GajShield Data Center Training
Data Security Firewall Feature Summary
GajShield Data Security Firewall’s layered network security platforms are designed to provide in depth protection against various attacks by tightly integrating key security functions and to securely connect remote offices and partners. GajShield Network Security Appliances combines ICSA Certified Firewall appliances, Data Leak Prevention, Cloud Security, IPS, VPN, URL Filtering, Virus screening and Bandwidth Management in a single appliance to provide in depth protection at the network edge. A unified management platform makes it a breeze to deploy, administer, and manage GajShield Network Security Appliances.
GajShield prevents Side Channel attacks like Meltdown, Spectre, Foreshadow, Foreshadow-NG, Portsmash etc. by protecting against threat vectors which form the cause of these attacks as follows:
- GajShield URL filtering can be used to block access to known malicious sites and IP addresses that may be launching attacks targeting these vulnerabilities.
- GajShield’s NGFW can be used to block network based attacks leveraging these vulnerabilities through its IPS, AV and APP filtering services..
- These attacks are known to be used for leaking confidential information. GajShield’s DLP prevents against such leaks using Contextual Intelligence Engine.
Firewall
- ICSA Labs Certified Firewalls
- IPv4 & IPv6 support
- Stateful Inspection of IPv4 & IPv6
- Supports NAT, PAT, SNAT, DNAT, Loopback NAT and Bi-directional NAT
- Policy based NAT, PAT, SNAT, DNAT, Loopback NAT and Bi-directional NAT
- Virtual and Mapped IPs with grouping
- Software update remote/local via HTTPS
- IPv6 NAT64/DNS64 support
- User-based rules
- Dynamic Stateful Inspection
- DoS, DDoS, SYN flood, TCP flood & UDP flood Attack prevention
- Traffic normalization
- Protocol decodes
- Flexible Addressing Mode
- Multiple Network Zone
- Multicast routing protocol support such as PIM, IGMP
- Built-in Firewall Logging
- Group Policies
- Unrestricted user license on all the GajShield appliance models
- Virtual Firewall
- DHCPv4/DHCPv6 Server
- RIP v1, RIP v2 and OSPF, OSPFv2, OSPFv3, BGP, BGP v6 Support
- NTP, SNMP, SNMP v2, SNMP v3
- Virtual firewall support starts from GS360nu and above appliance models
- Local storage available in all GajShield model appliances (except GS15nu V2 appliance)
- Context-Sensitive Data Leak Prevention
- SSL VPN/Cloud Security (Remote Filtering)
- Object-Oriented Policy Security Management
- User/Group based Policy management
- Application Security
- SCADA protocols support like PROFINET, Modbus, DNP3, IEC-60870
- VOIP protocol support like H.323, SIP, MGCP, SCCP