Application control

Today, web traffic makes up 80% of companies’ overall network traffic. Regardless of whether it is encrypted, the heavy use of web traffic requires a new precision for security appliances. Firewalls that cannot see further than the TCP/IP protocol and its reliance on the destination port are obsolete.

Application Control

The firewall application control on all the appliances in the range allows you to automatically identify applications thanks to an effective and dynamic connection content scan, which is based on more than just static elements (e.g. the destination port).

  • Application intrusion prevention provides you with an additional layer of protection, compared to simply blocking an application.
  • Performance up to 10 times higher than a proxy-based technology
  • Immediate alerts in the event a vulnerability appears help you to secure your network more quickly

You will therefore be able to create your security policy by taking into account the applications you wish to allow or block. Gartner’s analysts consider this feature the foundation of what they call the “Next-Generation Firewall”.

Put the user at the heart of your application policy

NETASQ firewalls allow you to very easily insert users or user groups directly into an authorization rule. As such, you can quickly create an application policy that reflects the organization of your company.

Instantly shrink your application-based risk

NETASQ is the only security solution that offers much more than just the simple detection of applications. NETASQ Vulnerability Manager informs you in real time of risks involved in running a certain application. In a few clicks, you can define customized alerts according to the risk level and type of application. You can therefore spread out the task of monitoring your applications more efficiently.

Get a head start with application-based intrusion prevention

Web browsers have become complex applications that are able to interpret JavaScript code in cloud-hosted applications. This complexity comes at a price. Every year, the major browsers on the market fall prey to security flaws that can allow the execution of malicious code on targeted workstations.

Application recognition is reliable: it is not based only on the data at the beginning of a connection.

Thanks to its expertise in application recognition technology, NETASQ’s Next-Generation firewalls do not only allow or block applications. NETASQ’s technology also protects you from attacks encapsulated in these complex application traffic packets.

For example, JavaScript code in web-based applications is inspected in real time by the application intrusion prevention engine. Many attack and escape techniques are recognized and the detection of attacks is not restricted to known attacks. Abnormal application behavior is isolated and malicious code is deleted without disrupting legitimate browsing. And thanks to SSL traffic inspection, your network perimeter will be fully protected.

Do not compromise on performance

NETASQ’s application inspection is part of the application-based intrusion prevention engine and is carried out in real time without the need to turn to the costly use of proxy technology. Highly advanced techniques for temporarily desynchronizing the traffic guarantee that all traffic is analyzed without affecting user experience.