UTM Features Overview
Solution Guide
Key features
Sophisticated application and web control
- Deep Packet Inspection (DPI) firewall
- Application control
- Web control
- URL filtering
Comprehensive threat protection
- Advanced IPS (Intrusion Protection System)
- IP reputation services
Security performance (UTM offload)
Sophisticated application and web control
The Internet has evolved immensely. Whereas once it simply provided pages to be browsed, it now offers applications that enable people to interact, with Web 2.0 services such as collaborative document creation, social networking, video conferencing, cloud-based storage, banking and much more.
Organizations must be able to control the applications that their people use, and how they use them, as well as managing website traffic. Allied Telesis UTM Firewalls provide the visibility and control that are necessary to safely navigate the increase in online applications and web traffic that are used for effective business today.
Deep Packet Inspection (DPI) firewall
The AlliedWare Plus firewall is a Deep Packet Inspection (DPI) engine that provides real-time, Layer 7 classification of network traffic. It inspects every packet that passes through, and accurately identifies in use applications, for example social networking, instant messaging, file sharing, and streaming, whilst still maximizing throughput and reducing latency.
The AlliedWare Plus DPI firewall utilizes either the free built-in application list, or a more comprehensive subscription-based list to identify individual applications. Highly accurate real-time detection, and up-to-the-minute classification additions and updates, ensure precise identification of network traffic.
The AlliedWare Plus DPI firewall also supports filtering based on hierarchical entities, such as zones (logical groupings of networks), networks and hosts, to empower organizations to accurately apply and manage security policies at company, department or individual level.
Application control
The increased network visibility provided by the application-aware firewall allows fine-grained application, content and user control. Reliable identification of the individual applications means that rules can be established to govern not only which are allowed, but under what circumstances, and by whom. This allows Enterprises to differentiate business-critical from non-critical applications, and to enforce security and acceptable use policies in ways that make sense for the business. For example, Skype chat may be allowed company wide, while Skype video calls can only be made by sales and marketing.
Web control
Web control provides Enterprises with an easy means to monitor and control their employees’ web traffic for productivity, legal and security purposes. An active rating system provides comprehensive and dynamic URL coverage, accurately assigning websites or pages into categories, and allowing or blocking website access in real-time.
Once a particular URL has been categorized, the result is cached in the firewall so that any subsequent web requests with the same URL can be immediately processed according to the policy in place.
Allied Telesis web control boosts user productivity, ensures compliance, and saves bandwidth, while preventing web-based threats from infecting your business.
Web control: Allow
Web control: Block
URL filtering
Alongside web control, URL filtering provides another option for controlling web traffic. HTTP or HTTPS access to particular websites can be allowed (whitelist) or blocked (blacklist) with user-defined lists, providing businesses with simple website access management.
URL filtering offers high-performance website control across all users, and protection against known malicious websites.
Comprehensive threat protection
The fundamental shift to sophisticated application usage has provided an online experience that businesses can greatly profit from. There is now increased efficiency, improved collaboration, along with new ways to manage customer interaction. However, this has also opened the door for greater security concerns. Business data is potentially vulnerable, and the rapid development of new services has introduced new types of cyber threats.
An organization needs a security solution that can recognize and mitigate the ever-increasing range of threats. Allied Telesis UTM Firewalls provide comprehensive threat protection in a fully integrated security platform, using specialized multi-core CPUs optimized for single-pass low-latency performance. They utilize security engines, and threat signature databases from the industry’s leading vendors, with regular updates to ensure up-to-the-minute protection against cyber attacks.
Advanced IPS (Intrusion Protection System)
Advanced IPS detects and blocks threats. Updated daily, it covers malware delivery, command and control, attack spread, in-the-wild exploits and vulnerabilities, and credential phishing. It also detects and blocks distributed denial-of-service attacks (DDoS), protocol and application anomalies, exploit kits and supervisory control and data acquisition (SCADA) attacks - ensuring a secure business environment.
IP reputation
IP reputation improves the success of Intrusion Prevention by reducing false positives. It provides an extra variable to the prevention decision, which allows rules to be crafted to drop packets only if the reputation exceeds a chosen threshold.
IP Reputation uses regularly updated and comprehensive reputation lists which identify and categorize IP addresses that are sources of spam, viruses and other malicious activity. With real-time threat analysis, and regular updates to reputation lists, IP Reputation delivers accurate and robust scoring, ensuring strong local policies can be carried out with surgical precision.
UTM offload
UTM Offload (available on the AR4050S only) improves WAN throughput when using multiple security features together, or when higher performance is required.
It enables some security and threat protection features (IPS, IP-Reputation, and URL Filtering) to be offloaded to a secondary physical or virtual machine that is automatically managed by the AR4050S. UTM Offload can up to double WAN connection throughput when using these features for real-time threat protection, or in conjunction with Firewall, NAT, and Application Control to manage business application use.
Note: it is recommended not to use UTM Offload when using the proxy-based Web-Control feature.
