FEATURE OVERVIEW. FGX Series firewall. Last updated February 2012



Similar documents
Cisco Small Business ISA500 Series Integrated Security Appliances

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity

Configuration Example

Configuration Example

Network Security. Protective and Dependable. 52 Network Security. UTM Content Security Gateway CS-2000

PRODUCT CATEGORY BROCHURE. Juniper Networks Integrated

White Paper. ZyWALL USG Trade-In Program

WatchGuard Technologies WatchGuard Technologies

Application Intelligence, Control and Visualization

Networking for Caribbean Development

Fortigate Features & Demo

The Cisco ASA 5500 as a Superior Firewall Solution

Network Security. Network Security. Protective and Dependable. > UTM Content Security Gateway. > VPN Security Gateway. > Multi-Homing Security Gateway

Security Solutions Portfolio

High Speed Data Transfer from the APS. Kenneth Sidorowicz September 27, 2006

Funkwerk UTM Release Notes (english)

Security Portfolio. Juniper Networks Integrated Firewall/VPN Platforms. Product Brochure. Internet SRX Fixed Telecommuter or Small Medium Office

How To Protect Your Network From Attack From A Malicious Computer (For A Network) With Juniper Networks)

SonicWALL Unified Threat Management. Alvin Mann April 2009

Providing Secure IT Management & Partnering Solution for Bendigo South East College

The Dirty Secret Behind the UTM: What Security Vendors Don t Want You to Know

Configuration Example

Game changing Technology für Ihre Kunden. Thomas Bürgis System Engineering Manager CEE

Cisco ASA 5500 Series Business Edition

PRODUCT CATEGORY BROCHURE INTEGRATED FIREWALL/ VPN PLATFORMS

Netsweeper Whitepaper

How To Protect Your Network From Attack From A Virus And Attack From Your Network (D-Link)

IREBOX X. Firebox X Family of Security Products. Comprehensive Unified Threat Management Solutions That Scale With Your Business

Next-Generation Firewalls: Critical to SMB Network Security

Huawei Eudemon1000E-X series Firewall. Eudemon 1000E-X Series Firewall. Huawei Technologies Co., Ltd.

Total Cost of Ownership: Benefits of Comprehensive, Real-Time Gateway Security

Network protection and UTM Buyers Guide

Gateway Security at Stateful Inspection/Application Proxy

Content Security Gateway Series Real-time Gateway Web Security Against Spyware and Viruses

Configuration Example

Securing the Small Business Network. Keeping up with the changing threat landscape

Cisco Meraki MX products come in 6 models. The chart below outlines MX hardware properties for each model: MX60 MX60W MX80 MX100 MX400 MX600

Configuration Example

MANAGED EXCHANGE SOLUTIONS Secure, Scalable and Compliant Hosted Environments

Cisco Meraki MX products come in 6 models. The chart below outlines MX hardware properties for each model: MX64 MX64W MX84 MX100 MX400 MX600

Unified Threat Management, Managed Security, and the Cloud Services Model

Virtual Privacy vs. Real Security

Cyan Networks Secure Web vs. Websense Security Gateway Battle card

Firewall and UTM Solutions Guide

10 Strategies to Optimize IT Spending in an Economic Downturn. Wong Kang Yeong, CISA, CISM, CISSP Regional Security Architect, ASEAN

Zscaler Internet Security Frequently Asked Questions

Move over, TMG! Replacing TMG with Sophos UTM

Deep Security Vulnerability Protection Summary

Secure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation

Using a Firewall General Configuration Guide

NetDefend Firewall UTM Services

Is Your Network Ready for VoIP?

Thexyz Premium Webmail

FortiMail Filtering Course 221-v2.2 Course Overview

Next-Generation Firewalls: CEO, Miercom

Symantec Enterprise Firewalls. From the Internet Thomas Jerry Scott

Assuring Your Business Continuity

Putting Web Threat Protection and Content Filtering in the Cloud

Simple security is better security Or: How complexity became the biggest security threat

FortiMail Filtering Course 221-v2.0. Course Overview. Course Objectives

1. Built-In SPI Firewall to Protect Your Enterprise Network 2. Multi-Spam-Filtering Function Providing High Spam-Filtering Accuracy

NetDefend Firewall UTM Services

Cisco SA 500 Series Security Appliances

Why it's time to upgrade to a Next Generation Firewall. Dickens Lee Technical Manager

Log Audit Ensuring Behavior Compliance Secoway elog System

Boston Area Windows Server User Group April 2010

Cyberoam Next-Generation Security. 11 de Setembro de 2015

Secospace elog. Secospace elog

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security

IP Telephony Management

WatchGuard Gateway AntiVirus

Results of Testing: Juniper Branch SRX Firewalls

The Ultimate WLAN Management and Security Solution for Large and Distributed Deployments

Unified Threat Management Systems (UTMS), Open Source Routers and Firewalls. Tim Hooks Scott Rolf

When Reputation is Not Enough: Barracuda Spam & Virus Firewall Predictive Sender Profiling

WATCHGUARD FIREBOX VCLASS

Industrial Firewalls Endpoint Security

Dell SonicWALL Next Generation Firewall(Gen6) and Integrated Solution. Colin Wu / 吳 炳 東 Colin_Wu1@dell.com

Firewall Defaults and Some Basic Rules

BroadScan. Security Appliances. in-one Security Solution for SMB Combining Performance, ease of use and affordability. A Breakthrough all-in

Cisco ASA 5500 Series Anti-X Edition for the Enterprise

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

FortiMail Filtering. Course 221 (for FortiMail v4.2) Course Overview

Huawei Eudemon200E-N Next-Generation Firewall

UNIFIED THREAT MANAGEMENT SOLUTIONS AND NEXT-GENERATION FIREWALLS NETWORK SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Cisco ASA and Cloud Web Security: Best-in-Class Network Security Combined with Best-in-Class Web Security

FortiGate Multi-Threat Security Systems I Administration, Content Inspection and SSL VPN Course #201

FortiMail Filtering. Course 221 (for FortiMail v5.0) Course Overview

Private Cloud Solutions Virtual Onsite Data Center

Recommended IP Telephony Architecture

Transcription:

FEATURE OVERVIEW FGX Series firewall Last updated February 2012

Celestix FGX Features Deep Packet Firewall VPN Virtual system DoD/DDoS attach defense Intrusion protection Anti-virus Anti-spam URL filtering Application identification and control Dynamic routing High availability and load balancing Multiple management modes FGX Series feature overview All-in-one application security protection Integrating IPS, anti-virus, anti-spam, URL filtering, and application protocol identification and control, FGX is a comprehensive and all-in-one application security gateway. It provides quick, precise, and in-depth security protection against known and unknown risks. Granular content security protection FGX provides granular security protection based on contents against multiple applications, including IM, Web, Web TV, stream media, P2P transfer, web games, stock trading, remote login, encryption agent, and e-mail clients, ensuring all-around reliance on content security for users. Expansible virtual firewall FGX supports virtual systems (Vsys). Each virtual firewall can be seen as a totally independent firewall, thus meeting requirements on special deployment, reducing users investment, and enhancing users RoI. Celestix leads green IT by advocating energy-saving and user-friendliness. Flexible network adaptability FGX has flexible network adaptability. It supports functions, such as NAT, static routing, dynamic routing, VLAN, channels, and DHCP. It supports the hybrid working mode of Layer 2 and Layer 3. It supports different numbers of extension interfaces so it is applicable to different network environments. Multiple link redundancy FGX allows control of traffic over multiple WAN links by delivering comprehensive traffic management capability and optimizing the links. It offers high-speed connectivity while maximizing ROI, making optimal use of low-cost, small pipes in combination with high cost links. FGX Series competitive analysis with Sonicwall Sonicwall overview Founded in 1991 Approximately 1,000 employees 28 Global offices Over 10,000 channel partners worldwide Over 1.8 million security appliances shipped Over 40 million end users protected 125 patents and patent application Sonicwall appliances Low end Mid level High end NSA 240 NSA 3500 NSA E5500 NSA 2400 NSA 4500 NSA E6500 NSA E7500

FGX Series feature overview FGX 900 Competitive landscapes Firewall Celestix Sonicwall Cisco Juniper Check Point Fortinet WatchGuard Model FGX 900 NSA 240 ASA 5505 SSG 20 UTM-1 Edge FG 100A Edge X55e Firewall Performance 850 Mbps 600 Mbps 150 Mbps 160 Mbps 190 Mbps 100 Mbps 100 Mbps IMIX Performance 240 Mbps 195 Mbps N/P 90 Mbps N/P N/P N/P VPN Performance 84 Mbps 150 Mbps 100 Mbps 40 Mbps 35 Mbps 100 Mbps 35 Mbps GAV Performance 220 Mbps 115 Mbps N/A N/P N/P 100 Mbps N/P IPS Performance 192 Mbps 195 Mbps N/A N/P N/P 100 Mbps N/P UTM Performance 160 Mbps 110 Mbps N/A N/P N/P N/P N/P New Connections/Sec 14,000 2,000 4,000 2,800 N/P 4,000 N/A Maximum Connections 150,000 32,000/50,000 10,000/25,000 8,000/16,000 8,000 200,000 10,000 Base HW interfaces 4 x GbE 3 x GbE 6 x 10/100 8 x 10/100 2 x PoE 5 x 10/100 4 x 10/100 8 x 10/100 6 x 10/100 VLAN 10 10/25 3/20 25/40 32 256 n.p. Virtual System 2 No No No No No No FGX 1500 Competitive landscapes Firewall Celestix Sonicwall Cisco Juniper Fortinet Check Point WatchGuard Model FGX 1500 NSA 2400 ASA 5510 SSG 140M FG 200A w HD UTM-1 270 X 750 Firewall Performance 1,000 Mbps 775 Mbps 300 Mbps 350 Mbps 150 Mbps 400 Mbps 750 Mbps VPN Performance 100 Mbps 300 Mbps 170 Mpbs 100 Mbps 70 Mbps 100 Mbps 50 Mbps GAV Performance 480 Mbps 160 Mbps N/P N/P 30 Mbps N/P 70 Mbps IPS Performance 360 Mbps 275 Mbps N/A N/P N/P N/P N/P UTM Performance 288 Mbps 150 Mbps N/A N/P N/P N/P N/P New Connections/Sec 34,000 4,000 6,000 8,000 4,000 N/P N/P Maximum Connections 250,000 125,000 50,000 32,000 400,000 400,000 75,000 VPN Tunnels 75 75 250 125 200 N/P 100 VLAN 25 128 50 100 4096 256 N/P Base HW interfaces 6 x GbE 6 x GbE 5 x 10/100 8 x 10/100 2 x GbE 8 x 10/100 4 x GbE 8 x GbE Fail-over A/A A/P w sync A/P w sync (Optional) A/P A/A A/P A/A A/P A/A A/P A/P Application Firewall Yes (Optional) Yes Yes Limited No Limited Limited Virtual System 4 No No No No No no

Celestix FGX FGX 3200 Competitive landscapes Firewall Celestix Sonicwall Cisco Juniper Fortinet WatchGuard WatchGuard Model FGX 3200 NSA 3500 ASA 5510 SSG 140M FG 200A w HD Core X750 Core X1250e Firewall Performance 1,500 Mbps 1,500 Mbps 300 Mbps 350 Mbps 150 Mbps 750 Mbps 1,500 Mbps VPN Performance 272 Mbps 625 Mbps 170 Mpbs 100 Mbps 70 Mbps 50 Mbps 100 Mbps GAV Performance 960 Mbps 350 Mbps N/P N/P 30 Mbps 70 Mbps 100 Mbps IPS Performance 720 Mbps 750 Mbps N/A N/P N/P N/P N/P UTM Performance 560 Mbps 240 Mbps N/A N/P N/P N/P N/P New Connections/Sec 51,000 7,000 6,000 8,000 4,000 N/P N/P Maximum Connections 450,000 175,000 50,000 32,000 400,000 75,000 200,000 VPN Tunnels 800 800 250 125 200 100 400 VLAN 50 128 50 100 4096 NP NP Base HW interfaces 6 x GbE 6 x GbE 5 x 10/100 8 x 10/100 2 x GbE 8 x 10/100 8 x GbE 8 x GbE Fail-over A/A A/P w sync A/P w sync (Optional) A/P A/A A/P A/A A/P A/P A/P Application Firewall Yes (Optional) Yes Yes Limited No Limited Limited Virtual System 6 No No No No No no FGX 6200 Competitive landscapes Firewall Celestix Sonicwall Cisco Juniper Check Point Fortinet WatchGuard Model FGX 6200 NSA 3500 ASA 5510 SSG 320M UTM-1 450 FG 200A w HD Peak X5500e Firewall Performance 2,950 Mbps 2,750 Mbps 300 Mbps 450 Mbps 400 Mbps 150 Mbps 2,000 Mbps VPN Performance 1,516 Mbps 1,000 Mbps 170 Mpbs 175 Mbps 190 Mbps 70 Mbps 400 Mbps GAV Performance 1,240 Mbps 690 Mbps N/P N/P N/P 30 Mbps 140 Mbps IPS Performance 1,088 Mbps 1,400 Mbps N/A N/P N/P N/P N/P UTM Performance 840 Mbps 600 Mbps N/A N/P N/P N/P N/P New Connections/Sec 65,000 10,000 6,000 10,000 N/P 4,000 N/P Maximum Connections 650,000 450,000 50,000 48,000 500,000 400,000 500,000 VPN Tunnels 1,500 1,500 250 250 n.p. 200 750 VLAN 50 256 50 125 256 4096 N/P Base HW interfaces 6 x GbE 6 x GbE 5 x 10/100 4 x GbE 4 x GbE 8 x 10/100 8 x GbE Fail-over A/A A/P w sync A/P w sync 8 x GbE Application Firewall Yes (Optional) Yes Yes Limited Yes No Limited Virtual System 8 No No No No No no

FGX Series feature overview Competitive Strength of Celestix FGX Vsys (virtual system) Allows partitioning into multiple firewall systems, each with a unique set of administrators, policies, VPNs and other security control. High availability features: FGX supports multilayer high availability. L2: FGX supports Ethernet Channel and Redundant Interface (these two types of interface are not available features in SonicWALL products). This feature provides multiple interface communication capability providing good stability and disaster recovery. For instance, 4 interfaces are bound into 1 channel. If 1 interface fails, only the bandwidth of 1 interface is lost without impacting communications on the whole firewall. So it is a fundamental method to ensure the interface scalability and reliability. L3~L7: FGX supports active/active mode in HA (Sonicwall support only active/ standby mode in HA). The Active-Active unavailability will make two firewalls unable to process traffic simultaneously. One firewall can only take over the traffic of the other that has failed. FGX supports VPN redundant gateway: VPN connection is usually site to site, while FGX firewalls can provide VPN redundant gateways based on it, that is, the firewall can connect the backup redundant gateway automatically if the peer gateway is invalid. This feature is used to ensure real-time and reliability for users business, so it is a fundamental feature of VPN. IPS engine Celestix FGX Event Language (CFEL) engine provides event descriptions in plain English language. By analyzing application protocols in a granular manner, events are reported with more accuracy and higher performance. To protect the popular applications such as http, mail, ftp, dns and so on, FGX will check each element in these protocols. e.g. Administrator can control the method in http: put, get, push... Information about FGX Anti-Virus, Anti-Spam and URL Filtering ClamAV Founded in 2002, ClamAV is one of the most commonly-used open source antivirus and antimalware products in the world. Nearly one million unique IP addresses download ClamAV updates daily from 120 mirror servers located in 38 countries. Renowned for its speed and accuracy, ClamAV has been adopted by network security solution and service providers worldwide and is currently integrated within leading enterprise solutions, including Unified Threat Management Systems (UTM), Secure Web Gateways and Secure Mail Gateways, to identify deeply embedded threats such as viruses, trojans, spyware, and other forms of malware. ClamAV s cutting edge security technology is a triumph of the open source model. In addition to continual innovations to the ClamAV antivirus engine, the ClamAV core team and ClamAV community deliver daily signature updates to its ever-growing virus database of over 300,000 signatures.

Celestix FGX Contact USA +1 (510) 668-0700 UK +44 (0) 1189 596198 Singapore +65 6781 0700 India +91 98 208 90884 Japan +81 (0) 3-5210-2991 www.celestix.com info@celestix.com High performance antivirus protection ClamAV s open source antivirus delivers quality and coverage comparable to leading commercial antivirus solutions. At LinuxWorld 2007, the live Fight Club event, conducted by network gateway vendor Untangle, pitted 10 industry-leading antivirus solutions against each other to see which products could detect all 25 viruses in the test. ClamAV detected 100% of the viruses encountered one of only three antivirus products to catch all 25 viruses. The ClamAV engine The ClamAV signature database, updated multiple times a day, currently contains more than 300,000 signatures, including generic signatures that are able to detect new variants at a very high rate of detection. Features command-line scanner fast, multi-threaded daemon with support for on-access scanning milter interface for sendmail advanced database updater with support for scripted updates and digital signatures virus scanner C library on-access scanning virus database updated multiple times per day (see home page for total number of signatures) built-in support for various archive formats, including Zip, RAR, Tar, Gzip, Bzip2, OLE2, Cabinet, CHM, BinHex, SIS and others built-in support for almost all mail file formats built-in support for ELF executables and Portable Executable files compressed with UPX, FSG, Petite, NsPack, wwpack32, MEW, Upack and obfuscated with SUE, Y0da Cryptor and others Spam Assassin Spam Assassin is a free rule-based spam filter which also supports several blacklists, Spam Assassin is a Perl-based application which is usually used to filter all incoming mail for one or several users. It can be used as a standalone application, as a client or as a combination of both. Spam Assassin comes with a large set of rules which are applied to determine whether an email is spam or not. To decide, specific fields within the email header and the email body are typically searched for certain regular expressions, and if these expressions match, the email is assigned a certain score, depending on the test, and several headers are added to the mail. DMOZ FGX URL filtering is based on open source signature library DMOZ. DMOZ or the Open Directory Project is a web directory with almost 5 million websites listed in different categories. It is a human edited directory run by volunteers, but owned by AOL. Webmasters are always keen to get their sites listed in DMOZ as it is a widely held belief that having a website listed at DMOZ will help a site rank higher in the search engines. There certainly is plenty of doubt that this is actually the case. Because of this widely held belief, webmasters are very keen to get their sites listed and sometimes go to great lengths to get listed. 2012 Celestix Networks Inc. All rights reserved. Version 1.0

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information