Gibraltar - Features

Top  Previous  Next

Unified Threat Management by Gibraltar

 

Gibraltar Security Gateways provide a comprehensive and competitive protection against a multitude of current security risks and threats. They combine several important security applications into one product and provide for secure connections in your network. Gibraltar is either available preinstalled on five different hardware appliances or just as a software release.

 

System and Management

Hardened OS-Kernel based Debian Linux
Read Only Boot media: USB, CD-ROM
Conventional Boot media's: Compact Flash, Hard disk
Languages: German, English
Management: Remote via a web-based Configuration tool (SSL) or Remote Login (SSH)
Simple Configuration Management
User management: LDAP (local and extern), Active Directory
Automatic Software-Update-Service
High-Availability: Hot-Standby
Detailed logging and interactive analysis

 

Interfaces

Scalable number of network interfaces
Scalable number of IP addresses on each network interface.
Ethernet 10/100/1000: static or dynamic IP addresses
ADSL (PPTP, PPPoATM, PPPoE), ISDN
VLAN's
Bridging
Graphical traffic analysis

 

Firewall and Packetfilter

Stateful Packet Inspection Firewall
Support of all popular network protocols  (protocol pass through: PPTP, FTP, H.323, IRC)
Flexible Paket filter: Interface, MAC address, IP address, port, service, etc.
Protection of DoS/Flood attacks.
Limitation of Peer-2-Peer Services (P2P)
Dynamic and static address translation: Network Address Translation (NAT), Port Address Translation (PAT)
Load Balancing
Transparent Layer 2 Firewalling (Bridged Mode)
Randomized IP Sequencing
Gezielte TTL Manipulation

 

Web Filter

Proxy-Server (transparent)
Caching-Proxy
Authentification: LDAP (local and extern), Active Directory
Blocking of websites after dynamic categorization (content filtering)
User defined and server-based blocklists for URL's and Domains.
Examination on dangerous content (Cookies, ActiveX, JavaScript)
Detailed logging and interactive analysis

 

E-Mail Filter

Virusfilter: protocols SMTP and POP3
Spamfilter: protocols SMTP and POP3
Filtering of undesirable E-Mail-Attachments
Graphical Analysis
Image- and PDF-spam-detection
Deleting, marking or isolation of Spam-Mails
Detection of Phishing-Mails
SMTP-E-Mail-Encryption (TLS)
Self-learning trainable Filter (Bayes-Filter)
Sender Policy Framework (SPF)
Blacklisting (RBL) and Hashreview  (Razor, DCC)
Rulebased Review (SpamAssassin) with automatic Update
Review of RFC-Compliance
Delaying of Bulk-Mails (tar pit)

 

Virtual Private Networks Gateway (VPN)

Site-to-Site VPN: IPSec
Client-VPN: IPSec, OpenVPN, L2TP, PPTP
Clientless SSL VPN: Mit Windows XP/2000, MAC OS, Linux
Unlimited number of tunnels and Clients
NAT Traversal
IPSec encryption: AES, 3DES, Blowfish, Twofish, CAST, Serpent
IPSec authentification: PSK and X.509 certificates
Perfect Forward Secrecy (PFS)
certificate management

 

Traffic Shaping and Bandwidthmanagement

Incoming and Outgoing Traffic
Pre- and user- defined Traffic-classes, for example: VOIP, Citrix, RDP..
Minimal guarantied and maximal bandwidth per  class
VPN-bandwidthmanagement (IPSec)
Spliiting of general bandwidth: IP-addresses of Subnets
Graphical analysis

 

Captive Portal

Browser-based authentification to (WLAN-) Hotspots
Automatic redirect to login-mask
Authentification: LDAP (local and extern), Active Directory, external RADIUS-server
Simultaneous public and private network services
Logging of traffic and connection times
Flexible user-right-management

 

Anonymity

Anonymity of selected network traffic
Provides anonym internet browsing
JAP Anonymity-Proxy
TOR Anonymity Network
Freenet HTTP - Portal

 

Additional Services

Dynamical DNS
DHCP Server
Secure DNS Resolver
SSL Wrapper for selected TCP services
Transparent FTP-Virus-scanning

 

##############################

 

Firewall:

The Gibraltar Firewall inspects and secures overall network and Internet traffic and provides for secure connections. The Gibraltar dynamic packet filter (Stateful Packet Inspection) and several application level proxy servers guarantee highest available security for all prevalent network protocols.

 

Proxy server:

Several proxy servers provide for high performance and additional security. The integrated e-mail proxy is able to check all e-mails against spam and viruses. The transparent Web proxy enables a restrictive management of the private Web usage of all employees.

 

Anonymisation Gateway:

Internet providers and companies are legally boand to monitor all network traffic. Thus, it is possible to identify and track sensitive data about companies and their customer and supplier relationships. Gibraltar is able to make selected network traffic anonymous. This means, that not even Internet providers are able to track down traffic to the originating server or user. By using Gibraltar anonymisation service, it is possible to both observe law and assure anonymity.

 

Virtual private network gateway:

The Gibraltar VPN server securely connects all company sites and branch offices over potentially insecure networks. It also provides encrypted and secured remote access to the company network for your field staff.

 

Spam filter:

The Gibraltar mail filter reliably identifies and deals with unsolicited e-mails. This will raise the productivity of your employees. By using the Gibraltar spam filter it is possible to reduce the number of unrequested e-mails by over 99 per cent.

 

Antivirus Gateway:

The Gibraltar Antivirus Gateway powered by Kaspersky Labs  inspects all e-mails, Web downloads and FTP data transfers for computer viruses. Additionally the Antivirus Gateway includes an effective protection against phising e-mails and spyware.

 

Bandwidth management:

Gibraltar bandwidth management makes it possible to prioritise and to regulate overall network traffic. Time-critical applications like VoIP (Voice over IP) and all kind of terminal server protocols receive the minimum bandwidth they require. The built-in monitoring feature makes it possible to permanently observe the shaped traffic.

 

Secure, convenient, powerful.

Gibraltar Security Gateways offer a unique cost/performance ratio and a very simple and flexible administration. For schools and universities, Gibraltar offers very special conditions. Feel free to ask for academic licenses.

 

Secure and simple management by Read-only technology

Gibraltar starts and runs fully off physically write protected media. For this reason, a time-consuming and insecure hard disk installation is not necessary. On the contrary, read-only operation of Gibraltar leads to a significant improvement of security, since it is not possible for potential attackers to permanently reside on the system. System configuration can be archived alternatively on hard disk, USB media, floppy disk or e-mail.

 

Comfortable with easy configuration system

Gibraltar can be installed and configured with an easy to use Web based configuration tool. A detailed online help and many useful configuration scenarios assist the firewall administrator. However, if there are some questions left, Gibraltar offers professional telephone and e-mail support.

 

Pure flexibility on the console

For the sophisticated administrator, Gibraltar offers a maximum of flexibility and functionality by using the system console. Nothing is impossible if you are approaching Gibraltar on the console. Gibraltar can be configured both on the console and with the easy-to-use Web based configuration tool. Linux experts will be highly surprised what Gibraltar offers beneath the surface.

 

Scalability and reliability through simple hardware replacement

The software release of Gibraltar can be operated on all common hardware platforms. This makes Gibraltar unbeaten in scalability. Hardware replacement is very easy and can be achieved during a couple of minutes.

 

Unbeatable in cost/performance ratio through open source development

Gibraltar is based on an accurately hardened Debian/GNU Linux and solely uses proved and tested open source components. Except for the Web based configuration tool, all Gibraltar source codes are permanently published and can be reviewed and tested by open source community. In return, privately using Gibraltar is cost-free.

 

Easy updates and professional support

With the Gibraltar UpToDate-Service you stay permanently up to date. Software updates will be downloaded and installed fully automated. New releases of Gibraltar can be installed using the web based configuration tool (Gibraltar Security Appliances) or replacing the system CD (Software release).

The professional telephone and e-mail support guarantees a trouble free installation and smooth operation of Gibraltar. Gibraltar support means you will get direct support from Gibraltar developers. These guys are real security pros and will find a solution for each of your problems. Give us a test!