GajShield

Data Security Firewall Features

Data Security Firewall Feature Summary

GajShield Data Security Firewall's layered network security platforms are designed to provide in depth protection against various attacks by tightly integrating key security functions and to securely connect remote offices and partners. GajShield Network Security Appliances combines ICSA Certified Firewall appliances, Data Leak Prevention, Cloud Security, IPS, VPN, URL Filtering, Virus screening and Bandwidth Management in a single appliance to provide in depth protection at the network edge. A unified management platform makes it a breeze to deploy, administer, and manage GajShield Network Security Appliances.

GajShield prevents Side Channel attacks like Meltdown, Spectre, Foreshadow, Foreshadow-NG, Portsmash etc. by protecting against threat vectors which form the cause of these attacks as follows:
  • GajShield URL filtering can be used to block access to known malicious sites and IP addresses that may be launching attacks targeting these vulnerabilities.
  • GajShield’s NGFW can be used to block network based attacks leveraging these vulnerabilities through its IPS, AV and APP filtering services..
  • These attacks are known to be used for leaking confidential information. GajShield’s DLP prevents against such leaks using Contextual Intelligence Engine.


Firewall

  • ICSA Labs Certified Firewalls
  • IPv4 & IPv6 support
  • Stateful Inspection of IPv4 & IPv6
  • Supports NAT, PAT, SNAT, DNAT, Loopback NAT and Bi-directional NAT
  • Policy based NAT, PAT, SNAT, DNAT, Loopback NAT and Bi-directional NAT
  • Virtual and Mapped IPs with grouping
  • Deployment in transparent mode, bridge mode, layer 3 transparent proxy mode
  • Software update remote/local via HTTPS
  • IPv6 NAT64/DNS64 support
  • User-based rules
  • Dynamic Stateful Inspection
  • DoS, DDoS, SYN flood, TCP flood & UDP flood, Ping of death Attack prevention
  • Traffic normalization
  • Protocol decodes
  • Flexible Addressing Mode
  • Multiple Network Zone
  • Multicast routing protocol support such as PIM, IGMP
  • Built-in Firewall Logging
  • Group Policies
  • Unrestricted user license on all the GajShield appliance models
  • Virtual Firewall
  • DHCPv4/DHCPv6 Server
  • RIP v1, RIP v2 and OSPF, OSPFv2, OSPFv3, BGP, BGP v6 Support
  • NTP, SNMP, SNMP v2, SNMP v3
  • Virtual firewall support starts from GS586nu and above appliance models
  • Local storage available in all GajShield model appliances (except GS15nu V2 appliance)
  • Context-Sensitive Data Leak Prevention
  • SSL VPN/Cloud Security (Remote Filtering)
  • Object-Oriented Policy Security Management
  • User/Group based Policy management
  • Application Security
  • SCADA protocols support like PROFINET, Modbus, DNP3, IEC-60870
  • VOIP protocol support like H.323, SIP, MGCP, SCCP

The need for efficient and dependable infrastructures has become very important in order to serve critical systems and the demand for such infrastructures is continuously increasing. It has become important that the system is able to handle increasing load and at the same time, is able to decrease downtime and eliminate single points of failure. As a result of this, High availability as a quality of infrastructure design has gained extreme importance.

  • Active / Passive and Active / Active with State synchronization
  • Stateful Failover
  • Non-stop forwarding during HA with graceful restart
  • Support hardware availability / redundancy (HA) and Load sharing between firewalls
  • Email Alerts on HA Status
  • Auto synchronization of entire configuration made on Master firewall to Backup firewall
  • Email notification when firewall state change from Master to Backup and vice versa

Key Features:

  • Two Factor Authentication support for WebUI, CLI or Console with OTP, SSHv2
  • Firewall rule filtering based on source address, destination address, protocol, user, port with URL/Application/IPS/DLP policies
  • Protocols supported like IP, FTP, TFTP, SMTP, Telnet, HTTP, HTTPS, IMAP, SNMP, POP3, UDP, NetBIOS-SSN, ICMP, RPC, DNS, DHCP, ARP, TCP, ICTP, RTP
  • Geolocation based protection (Inbound and Outbound)
  • Detect devices based on operating system
  • Manage through a browser, ssh and terminal
  • Provides Access Restriction on Console and out-of-band management interface
  • Single window policy management
  • Role based Administration
  • Time based ACL & policy management
  • On Appliance Analytics
  • Supports offline signature updates through patch (for air-gap network)
  • Supports API (open standard) for third party integration for monitoring & managing policies on firewall
  • Predefined services based on port number, layer 7 appliance and user defined services to configure firewall policies
  • Policy inheritance (Oops)
  • Create firewall policies based on IP, IP range, network, user & groups
  • Administration activity logs for auditing
  • Zone based networking based on physical and virtual interfaces
  • Anti Advance Persistence Threat (Anti APT)

Familiar Management interfaces allow device and network management from virtually any location. Assign multiple role to administrators for flexible management.

Key Features:

  • Stateful packet filtering
  • Anti Spoofing (RFC 1918 and RFC 2827)
  • Supports decryption and inspection for TLS1.1, TLS1.2 and TLS1.3
  • Static IP Address, PPPoE, DHCP, geo-ip protection
  • Automatic rules, policies & configuration update including firewall rules, nat policies, vpn configuration for dynamic PPPoE IP
  • Policy based Multi-WAN Failover & Load balancing
  • WRR based Load Balancing
  • Static (one-to-one) and Dynamic NAT (IP & user based)
  • Policy based Routing
  • IPv4 & IPv6 Dual stack support 
  • Multicast forwarding
  • Static Routing
  • SIEM integration support (Open Standard)
  • Dynamic Routing (RIP v1 & 2, OSPF, BGP)
  • Supports HTTP/HTTPS transparent proxy 
  • DHCP server support on multiple interfaces
  • Support for dynamic DNS
  • Supports 802.3ad link aggregation
  • Vlan supported - 4000+
  • Prevention of DOS and DDOS (TCP/UDP/ICMP floods) based on threshold/rate (upto 1.5 M packet per second for 2RU appliances)
  • Support for gateway mode & browsing proxy simultaneously (IP/User based)
  • Package size 1024 KB

Key Features:

  • Scans SMTP, POP3 traffic for spam
  • Detects, tags or quarantines spam mail
  • Content-agnostic spam protection including Image-spam
  • Preemptively stops sophisticated threats like phishing, pharming, zombie attacks & supports RBL lists
  • Enforces black and white lists
  • Real-Time protection from emerging threats
  • Language, content and format independent spam prevention
  • Detects phishing URL in emails
  • Quarantine Spam Mails
  • Mail Archiving

Key Features:

  • Multiple Engine – uses cloud based sandboxing
  • Powerful and Real-Time protection from Virus outbreaks
  • Scans HTTP, HTTPS, FTP, IMAP, POP3, SMTP & SMTPS traffic
  • Detects and removes viruses, malicious code, worms and all kinds of malware from incoming traffic
  • Instant identification and segregation of virus infected users (with the help of End point security solution)
  • ZERO Hour Virus protection
  • Spyware, Malware, Phishing protection, botnet filtering
  • Detects bot outbreaks, infected machines and prevent bot damage at gateway level (with the help of End point security solution)
  • Central Enable/ Disable option from user friendly GUI
  • Automatic real-time Virus update
  • Complete protection of traffic over all protocols
  • Last virus update definition
  • Cloud based Anti-APT
  • Complete report of viruses caught
  • Threat Extraction and File sanitisation using Cloud based Sandboxing
  • Exception can be configured through policies based on IP, User, Network, FQDN & Services for outgoing traffic

Key Features:

  • Complete reporting on appliance
  • IP, User, Application specific reporting
  • Daily Internet activity user/group wise report on e-mail
  • Gajshield User Sense (Captive Portal) with local database/AD/Ldap can help to identify various users and their group like employees, guests etc.
  • Option to send browsing pdf reports to group heads on e-mail
  • User based upload and download report
  • Real time reports, automated alerts, historical reporting
  • Time scheduling for signature update, reports on email and logs deletion
  • Security reports include Firewall, Virus, IPS, URL, & VPN (IP or userwise), Top visited websites, Infected systems, download by user or ip addeess
  • Graphical representation of isp usage, application and ip address usage
  • Real time reporting of bandwidth and users
  • Policy violation alert on E-mail & Reporting
  • Virus filtering reporting
  • Guest user authentication activity logs

IPS logs and reports to showcase Vulnerability and threat descriptions, Threat severity, Source and destination, time & date, classification etc.

Key Features:

  • Signatures: Default (25000+) & custom signatures (with the help of OEM)
  • Option to select or re-select any IPS signature/Category per policy for stateful signature inspection
  • Configure firewall to prevent, detect or alert intrusions & attacks (more than 30 common attacks) based on TCP, UDP, ICMP etc.
  • Inbuilt default security policy templates to create various IPS policies
  • Prevents exploits, intrusion attempts, malicious code, backdoor activity and network-based blended threats
  • Anomaly Detection System mitigate evolving and internal threats
  • Detects unauthorized & suspicious activities like various types of attacks
  • Protection against SQL Injections & Cross Site Scripting
  • Detection and blocking http proxies
  • Responds to unauthorized activities by Drop/Block/Terminate action with and without logs in Realtime
  • High-performance security with real-time attack, malicious code and hybrid threat blocking
  • Automatic updates for new threats (signatures without human intervention)
  • Detect & prevent incidents generated from inside and outside of the network based on defined policies
  • Notification via email, SNMP traps or an event to syslog server
  • Report of source IP from where the intrusion has been originated

Intrusion Prevention System monitors every incoming and outgoing packet and detects attack patterns based on IPS signatures (exploit-based & vulnerability based) and Anomaly Detection (Protocol, behavioural & Traffic)

Key Features:

  • Security log records network attacks
  • Detailed logging (download option) and packet capture
  • Detailed granular customised reporting (with filters)
  • Detailed audit logs for firewall configurational changes
  • Event log records all configuration changes

  • Browsing log records all browsing traffic
  • Virus log shows the viruses
  • Reports based on IP, user, application with graphical representation
  • Analysis and Graphing of network traffic
  • Automatic email notification of attacks
  • Provision to download Reports in PDF format
  • Reporting through syslog, email, SNMP v1, v2, v3
  • VPN tunnel monitoring
  • Alert user activity outside business hours

GajShield provides a wide range of tools and diagnostics (including Ping, Trace route) to track and analyze traffic and network activity. Also provides remote Syslog and SNMP support.

Key Features:

  • Service based ISP Load Balancing or Failover
  • Both Failover and Load Balancing can be set up simultaneously
  • Load balances traffic based on weighted round robin distribution
  • ISP Failover automatically shifts traffic from a failed link to a working link
  • Automatic traffic fallback when failed ISP comes up
  • Zone based failover
  • Customized NAT on failover
  • ISP failover and fallback notifications on email

Key Features:

  • Policy based Bandwidth Management & Queuing
  • Policy based traffic shaping
  • Guaranteed and burstable bandwidth for applications
  • Application and User, Group, IP address and Network based Bandwidth allocation
  • Traffic prioritisation, differentiated service
  • Hierarchy based Bandwidth Management
  • Committed on the fly bandwidth borrow
  • Time Quota and Bandwidth Quota
  • Bandwidth policy for browsing
  • Bandwidth utilization chart based on Bandwidth Queues

Key Features:

  • Debug network using ping, traceroute, Query Interface, ARP/IPv6 neighbour.
  • Real time packet capture utility and can forward captured packets to a different host for futher analysis.
  • URL filter check to identify which policy is used to allow / block an URL for an user or IP
  • Utility to check the web cetagory of an URL
  • Firewall live log to check network traffic is allowed or blocked with firewall policy rule number
  • Option to create (automatic/manual) complete firewall configuration backup and download the same

Key Features:

  • Syn Cookie, Syn-proxy DoS attack detection, SIP, RSTP, Sun-RPC, ALG’s, RIPng, BGP4, DHCPv6 Relay, IPv4 to IPv6 translations & Encapsulations
  • Static packet filtering
  • Dynamic packet filtering
  • TCP reassemble for fragmented packet protection
  • Brute Force attack mitigation
  • SYN cookie protection
  • Zone based IP spoofing
  • Malformed packet protection
  • Support for DNS Protection (DNS Guard)