[]
8Signs Firewall falls into a class of firewalls called Stateful Inspection
Firewalls. Stateful inspection firewalls overcome the limitations of
packet filter firewalls and application proxy servers. They examine more
than just the "to" and "from" addresses in the data packets, and do
not require a proxy for every application being accessed. Stateful inspection
firewalls determine whether packets can get through the firewall based
on the protocol, port, and source and destination addresses. For every
request that is allowed by this strategy, stateful inspection firewalls
open up a limited time window to allow response packets, but ONLY from
the same host. Also, by maintaining information about previous packets,
stateful inspection firewalls can quickly verify that packets meet the
criteria for authorized traffic, making them inherently fast.
8Signs Firewall allow you to trap hackers, slow down the spread of
worms and stall spammers by creating tarpits. A tarpit is a trap for
troublesome outsiders. Your system accepts TCP connections but never
replies and ignores disconnect requests. This can leave ports scanners
and hackers stuck for hours, even days.
(Servers Only)
Specifically designed as a safeguard for web servers, 8Signs Firewall for Servers
scans open ports for malicious activity and blocks these attacks automatically, providing
an additional layer of security to an organization's security model.
( Servers Only )
8Signs Firewall identifies port scans - generally a precursor to hack attempts - and blocks them
automatically.
8Signs Firewall lets you block IP addresses or ranges of addresses to prevent unwanted connection
attempts. This can be particularly effective in stopping repeated requests from a hacker who is
trying a large number of hacks, looking for one that works. Entries to the Ban List can be made
manually, or automatically using the "Ban IP" action on a Block rule, the Port Scan feature or the by
using HTTP Filtering option.
The ability to allow or deny a computer by its MAC address ensures that malicious or unwanted users
on your network are unable to bypass security filters.
( Servers Only )
8Signs Firewall for Servers allows access to an entire network or
single installation of the Firewall from the Firewall Server or remote locations. This feature
gives administrators incomparable freedom and ensures the highest level of security through
password protection.
A SYN flood is large number of valid-looking connection attempts that can overwhelm
a server and prevent it from being able to accept connections from legitimate users.
8Signs Firewall recognizes when a SYN flood occurs and prevents it from interrupting
normal server operation. When the SYN flood is detected, a log message is generated
and "SYN cookies" are used so that valid connections can be made and SYN flood
connection attempts are ignored. Once the SYN flood ends, SYN cookies are no longer
used.
Simplify your ruleset and tighten
security by using the port, IP and MAC address groups when creating rules in 8Signs Firewall.
Using groups, you can create one rule that can apply to multiple ports, IP addresses or
MAC addresses.
8Signs Firewall gives the administrator unparalleled control over
the traffic passing through the firewall. All traffic is blocked by
the firewall, unless you have specifically configured a rule to allow
it. Rules are configured per-device, and you have full control over
the local and remote IP address(es), local and remote port(s), protocol,
and direction of the traffic that you will allow through the firewall.
8Signs Firewall allows you to maintain a separate set of rules to
be applied to each network adapter in your system. Thus you can configure
a set of rules to be applied to traffic passing over your external/Internet
interface, while having a separate set of rules that apply to traffic
through your internal/LAN interface.
The Connections Viewer is a real-time display showing all active connections
going through the firewall. For example, with 8Signs Firewall installed
on a web server a quick glance at the Connections Viewer would show the
administrator how many visitors are currently at their web site.
Deploying 8Signs Firewall across a number of workstations or servers
is simplified by your ability to Export and Import rules. These rule
subsets can even be shared amongst 8Signs Firewalls running on different
operating systems.
In addition to securing your computer while running, 8Signs Firewall
is also protecting your system during the boot process. 8Signs Firewall
can also be configured to block all traffic to and from your computer
when the firewall is not even running!
8Signs Firewall has full logging capabilities. You have complete control
over what to log, how large the log file can become, where to store
the logs, and how often to begin a new log file.
Keeping an eye on your own or a customer's firewall is made easier with
8Signs Firewall's ability to schedule automatic emailing of the log
file to any email address that you specify.
Rules can be configured to trigger an email to be sent to any email
address that you specify if the rule is 'hit'. For example, if you want
to be notified immediately if a hacker is scanning your firewall for
the Back Orifice trojan, simply configure a rule that will specifically
block this type of traffic and send an email to you if the rule is hit.
Rules can be configured to only be active on certain days, or at certain
times of the day. For example, you may want to allow web browsing only
on weekdays between 9:00 am and 5:00 pm, or allow for remote access
to your server only on Tuesday evenings for maintenance............this
is easily accomplished using time-sensitive rules.
8Signs Firewall can require that a user must log into the firewall
before having access to any of the firewall administration or logging
screens. Using password security prevents an unauthorized user from
tampering with, or shutting down, the firewall.
While many firewalls filter only the IP protocols, ignoring others such
as NETBEUI and IPX, 8Signs Firewall intercepts them all and can be
configured to allow or block this type of traffic. 8Signs Firewall
can also control the less commonly used IP protocols such as GRE, which
is required for VPN traffic.
|
|
|
To contact 8Signs please email info@8signs.com
|
