Smoothwall Firewall

Smoothwall Firewall - Webbfilter med brandvägg 

Komplett skydd: Brandvägg, webbsäkerhet och webbfilter

Kombinera vår marknadsledande webb-filter med brandvägg, applikations kontroll, VPN, IDS, IPS m.m.

Finns som mjukvara, hårdvara och virtuell maskin samt FWaaS.

Via samarbeten kan vi erbjuda Firewall as a service (FWaaS)

Kraftfull och bekväm nätverkssäkerhet med inbyggt webbinnehållsfiltrering.

Smoothwall brandvägg kombinerar full funktionalitet för nätverkssäkerhet med Smoothwall Firewall, Webbinnehålls filtrering, Bitdefender virus skydd med anti-Malware, VPN, anti-spam och en mängd andra funktioner som lastbalansering - alla utformade för att förbättra er nätverkssäkerhet och prestanda.

Alla funktioner i Smoothwall Filter ingår också i Smoothwall Firewall 

Läs mera om vilka funktioner som ingår : Funktioner i Smoothwall Firewall

Bekvämt att bara konfigurera och underhålla en enda produkt ska aldrig innebära avkall på funktionalitet. Smoothwall Firewall kombinerar vår bäst i klassen webb åtkomstkontroll, med en brandvägg känd över hela världen.

Lager 7 programkontroll,  GeoBlockingbandbredd, anti-malware, VPN och lastbalansering, och plötsligt ser ni på en flexibel lösning för en massa problem.

Smoothwall gör en vanlig server till en dedikerad hårdvarubrandvägg med webbfilter. Hårdvaran dimensioneras efter ert behov av prestanda och kan enkelt skalas om vid förändrat behov.

Vi hjälper gärna till vid val av hårdvara.

Om det låter för bra för att vara sant, ordna en utvärdering och vi låter Smoothwall Firewall tala för sig själv.

Smoothwall Firewall Svenska.pdf

 Produktöversikt 

Produktdetaljer

Brandvägg - Enhanced Perimeter Security

Brandvägg som skyddar er från yttre hot, attacker, virus, spionprogram och skadlig programvara. Så att ni slipper detta i ert nätverk. 

Styr vilka Internettjänster användaren kan komma åt, utför den traditionella rollen av att blockera tillgången till ert nät för hackare och andra hot på Internet.

Guardian analyserar dynamiskt, förstår och kategoriserar webbsidor, så att allt oönskat material och dolt innehåll (inklusive virus, skadlig kod, anonyma proxies och webbläsare ”exploits”) upptäcks och blockeras. 

Tidsbaserade kontroller, underlättar flexibel och användarvänlig filtrering. Avancerade rapporteringsverktyg hjälper ansvariga, att följa, förstå och tolka informationen.

Att tillåta mobila enheter att använda i er nät, ställer krav på ett säkrat och filtrerat internet. Detta blir allt viktigare för organisationer inom alla sektorer, då detta är ett arbetsredskap hos många. 

Vår BYOD stöd innebär att varje enhet, som är ansluten till Wi-Fi filtreras och skyddas, inklusive: iOS, Android, Blackberry och Windows.

Begränsa bandbredd från t.ex. Youtube 

VPN Gateway

Smoothwall Firewall inkluderar en fullfjädrad VPN-gateway som stöder site-to-site (intern office) VPN-anslutning mellan Smoothwall och andra tillverkares system, samt klientlös Secure Remote Access för mobila användare, hemarbete och trådlösa anslutningar. (L2TP, IPSec och SSL). Använd t.ex. ert Microsoft AD och de är bara de ni godkänt som kan komma in via SSL-VPN med sin ordinarie inloggning i ert AD. 

IDS, IPS och layer 7

Intrusion Detection System - IDS och Intrusion Prevention System - IPS

Övervakar och förhindrar skadliga intrång, och aktivitet även på applikations nivå. 

Lager 7 filtreringen identifierar och blockerar potentiell problematisk trafik, som ej använder specifika portar som t.ex. Skype, BitTorrent, TOR och Ultrasurf. Hundratals protokoll stöds för närvarande.

Internal Firewall

Den interna brandväggen tillåter lokala nätverk och demilitariserade zoner (DMZ) att vara indelad i flera fysiska separata sektioner, med policybaserade användarregler med kontroll, av vem som kan komma åt, vilka system och tjänster i andra zoner. 

Sådan segregation skyddar verksamhetskritiska system och konfidentiell information, från oavsiktlig åtkomst, oaktsamma användare eller sabotageförsök. Stöd finns också för vanliga Vlan.

Både utgående och inkommande trafik kan vara lastbalanserad över två eller flera anslutningar, eller styr olika protokoll till separat nätverk med hög prioritet på en dedikerad anslutning. 

I händelse av en ISP/anslutningsfel, så omdirigeras den drabbade trafiken automatiskt till en annan anslutning för att sedan gå tillbaka när felet är åtgärdat.

Med Reverse proxy kan ni styra förfrågningar från Internet och vidarebefordra dem till servrar i ett internt nätverk.

Ger möjlighet att styra flera HTTP och HTTPS platser till var och en av era interna servrar.

Ökar prestandan på era webbservar genom SSL avlastning.

Detta är väldigt bra för att skydda er från olika attacker och intrång.

Er brandvägg förbrukar mindre CPU kraft vid en DDOS-attack om ni använder GeoBlocking.

Smoothwall Firewall Product Brochure swe.pdf

Tekniska Egenskaper

Tekniska Egenskaper för Smoothwall Firewall

OBS! Listan är inte uppdaterad på ett tag...

Dynamic Content Analysis™ Screens the content, context and construction of web pages in detail, accurately detecting and blocking all objectionable, inappropriate, hidden or malicious content (including anonymous proxies).

Search Engine Filtering Filter, monitor and report upon search terms used and force "safe search" on popular search engines.

Block Advertising and Cookies Advertising and cookies can be automatically blocked.

Manage MIME, File Extension and Download Size Filtering policies can be set to manage specific file types, and limit download sizes.

Flash Filtering Screens actual SWF file code to accurately detect and block undesirable Flash content such as online games and video players.

SSL Interception Allows all unknown secure traffic to be decrypted and inspected (using Dynamic Content Analysis), so harmful HTTPS/SSL content (including SSL proxies) can be effectively blocked even in transparent proxy mode.

'Who, What, When, Where' Policy Tools True 'who, what, when, where' filtering with flexible user, group, time and location based controls.

Unified Policy Tools and Wizards Unified, easy to use policy setting tools with policy and configuration wizards. With unlimited groups and 'per user' policies and the ability to combine policies with multi-group membership.

Policy Based Controls Different filtering policies can be created and set for different groups of users, in accordance with organisation policy or the AUP.

Quick Block' and 'Quick Allow' Quick Block' and 'Quick Allow' buttons for fast one click fixes

Internet Watch Foundation Blocklists are updated daily with IWF data feeds.

YouTube.com/education Channel Support Allows access to youtube.com/education channel without removing restrictions on other YouTube content.

'Softblock' Option Instead of automatically blocking inappropriate content, users are issued warning messages about content and given options to either continue or cancel.

'Soft-blocking' per Content Category Delivering a better user browsing experience without compromising safety, security or control.

SWURL Devolved Personal Block/Allow  List Management SWURL allows specified users to manage their personal block/allow list via a portal - enabling miscategorised content to be accessed whilst being logged.

Advanced Categorisation Add-to-category functionality allows in-built categorisation to be adjusted with ease. Enhanced real-time categorisation - delivers higher accuracy, better reporting and fewer over-blocks

Customisable URL Blocklists Current, categorised and customisable URL blocklists control access to a pre-defined list of undesirable websites.

Outbound (web post) monitoring & blocking Monitors and blocks text posted on the web (i.e. inappropriate blog / forum / Social Networking / Twitter posts) using a keyword analysis system.

Whitelist mode Users can only access a customised list of 'allowed' sites.

Default 'Safe' Configuration Guardian can be installed with a default 'safe' configuration which filters out a standard range of illegal and objectionable content. Note: Guardian's default 'safe' configuration matches the requirements of CIPA and BECTA standards.

Temporary Bypass Controls Block page includes password protected options to bypass the filter on a temporary basis.

Temporary 'Banned User' List Ban selected users until a selected date or time and run reports with lists of 'banned users' and the duration of their bans.

Configurable 'Site Blocked' Page Site blocked' page can be customised to include a logo, message text, a reason for blocking, un-block buttons, IP address and username.

Flexible Request and Content Modification Modify web page requests and content 'on the fly' to enable neutralisation of malicious JavaScript and other web threats.

Stealth Mode Web pages are filtered and logged as normal, but are not blocked, allowing administrators to monitor activity without affecting users (useful when testing a new installation as it allows the filtering rules to be fine-tuned before 'going live').

Web Proxy Cache Reduce bandwidth utilisation by storing and retrieving frequently accessed web pages from local disk storage.

Mobile Device Filtering Smoothwall Connect (remote filtering) allows many devices (iOS,OSX,Windows) to be actively filtered and controlled according to the organization’s policies in or out of the home network.  

Guest Mobile Device Filtering Guest devices can be accomodated on the network and filtered according to the organization’s policies.

Bitdefender Anti-Malware

BitdefenderAnti-Malware Engine

Firewall

Perimeter Firewall Block threats at the boundary - before they enter your network.

Geoblocking Blocks traffic depending on where the traffic coming from

Stateful Packet Inspection Keeps out invalid traffic by ensuring all packets are part of a legitimate sequence.

Layer 7 application filtering Identify and block potentially problematic application traffic such as Skype, BitTorrent, TOR and Ultrasurf. Hundreds of protocols currently supported.

Intrusion Prevention System (IPS) Monitors and reacts to malicious activity and gives, through reporting, an overall view of the attacks occurring to your systems.

Outbound (egress) Filtering Rules Controls what Internet services and ports users can access, based on destination IP address as well as port, protocol, AD group and source IP address.

Port Grouping Group ports into types (e.g. web, email, remote access) to simplify configuration and deployment.

Port-Agile Traffic Blocking Detects & blocks file transfers/downloads (P2P traffic such as KaZaa, BitTorrent, etc

Multiple Rule Sets Increased flexibility with configuration options.

Dynamic NAT (DNAT) and Static NAT (SNAT) Operation Allowing a range of Internet accessible servers to be positioned on the internal network with multiple IPs supported.

Internal Firewall including DMZ, other zones & inter-zone bridges Segregate local networks into physically independent zones - useful for controlling inter-zone access & in the event of server compromise. (Also integrates with User Authentication systems)

Authentication

Authentication Features Integrate with User Authentication systems Control access based on authenticated identity as opposed to assumed identity derived from a computer’s IP address.

Idex Make it easy to see how is loged in.

2FA Work even without Internet

Multiple Filter Groups Different filter policies can be allocated to up to 100 different groups of users. Particular users can also be configured not to be subject to any filtering at all.

Transparent Proxy Mode System administration is simplified with support for NTLM authentication in transparent proxy mode; which avoids the need to configure proxy settings for each user computer.

Password-Protected Authentication The use of NTLM with password verification provides seamless single sign-on without the need for users to log in or enter their Windows ID/password again.

Networking

Over to 20 interfaces (4 or 6 ports) Allows segregation not only of servers & clients, but different types of client (wireless laptop users, servers, critical servers, guest workstations, different departments, etc).

Multiple External Connections Allows load balancing between a number of Internet connections.

Ethernet, DSL, (PPPoA, PPPoE and PPTP) and Analogue Modem Support Allows failover to 'lower tech' connections when the main connection fails.

Auto Failover to a Standby Appliance Allows connectivity continuation in the event of hardware dropout.

Routing Protocol Support Facilitates integration into existing network infrastructures.

VLAN Trunking (802.1Q) Allows creation of VLANs for easier network management.

Proxies & Services

Caching Web Proxy Server Reduces page display times & bandwidth utilisation.

Reverse Proxy for HTTP/HTTPS Enables hosting of more than one website on a single public IP.

Transparent SIP Proxy Enhances VoIP.

DHCP Server with Static Address Allocation Facility Use an on-board DHCP server or relay.

DNS Proxy Speeds up DNS resolutions.

NTP Time Server Allows all servers & workstations on the network to set time from the firewall.

DNS proxy Allows you to specify 'conditional forwarding' rules, enabling you to specify different DNS servers for different domains. DNS caching helps speed up response from slow or distant DNS servers.

VPN

Layer 2 Tunneling Protocol (L2TP) Secure connections for remote workers.

IPSec Compatible gateway for both site-to-site and laptop VPN connections.

SSL VPN Simplified access from laptop VPN connections. Able to cross network filters where L2TP or IPSec might fail, such as hotel room wireless. Support for Internal SSL VPN also allows VPN connections to be made inside the network.

Data Compression - IPComp (RFC 2393) To improve VPN throughput, supporting more VPN connections.

3DES Data Encryption (+ AES Rijndael, Twofish, Blowfish and CAST Encryption Algorithms) Prevents eavesdroppers reading confidential information & provides interoperability with other existing VPN products.

NAT Traversal (NAT-T) option Seamless operation even when the peer gateway or client is behind a NAT router.

Activation/deactivation of individual VPN tunnels Gives administrators full control over who is accessing the network.

Operation

Optional Bridge Mode (Transparent Inline Proxy) Drop in' deployment - allows the appliance to be deployed inline between a switch and a perimeter firewall for ease of installation and configuration.

Rate Limiter by URL The speed or rate at which the proxy server can download information from the Internet can be limited. Bandwidth use can also be limited for specific URLs.

Support for Browser Autoconfiguration Files Provides WPAD (Windows Proxy Auto-Detection) and PAC file support, for automatic configuration of proxy settings in client browsers.

Hardware Healthcare Alerts Notifications about system resource issues (eg low disk space, high memory use, high CPU loads, UPS failures).

Reporting

Built-in Report Templates Users can create, customise and save their own report templates and utilise an extensive range of report templates. Report options include site-specific reports (e.g. YouTube top viewed videos) and IM reporting (time spent messaging and chat friends per user).

Drill Down to a Single User or IP Reports include the user name and IP address of the user PC so AUP violators can be quickly identified. A drill-down facility allows data to be explored to a greater depth - e.g., from a list of blocked sites that users have attempted to access, drill-down to find out which users have been trying to access any particular site. It is possible to view the entire browsing history (including time spent browsing) of a single user.

Automated Reports User-specific reports can be automatically time-scheduled to run on a daily or weekly basis. Reports can also be automatically saved or distributed to recipient lists via email.

AJAX Real-time Logs & Traffic Graphs View web activity instantaneously, with the option to filter by user name, IP address, web site, category or group.

Real-Time Search Terms Log Viewer Be able to see the search terms used, the user, the search engine used and whether the attempt was allowed or blocked.

Export into PDF, HTML, Excel, Crystal Reports® Reports can be produced in a range of formats for ease of viewing (with pie charts/graphs) and to aid integration with existing systems.

User Portal Selected users (or groups of users) can be given access to a seperate Guardian interface specifically for viewing reports/logs, controlling temporary bans and downloading SSL VPN clients.

Incident Alerts Alert messages can be sent by both email and SMS text message to mobile/cell phones for issues requiring immediate attention.

Smoothwall Firewall Product Brochure swe.pdf