Distributed Firewall - Sygate Enterprise Network

Sygate® Enterprise Network

Distributed Firewall Architecture of Defense

Features
System Requirements	Marketing Brief (PDF)	Request for Information

Overview

Sygate® Enterprise Network is the world’s most advanced distributed firewall solution. With Sygate Enterprise Network, IT security administrators gain the ability to easily implement a centrally managed, monitored and enforced global security policy. By securing the network perimeter, Sygate Enterprise Network prevents malicious attacks from impacting your corporate assets.

Sygate Enterprise Network combines a centralized management server control station with a customizable distributed firewall. The result is comprehensive configuration, monitoring and enforcement of security and access policies enterprise-wide. With Sygate Enterprise Network, corporate security policy is extended to every desktop, laptop or appliance that connects to the network giving you the power to:

Enforce consistent enterprise-wide security policy
Update security policy rapidly in emergency situations
Adjust security policy based on user, location and time of day
Control Internet application usage
Detect, block and alert attempted intrusions in real-time
Log, track and graphically report all network activity

Rendering Hackers Helpless

When a security breech, such as port scanning or remote hacking is detected, the Sygate distributed firewall blocks the Internet connection to prevent any damage or data removal while alerting an administrator of the breech. By preventing communication between the hacker and your network, the hacker is rendered helpless.

Centrally Enforced Security Policy

Sygate® Management Server provides IT with a central point of control over their entire network. Client machines can be organized into groups with different security settings. Administrators can then create profiles for global, group or individual security policies, eliminating the hassle involved with individually configuring each machine. Settings can be password-protected to prevent unauthorized changes and to enforce policy. Sygate Management Server centrally monitors all user activity including intrusion attempts and setting changes.

Enterprise-Wide Visibility

Detailed logs are encrypted and forwarded from Sygate’s distributed firewall for analysis and reporting. Real-time monitoring gives administrators a bird’s-eye view of intrusion activity from the individual through the global level. Activities are logged to help track activities and pinpoint intrusion attempts. An integrated graphing capability assists in spotting trends in network activity and adjusting security policy accordingly. The result is an enterprise-wide security system that can be fine-tuned while clearly justifying the security effort to upper management.

Customizable Security Policy

On the client side, Sygate’s distributed firewall protects Windows-based PCs and servers. Five customizable security policy settings provide multiple security layers to computers that are part of a corporate LAN or directly connected to the Internet. The Sygate distributed firewall allows or denies every incoming or outgoing Internet packet based on a security policy setting (ports, protocols, IP address, time-of-day, application). It can also link Internet access privileges with specific application programs and allow or block applications from accessing the network.

Architecture of Defense

Sygate Enterprise Network provides an integrated, scalable, high-performance architecture of defense, which comprehensively protects important computer data from theft, corruption and damage while preventing work interruptions due to unauthorized intrusions from Trojan Horse hacker tools. Like all products from Sygate Technologies, Inc., Sygate Enterprise Network is easy to deploy and maintain, without the cost and complexity associated with other security solutions.

Features/Benefits

Corporate Asset Protection – Employees working from home, on the road or any other remote location, are protected by Sygate Enterprise Networks powerful security package, eliminating IT worries over unwelcome intrusions. All communications are protected, regardless of the user’s location or access method from outside the corporate firewall.
Centralized Security Policy Management and Enforcement – Consistent, enterprise-wide security policy can, from one screen, be easily provisioned and managed, with unobtrusive monitoring and protection for each user. An easy to use web-based interface allows multiple server consoles to operate concurrently for network monitoring, user management and security policy administration. Automatic client registration with the server and status monitoring simplify administrative workload. Additionally, administrators have the freedom to allow all or part of a given security profile to be client-controlled giving them the ultimate in control and flexibility.
Rapid Deployment – Using a pre-configured initialization file with default settings, administrators can rapidly install a distributed firewall client on all network computers. The Sygate Management Server then automatically detects each computer’s Internet connection and network settings. Typical "silent" installations take about 30 seconds, a huge savings for resource-strapped IT departments.
Ease of Administration – Capabilities such as automatic registration of clients with the server and status monitoring (alive, dead, offline) simplify the administrator’s task of maximizing client uptime and trouble-shooting potential problems related to network connectivity. Enforcement mechanisms ensure the security policy cannot be tampered with by either internal or external sources.
Reporting and Analysis Tools – Detailed reporting and graphing capabilities help administrators easily spot attacks on a single system or analyze all clients on the network for attack trends. Daily, weekly or monthly reports can be automatically generated. Detailed logs are encrypted and forwarded to the central management server, which can generate graphs on local and global activity. Logs can be analyzed to help administrators fine-tune their security policies while clearly justifying network security to upper management.
User Transparency – Administrators can configure each distributed firewall to be completely transparent to the user, allowing the administrator to remotely monitor the computer’s security. Sygate Enterprise Network supports most major programs and protocols, including VPN, allowing the security policy to be maintained without sacrificing business efficiency.
Multi-Layer Security and Protection – Sygate Enterprise Network provides both packet and application level security and protection. Every incoming or outgoing packet is allowed or denied based on your security policy settings (ports, protocols, IP address, time-of-day, application). Upon detecting any intrusion attempts, the Sygate distributed firewall will close the corresponding network connection and alert you immediately. The integrated application-level policy associates Internet access privileges with specific application programs and allows or blocks any application from accessing the network.
Five Customizable Security Policy Settings – Administrators have the freedom to customize or choose a pre-defined security policy that meets their needs. All settings are password-protected to prevent changes by others and enforce security policy. Pre-defined security policy setting include:

Ultra High Security Level - Blocks all ports and protocols to and from the Internet when you don't want to use the your connection.
High Security Level - Allows only common user-initiated requests, such as email, web browsing, and telnet sessions, to open an Internet connection.
Medium Security Level - Allows any local Internet applications to communicate with the Internet. Users who want to play games over the Internet should choose this mode.
Low Security Level - Some computers need to be available for public access over the Internet, such as a Web server, an Email server, a Telnet server, an FTP server or an NNTP server. This lower security level allows these systems to receive expected types of inbound requests.
Off - Sygate Personal Firewall functionality is disabled in this mode.

Security Audit – Administrators can test their actual network vulnerability with the Sygate Online Scan (SOS) service. This online service allows the scanning of each computer to determine which ports are open and which are closed.
Trusted IP – Easily allows certain computers in a network to access the secured PC while blocking others.
Auto-Interface Detection – Automatically protects any active Internet connection without any user intervention (e.g., switching from LAN to dialup).
Interactive Learning Mode – Automatically prompts the user if any unauthorized application is trying to access the network. With a single click, administrators can add it their list of trusted applications for network access.
Multiple Database Support - With support for Microsoft Data Engine (MSDE), Microsoft SQL, and Oracle, Sygate Enterprise Network is truly enterprise-ready. No proprietary systems to impede your workflow. Sygate Enterprise Network allows you to use your existing knowledge and tools therein. You can even configure Sygate Enterprise Network to utilize one remote database for your global operation resulting in significant IT cost reductions.

System Requirements

Management Server

Intel Pentium-class processor or faster
Windows NT 4.0 (SP5-SP6a)/2000
128 MB RAM or higher
MSDE (included), SQL 7.0 or higher Oracle 8 or 8i

Administration Console

Intel 486-class processor or faster
16 MB RAM or higher
1024 X 768 minimum monitor resolution
Java-enabled web browser (Microsoft Internet Explorer or Netscape Navigator 4.0 or higher recommended)

Distributed Firewall Client

Intel 486 (or equivalent) processor or faster
Windows 95 OSR2 or higher/98/2000/NT 4.0 (SP3-SP6a)
16 MB RAM or higher
10 MB HDD
Internal or external analog, ISDN, xDSL, cable or other network based Internet connection
TCP/IP protocol installed

<< Back To Top >>