|
Front
Door Firewall - Monitored
Maintenance - Intrusion
Detection
Vulnerability Analysis
- Virtual Private Networks
- Usage Monitoring Systems
What
is the FrontDoor Firewall?
The FrontDoor Firewall is a fully customizable stateful firewall,
Network Address Translation, Transparent HTTP proxy, Intrusion
Detection System and Virtual Private Network Gateway server.
It is designed to be an all-inclusive Network Security solution
for small to mid-size businesses.
Features:
The FrontDoor Firewall product differentiates itself from
its every major competitor by being the only true customized
solution. It was developed and tested over the course of two
years to become a toolbox of network security features. This
toolbox then allows us to build up a network defense system
from scratch with a default deny all rule, therefore, we only
open up the ports we use, instead of starting off with an
initially open configuration and closing off ports that we
do not use. Following the rule of Security through Obscurity,
which states that a system’s popularity is directly proportional
to its network security vulnerability, our system’s level
of penetrability is next to 0%, since our system is customized
down to the OS level for each installation.
FrontDoor’s hardware platform is an Intel-based tower
style server with the following minimum specifications:
-
Pentium Pro 200MHz 256k cache Processor (enough processing
power for 3.5Mbs sustained bandwidth ***faster processor
configurations are available at added cost)
- 64MB
RAM
-
Western Digital 20GB Hard Drive (ensures that the firewall
will not break down from lack of logging space during a
D.O.S. attack)
-
(2) 3COM EtherLink PCI Network Interface Cards
-
3 1/4 Floppy Drive (for emergency recovery)
-
Keyboard
After
the server is loaded with the custom FreeBSD UNIX based
Operating System and our custom security package, it is
ready to fulfill its function of an Outside Perimeter Firewall.
The FrontDoor Firewall boasts the following features:
-
Quadruple pass-through rule processing – any traffic
going in/out of the firewall is evaluated four distinct
times against four distinct rule sets, which allows a greater
level of granular control within a network
-
Full stateful packet filter operation, including statefulness
support for the ICMP and UDP protocols (allows for a wider
range of network cloaking options)
- "Smart"
NAT (Network Address Translation) – conditional bi-directional
NAT adds yet another layer of security to the system by
masquerading IP addresses
-
Transparent HTTP proxy – allows for specific control
of web-based content available to your employees
-
Denial Of Service protection – custom code within the
OS slows down the packet response rate to suspected hosts,
therefore preventing the attack from causing link saturation
-
Digital Certificate based Secure Remote Management interface
– allows for quicker response times and lower maintenance
costs
-
Guaranteed 4 hour response times on "network-down"
emergencies, maximum 4 hour response times on others (usually
less than 15 minutes)
-
PROACTIVE bug/security hole patches – we constantly
monitor the hacking underworld as well as official network
security sources and therefore are able to quickly counteract
new attacks through promptly deploying system hotfixes
-
Industry Standard IPSEC compliant VPN module – with
encryption key strengths of up to 2048 bits, and support
for the latest encryption algorithms, including Blowfish
and Rjandel, cracking the code becomes a next to impossible
task.
-
Roaming Dialup Client VPN capabilities – as log as
the user has access to the internet, a secure VPN connection
can be established with the main office.
|
|
