Skip to page contents

---

International (change)  Extranet |

---

---

Products    Training    Support    Downloads    Partners Contact | About us | Press & Media | Investor Relations

---

Solutions | Industries | Products | Virtualization | Case Studies | Certifications |

---

• StoneGate Management Center
• Architecture
• Domains
• Web Portal
• Third Party Management
• System Monitoring
• Network Monitoring
• Reporting
• Log Browsing
• Security Policies
• Incident Management
• Administration Access
• Alert Escalation
• Audit
• High Availability
• Remote Upgrade
• StoneGate FW / VPN
• StoneGate IPS
• StoneGate SSL VPN

---

---

 

• Intuitive rule-based configuration
• Revolutionary structural approach
• Fits well in distributed administration
• View Rule hit counts directly in the policy
• Rule Search tool
• Rule Validation tool
• Review the changes before the upload
• Create new rules from the logs
• IP resolve tool
• Export to XML, PDF and HTML
  
  
  
  
  

Security Policies

The administrators of StoneGate Security Platform can implement the corporate security policy through two security policies:

• Firewall Security Policy
• IPS Sensor Policy

Unique Solution

StoneGate Management Center Security Policy Editor introduces a revolutionary structural approach for safe and efficient security policy maintenance and distributed administration.

Templates, Sub-rules, and Aliases are the key components that allow administrators to create simple yet comprehensible security policies. Also simultaneous policy uploads to engines decrease the risk of having conflicting policies present at the same time.

Safe and Efficient Security Policy Maintenance

Fewer human errors through:

• A clear structure that complements the way the security policy works and the way it is maintained
• Encapsulating and sharing rules in small, comprehensible entities
• Implementing conceptual rules with common patterns

Distributed Administration

Administrator permissions can be limited to:

• Exclude enterprise-level policy
• Include the policies for selected security engines
• Include the sub-rules concerning certain traffic

Firewall Security Policy

 

In General

The main function of a firewall security policy is to implement access control rules.

In StoneGate, the main principle of access control can be expressed as "whatever is not expressly permitted is denied".

In addition to the access control rules, a firewall security policy defines what kind of traffic is logged and what kind of traffic should generate alerts. It also defines the address translation rules that are used, how VPN is used and enforces authentication on connections.

Challenge with Traditional Firewall Security Policies

The susceptibility to errors in the security policy definition is a serious security risk.

Traditionally, security policies have been defined as lists of rules, either specific to the security engine or as lists combining rules common to multiple security engines.

Defined either way, the security policy of an enterprise, depending on network connectivity, tends to become very big, difficult to comprehend, and impossible to maintain collaboratively. This increases the risk of mistakes, typing errors and unintentional access holes left in the policy.

IPS Sensor Policy

 

The purpose of the IPS sensor policy is to define what traffic is inspected, how the inspection is done, and how the system should react to various events. Stonesoft provides a system policy for the sensor, which defines all the necessary rules for inspecting network traffic

Always up-to-date

The system policy is constantly updated as part of the dynamic security updates in order to make sure that the latest security threats are detected and identified.

Intuitive configuration

In StoneGate IPS configuration the administrator deals only with situations, representing vulnerabilities.

Situations are grouped in situation groups, for example, for peer-to-peer traffic and spyware.

An administrator can block spyware with one drag-and-drop action. It means that common administration tasks are more intuitive, faster to perform and self-documenting. This reduces the possibility of human error and therefore helps to keep business-critical production traffic flowing without any disruptions.

Layer-2 firewall

StoneGate IPS configuration looks similar to the firewall configuration. They both have an Access rule base and an Inspection rule base. Access Rules decide what traffic is allowed for further inspection and can also block unwanted traffic right away. Inspection Rules decide what kind of inspection is performed for the traffic.

StoneGate IPS has a layer-2 firewall or a stealth firewall built into it, so it is only natural that its configuration has similarities with the firewall configuration.

Possibility of simulating blocking effects

StoneGate IPS can block attacks and other harmful traffic before they do any damage.

Several studies have shown that administrators are reluctant to apply traffic blocking rules if they do not know their effects on production traffic.

StoneGate IPS removes this problem with a passive/active blocking feature.

Passive blocking creates a special log entry for each connection that would have been blocked if active blocking were turned on.

The ability to test blocking rules on real production traffic speeds up the company’s reaction to threats and therefore enhances the security of the company.

---