|
 |
|
|
|
| A series |
VPN 400
VPN-solution for companies with up to 50 VPN users
The VPN 400 is planned for companies with up to 25 VPN users and as 1U appliance intended for the installation in a rack. The few features of the GPA 400 are VLAN, single Sign on, Bridging, VPN SSL with x.509 certificates + IPSec, Intrusion Detection as well as the process orientated eGUI technology.
|
|
eGUI technology
The new user interface is characterised by its ergonomic orientation at the treatment process. The representation of diverse applications is always consistent and supplies exactly only the information, which the user needs in each case for the current treatment process. Reference points for the quality of the administration concept of gateProtect were afford by the principles of the ergonomics of the people-system-interaction formulated in the international standard ISO 9241, part 110.
Special Features
 Extended User Authentication |
|
The majority of today's Firewall systems support a proxy based user-authentication. That means that only the services, which work with proxies e.g. at http or ftp, it can be assigned user specific.The gateProtect Firewall decrees over a rule-based extended user-authentication. Here it is possible to assign as many services as you need individually for a user or a user group. These services can be provided with all well-known additional options like proxy or web-filter.Now, if a user log on a computer at the Firewall, all assigned services for the concerning computer will be activating.
|
| Extended VPN Gateway (SSL with X.509 Certificates + IPSec) |
|
gateProtect offers the most usual forms of today's site-to-site and road warrior vpn connections via IPSEC and SSL. The administration and creation is supported by Wizards and the eGUI-technology. Additionally the Firewall provides external configuration files during the creation of vpn connections. These can be used for the creation of single-click-connections and for the import on remote firewalls for site-to-site connections.
In addition gateProtect offers a SSL site-to-site solution with X.509 certificates, which can work optionally also in the bridge-mode. With a normal bridge two or several network interfaces were connected so that they form a logical network. gateProtect allows this not only for network interface, but also for vpn over ssl connections. It is possible to handle computers at other locations exactly the same as if they would be in the local network.
|
| Traffic shaping & QoS |
The Traffic Shaping of gateProtect is one of the most extensive implementations at the market. For each object on the desktop maximum and minimum bandwidth can be specified. Thereupon constructing the traffic for the individual services can be affected. Thus the distribution of the bandwidth can be configured into each degree of detail.
A further characteristic of the gateProtect solution is the prioritisation of data packets in the VPN tunnel using QoS. This is important for time-critical applications, where a delay is unwanted. So you are able to telephone trouble-free over a VPN tunnel by using VoIP independently of the efficiency of the tunnel e.g. by RDP or downloads. |
| Load Balancing |
|
With its load balancing gateProtect allows to divide the data traffic to the Internet on different internet connections. The firewall takes the decision which internet connection will be used for every connection.
Such segmentation is normally made according to protocols. gateProtect allows to allocate the traffic to several internet connection. In this way the usage of the internet connections detail can be planned and optimized into smallest detail.
|
| High availability |
|
The high availability of gateProtect firewall systems is based on an active/passive system. In this configuration a secondary firewall is installed parallel to the primary firewall. The secondary firewall continual synchronizes over dedicated connections with the primary Firewall. So it is able to assume the work of the primary Firewall in case of failures smoothly and without manual interference.
Furthermore the condition of the primary firewall is monitored by different systems. If the monitoring detects any problems within the firewall, the firewall will shutdown by itself. After this the secondary firewall gives free the synchronized configuration and will continue working directly in place of the primary firewall. The down-times will minimize and the occurred problems can be eliminated unhurriedly.
|
| |
|
|
|
| Short facts VPN 400 |
| The essentials in brief |
| User license |
unlimited |
| |
|
| LAN (accumulated) |
3 |
| |
| Throughput (Mbps) |
| Firewall |
1 400 |
| VPN (IPSec) |
190 |
| IDS/IPS |
320 |
| Concurrent Sessions |
500 000 |
|
| Features |
| Firewall |
| Layer function |
| Single Sign On (xUA) |
| Zoom function |
| Paket filter |
| IDS |
| NAT |
| Bridging |
| |
| Internet |
| Failover |
| Concurrent connections |
| Load Balancing |
| Traffic shaping |
|
|
|
|
|
| |
|
 |
 |
