GajShield Security feature Summary

• Firewall

- Dynamic Stateful Inspection - DoS, DDos, Syn attack prevention - Flexible Addressing Mode - Multiple Network Zone - Built-in Firewall Logging - Group Policies - DHCP Server - RIP v1, RIP v2 and OSPF Support

Stateful Inspection technology monitors every incoming and outgoing packet, providing utmost network protection. Policies can be set for entire group- not required for each user, service, port- allowing both efficiency and flexibility. Flexible addressing mode such as NAT, PAT, one-to-one nat, many-to-one nat allows GajShield to be seamlessly integrated into most network environments. Supports advanced routing and networking features like RIP, OSPF, VLAN etc. providing granular configuration option.

• Intrusion Prevention Service (IPS)

- Intrusion Detection Signatures - Port, Protocol Anomaly detection - Automated signature updates

Intrusion Prevention System monitors every incoming and outgoing packet and detects attack patterns based on IPS signatures and Anomaly Detection.

• Gateway Virus Screening

- Site-to-Site Access - SMTP, POP3 scanning – Email - FTP scanning - FTP

Gateway virus screening monitors the browsing, email and download traffic and stops the viruses at the perimeter of the network. Automatic updates of virus signatures provides protection against new viruses on an ongoing basis.

• Virtual Private Network (VPN)

- HTTP virus scanning – Browsing    • IPSec, DES, 3DES - Client-to-Site Remote Access    • PPTP, L2TP, IPSec - MD5 and SHA –1 authentication - Radius, TACAS+, LDAP Authentication

VPN provides secure communications over the internet. It establishes a virtual encrypted tunnel to safely carry data between the LAN and any point outside the network. Ideal for employees who need to securely access the corporate resources from home or when traveling, as well as for secure communications between branch locations. Keying modes include Manual Key Exchange, IKE ( pre-shared, RSA signature, X.509)

• Url Filtering

- Group based Block access to specific URL - Group based allow access to specific URL - Category based URL Blocking - Group based Allow attachment downloading - Group based Block attachment uploading - Group based time scheduling

Define the Employee Internet Policy by allowing or disallowing access based on time, sites & attachments. Allows Define the Employee Internet Policy by allowing or disallowing access based on time, sites & attachments. Allows  Granular definition of policies either for the entire network or for groups or users.  Granular definition of policies either for the entire network or for groups or users.

• Traffic Shaping - Bandwidth Management

- Guaranteed bit rate, 8 level Priority - Allocate specific bandwidth to Protocols - Allow minimum bandwidth

Class based Queuing allows network bandwidth to be allocated where it is needed the most to ensure important business applications function smoothly.

• Logging and Reporting

- Security log records network attacks - Event log records all configuration changes - Browsing log records all browsing traffic - Virus log shows the viruses - Analysis and Graphing of network traffic - Automatic email notification of attacks

GajShield provides a wide range of tools and diagnostics ( including Ping, Trace route) to track and analyze traffic and network activity.  Also provides remote Syslog and SNMP support.

• System Management

- Web browser based, SSL encrypted - Local CLI through SSHv2 - LDAP and Radius Support - DHCP Server

Familiar Management interfaces allow device and network management from virtually any location. Assign multiple role to administrators for flexible management.