- Better protection against malicious traffic
- IPS functionality on your firewall
- Dynamic updates
- Easy and quick configuration
Deep Packet Inspection
Many companies have to keep Web traffic restrictions in the firewall fairly open for business to run smoothly. This creates a risk that intruders will find their way to the internal networks through web traffic holes in the firewall. StoneGate NextGen firewall removes the problem.
StoneGate Firewall has always been able to do basic protocol validation
for the web traffic. However, so far only a full-blown Intrusion Prevention System has been able to
do more detailed inspection of connections to ensure Web traffic truly is Web traffic and detect
any misuse of this route.
Now Stonesoft introduces the deep packet inspection in the StoneGate Firewall that has been previously available only in the StoneGate Intrusion Prevention System.
Benefits
- Blocks bogus web traffic - for example, malware that is trying communicate using web ports
- Malicious activity can be cleaned up already at the firewall level before it has time to enter internal networks and cause damage
- Prevents malicious traffic spreading from the internal networks to external networks (partner, extranet, Internet) – prevents damages you might otherwise be liable for.
What makes StoneGate firewall so powerful in the web traffic deep packet inspection is that it does not have only a part of the Intrusion Prevention System functionality, but it has the full system fingerprint library in its use, and the same analysis and inspection capability that StoneGate Intrusion Prevention System has.
Deep packet inspection also includes anti-virus checking. This combination of detailed protocol analysis and fingerprinting together with full antivirus checking for transferred content provides strong level of security for the web traffic.
