/ StoneGate | netiQ/ Attachmate | Softnext
StoneGate security appliances
help blend the need for in-depth network security and end-to-end availability
into a unified and centrally manageable system for distributed enterprises.
StoneGate FW/VPN and IPS appliances are used to protect network perimeters,
internal network segments and provide business continuity.
StoneGate solutions consist
of the following:
Please visit www.stonesoft.com
for more information.
StoneGate Firewall and VPN
StoneGate Multilink VPN
StoneGate Intrusion Prevention
StoneGate SSL VPN for Remote
Web Portal Access to Applications
Firewall and VPN
The StoneGate Firewall delivers
a fundamentally new and different architecture, providing
you a degree of network security
and business continuity not possible with traditional
Built-in Multi-Link VPN
Set up a clustered, load-balanced
environment out of the box without third-party
solutions. Drop in Firewall
Clustering Technology allows you to "Drop" a cluster into
the network environment without
reconfiguring of existing switches or routers.
Stonesoft's unique patented Multi-Link
Technology enables a single or clustered
StoneGate firewall to access
multiple Internet and VPN connections across
multiple ISPs, leased lines,
or other connections.
Server load sharing and health
monitoring intelligence for server pools ensures
availability and performance
of business services.
Multi-Link VPN adds fault tolerance
and transparent failover to VPN tunnels and
VPN client connections, offering
an advantage over other firewall/VPN combinations.
StoneGate Management Center makes
the everyday management and configuration
of StoneGate products easy
and cost effective. It provides an unified and efficient
management environment for
StoneGate IPS, Firewall and VPN, and powerful tools
for incident handling.
Log and alert browsing give the
administrator a comprehensive overview of a security
event while the built-in
reporting tool draws an overview on what has been going on
in the network.
Bandwidth Management and Quality
Multi-Layer Inspection allows
the firewall to act as a packet filter, perform stateful
inspection or application-level
firewall, using whichever method when it makes the
most sense on a rule-by-rule
HTTP Deep packet inspection -
Stops worms and other exploits (using HTTP) already when
they’re trying to pass the
firewall. You can stop traffic that violates corporate policies
SIP Protocol Agent - allows only
the related media connections through. Enhances the
security of call setup, since
the firewall does not have to leave a range of ports open
for the related connections.
StoneGate also coordinates NAT operations to reduced
the time usually needed to
configure voice traffic and NAT
Guarantee that business critical
traffic has always enough bandwidth available and to
control how much less important
traffic utilizes the network.
Prioritize traffic that is sensitive
to delay in the firewall and in other network devices
Guarantees and/or limits bps
Traffic can be prioritized
Configuration is made easy and
QoS policy is defined for each
Outgoing packets can be marked
using the DSCP (Differentiated Services Code Point)
field. The marking can be
different depending on the interface
If external QoS device has already
classified the traffic using the DSCP field, StoneGate
is able to use that information
and apply appropriate QoS policy.
Virtual private networks (VPNs)
use the public Internet to establish secure, low-cost network connections
between remote offices, business partners, and remote users. VPNs are gaining
popularity as a way to replace
more expensive leased lines and frame-relay connections.
However, not all VPNs are
created equal. Data protection protocols and encryption techniques continue
to improve, but Internet reliability remains a barrier to widespread VPN
Stonesoft's combination of
high-availability firewall and VPN addresses the problem in a unique
way, securing both the availability
and integrity of your Internet connections.
is Multi-link Technology?
StoneGate's patented Multi-Link
technology provides high availability and load balancing
for Internet and VPN traffic
across multiple network providers (ISPs). Multi-Link technology
enables StoneGate to automatically
maintain the fastest possible link to the Internet and
eliminates your Internet
connection as a potential point of failure, without the use of
complex routing protocols
or additional hardware.
The StoneGate Multi-Link VPN
comes with a free VPN Client, providing mobile users with
simple, centrally managed,
secure access to the corporate network. It also includes an
active traffic filter, which
protects the mobile machine from unauthorized traffic on the
mobile network as well.
The flow of your data is never
interrupted by Internet access outages or lost connections
between your firewall and
Continuous Internet connectivity
with optimal performance. Decrease latency and
increase your bandwidth compared
to using a single provider
Improved security policy management
and minimized potential for errors while reducing
the overhead costs of system
No need to configure third-party
hardware and software, or organize cooperation
Secure your mobile users at no
Intrusion Prevention System
StoneGate IPS protects the
internal network while StoneGate Firewall and VPN provides
perimeter protection and
secure connectivity between branch offices. Spyware, worms, and
peer-to-peer programs slow
down network performance, which has direct impact to business
In today’s business environment
where competition is hard and decisions have to be made fast,
the business information
is valuable for only a short moment in time. If the information is not
available when it is needed
then it hurts productivity. That means increased risk for the business.
StoneGate IPS detects and stops network traffic abuse and reduces business
Protects vulnerable applications
and operating systems
and servers must run 24 hours a day. If there is security vulnerability
in the application or in
the operating system then it should be fixed (patched) as soon as
possible. But bringing down
business-critical service for maintenance means lost revenue.
applications have scheduled maintenance windows every month,
but that is too late because
the security vulnerability is there right now and anybody can
exploit it. The solution
for this is to put StoneGate IPS in front of the application. It stops
exploits that are trying
to use the vulnerability in business-critical applications or servers.
Stops worms, P2P, and spyware
There should not be worms,
spyware, or peer-to-peer traffic in corporate network.
StoneGate IPS can remove
them from your corporate network traffic and therefore increase
the network bandwidth available
for your business operations.
Ensures regulatory compliance
Payment Card Industry Data
Security Standard is one example of regulatory actions where organizations
(in this case Visa and Master Card) try to reduce the risk associated with
main business. This standard
requires that all merchants that store, process, or transmit
cardholder data should use
Intrusion Prevention Systems. StoneGate IPS fulfils the standard’s requirements
and allows merchants to run their business in a clean environment.
Accelerates incident handling
StoneGate IPS stops attacks
before they damage the target server, therefore eliminating
incident costs. StoneGate
IPS provides a large variety of information about attempted attacks
and its Incident Management
feature can be used to collect that information in one place.
This information can be used
to create Internet abuse reports so that system administrators of
the attacking network segment
are notified about attacks. This helps to prevent attacks
happening again and is one
way to inform responsible parties about the attack.
Stops attacks against web
Enterprises strive to offer
flexible and easy-to-use services for their customers, partners, and
employees. In many cases
this means that customers have a web interface to critical
core-business services. Although
web access is a very convenient way for customers to
access services it also presents
a new risk to the core-business. StoneGate IPS will prevent
attacks against these services
and show what is going on in the DMZ area, thus reducing
Low Total Cost of Ownership
StoneGate Management Center
makes the everyday management and configuration of
StoneGate products easy and
cost effective. It offers unified management for StoneGate IPS,
Firewall and VPN. Many features
are designed for resilient and secure remote management.
For example, automatic rollback
from software upgrades or policy updates guarantees that
the connection to remote
devices is always available. There is no need to send engineers to
remote locations because
all administration tasks can be done reliably from a central
location. This saves costs
and simplifies enterprise security policy enforcement.
SSL VPN for Remote Web Portal Access to Applications
StoneGate SSL VPN offers secure
remote application access via web interface.
It is a VPN solution that
can be used with a standard Web browser. In contrast to the
traditional IPsec (Internet
Protocol Security) VPN, an SSL VPN does not require the
installation of specialized
client software on end users' devices.
SSL VPN is ideally suited
for organizations with many mobile users connecting from varied
locations and where trust
can be an issue but easy access is also important. StoneGate
SSL VPN provides employees
with enormous flexibility to access the network from any
location and from Web-enabled
devices such as laptops, PDAs, and mobile phones.
Used applications can include
e-mail, intranet, extranet, client/server applications, VoIP,
terminal services, and much
StoneGate SSL VPN also provides
Network Access Control (NAC) where it is most needed,
for mobile network access
originating from unidentified devices. It grants a view only to
the applications and data
that he/or she is allowed to access. It also enforces company
security policy access session
by checking that device meets the requirements set in security
policy. If, for example,
antivirus software is not up to date, network access can be denied. Requirements
can also differ if the connection is made from Intranet or if it is made
For the IT administrator StoneGate
SSL VPN is as easy to manage as any other StoneGate
solution and in addition
there's no client software to maintain on the users' devices. .......