The New Generation Firewall

Srđan KujundžićInternet Security Manager

ArkWall

• Cloud rešenje - Potpuni Firewall/VPN/router.

• Virtuelna mašina - bilo koji Hypervisor, postojeći ili novi.

• Direktno na posebno dizajniranom miniPC multi LAN uređaju.

• Direktno na 1u rack mount network appliance uređaju.

O proizvodu

Mogućnosti - Features / I deo

Stateful Packet Inspection (SPI)GeoIP blockingAnti-Spoofing

Time based rulesConnection limits

Dynamic DNSReverse proxy

Captive portal guest networkSupports concurrent IPv4 and IPv6NAT mapping (inbound/outbound)

VLAN support (802.1q)Configurable static routing

IPv6 network prefix translationIPv6 router advertisements

Multiple IP addresses per interfaceDHCP server

DNS forwardingWake-on-LANPPPoE Server

Firewall and Router

IPsec and OpenVPNSite-to-site and remote access VPN support

SSL encryptionVPN client for multiple operating systems

L2TP/IPsec for mobile devicesMulti-WAN for failover

IPv6 supportSplit tunnellingMultiple tunnels

VPN tunnel failoverNAT support

Automatic or custom routingLocal user authentication or RADIUS/LDAP

VPN

Mogućnosti - Features / II deo

• Snort-based packet analyser• Layer 7 application detection• Multiple rules sources and categories• Emerging threats database• IP blacklist database• Pre-set rule profiles• Per-interface configuration• Suppressing false positive alerts• Deep Packet Inspection (DPI)• Optional open-source packages for application blocking

Intrusion Prevention System

• Optional multi-node High Availability Clustering• Multi-WAN load balancing• Automatic connection failover• Bandwidth throttling• Traffic shaping wizard• Reserve or restrict bandwidth based on traffic priority• Fair sharing bandwidth• User data transfer quotas

Enterprise Reliability

User Authentication• Local user and group database• User and group-based privileges• Optional automatic account expiration• External RADIUS authentication• Automatic lockout after repeated attempts

Proxy and Content Filtering

• HTTP and HTTPS proxy• Non Transparent or Transparent caching proxy• Domain/URL filtering• Anti-virus filtering• SafeSearch for search engines• HTTPS URL and content screening• Website access reporting• Domain Name blacklisting (DNSBL)• Usage reporting for daily, monthly, etc.

Mogućnosti - Features / III deo

Configuration

• Web-based configuration• Setup wizard for initial configuration• Remote web-based administration• Customisable dashboard• Easy configuration backup/restore• Configuration export/import• Encrypted automatic backup to Cloud server• Variable level administrative rights• Multi-language support• Simple updates• Forward-compatible configuration• Serial console for shell access and recovery

options

Administracija - Administration

System Security

• Web interface security protection• CSRF protection• HTTP Referrer enforcement• DNS Rebinding protection• HTTP Strict Transport Security• Frame protection• Optional key-based SSH access

Reporting & Monitoring

• Dashboard with configurable widgets• Local logging• Remote logging• Local monitoring graphs• Real-time interface traffic graphs• SNMP monitoring• Notifications via web interface, SMTP, or

Growl• Hardware monitoring• Networking diagnostic tools

Tehničke informacije

• Osnova FW-a je FreeBSD PacketFilter, najmoćniji Firewall današnjice.

• Minimalni zahtevi - CPU-600Mhz, RAM-512MB, HDD 4Gb

• Preporučeno - CPU-1Ghz, RAM-1GB, HDD 32Gb

• File sistem - ZFS (Raid Mirror podrška)

System dashboard - mogućnost podešavanja vidžeta po želji

Squid - proxy and IPsec VPN statusne stranice

Trafic grafikoni kao i mnogi drugi parametrimogu da se prate uživo, a izveštaji mogu da se generišu po potrebi.

Quality izveštaj pomaže u brzom pronalaženju i rešavanju problema sa ISP.

Fotografije instaliranih sistema

Zašto ArkWall ?

- Pre svega, vrhunska bezbednost.

- Surfovanje bez reklama i popup-ova.

- Automatika vodi računa da svi registrovani napadači budu automatski blokirani.

- Mogućnost hakerskih napada svedena na minimum.

- Brzina i kvalitet komunikacije se višestruko uvećavaju.

- VPN komunikacija između Vaših lokacija, bez premca uz vrhunski

security.

- Brzo rešavanje mrežnih problema uz moćne izveštaje i statistiku.

- Firewall uređaji bez mehaničkih pokretnih delova obezbeđuju vrhunsku stabilnostrada.

Hvala

(011) 2972-303

(063) 8075-714

(063) 257-278

andrija.kunarac@ark.co.rs

srdjan.kujundzic@ark.co.rsark.co.rs