
Gateway Firewall
DATA LEAK PREVENTION
- Context based detection and prevention of data leak.
- Identifies who is accessing, which application, what content is send out and from where.
- Set policies to monitor/block data leaks via Email, file upload and chats.
- monitor & manage protocols of SAAS applications like Google, office 365,Yahoo, Rediff, Facebook.
- Split profiling where only corporate login to SAAS applicationsare allowed and personal login blocked.
- Set policies to allow read only access to corporate email/social networking.
- Setup policies based on from,to, cc, bcc, subject of Gmail and other such SAAS applications along with BYOD and userSense information.
- Scan for data leaks for all outbound data based onthe above context.
- Block password protected zip & pdf file uploads.
- User based policy control to prevent data leak.
- Control over HTTP, HTTPS, SMTP, instant Messaging.
- In-depthreporting of data moving out of network with real-time alerts, monitoring.
- Protects company sensitive information like sales data, pricing information, or intellectual property.
- Progressive security – allow access to applications yet have visibility and control over content going out.
- Increased regulatory compliance -HIPAA, GLBA, PCI, or SO.
- Provides global visibility through comprehensive and flexible reporting.
CLOUD SECURITY
- Roming users comply to company policies even when they are not in the network.
- Cloud client enforces and routes all traffic securely through the cloud firwall. (public or private)
- Secures roming users even when they use insecure networks. (public wifi etc )
- Central policies with ease of management for roaming users.
- All processing done in cloud & hence no performance impact on end-point.
- Connect /disconnect status report.
CENTRALIZED MANAGEMENT SYSTEM
- Simplified management of firewall policies including DLP, content filtering, IPS, malware protection, application filtering, VPN from a central System.
- Firewall can be managed throughglobal, group or individual policies.
- Architecture provides flexibility in managing firewall centrally, yet delegation of individual firewall possible.
- Backup taken centrally – restoration of a firewall can be done centrally.
- Auto-synchronize all your firewalls at regular intervals.
- Real-time visibility of threat summary and trends.
- Intuitive and comfortable UI.
APPLICATION FILTERING
- Control and visibility of layer 7 applications.
- Enhance business-critical application performance by limiting bandwidth for non-business traffic.
- In build application categories.
- 2,500+ application signatures.
- Sub-classification within a category supported.
- Saves bandwidth and reduce infrastructure costs.
- Protects corporate users including BYOD devices.
SYSTEM MANAGEMENT
- Two factor authentication support for WebUI, CLI or console and browsing users with OTP.
- Manage through a browser, SSHand terminal.
- Single window policy managemen.
- Role based administration.
- On-application analytics.
- User based firewall policies.
- Policy inheritance. (oops)
- Remote syslog and SNMP support.
- Administration activity logs for auditing.
VIRTUAL PRIVATE NETWORK
- Industry Standard: IPSec, L2TP&PPTP VPN.
- VPN high availability for IPSec.
- Strong authentication : RSA SecureID, VASCO tokens, Radius, LDAP &Active Directory.
- Encryption : DES, 3DES, 3DES, AES encryption & Hash Algorithms : MD5, SHA1, SHA2.
- Authentication : Pre-shared key, Digital Certificates.
- IPSec NAT Traversal, Dead Peer Detection and PFS support.
- IPSec VPN tunnel up/ down logs.
- Active VPN user logs.
NETWORKING
- Static Ip Address, PPPoE, DHCP.
- Policy based Multi-WAN failover & load balancing.
- WRR based load balancing.
- Policy based routing.
- Multicast forwarding.
- Dynamic Routing. (RIP v1 & 2, OSPF)
- DHCP server support on multiple interfaces.
- Support for dynamic DNS.
GATEWAY ANTI-MALWARE
- Multiple Engine- uses cloud based sandboxing.
- Powerful and ReaI-Tlme protection from virus outbreaks.
- Scans HTTP, HTTPS, FTP, POP3, SMTP & SMTPS traffic.
- Detects and removes viruses, worms and all kinds of malware.
- Instant identification of virus infected users.
- ZERO hour virus protection.
- Spyware, Malware, Phishing protection.
- Automatic real-time virus update.
- Complete protection of traffic over all protocols.
- Last virus update definition.
- Complete report of viruses caught.
HIGH AVAILABILITY
- Active / Passive and Active /Active with State synchronization.
- Stateful Failover.
- Email Alerts on HA Status.
- Auto synchronization of entire configuration made on Master firewall to Backup firewall.
- Email notification when firewall state change from Master to Backup and vice versa.
URL FILTERING
- Automated web categorization engine blocks non-productive websites.
- Millions of sites in arranged in 85+ categories.
- URL Filtering for HTTP & HTTPS protocols.
- MIME Type and file extension blocking.
- User, group-based URL filtering and download size restriction policies.
- Time-based access schedule.
- Prevents downloads of streaming media, images, popup ads.
- Block malware, phishing, pharming URL s.
- Block Java Applets, Cookies, Active X.
- URL Exempt/White list.
- Automatic updates to the URL categories.
ADAPTIVE ISP FAILOVER & LOAD BALANCING
- Service based ISP load balancing or failover.
- Both Failover and Load Balancing can be set up simultaneously.
- Load balances traffic based on weighted round robin distribution.
- ISP Failover automatically shifts traffic from a failed link to a working link.
- Automatic traffic fallback when failed ISP comes. up
- Zone based failover.
- Customized NAT on failover.
- ISP failover and fallback notifications on email.
GATEWAY ANTI-SPAM
- Scans SMTP. POP3 traffic for spam.
- Detects, tags or quarantines spam mail.
- Content-agnostic spam protection including lmage-spam.
- Preemptively stops sophisticated threats like phishing, pharming, zombie attacks & supports RBL lists.
- Enforces black and white lists.
- Real-time protection from emerging threats.
- Language, content and format independent spam prevention.
- Detects phishing URL in emails.
- Quarantine spam mails.
- Mail archiving.
APPLICATION BASED SECURITY ANALYTICS
- Complete reporting on appliance.
- User, application specific reporting.
- Daily Internet activity user/group wise report on e-mail.
- Real time reports, automated alerts, historical reporting.
- Security reports include Firewall, IPS & VPN.
- Real time reporting of bandwidth and users.
- Policy violation alert on Email & reporting.
- Virus filtering reporting.
- Guest user authentication activity logs.
BANDWIDTH MANAGEMENT
- Policy based bandwidth management & queuing.
- Hierarchy based bandwidth management.
- Committed on the f|y bandwidth borrow.
- Time Quota and Bandwidth Quota.
- Bandwidth policy for browsing.
- Bandwidth utilization chart based on Bandwidth Queues.