|
Friday, March 12, 2010 | ||
|
| |||
 Overview Features Screenshots Pricing Purchase Download FAQ Requirements Versions Support 
|
 |
Features[Current version of 8Signs Firewall is 3.0.37]
8Signs Firewall for Servers allows access to an entire network or single installation of the Firewall from the Firewall Server or remote locations. This feature gives administrators incomparable freedom and ensures the highest level of security through password protection. Web Server Protection [Servers Only] Specifically designed as a safeguard for web servers, 8Signs Firewall 2.x Server scans open ports for malicious activity and blocks these attacks automatically, providing an additional layer of security to an organization's security model. Tarpits New in 2.2! 8Signs Firewall allow you to trap hackers, slow down the spread of worms and stall spammers by creating tarpits. A tarpit is a trap for troublesome outsiders. Your system accepts TCP connections but never replies and ignores disconnect requests. This can leave ports scanners and hackers stuck for hours, even days. Port Scan Detection [Servers Only ] 8Signs Firewall identifies port scans - generally a precursor to hack attempts - and blocks them automatically. Ban IP Addresses Allows administrators to ban individual or groups of IP's, and provides the necessary utilities to customize the ban list to meet requirements. Bans can be set permanently, or to expire after 1 day or 1 week. Filter by MAC Address The ability to allow or deny a computer by its MAC address ensures that malicious or unwanted users are unable to bypass security filters. Address/Port/MAC Groups New in 2.2! Simplify your ruleset and tighten security by using the port, IP and MAC address groups when creating rules in 8Signs Firewall. Using groups, you can create one rule that can apply to multiple ports, IP addresses or MAC addresses. SYN Flood Protection A SYN flood is a series of SYN packets (connection requests) from forged IP addresses. 8Signs Firewall recognizes when a SYN Flood attack occurs or when more than 50 TCP SYN packets are received per second and automatically triggers a block. After the SYN Flood is detected and blocked, a log message is sent and SYN Cookies (Internet protocol that uses cookies to protect against blind DoS attacks) enable the network to continue operating normally. [learn more about a SYN flood] IP Tracer The IP Tracer allows the user to right click on an 'allowed' or 'blocked' log entry packet, select "Who is IP Address", and search for that remote system's IP address. This permits the user to search for an IP address of a possible hacker performing a broadcast or an attack on their network. The option to perform a simple reverse DNS is also available. Connections Viewer The Connections Viewer is a real-time display showing all active connections going through the firewall. For example, with 8Signs Firewall installed on a web server, a quick glance at the Activity Viewer would show the administrator how many visitors are currently at their web site. Separate Rulesets for Each Network Adapter 8Signs Firewall allows you to maintain a separate set of rules to be applied to each network adapter in your system. Thus you can configure a set of rules to be applied to traffic passing over your external/Internet interface, while having a separate set of rules that apply to traffic through your internal/LAN interface. Easy Importing/Exporting of Rules Deploying 8Signs Firewall across a number of workstations or servers is simplified by your ability to export and import rules. These rule subsets can even be shared amongst 8Signs Firewalls running on different operatings systems. Protection During Boot Process In addition to securing your computer while running, 8Signs Firewall is also protecting your system during the boot process. 8Signs Firewall can also be configured to block all traffic to and from your computer when the firewall is not even running! Time-Sensitive Rules Rules can be configured to only be active on certain days, or at certain times of the day. For example, your customer may want to allow web browsing by their employees only on weekdays between 9:00 am and 5:00 pm, or allow for remote access to their server only on Sunday evenings for maintenance............this is easily accomplished using time-sensitive rules. Selective Control of Other IP per Device 8Signs Firewall for Servers may be configured to filter protocols other than IP protocols, selectively. Examples of other protocols that 8Signs Firewall will filter include IGMP and GRE. The benefit of blocking these protocols independently, rather than globally, is that selective filtering can take place per device. As an example, GRE is a protocol used for many VPN implementations and is often ignored by a firewall as trusted traffic; whereas IGMP is a protocol of choice for some attacks. With this feature, an Administrator may allow GRE through the VPN, while blocking IGMP. Examples of a 'device' include an internal network interface card (NIC), an external NIC linked to a cable modem connecting to the Internet, or a Dial-Up Adapter used to connect to an ISP (Internet Service Provider). Stateful Packet Inspection 8Signs Firewall falls into a class of firewalls called Stateful Inspection Firewalls. Stateful inspection firewalls overcome the limitations of packet filter firewalls and application-proxy servers. They examine more than just the "to" and "from" addresses, and do not require a proxy for every application being accessed. Stateful inspection firewalls determine whether packets can get through the firewall based on the protocol, port, and source and destination addresses. For every request that is allowed by the strategy, stateful inspection firewalls open up a limited time window to allow response packets, but ONLY from the same host. Also, by maintaining information about previous packets, stateful inspection firewalls can quickly verify that packets meet the criteria for authorized traffic. This makes stateful inspection firewalls inherently fast. Sequence Number Hardening Sequence Number Hardening helps protect Windows from spoofed TCP connections resulting from initial sequence number (ISN) guessing. Windows 2000 is considered "slightly vulnerable" to ISN guessing, and the ISNs in Windows 9x are considered "100% predictable". This feature improves the randomness of the sequence numbers, thereby helping to compensate for vulnerabilities inherent in Windows. Configuration Wizard 8Signs Firewall utilizes a Configuration Wizard during software installation. The Configuration Wizard asks a series of questions relating to the environment in which the firewall is being installed. The answers provided in the Configuration Wizard establish the initial rules 8Signs Firewall will follow. The Configuration Wizard eases set-up and ensures comprehensive protection immediately upon installation. Rules Based Protection The fine-grained access control in 8Signs Firewall gives the administrator unparalleled control over the traffic passing through the firewall. All traffic is blocked by the firewall, unless you have specifically configured a rule to allow it. Rules are configured per-device, and you have full control over specifying the local and remote IP address(es), local and remote port(s), protocol, and direction of the traffic that you will allow through the firewall. Comprehensive Logging 8Signs Firewall has full logging capabilities. You have complete control over what to log, how large the log file can become, where to store the logs, and how often to roll-over the log file. Automatic Emailing of Log File Keeping an eye on your own or a customer's firewall is made easier with 8Signs Firewall's ability to schedule automatic emailing of the log file to any email address that you specify. Remote Notification of Rule Hits Rules can be configured to trigger an email to be sent to any address that you specify if the rule is 'hit'. For example, if you want to be notified immediately if a hacker is scanning your firewall for the Back Orifice trojan, simply configure a rule to specifically block this type of traffic and send an email to you if the rule is hit. Password Security 8Signs Firewall can require that an administrator log into the firewall before having access to any of the firewall administration or logging screens. Using the password security prevents an unauthorized user from tampering with, or shutting down, the firewall. Control All Protocols Unlike many other firewalls that ignore non-IP such as NETBEUI and IPX, 8Signs Firewall can be configured to block this type of traffic. Other IP, such as GRE which is required for VPN traffic, can also be controlled by 8Signs Firewall. |
| |||||||||
| Questions? Email C&C Software Solutions at sales@ccsoftware.ca.
Copyright© © 1997 - 2010 C&C Software Solutions Inc., All Rights Reserved | ||||||||||||
