GajShield

Data Security Firewall Features

Data Security Firewall Feature Summary

GajShield Data Security Firewall's layered network security platforms are designed to provide in depth protection against various attacks by tightly integrating key security functions and to securely connect remote offices and partners. GajShield Network Security Appliances combines ICSA Certified Firewall appliances, Data Leak Prevention, Cloud Security, IPS, VPN, URL Filtering, Virus screening and Bandwidth Management in a single appliance to provide in depth protection at the network edge. A unified management platform makes it a breeze to deploy, administer, and manage GajShield Network Security Appliances.

Firewall

  • ICSA Labs Certified Firewalls
  • IPv4 & IPv6 support
  • IPv6 NAT64/DNS64 support
  • User-based rules
  • Dynamic Stateful Inspection
  • DoS, DDoS, Syn attack prevention
  • Traffic normalization
  • Protocol decodes
  • Flexible Addressing Mode
  • Multiple Network Zone
  • Multicast routing protocol support such as PIM, IGMP
  • Built-in Firewall Logging
  • Group Policies
  • Unrestricted user license on all the GajShield appliance models
  • Virtual Firewall
  • DHCPv4/DHCPv6 Server
  • RIP v1, RIP v2 and OSPF, OSPFv2, OSPFv3, BGP, BGP v6 Support
  • NTP, SNMP 
  • Virtual firewall support starts from GS360nu and above appliance models
  • Local storage available in all GajShield model appliances (except GS15nu appliance)
  • Context-Sensitive Data Leak Prevention
  • SSL VPN/Cloud Security (Remote Filtering)
  • Object-Oriented Policy Security Management
  • User/Group based Policy management
  • Application Security

The need for efficient and dependable infrastructures has become very important in order to serve critical systems and the demand for such infrastructures is continuously increasing. It has become important that the system is able to handle increasing load and at the same time, is able to decrease downtime and eliminate single points of failure. As a result of this, High availability as a quality of infrastructure design has gained extreme importance.

  • Active / Passive and Active / Active with State synchronization
  • Stateful Failover
  • Non-stop forwarding during HA with graceful restart
  • Email Alerts on HA Status
  • Auto synchronization of entire configuration made on Master firewall to Backup firewall
  • Email notification when firewall state change from Master to Backup and vice versa

Key Features:

  • Two Factor Authentication support for WebUI, CLI or Console with OTP
  • Manage through a browser, ssh and terminal
  • Single window policy management
  • Role based Administration
  • On Appliance Analytics
  • User based firewall policies
  • Policy inheritance (Oops)
  • Remote Syslog and SNMP support
  • Administration activity logs for auditing

Familiar Management interfaces allow device and network management from virtually any location. Assign multiple role to administrators for flexible management.

Key Features:

  • Static IP Address, PPPoE, DHCP
  • Policy based Multi-WAN Failover & Load balancing
  • WRR based Load Balancing
  • Policy based Routing
  • Multicast forwarding
  • Dynamic Routing (RIP v1 & 2, OSPF)
  • DHCP server support on multiple interfaces
  • Support for dynamic DNS

Key Features:

  • Scans SMTP, POP3 traffic for spam
  • Detects, tags or quarantines spam mail
  • Content-agnostic spam protection including Image-spam
  • Preemptively stops sophisticated threats like phishing, pharming, zombie attacks & supports RBL lists
  • Enforces black and white lists
  • Real-Time protection from emerging threats
  • Language, content and format independent spam prevention
  • Detects phishing URL in emails
  • Quarantine Spam Mails
  • Mail Archiving

Key Features:

  • Multiple Engine – uses cloud based sandboxing
  • Powerful and Real-Time protection from Virus outbreaks
  • Scans HTTP, HTTPS, FTP, POP3, SMTP & SMTPS traffic
  • Detects and removes viruses, worms and all kinds of malware
  • Instant identification of virus infected users
  • ZERO Hour Virus protection
  • Spyware, Malware, Phishing protection
  • Automatic real-time Virus update
  • Complete protection of traffic over all protocols
  • Last virus update definition
  • Complete report of viruses caught

Key Features:

  • Complete reporting on appliance
  • User, Application specific reporting
  • Daily Internet activity user/group wise report on e-mail
  • Real time reports, automated alerts, historical reporting
  • Security reports include Firewall, IPS & VPN
  • Real time reporting of bandwidth and users
  • Policy violation alert on E-mail & Reporting
  • Virus filtering reporting
  • Guest user authentication activity logs

Key Features:

  • Signatures: Default (25000+) custom signatures
  • Prevents exploits, intrusion attempts, malicious code, backdoor activity and network-based blended threats
  • Anomaly Detection System mitigate evolving and internal threats
  • High-performance security with real-time attack, malicious code and hybrid threat blocking
  • Automatic updates for new threats
  • Notification via email
  • Report of source IP from where the intrusion has been originated

Intrusion Prevention System monitors every incoming and outgoing packet and detects attack patterns based on IPS signatures and Anomaly Detection.

Key Features:

  • Security log records network attacks
  • Event log records all configuration changes
  • Browsing log records all browsing traffic
  • Virus log shows the viruses
  • Analysis and Graphing of network traffic
  • Automatic email notification of attacks

GajShield provides a wide range of tools and diagnostics (including Ping, Trace route) to track and analyze traffic and network activity. Also provides remote Syslog and SNMP support.

Key Features:

  • Service based ISP Load Balancing or Failover
  • Both Failover and Load Balancing can be set up simultaneously
  • Load balances traffic based on weighted round robin distribution
  • ISP Failover automatically shifts traffic from a failed link to a working link
  • Automatic traffic fallback when failed ISP comes up
  • Zone based failover
  • Customized NAT on failover
  • ISP failover and fallback notifications on email

Key Features:

  • Policy based Bandwidth Management & Queuing
  • Hierarchy based Bandwidth Management
  • Committed on the fly bandwidth borrow
  • Time Quota and Bandwidth Quota
  • Bandwidth policy for browsing
  • Bandwidth utilization chart based on Bandwidth Queues

Key Features:

  • Debug network using ping, traceroute and ARP
  • Real time packet capture utility and can forward captured packets to a different host for futher analysis.
  • URL filter check to identify which policy is used to allow / block an URL for an user or IP
  • Utility to check the web cetagory of an URL
  • Firewall live log to check network traffic is allowed or blocked with firewall policy rule number