Produktöversikt 

• Applikationskontroll

• Lastbalansering - hantera effektivt inkommande och utgående trafik över flera Internet-anslutningar, inklusive fail-over funktion

• Attack Försvar - med GeoBlocking samt Intrusion Detection System (IDS) och Intrusion Prevention System (IPS)

• Anti-Malware från välkända Bitdefender

• Användarverifiering - T.ex. Microsoft AD och Azure, Google etc.

• Internt segregerade nätverk - Skydda kritiska resurser, intern zonindelning och segregation

• VPN Gateway - Hantera upp till 1000 säkra gateways över flera Internetanslutningar

• Source Natting - Ser till att trafiken går ut från rätt IP-adress

• Internet kontroll med användarverifiering, ange vilka Internet-tjänster användare kan få tillgång till

Produktdetaljer

Tekniska Egenskaper

Tekniska Egenskaper för Smoothwall Firewall

OBS! Listan är inte uppdaterad på ett tag...

Dynamic Content Analysis™ Screens the content, context and construction of web pages in detail, accurately detecting and blocking all objectionable, inappropriate, hidden or malicious content (including anonymous proxies).

Search Engine Filtering Filter, monitor and report upon search terms used and force "safe search" on popular search engines.

Block Advertising and Cookies Advertising and cookies can be automatically blocked.

Manage MIME, File Extension and Download Size Filtering policies can be set to manage specific file types, and limit download sizes.

Flash Filtering Screens actual SWF file code to accurately detect and block undesirable Flash content such as online games and video players.

SSL Interception Allows all unknown secure traffic to be decrypted and inspected (using Dynamic Content Analysis), so harmful HTTPS/SSL content (including SSL proxies) can be effectively blocked even in transparent proxy mode.

'Who, What, When, Where' Policy Tools True 'who, what, when, where' filtering with flexible user, group, time and location based controls.

Unified Policy Tools and Wizards Unified, easy to use policy setting tools with policy and configuration wizards. With unlimited groups and 'per user' policies and the ability to combine policies with multi-group membership.

Policy Based Controls Different filtering policies can be created and set for different groups of users, in accordance with organisation policy or the AUP.

Quick Block' and 'Quick Allow' Quick Block' and 'Quick Allow' buttons for fast one click fixes

Internet Watch Foundation Blocklists are updated daily with IWF data feeds.

YouTube.com/education Channel Support Allows access to youtube.com/education channel without removing restrictions on other YouTube content.

'Softblock' Option Instead of automatically blocking inappropriate content, users are issued warning messages about content and given options to either continue or cancel.

'Soft-blocking' per Content Category Delivering a better user browsing experience without compromising safety, security or control.

SWURL Devolved Personal Block/Allow  List Management SWURL allows specified users to manage their personal block/allow list via a portal - enabling miscategorised content to be accessed whilst being logged.

Advanced Categorisation Add-to-category functionality allows in-built categorisation to be adjusted with ease. Enhanced real-time categorisation - delivers higher accuracy, better reporting and fewer over-blocks

Customisable URL Blocklists Current, categorised and customisable URL blocklists control access to a pre-defined list of undesirable websites.

Outbound (web post) monitoring & blocking Monitors and blocks text posted on the web (i.e. inappropriate blog / forum / Social Networking / Twitter posts) using a keyword analysis system.

Whitelist mode Users can only access a customised list of 'allowed' sites.

Default 'Safe' Configuration Guardian can be installed with a default 'safe' configuration which filters out a standard range of illegal and objectionable content. Note: Guardian's default 'safe' configuration matches the requirements of CIPA and BECTA standards.

Temporary Bypass Controls Block page includes password protected options to bypass the filter on a temporary basis.

Temporary 'Banned User' List Ban selected users until a selected date or time and run reports with lists of 'banned users' and the duration of their bans.

Configurable 'Site Blocked' Page Site blocked' page can be customised to include a logo, message text, a reason for blocking, un-block buttons, IP address and username.

Flexible Request and Content Modification Modify web page requests and content 'on the fly' to enable neutralisation of malicious JavaScript and other web threats.

Stealth Mode Web pages are filtered and logged as normal, but are not blocked, allowing administrators to monitor activity without affecting users (useful when testing a new installation as it allows the filtering rules to be fine-tuned before 'going live').

Web Proxy Cache Reduce bandwidth utilisation by storing and retrieving frequently accessed web pages from local disk storage.

Mobile Device Filtering Smoothwall Connect (remote filtering) allows many devices (iOS,OSX,Windows) to be actively filtered and controlled according to the organization’s policies in or out of the home network.  

Guest Mobile Device Filtering Guest devices can be accomodated on the network and filtered according to the organization’s policies.

Bitdefender Anti-Malware

BitdefenderAnti-Malware Engine

Firewall

Perimeter Firewall Block threats at the boundary - before they enter your network.

Geoblocking Blocks traffic depending on where the traffic coming from

Stateful Packet Inspection Keeps out invalid traffic by ensuring all packets are part of a legitimate sequence.

Layer 7 application filtering Identify and block potentially problematic application traffic such as Skype, BitTorrent, TOR and Ultrasurf. Hundreds of protocols currently supported.

Intrusion Prevention System (IPS) Monitors and reacts to malicious activity and gives, through reporting, an overall view of the attacks occurring to your systems.

Outbound (egress) Filtering Rules Controls what Internet services and ports users can access, based on destination IP address as well as port, protocol, AD group and source IP address.

Port Grouping Group ports into types (e.g. web, email, remote access) to simplify configuration and deployment.

Port-Agile Traffic Blocking Detects & blocks file transfers/downloads (P2P traffic such as KaZaa, BitTorrent, etc

Multiple Rule Sets Increased flexibility with configuration options.

Dynamic NAT (DNAT) and Static NAT (SNAT) Operation Allowing a range of Internet accessible servers to be positioned on the internal network with multiple IPs supported.

Internal Firewall including DMZ, other zones & inter-zone bridges Segregate local networks into physically independent zones - useful for controlling inter-zone access & in the event of server compromise. (Also integrates with User Authentication systems)

Authentication

Authentication Features Integrate with User Authentication systems Control access based on authenticated identity as opposed to assumed identity derived from a computer’s IP address.

Idex Make it easy to see how is loged in.

2FA Work even without Internet

Multiple Filter Groups Different filter policies can be allocated to up to 100 different groups of users. Particular users can also be configured not to be subject to any filtering at all.

Transparent Proxy Mode System administration is simplified with support for NTLM authentication in transparent proxy mode; which avoids the need to configure proxy settings for each user computer.

Password-Protected Authentication The use of NTLM with password verification provides seamless single sign-on without the need for users to log in or enter their Windows ID/password again.

Networking

Over to 20 interfaces (4 or 6 ports) Allows segregation not only of servers & clients, but different types of client (wireless laptop users, servers, critical servers, guest workstations, different departments, etc).

Multiple External Connections Allows load balancing between a number of Internet connections.

Ethernet, DSL, (PPPoA, PPPoE and PPTP) and Analogue Modem Support Allows failover to 'lower tech' connections when the main connection fails.

Auto Failover to a Standby Appliance Allows connectivity continuation in the event of hardware dropout.

Routing Protocol Support Facilitates integration into existing network infrastructures.

VLAN Trunking (802.1Q) Allows creation of VLANs for easier network management.

Proxies & Services

Caching Web Proxy Server Reduces page display times & bandwidth utilisation.

Reverse Proxy for HTTP/HTTPS Enables hosting of more than one website on a single public IP.

Transparent SIP Proxy Enhances VoIP.

DHCP Server with Static Address Allocation Facility Use an on-board DHCP server or relay.

DNS Proxy Speeds up DNS resolutions.

NTP Time Server Allows all servers & workstations on the network to set time from the firewall.

DNS proxy Allows you to specify 'conditional forwarding' rules, enabling you to specify different DNS servers for different domains. DNS caching helps speed up response from slow or distant DNS servers.

VPN

Layer 2 Tunneling Protocol (L2TP) Secure connections for remote workers.

IPSec Compatible gateway for both site-to-site and laptop VPN connections.

SSL VPN Simplified access from laptop VPN connections. Able to cross network filters where L2TP or IPSec might fail, such as hotel room wireless. Support for Internal SSL VPN also allows VPN connections to be made inside the network.

Data Compression - IPComp (RFC 2393) To improve VPN throughput, supporting more VPN connections.

3DES Data Encryption (+ AES Rijndael, Twofish, Blowfish and CAST Encryption Algorithms) Prevents eavesdroppers reading confidential information & provides interoperability with other existing VPN products.

NAT Traversal (NAT-T) option Seamless operation even when the peer gateway or client is behind a NAT router.

Activation/deactivation of individual VPN tunnels Gives administrators full control over who is accessing the network.

Operation

Optional Bridge Mode (Transparent Inline Proxy) Drop in' deployment - allows the appliance to be deployed inline between a switch and a perimeter firewall for ease of installation and configuration.

Rate Limiter by URL The speed or rate at which the proxy server can download information from the Internet can be limited. Bandwidth use can also be limited for specific URLs.

Support for Browser Autoconfiguration Files Provides WPAD (Windows Proxy Auto-Detection) and PAC file support, for automatic configuration of proxy settings in client browsers.

Hardware Healthcare Alerts Notifications about system resource issues (eg low disk space, high memory use, high CPU loads, UPS failures).

Reporting

Built-in Report Templates Users can create, customise and save their own report templates and utilise an extensive range of report templates. Report options include site-specific reports (e.g. YouTube top viewed videos) and IM reporting (time spent messaging and chat friends per user).

Drill Down to a Single User or IP Reports include the user name and IP address of the user PC so AUP violators can be quickly identified. A drill-down facility allows data to be explored to a greater depth - e.g., from a list of blocked sites that users have attempted to access, drill-down to find out which users have been trying to access any particular site. It is possible to view the entire browsing history (including time spent browsing) of a single user.

Automated Reports User-specific reports can be automatically time-scheduled to run on a daily or weekly basis. Reports can also be automatically saved or distributed to recipient lists via email.

AJAX Real-time Logs & Traffic Graphs View web activity instantaneously, with the option to filter by user name, IP address, web site, category or group.

Real-Time Search Terms Log Viewer Be able to see the search terms used, the user, the search engine used and whether the attempt was allowed or blocked.

Export into PDF, HTML, Excel, Crystal Reports® Reports can be produced in a range of formats for ease of viewing (with pie charts/graphs) and to aid integration with existing systems.

User Portal Selected users (or groups of users) can be given access to a seperate Guardian interface specifically for viewing reports/logs, controlling temporary bans and downloading SSL VPN clients.

Incident Alerts Alert messages can be sent by both email and SMS text message to mobile/cell phones for issues requiring immediate attention.