:: Protecting your infrastructure ::
Who We Are.. iDeras Features Benefits Q&A
Infosys Gateway Sdn Bhd . Incorporated in 2007 Bumiputra owned Company MSC Status Company Registered with Ministry of Finance (MOF), Kementah (MINDEF) Malaysia Industry Council for Defence, Enforcement & Security(MIDES) MATRADE, SME-CORP & OIC- CERT Successfully innovated and developed a network security appliance with continuous R&D for enhancement and future innovation 1st Malaysian developed unified network security product named iDERAS.
Global Certification Common Criteria EAL 2
For securing the complete ICT environment, we propose the following components: Malaysia First Unified Network Security Innovation, iDeras .
“Unified threat management (UTM) is a converged platform of point security products, particularly suited to midsize and enterprise businesses . Typical feature sets fall into three main subsets; 1. Firewall 2. Intrusion Detection & Prevention System (IDPS) 3. Proxy Filter (Content Filtering, URL Filtering, Web Antivirus [AV])
UNLIMITED USERS
Features Control of network traffic to optimize A firewall, an appliance designed to prevent unauthorized bandwidth, lower latency, and/or access to your network increase usable bandwidth. FIREWALL Monitor inbound and outbound network activity, IDPS TRAFFIC identify suspicious network patterns that may SHAPER indicate potential harm to your environment and prevents it based on the rules set CONTENT CAPTIVE FILTERING Prevent access to harmful content, which may PORTAL be harmful if opened or accessed. VPN Direct users to a web page before granting access to the internet. Able to identify who is using your network. VPN, to connect to a private network, such as a company's internal network, ensuring secured connectivity within your environment.
Firewall FIREWALL
Firewall FIREWALL Firewall is the most important component of the UTM Box Firewall rules control what traffic is allowed to enter an interface on the firewall Filtering by source and destination IP, IP protocol, source and destination port for TCP and UDP traffic Option to log or not log traffic matching each rule. Highly flexible policy routing possible by selecting gateway on a per-rule basis (for load balancing, failover, multiple WAN, etc.)
FIREWALL
FIREWALL Firewall: Other Functionalities A tool to control the Network Address Translation ( NAT ) is a NAT network traffic in order way to map an entire network (or to optimize or guarantee networks) to a single IP address. performance, lower latency, and/or increase usable bandwidth by delaying packets that meet certain criteria. TRAFFIC Virtual IPs SHAPER Virtual IP (VIP) feature provides IP addresses that can float between two or more physical network nodes. These IP addresses are used to provide redundancy for attached servers and VIPs Firewall rules can be scheduled so that SCHEDULES they are only active at certain times of day or on certain specific days or days of the week.
NAT (screenshots) cont … FIREWALL Add Port Forwarding When enabled, this automatically creates additional NAT redirect rules for access to port forwards on your external IP addresses from within your internal networks. The NAT + proxy mode uses a helper program to send packets to the target of the port forward. It is useful in setups where the interface and/or gateway IP used for communication with the target cannot be accurately determined at the time the rules are loaded. Firewall: NAT: 1:1 Enables the automatic creation of additional NAT redirect rules for access to 1:1 mappings of your external IP addresses from within your internal networks. Reflection on 1:1 mappings is only for the inbound component of the 1:1 mappings. This functions the same as the pure NAT mode for port forwards.
NAT (screenshots) cont … FIREWALL NAT: Outbound Automatically create outbound NAT rules which assist inbound NAT rules that direct traffic back out to the same subnet it originated from. Required for full functionality of the pure NAT mode of NAT Reflection for port forwards or NAT Reflection for 1:1 NAT. This only works for assigned interfaces. Other interfaces require manually creating the outbound NAT rules that direct the reply packets back through the router.
Schedule FIREWALL
Virtual IPs Virtual IPs add knowledge of additional IP addresses to the firewall that are different from the FIREWALL firewall's actual "real" interface addresses. Most often, these are used for NAT, but they can also be used for other functions such as clustering, binding services such as DNS, load balancing in packages
Traffic Shaper TRAFFIC SHAPER Traffic shaping, also known as "packet shaping," is the practice of regulating network data transfer to assure a certain level of performance, or quality of service (QoS). The practice involves delaying the flow of packets that have been designated as less important or less desired than those of prioritized traffic streams. Regulating the flow of packets into a network is known as "bandwidth throttling." Regulation of the flow of packets out of a network is known as "rate limiting. ” Example : delaying packet flow when downloading video (which is rated as less important from the company policy) Traffic Shaper UI
Intrusion Detection & Prevention System IDPS • Intrusion Detection System(IDS) is considered to be a passive-monitoring system, since the main function of an IDS product is to warn you of suspicious activity taking place − not prevent them. • IDSs can respond to the suspicious event in one of several ways, which includes displaying an alert, logging the IDS event. • Intrusion Prevention System(IPS) provides policies and rules for network traffic along with an IDS for alerting system or network administrators to suspicious traffic, but allows the administrator to provide the action upon being alerted. IPS • IPS has the capability of being able to prevent known intrusion signatures, but also some unknown attacks due to its database of generic attack behaviors. • The rule header contains the information that defines the who, where, and what of a packet, as well as what to do in the event that a packet with all the attributes indicated in the rule should show up. The first item in a rule is the rule action. The rule action tells IPS what to do when it finds a packet that matches the rule criteria. Rules • There are 5 available default actions in IPS , alert, log, pass, activate, and dynamic.
IDPS Rules IDPS
IDPS( Screenshot..) IDPS IPS Alerts & Block malicious site Logging and Alerting System & Output Modules: process alerts and logs and generate final output. All the traffics whichever match the rules has been enabled, will trigger alert Alerts
IDPS( Screenshot..) IDPS IPS Alerts & Block malicious site Blocks: All the traffics whichever match the rules has been enabled, will trigger alert then it will block and blocked host will be listed in Block Page. Blocked
Cont Content ent Fil ilter tering ing (Pro (Proxy) xy) CONTENT FILTERING Proxy limits the web access for some users to a list of accepted/well known web servers and/or URLs only. Block access to some listed or Will generate the logs for all blacklisted web servers and the access or blocked URLs/ IPs URLs matching list of regular for the session expressions or words for the users. Have different access rules Redirect blocked URLs to an info based on time of day, day of the page or redirect banners to an week, date etc. empty GIF.
Content ontent Filter iltering ing (Pr (Proxy) xy) CONTENT FILTERING These are the additional expressions In addition to the PROXY function, rules can be customised to add onto the blocklist (Kindly refer to the above diagram).
Content ontent Filter iltering ing (Pr (Proxy) xy) CONTENT FILTERING
Other Functionalities Mail VPN GlobalBlock Reporting Monitoring Captive Portal DHCP SERVER Graph
VPN VPN iDeras software offers three options for VPN connectivity, IPsec , OpenVPN , and PPTP . IPsec IPsec allows connectivity with any device supporting standard IPsec. This is most commonly used for site to site connectivity to other iDeras installations, other open source firewalls (m0n0wall, etc.), and most all commercial firewall solutions (Cisco, Juniper, etc.). It can also be used for mobile client connectivity. OpenVPN OpenVPN is a flexible, powerful SSL VPN solution supporting a wide range of client operating systems. PPTP Server PPTP was a popular VPN option because nearly every OS has a built in PPTP client, including every Windows release since Windows 95 OSR2. However, it's now considered insecure and should not be used.
VPN (screenshots) cont … VPN Enabling OPEN VPN
GlobalBlock GlobalBlock Global Blocks allows: Blocking individual countries All incoming and outgoing traffic can be blocked using global block. Restrict spammers from selected countries. Global block allows users to add IP Block list
GlobalBlock(Screenshots cont ….) GlobalBlock
Recommend
More recommend
