Stonesoft (Stongate)

The primary functions of the StoneGate Firewall and VPN is the realization of logic perimetral protection systems (firewalling) with possibility to act as VPN encrypted tunnel concentrator. Is also possible to implement StoneGate as a pure VPN tunnel concentrator with no traffic and firewalling discrimination.

img 1

img 1

.

The most features are reported as follow:

  • Centralized Interface Management, Routing and Anti Spoofing. Often software firewalling solutions show “hide” management loads, like the impossibility to configure from graphic interface some interface elements like interface’s MAC and IP or routing and anti-spoofing. Thanks to interactions between Firewall node and StoneGate Management Center, is possible to manage in a graphical, easy and with error control way for all this parameters as centralized, sending this parameter in a second time towards the node with publication configuration duty. After a successful publication, the node try to reach the Management system with the new routing information’s, with roll-back capacity toward last correct configuration in case of configuration incompatibility. This trick avoid to make a firewall or a firewall cluster unreachable cause human errors configurations.

img 2

img 2

.

  • Deep TCP/IP Level Control: “Genetic” characteristic of StoneGate Firewall and VPN is the IP packet control both for protocol options coherence and checksum. Regarding the TCP protocol, StoneGate verify both an handshake control about rules where statefull inspection is expected and a TCP flag control pertinent to any protocol state. Is expected even the packet fragmentation management, in the same way for generic services for IP protocols different from UDP, TCP and so on.
  • Firewall Cluster Characteristics: StoneGate include an “active-active” clustering system, characterized by an elevated scalability up to 16 nodes for logic cluster with transparent session failover in case of session generating cluster node fault.
  • Networking Scalability and Vertical Processing: StoneGate, further orizzontal scalability offered by clustering with dynamic load balancing, offer an interesting orizzontal scalability thanks to:
  • SMP Support that grant a going utilization on multiprocessors machines.
  • Up to 254 physical network interfaces management.
  • VLAN 802.1q Tagging management with up to 4094 VLAN definition for physical interface.
  • Multicast IP, static routing and policy routing support.
  • Centralized proxy and static ARP by GUI with no need to operate on firewall node.

    StoneGate SSL VPN
    Server The SSL VPN Gateway solution introduce in the Stonesoft products suite a very important dowel siding the VPN IpSec solution more traditional with no overlapping. The SSL VPN StoneGate idea is to guarantee a secure access to web and legacy applications in the portal logic from miscellaneous clients with no need to install client side software like IpSec traditional solutions like mobile-to-site. This solution is all as advantage of access tranparence, both for legacy/client-server and Web-Based applications.

img 3

img 3

.

Stonegate SSL VPN Gateway provides to companies a complete control access tool to information’s and companies applications allowing to implement specific policies about users shaping. The most benefits introduced from StoneGate SSL VPN solution we want focus about some specific characteristics:

  • Assessment: capacity to inspect clients before to grant access and eventual reduction of resources at disposition in case of a standards correspondence leakage.
  • Authorization: possibility to furnish a granular access (IP address, group membership, Users, etc) to web resources, file sharing and applicative.
  • Authentication: support extension for more than 15 different authentication systems (LDAP, MS AD, Radius, Etc) and strong authentication systems (PIN pad for mobiles, etc)
  • Access: possibility to access strongly binded to resource type: Proxy Web for web applications, java/activex client or client/server applications etc.
  • Auditing: compliance with stringent regulations like SOX, HIPAA, BASEL II, etc
  • Abolishment: capacity to effect a complete cleaning past a session termination, client side, on cookies, cache pages, register voices and locally saved components.

    Stonesoft IPS
    Easily access to information and central services today represent an indispensable element for the company. Availability of services improvement often is traduced in a major exposition to potential informatics attacks that can avoid the traditional firewalling systems.
    Stonegate IPS represent the StoneSoft answer to continue threats towards companies Business-Critical services from the outside.
    Stonegate introduce a powerful modular tool for company security improvement both for virtual environments and physical solutions.
    Stonegate IPS is able to detect, identify and block in a proactive way the malevolent traffic while the IPS Transparent Access Control system permit an easy and effective segmentation for the wide network infrastructure.

img 4

img 4

.

IPS solution permit to keep under control intrusions from spyware, worms or eventual peer-to peer able to slow the normal network performance and to answer suddenly to attacks and intrusion. Thanks to Stonesoft centralized management system offer a platform able to generate alerts, perform reports and incident handling, reducing the infrastructure’s administrative charges.

img 5

img 5

Stonesoft