|
 Firewall
Protection
NetworkShield Firewall filters packets on the network
level. Each packet going through the server is checked
for compliance with access policies. Only packets from
allowed connections get into the network. If there is a
blocking rule set for a connection, the packet will be
blocked.
By default, connections
that have no access rules specified for them are also
blocked. Changes in the access policy are applied right
when they are made.
NetworkShield Firewall
supports the Stateful Inspection (ACC) technology, which
allows you to increase the protection against
unauthorized access to the company's network.
The work of the Firewall
is based on chains of rules and allows you to configure
security policies in the most simple and clear way.
A specially developed
engine supporting the
NAT
technology is used to provide secure access to the
Internet and any other networks. The NAT (Network
Address Translation) mechanism allows you to translate
addresses from private networks into one address in a
public network when private network clients access the
public network. The NAT technology allows you to limit
direct access to data in your network. Thus, all attacks
from the public network are directed to a safely
protected NetworkShield Firewall server, while LAN
clients remain unavailable for malicious access.
The NAT mechanism
implemented in the NetworkShield Firewall engine works
independently of the client configuration and does not
require the installation of some special software. More
then three years proved the high security and
performance of the NAT technology engine developed for
NetworkShield Firewall. The NetworkShield Firewall
engine allows clients to work correctly via the FTP
protocol in both passive and active modes and in all
network relationship modes (NAT or Route).
Multi-Network
support
NetworkShield Firewall
allows you to configure your network based on logical
objects of private (trusted) and public (untrusted)
networks. It is possible to configure access policies
for each network independent of the network type
(private, public) and the parameters of security
policies set for other networks.
NetworkShield Firewall
supports any number of IP addresses on one network
interface. You can just split your network into logical
subnets (for example, single out a perimeter network
(DMZ)) and create the necessary security policies.
To ensure higher
security, network relationships are established between
networks in addition to Firewall rules. To connect your
local area network to the Internet via one IP address
and to prevent access to the protected network, you
should set the NAT (Network Address Translation)
interaction type. To provide access between local area
networks and in other cases, the "Route" interaction
type is set.
The Server Publishing
mechanism makes it possible to access servers in the
private or perimeter (DMZ) network of the company, such
as web servers, mail servers, data servers, and to
ensure safe protection against external attacks at the
same time. NetworkShield Firewall runs as a published
server and thus provides an additional protection level.
Firewall Redirect Rules are used to publish servers.
NetworkShield Firewall
also allows you to redirect connections to other IP
addresses or to other TCP/UDP ports. This technology is
also known as Mapping.
NetworkShield Firewall
allows you to count the traffic used by clients and also
to limit its usage with quotas. To be able to count
traffic, you need to set a rule where you specify the
protocol, the client to count traffic for and client
connection destinations. When connections going through
the NetworkShield Firewall server are processed, traffic
will be counted for all rules the connection matches to.
If you need to limit traffic for your users, you should
use quotas that are specified in traffic usage rules.
When a traffic usage rule reaches one of the
specified quotas, the operation specified in the quota
will be performed. You can block the connection or send
a notification about exceeding the quota. It is possible
to specify any number of quotas for one traffic usage
rule.Real
time monitoring
NetworkShield Firewall
allows you to monitor the activity of your network in
real time. You can view the statistics of traffic usage
rules and also current sessions and connections.
Monitoring connections allows you to control all
requests sent to the NetworkShield Firewall server or
going through it. It is necessary to monitor connections
when you configure and debug firewall policy rules. You
should monitor sessions in order to monitor all clients
that established connections with the server or with
resources in other networks. The section where you
monitor the statistics of traffic usage rules allows you
to monitor the statistics of all rules. Each client in
your network can view the statistics of the traffic
usage rules set for it in any web browser. The
statistics of only those rules that have a special
permission set for them will be available for the
client. Also, you can remotely view the statistics of
all rules, but you will have to enter your NetworkShield
Firewall administrator password on a special web page.
To allow you to
completely control the work of NetworkShield Firewall,
it has its own event system that logs system events and
security events. It is recommended to look through
NetworkShield Firewall events regularly to fix errors
and prevent failures. All events and firewall
information about is saved to text files in the standard
w3c format. You can analyze these files in third-party
software and get detailed statistics.
NetworkShield Firewall
allows you to back up the system configuration. The
configuration is saved to a separate XML file that can
be recovered in case of failures or damages. To ensure
higher fault tolerance for the system, NetworkShield
Firewall allows you to automatically back up the
configuration according to schedule. In case the system
fails, you can get the system running again within a
short period of time.
NetworkShield Firewall
comes together with a specially deigned control panel
that makes the configuration process easier and allows
you to avoid mistakes in configuration. For initial
configuration, it is enough to specify the parameters of
your network in the special Network Configuration
Wizard. After the wizard finishes its work, your network
will be protected against external attacks and also all
LAN clients will have access to the specified services
in the public network.
Rules and objects are
created with the help of simple and clear wizards that
will not allow you to make mistakes during the
configuration process.
The set of predefined
firewall rules ensures that the server will be running
in case you make mistakes while creating security
policies.
NetworkShield Firewall
supports remote control from any computer on your local
area network.
NetworkShield Firewall
can authenticate users not only by internal
NetworkShield Firewall accounts, but also by Active
Directory accounts. With NetworkShield Security Client
installed on workstations, users can be automatically
authenticated by their Windows login (NTLM) or
NetworkShield login. Any Windows login (domain\username,
computer\username, username) can be used to authenticate
NetworkShield users.
NetworkShield Firewall is
completely compatible with all components in the Windows
2000/XP/2003 operating systems and also with server
products from Microsoft, such as Exchange Server, MS SQL
Server, Share Point Portal Server and others.
When NetworkShield
Firewall is running together with Microsoft products, it
does not impose any limitations on their normal
operation.
There may be conflicts
with some firewalls and traffic control software. To
prevent failures in your system, NetworkShield Firewall
can detect such products. |
