Güvenlik Duvarı – NGFW

Barracuda Networks NextGen Firewall

Barracuda Networks NextGen Firewall F Serisi, kurumsal düzeyde bir yeni nesil güvenlik duvarıdır. Dağınık ve son derece dinamik olan ve güvenliğin çok önemli olduğu ağ çevrelerine verimli bir şekilde kurulabilecek ve kullanılabilecek şekilde tasarlanmıştır. Ağ trafiğini hat kesilmelerine karşı koruyup bağlantı kalitesini bozmayarak işlemlerinizi sektördeki en yüksek performans ve verimlilikle yürütebilir, işletmenize değer katabilirsiniz. Kullanıcı kimlik denetimi ve uygulama farkındalığı fonksiyonlarını kullanarak en iyi ağ yolunu, ağ trafiği önceliği ve işletmeniz için önemli olan trafiğe ayrılan bant genişliğini belirleyebilirsiniz. Barracuda NextGen Firewall F Serisi ile trafiğinizi alternatif hatlara şeffaf bir şekilde taşıyabilir, hattın kesilmesi durumunda trafik akışını sürdürebilirsiniz.

Barracuda NextGen Firewall F Serisi ürünler, Hardware Appliance, Virtual Appliance, Azure, AWS ve vCloud Air ile satın alınabilmektedir ;

Ürünün Hardware Appliance modeli karşılaştırması :

Ürünün Virtual Appliance modeli karşılaştırması :

Ürünün Azure modeli karşılaştırması :

Ürünün AWS modeli karşılaştırması :

Ürünün vCloud Air modeli karşılaştırması :

Teknik Detaylar ve Özellikler :

  • Firewall Features
  • Stateful packet inspection and forwarding
  • Full user-identity awareness
  • Intrusion Detection and Prevention System (IDS/IPS)
  • Application control and granular application enforcement
  • Interception and decryption of SSL/TLS encrypted applications
  •  Antivirus and web filteringin single pass mode
  • SafeSearch enforcement
  • Google Accounts Enforcement
  • Denial of Service protection (DoS/DDoS)
  • Spoofing and flooding protection
  • ARP spoofing and trashing protection
  • DNS reputation filtering
  • TCP stream reassembly
  • Transparent proxying (TCP)
  •  NAT (SNAT, DNAT), PAT
  • Dynamic rules / timer triggers
  • Single object-oriented rule set for routing, bridging, and routed bridging
  • Virtual rule test environment
  • User Identity Awareness
  • Terminal Server Agent
  • Domain Controller Agent
  • Authentication : Local, NTLM, RADIUS, RSA SecurID, LDAP/LDAPS, AD
  • WiFi Access Point Authentication support
  • Intrusion Detection and Prevention
  • Protection against exploits, threats and vulnerabilities
  • Packet anomaly and fragmentation protection
  • Advanced anti-evasion and obfuscation techniques
  • Automatic signature updates
  • Traffic Optimization
  • Link monitoring, aggregation, and failover
  • Dynamic routing
  • Application-based provider selection
  • Traffic shaping and QoS
  • On-the-fly flow reprioritization
  • Stream and packet compression
  • Byte-level data deduplication
  • Protocol optimization (SMBv2)
  • Advanced Threat Detection
  • Dynamic, on-demand analysis of malware programs (sandboxing)
  • Dynamic analysis of documents with embedded exploits (PDF, Office, etc.)
  • Detailed forensics for both, malware binaries and web threats (exploits)
  • Support for multiple operating systems (Windows, Android, etc.)
  • Botnet and Spyware Protection
  • Malware Protection
  • SQL injections and arbitrary code executions
  • Access control attempts and privilege escalations
  • Cross-site scripting and buffer overflows
  • DoS and DDoS attacks
  • Directory traversal and probing and scanning attempts
  • Backdoor attacks, Trojans, rootkits, viruses, worms, and spyware
  • Flexible malware analysis in the cloud VPN
  • Drag & drop VPN tunnel configuration
  • Secure site-to-site, client-to-site VPN
  • Dynamic mesh site-to-site VPN
  • Supports AES-128/256, 3DES, DES,Blowfish, CAST, null ciphers
  • Private CA or external PKI
  • VPNC certified (basic interoperability)
  • Application-aware traffic routing
  • IPsec VPN / SSL VPN / TINAVPN/ L2TP / PPTP
  • Network Access Control
  • iOS and Android mobile device VPN support
  • High Availability
  • Active-active (requires external load balancer) or active-passive
  • Transparent failover without session loss
  • Network notification of failover
  • Encrypted HA communication
  • Central Management Options
  • Barracuda NextGen Control Center
  • Unlimited firewalls
  • Support for multi-tenancy
  • Multi-administrator support & RCS
  • Infrastructure Services
  • DHCP server, relay
  • SIP, HTTP, SSH, FTP proxies
  • SNMP and IPFIX support
  • DNS Cache
  • SMTP gateway and SPAM filter
  • Wi-Fi (802.11n) access point on selected models
  • Protocol Support
  • IPv4, IPv6
  • BGP/OSPF/RIP
  • VoIP (H.323, SIP, SCCP [skinny])
  • RPC protocols (ONC-RPC, DCE-RPC)
  • 802.1q VLAN