Next Generation Firewall - Security Beyond UTM

Nextgenfirewall

GajShield Next Generation Firewall appliances go way beyond current UTM firewall technologies, by using industry's most powerful deep packet inspection engine to classify application traffic and provide visibility to common SaaS application.
GajShield's Application filter provides real-time, Layer-7 classification of all network application traffic. 

GajShield Next Generation Firewall appliances, are ICSALabs certified, go way beyond current UTM firewall technologies. With a unique Context based Data Leak Prevention, Cloud Access Security Broker (CASB), Cloud Security for Roaming users, BYOD for mobile device security and Application Filtering, GajShield next generation firewalls are industries leading innovators in data and network security. GajShield firewalls are easy to configure using its Object Oriented policy management which brings policy re-usability and inheritance.

Top Reasons to choose GajShield Next Generation Firewall beyond UTM firewalls

Traditional firewalls commonly serve as the boundary between the Internet and an organization's network. They offer protection based on controlling specific protocols and ports, and restricting traffic to and from specific IP addresses. These days however, most attacks are web-based, easily passing through http (port 80) and https (port 443). Most firewalls are unable to identify malicious applications or traffic passing through these common ports. Next Generation firewall must evolve to effectively defend against these threats.

Customers get, complete and Proactive security with GajShield Next Generation Appliances. In today's organization, application, employees, vendors, clients, and security threats fight for the same network resources. It has become difficult for small to medium enterprises to manage their infrastructure as they are unable to distinguish between good traffic v/s bad traffic. Threats or various productive applications have become smarter as they camouflage data transfer using standard internet ports. Current day security products have failed to distinguish and manage such malicious traffic.

GajShield will answers your following security questions and many more

  1. I need security for my roaming users without impacting their device performance.
  2. I need visibility into the cloud applications used by my users and protect against shadow IT.
  3. We use common SaaS applications like Google G-Suite. Need a solution to improve security and control its use.
  4. We want to limit the access to cloud applications to only corporate use.
  5. Want to protect against Data Leaks through SMTP Mails and Web applications.
  6. Want a security solution which can also be used to setup VPN across offices with high availability and failover.
  7. Want a simple solution to manage my multiple firewalls.
  8. A device which should inspect SSL traffic for malware and data leaks.
  9. A device to block torrents, Skype and malicious proxy applications.
  10. Easy to manage and allows me to implement my corporate policies in a seamless way.

What is a firewall and how does it work?

A firewall is a system or group of systems that enforces an access control policy between two networks. The actual means by which this is accomplished varies widely, but in principle, the firewall can be thought of as a pair of mechanisms: one, which exists to block traffic, and the other, which, exists to permit traffic. Some firewalls place a greater emphasis on blocking traffic, while others emphasize permitting traffic. Probably the most important thing to recognize about a firewall is that it implements an access control policy. If you don't have a good idea of what kind of access you want to allow or to deny, a firewall really won't help you. It's also important to recognize that the firewall's configuration, because it is a mechanism for enforcing policy, imposes its policy on everything behind it. Administrators for firewalls managing the connectivity for a large number of hosts therefore have a heavy responsibility.

Types of Firewalls:  Different types of firewalls are

  • Packet Filtering Firewalls - that block selected network packets. •
  • Proxy Servers - that make network connections for you.
  • Unified threat management (UTM) firewall - A UTM device typically combines, in a loosely coupled way, the functions of a stateful inspection firewall with intrusion prevention and antivirus and simple malware detection. It may also include additional services for content filtering. UTMs focus on simplicity and ease of use. UTM devices have a limitation of not being able to detect modern advance threats as they are unable to inspect deeply inside the packet and identify threats.
  • Next-generation firewall (NGFW) - Firewalls have evolved beyond simple packet filtering and stateful inspection. Most companies are deploying next-generation firewalls to block modern threats such as advanced malware and application-layer attacks. GajShield Next Generation Firewall (NGFW) provides an additional layer of security with its Context based Data Leak Prevention (DLP) Engine. 

Context based Data Leak Prevention / Cloud Access Security Broker (CASB) - GajShield

Intentional or unintentional leak of information is a major concern for enterprises due to the exposure of users to increasing number of personal and business applications over the web. Whether they use email applications, Instant Messaging, Web Chats or simple Document Storage Sites, all these applications can be easily used for leaking information. These applications are also used by enterprise for business communication and hence blocking these applications is not the solution. Current firewalls or UTMs are unable to restrict usage of these applications to prevent Data Leaks. GajShield is the only Next Generation Firewall solution which gives an organisation complete control by providing 'Visibility', 'Monitor', 'Detection' and 'Prevetion' of data being sent out of the enterprise which the current generation UTM device are unable to do.
 

Cloud Security

GajShield enriches user experience for Internet access, while providing risk mitigation and policy enforcement for CEOs and CISOs through its in-the-cloud service. Organizations do not need to purchase, deploy, or manage countless point products. Companies simply define their corporate security, control, and compliance policy by accessing the GajShield service. The web traffic leaving the PC is easily redirected to data centers in GajShield's global infrastructure or Cloud maintained by the organisation. End user traffic bound for the Internet is allowed, blocked, or throttled based on an organisation.s policy. As the road warrior retrieves the data from the Internet, GajShield scans it for a range of malware threats. GajShield enforces enterprise policies, even monitors and prevents data leaks from these mobiles users.

Proactive Security

Security problems become known when they start impacting the network and performance. Most of the time organizations do not find out security issues till they start impacting performance on the network and internet. Spyware is the best example of this. Organizations should look for solution that monitor the internet connection performance along with security breaches which can enable them to take proactive and informed decisions.

Integrated Policy Management

Security, access and policies for application can vary by department , group, job function hence a solution should allow to deploy policy based on data leak preventiom, application, content, scheduling, Natting, failover and access policy into an integrated interface. The only firewall solution which provides truly inheritance of policies to ease the management of your firewall and security needs of your organisation.

Policy based Failover & Load balancing - MultiWAN Management

Importance of applications can vary from one organization to the other so a solution should allow a per service ISP failover and load balancing. In the traditional security solutions all the services whether critical of non-critical have to be in failover or load balancing mode. This is very important in a country like india where ISP’s are not yet stable and bandwidth provided in very low and not consistent.

Policy based Protection

Policy based Protection for Firewall, IPS, Data Leak Prevention, Application Filtering, Content filtering, P2P control, IM control, Adware, Spyware and set policies based on BYOD along with user identity or IP address. This provides more control over security.

Corelation of isolated Internet and Network events

Today users, applications and threat all are fighting for the same network resources. Once you come to know that there is a problem, how can you identify and trouble shoot it? The current day solutions ask network administrators to look at various logs like Firewall, traffic logs, proxy logs or set up sniffers to identify problems. The normal administrator does not have time or the expertise to do these hence is left in lurch. GajShield correlates isolated events to provide tools for administrator to decisions in proactive and informed manner.

Further Readings