Next Gen. Firewall(NGFW) & VPN gateway

  • Stateful deep packet inspection firewall
  • User, group, time or network based policy
  • Routing: static, multicast & dynamic
  • Upstream proxy support
  • Full configuration of DNS, DDNS, DHCP and NTP
  • IPv6 tunneling support
  • Convenient wizard to easily create complex NAT rules
  • Full visibility into users, devices, applications & micro level policy enforcement
  • Application & user identity based bandwidth management
  • Built-in wireless controller helps central monitoring & management of APs & WiFi clients
  • Backup & restore configurations: locally, via FRP or email
  • High availability(HA) support : active-active or active-passive mode
  • Protection for IPS, AV, & App control
  • Authentication via Active Directory, LDAP, RADIUS, TACACS+
  • Support for Single Sign-On (SSO)
  • Authentication certificate for iOS and Android
  • Support for Site to Site & Remote Access VPN using IPSec, SSL, RSA, L2TP, PPTP
  • Supports SSL client for Windows, Android, iOS and Sophos SSL client
  • Machine Learning based Sandbox protection- scans all executable & archived files
  • Advanced Threat Protection (ATP) – detect & block network traffic attempting to contact control servers using multi layered DNS & firewall
  • On-box reporting provides granular report on system health, live users, remote users and other network activities

SD-WAN

  • Purpose built appliance with GUI
  • includes next-generation firewall security, advanced routing, and WAN optimization capabilities
  • Reduces cost by using traditional broadband WAN options including DSL, cable, 3G/4G/LTE cellular through copper and fiber interfaces
  • offers essential WAN link monitoring, balancing, and failover capabilities
  • centrally configured & managed access device for branch & remote office deployment helps sharing data, enabling transactions, and delivering cloud applications.
  • robust site to site VPN support using IPSec, SSL & L2TP
  • centralized multi-site VPN orchestration tools to easily set up a mesh of VPN SD-WAN connections
  • application based routing and path selection, minimizes latency for mission critical applications such as VoIP
  • Link failure recovery & failover ensure data integrity even for the session in progress
  • Session based intelligent load balancing across combined internet access links
  • Can be configured to provide Dynamic DNS load-balancing for inbound request for web, FTP, Mail server etc.

UTM (Unified Threat Management)

  • UTM includes NGFW security and other subscription based services such as
  • web protection
    • Fully transparent proxy for URL & web filtering
    • Advanced protection against malware
    • Data leakage control via HTTP, HTTPS upload
    • blocks Potentially Unwanted Applications(PUA)
  • Email protection
    • Email scanning with SMTP, POP3 and IMAP support
    • Reputation service with spam outbreak monitoring
    • Inbound & outbound spam & malware filtering
    • Spam grey listing and Sender Policy Framework(SPF) protection
    • Detects phishing URLs within emails
    • Malware & spam quarantines with filter options by date, recipient, subject
    • Email encryption secures content and allows users to view anywhere
    • DLP engine scans emails and attachments for sensitive data
  • Web server protection
    • Acts as reverse proxy
    • HTTPS (TLS/SSL) encryption offloading
    • Reverse authentication for form based and basic authentication for server access
    • Integrated load balancer distributes visitors across multiple servers
    • Allow/block IP range
    • Wildcard support for server paths and domains

Email Security Gateway

  • Email scanning with SMTP, POP3 and IMAP support
  • Reputation service with spam outbreak monitoring
  • Blocks spam & malware during SMTP transaction
  • Scanning/detection/blocking of file attachment
  • Detects phishing URLs within emails
  • Spam grey listing and Sender Policy Framework(SPF) protection
  • Malware & spam quarantines with search & filter options by date, recipient, subject
  • Email encryption secures content & attachment and allows users to view anywhere
  • DLP engine scans emails and attachments for sensitive data

Web Application Firewall (WAF)

  • Acts as reverse proxy
  • HTTPS (TLS/SSL) encryption offloading
  • Reverse authentication for form based and basic authentication for server access
  • Integrated load balancer distributes visitors across multiple servers
  • Allow/block IP range
  • Wildcard support for server paths and domains
  • Automatically append a prefix/suffix for authentication