Stateful Firewall and NAT/NAPT

Firewall and NAT/NAPT Capabilities

• Stateful TCP, UDP, FTP, IP, ICMP, SIP, and H.323 ALG processing for up to 500,000 sessions (1,000,000 later this year)
• Built-in prevention against many DOS/DDOS attacks (SYN flood, anti-spoofing, LAND)
• Malicious URL filtering (Code Red / worm protection)
• Separate policies for ingress and egress
• Firewall packet logging (compatible with WebTrends)
• Statistical thresholding
• Real-time monitoring and accounting
• Traffic mirroring

Secure IPsec VPNs

IPsec VPNs

• 3DES IPsec with no performance penalty – even with many thousands of tunnels active
• Scalable to 128K tunnels
• PKI support (Entrust, Verisign , RSA, Sun)
• VPN accounting and logging
• Interoperability tested with various IPsec devices:
  • Nortel Contivity, Netscreen, Cisco IOS, SonicWall, Encore

Secure remote access with IPsec

• NAT- Traversal (NAT-T)
• X-Auth & Mode-cfg
• RADIUS authentication and address assignment
• Safenet SoftRemote 8.0 client