NetworkShield Firewall Features Overview
Network Protect. Reliable network-layer Firewall provides primary protection for Internet servers and local networks.
Stateful Packet Inspection. The rule-based Firewall performs SPI (Stateful Packet Inspection) processing of all network packets and provides reliable safety of internal enterprise networks.
Application Protocol Detection. The most valued feature of this solution is that Application Level protocol (HTTP, POP3, SMTP, SSL, FTP, etc.) is detected by the exact transferred data (Layer 7), and not simply by the typical port number. This approach allows to define a strict policies on the network traffic, enabling only the high-level protocols that are really needed.
Connection Forward. This technology redirects all connections to the assigned IP-address and port. It provides safe operation for internal enterprise servers from the outside Internet.
Built-in NAT. NAT (Network Address Translation) technology allows to connect local area networks to the Internet. Most importantly, implemented NAT has a perfect network traffic processing performance.
DNS Forwarder. The effective Internet usage is not possible without DNS service. Built-in DNS Forwarder can quickly provide centralized configuration for network parameters, and later adjusts it transparently to the user.
DHCP server. Built-in DHCP server automatically assigns IP addresses, decreasing the required time for local area network deployment.
Corporate Network Protect
Data-Loss Prevention. Built-in DLP (Data-Loss Prevention) mechanism is designed to find and repress corporate information leak through the Internet (e-mail, web-mail, internet communities, MSN, ICQ, etc.). All HTTP and HTTPS POST queries, instant messagers chats and e-mails with attachments are decoded from the network traffic and stored to the hard disk and database. Messages are saved in plain text, all emails in .eml format, so any information search programs can be used.
Web filter. Blocking access to the undesirable Web sites by URL-address or by Category can reduce Internet traffic consumption and improve employees' productivity.
Alerts and Notification. Rule-based notification mechanism allows to specify various alerts events via e-mail. For example, visits to some Web-sites, particular recipient's messages or certain content of messages.
Users Control. The program allows Active Directory users' import to a designated group and assigns distinct profile settings. As well as to identify users working on a terminal server and create exception lists with no restrictions applied.
Traffic Usage Control
Traffic count. Internet traffic is permamently counted for every computer or user in a network. The peculiarity of the designed mechanism is a very high accuracy of data collection. Traffic is counted for all connections with enabled Logging at corresponding Firewall rule. This allows to avoid excessive logging and receive detailed information on the particular traffic only.
Detailed Reports. Built-in report server allows to view detailed reports on network traffic or each connection. The reporting system includes several kinds of reports: summary, per-host, per-user, and detailed reports about all the connections marked for logging.
Usage Control. The sufficient set of tools provided to control and restrict network users' traffic on the Internet: grant or revoke remote resources access, users permissions control, setting up quotas limits to users and computers.
Speed Limit. The speed limit for groups of computers or users. The assigned channel width will be distributed equally among all of group members.
Traffic Monitoring. The system administrator is able to monitor users activity in a real time. Special section provides detailed information about established connections by both LAN and Internet server.
Control Panel. Software management provided by single control panel with a simple and intuitive Web interface, using a standard Web browser.
Remote Access. Remote software control does not require any additional tools, using just an ordinar Web browser and configured Firewall rule enabling access to the Control Panel.