Enterprise networks need to be open and made available to partners, suppliers and customers. It is a fundamental requirement for IT security to restrict traffic flows on your network.
Such segmentation, in addition to enabling the control of user access to each of the resources on the network, can offer some protection against external attacks. It also prevents the spread of viruses internally between departments.
NETASQ multifunction firewalls enable you to quickly and simply segment your network.
Furthermore, if your business is subject to standards such as PCI-DSS, you are required to screen certain areas of your network. In many cases installation of a firewall is a requirement to ensure compliance.
Many studies indicate that most threats emanate from the internal network. Once your network is segmented, you can configure your NETASQ firewall to control which traffic and users are authorized to move between trust zones.
NETASQ’s integrated intrusion prevention engine uses protocol conformity analysis, application filtering and antivirus analysis to inspect authorized traffic flows and strengthen application security. NETASQ enables you to establish and configure user-based security policies, giving you greater control over which network resources each user is authorized to access.
As threats to enterprise networks grow and evolve, simple firewalls no longer form an effective barrier. The only adequate response is to upgrade networks with the latest security technologies. Network layer protection is no longer enough.
- Full protection against application vulnerabilities
- Complete network overview
- Port independent high-level filtering
A modern approach addresses both the threats to applications and services, as well as to the network itself. Monitoring and restrictions must be applied to applications, users and traffic flow contents.
A traditional firewall can no longer deal with threats such as the use of non standard ports and encrypted attacks.
NETASQ multifunction firewalls include a range of modules for pro-active security. A policy of continuous development ensures they are able to meet the needs of even the most demanding enterprise. The NETASQ Intrusion Prevention Engine (IPS) integrates a number of technologies and over 10 years of research to deliver exceptional levels of security.
NETASQ’s Application Firewall contains a real-time analysis module. The NETASQ Vulnerability Manager module enables control of applications, services and all network vulnerabilities. It offers a complete overview of the network to facilitate fast, effective risk management, giving you end-to-end control of the entire infrastructure. Integrated antivirus functionality carries out antiviral analysis, antispyware and antiphishing for exceptional protection against malware applications. Analytical processes are updated automatically to give incremental protection. NETASQ solutions deliver the highest levels of security at all times.
As user mobility increases, so does network complexity. It is becoming increasingly difficult to manage network security and access to applications purely on the basis of an established and known network architecture.Today, users access applications in a variety of ways, including remote access, laptops and smartphones.
- User-based security
- Enables a modular security policy
- Network modifications do not affect established rules
Therefore, effective security management needs to be based on the concept of the user. So, rather than being set up to block PCs and servers, a modern security system must be enabled to block users. To achieve this, you need to implement highly modular security rules.
NETASQ’s unique multifunction firewalls enable security rule management on the basis of users. When a computer is used as a gateway, access to resources depends on the user’s identity. It is no longer necessary for you to devote time and effort to managing the resources on the network as each new device which is connected is automatically linked to the policy associated with its user.
All NETASQ products feature modular security policies. This allows you to ensure appropriate and effective use of network resources. You can also implement connection schedules, content-filtering and VPN, SSL and IPSec access to remote resources based on the identity of the user. This enables you to limit the number of rules which are applied to all of the user’s resources, whatever installation or device they are using.