eTrust Firewall Incorporates Latest Technology for Bulletproof Security

The challenge of applying consistent, complete security policies across every aspect of your business can be overwhelming. The Internet, for example, opens the door to new opportunities and enables you to do business with your customers on a global basis. Likewise, your corporate intranet presents an efficient way to communicate with business partners and field staff. While these avenues can expand market share, lower costs, and improve customer satisfaction, they also increase your vulnerability. Now more than ever, controlling access to your networks must be part of your corporate strategy.

Installing conventional network firewalls at multiple network gateways involves the time-consuming tasks of configuring and maintaining multiple rules repositories and managing duplicate user access rights definitions. This increases the potential for errors that can have devastating results.

eTrust Firewall Enables eBusiness

eTrust Firewall represents the next generation of firewall protection, designed from the ground-up for pervasive enterprise-wide deployment. This innovative firewall offers a comprehensive, policy-driven solution for securing eBusinesses. It allows you to confidently allow authorized users Internet/intranet access to mission-critical applications while keeping unauthorized users out. eTrust Firewall incorporates the latest technologies for bulletproof security and enterprise-class manageability.

eTrust Firewall can be deployed at all sensitive network gateways and mission-critical hosts. Its single rules base provides consistent security across the enterprise. eTrust Firewall enables you to:

• Deploy Unified Policy-Based Security. eTrust Firewall allows you to define your network security policies centrally. These policies are automatically propagated throughout the enterprise to all eTrust Firewall installations, ensuring consistent and pervasive security throughout the enterprise.

• Ensure Accuracy Of New Rules. A rules tester simulates network sessions, helping you walk through the rules base to ensure accuracy of your rules definitions and helping ensure these new rules are consistent with your overall security policy.

Distinctive Functionalities

Administrator Rights Delegation And Scoping. Local network segment administrators can add rules pertinent to their environment and business processes, while enterprise-wide network security policies can be set by the enterprise network manager. This stratification allows businesses to configure different rules for different business processes without compromising overall network security.

Enterprise-Wide User Authentication. Once users are authenticated, they are able to access all authorized network resources on any network segment; eTrust Firewall automatically propagates the authentication information to all Firewall deployments between the user and the resources. This enables the authorized users to seamlessly access all their resources, with minimal impact on their productivity.

Security Visualization. eTrust Firewall includes an extremely visual and intuitive GUI. Network administrators can visualize network resources, and easily perform tasks like dragging and dropping policies to various resources.

TCP State Aware Packet Filter Technology. eTrust Firewall’s TCP state aware packet filtering technology offers the most robust protection for complex protocols. By tracking TCP sessions and filtering IP packets based on the state of the session, eTrust Firewall can analyze the packets with application-level intelligence, while maintaining the efficiency of a packet filter.

Centralized Administration. Multiple firewall engines can be centrally and securely managed from a single console. Policy modifications are automatically propagated to the firewall engines, enabling consistent enterprise-wide security.

Secured Interface For Other Applications. eTrust Firewall provides an authenticated method for setting dynamic rules by other applications such as intrusion detection products.

Network Address Translation. eTrust Firewall hides sensitive servers from prying eyes through its address translation facility. It provides users of private servers access to outside systems and services, without revealing the IP address of the server. eTrust Firewall allows you to use existing IP addresses for intranet sites, even though they may not be valid for use on the Internet. Internal IP addresses can be automatically translated to valid addresses for Internet use.

Extensive Service Type Support. eTrust Firewall provides out-of-the-box filtering support for most popular network services, including simple TCP/IP and complex protocols such as FTP, RealAudio, and more.

NT Domain And RADIUS Support. Firewall rules can be created based on user ID or user group inside an NT domain, or RADIUS server, eliminating the need for a separate user database.

Internet Firewall Wizard. Users can quickly deploy the firewall with rules for popular Internet services.

Extensive Alert Mechanism. eTrust Firewall provides extensive alerting options including console, paging, faxing, and customized command line execution.

Extensive Alert Mechanism And Reporting. eTrust Firewall provides network traffic and operational visibility centrally from multiple firewall deployments. Information such as firewall host, vital status, current connection, routing table, and more is available for observation and monitoring. In addition, eTrust Firewall provides extensive logging, enabling network usage to be easily audited.

Logical Network Entities Definition For Firewall Rules. All Firewall rules are created with defined network entities — including host, subnet, IP range, and more for clarity and safety.

Calendar Support. Firewall rules can be activated/inactivated with attached calendars. Calendars can be common calendars, or customized calendars from the Unicenter TNG® Framework.TM