|
|
|
SERVICES
|
|
Firewall
|
At the heart of the system, is a state-of-the-art network firewall. Firewalls have traditionally relied on a technique known as "static packet filtering," to protect network systems. The firewall is placed between the internal (trusted) local area network, and the external (distrusted) network, which is most cases, is the Internet. This traditional type of firewall then makes a decision to either allow, or reject a packet of data, based solely on the information contained in its header. Therefore, a packet filtering firewall can only make decisions based on information such as the source or destination address, port or protocol. Each packet of data is considered without regard to its "state" or context.
The Network-Box system however, is based on the latest "stateful packet inspection" firewall technology. This technology, which is also known as "dynamic packet filtering," is a far more powerful network security tool. Using this technology, the Network-Box is not only capable of examining every packet of data which either enters or leaves, but it is capable of examining each packet of data in context.
The Network-Box actually keeps track of additional information, such as active connections, and can determine if a packet of data has arrived at the firewall as a direct result of an internal request. This makes it possible, for example, to setup the Network-Box to block all incoming data that has not been requested by an internal connection. The ability to block all unsolicited incoming traffic is a very powerful tool.
Several other state-of-the-art technologies have been integrated into the Network-Box firewall system, to enhance its already highly impressive capabilities.
Examples include the Network-Box "front-line" protection system, which is able to filter out known threats, which are still too new to be stopped by more traditional "signature based" anti-virus engines. An advanced pattern recognition engine at the protocol level, which allows the Network-Box system to not only block attacks from well known blended threats such as Code Red, Code Red II and NIMDA, but also from a host of new threats, which effect not only Microsoft Windows based servers, but also servers running operating systems such as Linux and UNIX. And crackers who try to bypass the Network-Box are given an extremely hard time by the new "black hole" technology that the Network-Box firewall uses to "absorb" all incoming data packets, good or bad.
With no responses to work with, cracking a network system is made very much harder.
The hybrid firewall in the Network Box combines the best of the three technologies of packet filtering, connection tracking, and proxying. The firewall is completely configurable to enforce company policy regarding inbound and outbound connections.
The firewall has built-in support for advanced networking features such as:
- Policy-based routing
- Multiple Redundant / Balanced Internet Links
- Traffic shaping and QOS control
- Network Address Translation
- Port / Address Forwarding
- Proxy-ARP transparency
|
|
|
|
|
| |
|
|
|
"When you are connected to the Internet, it is easy to forget that the Internet is connected to you"
The Network Box anti-virus email gateway is kept up-to-date with the very latest anti-virus signatures around the clock. An out of date network security system is a vulnerable network security system.
|
|
|
|
| |
|
