel up/ down logs.
  • Active VPN user logs.

NETWORKING

  • Static Ip Address, PPPoE, DHCP.
  • Policy based Multi-WAN failover & load balancing.
  • WRR based load balancing.
  • Policy based routing.
  • Multicast forwarding.
  • Dynamic Routing. (RIP v1 & 2, OSPF)
  • DHCP server support on multiple interfaces.
  • Support for dynamic DNS.

GATEWAY ANTI-MALWARE

  • Multiple Engine- uses cloud based sandboxing.
  • Powerful and ReaI-Tlme protection from virus outbreaks.
  • Scans HTTP, HTTPS, FTP, POP3, SMTP & SMTPS traffic.
  • Detects and removes viruses, worms and all kinds of malware.
  • Instant identification of virus infected users.
  • ZERO hour virus protection.
  • Spyware, Malware, Phishing protection.
  • Automatic real-time virus update.
  • Complete protection of traffic over all protocols.
  • Last virus update definition.
  • Complete report of viruses caught.

HIGH AVAILABILITY

  • Active / Passive and Active /Active with State synchronization.
  • Stateful Failover.
  • Email Alerts on HA Status.
  • Auto synchronization of entire configuration made on Master firewall to Backup firewall.
  • Email notification when firewall state change from Master to Backup and vice versa.

URL FILTERING

  • Automated web categorization engine blocks non-productive websites.
  • Millions of sites in arranged in 85+ categories.
  • URL Filtering for HTTP & HTTPS protocols.
  • MIME Type and file extension blocking.
  • User, group-based URL filtering and download size restriction policies.
  • Time-based access schedule.
  • Prevents downloads of streaming media, images, popup ads.
  • Block malware, phishing, pharming URL s.
  • Block Java Applets, Cookies, Active X.
  • URL Exempt/White list.
  • Automatic updates to the URL categories.

ADAPTIVE ISP FAILOVER & LOAD BALANCING

  • Service based ISP load balancing or failover.
  • Both Failover and Load Balancing can be set up simultaneously.
  • Load balances traffic based on weighted round robin distribution.
  • ISP Failover automatically shifts traffic from a failed link to a working link.
  • Automatic traffic fallback when failed ISP comes. up
  • Zone based failover.
  • Customized NAT on failover.
  • ISP failover and fallback notifications on email.

GATEWAY ANTI-SPAM

  • Scans SMTP. POP3 traffic for spam.
  • Detects, tags or quarantines spam mail.
  • Content-agnostic spam protection including lmage-spam.
  • Preemptively stops sophisticated threats like phishing, pharming, zombie attacks & supports RBL lists.
  • Enforces black and white lists.
  • Real-time protection from emerging threats.
  • Language, content and format independent spam prevention.
  • Detects phishing URL in emails.
  • Quarantine spam mails.
  • Mail archiving.

APPLICATION BASED SECURITY ANALYTICS

  • Complete reporting on appliance.
  • User, application specific reporting.
  • Daily Internet activity user/group wise report on e-mail.
  • Real time reports, automated alerts, historical reporting.
  • Security reports include Firewall, IPS & VPN.
  • Real time reporting of bandwidth and users.
  • Policy violation alert on Email & reporting.
  • Virus filtering reporting.
  • Guest user authentication activity logs.

BANDWIDTH MANAGEMENT

  • Policy based bandwidth management & queuing.
  • Hierarchy based bandwidth management.
  • Committed on the f|y bandwidth borrow.
  • Time Quota and Bandwidth Quota.
  • Bandwidth policy for browsing.
  • Bandwidth utilization chart based on Bandwidth Queues.