Firewall and VPN gateways
Whether you need to connect to the Internet or interconnect with other internal or external networks (such as ENX), our firewalls protect your network from external breaches and guarantee the integrity and confidentiality of your data flows. Our firewalls have a very fine settings granularity and are customized to your environment and your needs.
Main functions of Numlog firewalls
- Levels 1 & 2 stateful inspections : in addition to standard packet filtering, real-time monitoring of active connections using a sessions table and special filtering of packets from a new connection
- Virtual machines : they are designed to act as a buffer against the outside world. They can be single entry point (role of a router, ADSL connection or VPN gateway) or a DMZ (demilitarized zone) to receive relays and other proxies
- Public bridge : transfer received packets to a virtual machine to prevent direct attacks on the firewall, transferring the risk to said machine
- User authentication for Internet browsing
- URL filtering to block access to websites not authorized by management
- VPN Gateway to connect securely to remote sites and remote clients
Our VPN gateways use the most cutting edge security technologies :
- Remote client authentication based on X509 certificates
- Strong cryptography: 3DES-192, AES-128, AES-256 for major algorithms
- Automatic key exchange
- Data compression
Advanced functions (can be configured or optional)
- DMZ (configurable) : a semi-internal, semi-public zone, a DMZ is designed to receive relays and proxies and serves as a bulwark between your internal network and the outside world. The DMZ is a double-entry security space: if the outside door falls due to hacker attack, the hacker has not reached your internal network!
- Relays and proxies (optional) : the purpose of a proxy is to “hide” the internal network from the outside world to prevent identification of each station, because stations are more vulnerable individually. An application relay filters protocol commands to manage rights to an FTP server, for example (such as submissions, downloading and viewing). Our relays and proxies can secure your OFTP, HTTP, HTTPS, FTP and SMTP flows.
- High availability and redundancy (optional) : redundancy involves doubling your Firewall infrastructure to guarantee that your applications will be available, even if the primary firewall fails. The switchover to the secondary firewall is completely transparent and restores service without any shutdowns.
Our Firewall range :
- Ethernet: 2
- Virtual machine: 2 maximum
- VPN Internet: 5 maximum, 4 of which are remote clients
- Ethernet: 3 to 5
- Virtual machine: 7 maximum
- VPN Internet: 50 maximum, 40 of which are remote clients
- Ethernet: 5 to 10
- Virtual machine: 10 maximum
- VPN Internet: 100 or more