|
|
|
|
Sygate®
Enterprise Network
Distributed
Firewall Architecture of Defense
Overview
Sygate
Enterprise Network combines a centralized management server
control station with a customizable distributed firewall.
The result is comprehensive configuration, monitoring and
enforcement of security and access policies enterprise-wide.
With Sygate Enterprise Network, corporate security policy
is extended to every desktop, laptop or appliance that connects
to the network giving you the power to:
- Enforce
consistent enterprise-wide security policy
- Update
security policy rapidly in emergency situations
- Adjust
security policy based on user, location and time of day
- Control
Internet application usage
- Detect,
block and alert attempted intrusions in real-time
- Log,
track and graphically report all network activity
Rendering
Hackers Helpless
When
a security breech, such as port scanning or remote hacking
is detected, the Sygate distributed firewall blocks the
Internet connection to prevent any damage or data removal
while alerting an administrator of the breech. By preventing
communication between the hacker and your network, the hacker
is rendered helpless.
Centrally
Enforced Security Policy
Sygate®
Management Server provides IT with a central point of control
over their entire network. Client machines can be organized
into groups with different security settings. Administrators
can then create profiles for global, group or individual
security policies, eliminating the hassle involved with
individually configuring each machine. Settings can be password-protected
to prevent unauthorized changes and to enforce policy. Sygate
Management Server centrally monitors all user activity including
intrusion attempts and setting changes.
Enterprise-Wide
Visibility
Detailed
logs are encrypted and forwarded from Sygate’s distributed
firewall for analysis and reporting. Real-time monitoring
gives administrators a bird’s-eye view of intrusion activity
from the individual through the global level. Activities
are logged to help track activities and pinpoint intrusion
attempts. An integrated graphing capability assists in spotting
trends in network activity and adjusting security policy
accordingly. The result is an enterprise-wide security system
that can be fine-tuned while clearly justifying the security
effort to upper management.
Customizable
Security Policy
On the
client side, Sygate’s distributed firewall protects Windows-based
PCs and servers. Five customizable security policy settings
provide multiple security layers to computers that are part
of a corporate LAN or directly connected to the Internet.
The Sygate distributed firewall allows or denies every incoming
or outgoing Internet packet based on a security policy setting
(ports, protocols, IP address, time-of-day, application).
It can also link Internet access privileges with specific
application programs and allow or block applications from
accessing the network.
Architecture
of Defense
Sygate
Enterprise Network provides an integrated, scalable, high-performance
architecture of defense, which comprehensively protects
important computer data from theft, corruption and damage
while preventing work interruptions due to unauthorized
intrusions from Trojan Horse hacker tools. Like all products
from Sygate Technologies, Inc., Sygate Enterprise Network
is easy to deploy and maintain, without the cost and complexity
associated with other security solutions.
- Corporate
Asset Protection
– Employees working from home, on the road or any other
remote location, are protected by Sygate Enterprise Networks
powerful security package, eliminating IT worries over
unwelcome intrusions. All communications are protected,
regardless of the user’s location or access method from
outside the corporate firewall.
- Centralized
Security Policy Management and Enforcement –
Consistent, enterprise-wide security policy can, from
one screen, be easily provisioned and managed, with unobtrusive
monitoring and protection for each user. An easy to use
web-based interface allows multiple server consoles to
operate concurrently for network monitoring, user management
and security policy administration. Automatic client registration
with the server and status monitoring simplify administrative
workload. Additionally, administrators have the freedom
to allow all or part of a given security profile to be
client-controlled giving them the ultimate in control
and flexibility.
- Rapid
Deployment – Using a pre-configured initialization
file with default settings, administrators can rapidly
install a distributed firewall client on all network computers.
The Sygate Management Server then automatically detects
each computer’s Internet connection and network settings.
Typical "silent" installations take about 30
seconds, a huge savings for resource-strapped IT departments.
- Ease
of Administration
– Capabilities such as automatic registration of clients
with the server and status monitoring (alive, dead, offline)
simplify the administrator’s task of maximizing client
uptime and trouble-shooting potential problems related
to network connectivity. Enforcement mechanisms ensure
the security policy cannot be tampered with by either
internal or external sources.
- Reporting
and Analysis Tools – Detailed reporting and
graphing capabilities help administrators easily spot
attacks on a single system or analyze all clients on the
network for attack trends. Daily, weekly or monthly reports
can be automatically generated. Detailed logs are encrypted
and forwarded to the central management server, which
can generate graphs on local and global activity. Logs
can be analyzed to help administrators fine-tune their
security policies while clearly justifying network security
to upper management.
- User
Transparency
– Administrators can configure each distributed firewall
to be completely transparent to the user, allowing the
administrator to remotely monitor the computer’s security.
Sygate Enterprise Network supports most major programs
and protocols, including VPN, allowing the security policy
to be maintained without sacrificing business efficiency.
- Multi-Layer
Security and Protection
– Sygate Enterprise Network provides both packet and application
level security and protection. Every incoming or outgoing
packet is allowed or denied based on your security policy
settings (ports, protocols, IP address, time-of-day, application).
Upon detecting any intrusion attempts, the Sygate distributed
firewall will close the corresponding network connection
and alert you immediately. The integrated application-level
policy associates Internet access privileges with specific
application programs and allows or blocks any application
from accessing the network.
- Five
Customizable Security Policy Settings
– Administrators have the freedom to customize or
choose a pre-defined security policy that meets their
needs. All settings are password-protected to prevent
changes by others and enforce security policy. Pre-defined
security policy setting include:
- Ultra
High Security Level
-
Blocks all ports and protocols to and from the Internet
when you don't want to use the your connection.
- High
Security Level - Allows only common user-initiated
requests, such as email, web browsing, and telnet sessions,
to open an Internet connection.
- Medium
Security Level - Allows any local Internet
applications to communicate with the Internet. Users
who want to play games over the Internet should choose
this mode.
- Low
Security Level
- Some computers need to be available for public
access over the Internet, such as a Web server, an Email
server, a Telnet server, an FTP server or an NNTP server.
This lower security level allows these systems to receive
expected types of inbound requests.
- Off
- Sygate Personal Firewall functionality is disabled
in this mode.
- Security
Audit
– Administrators can test their actual network vulnerability
with the Sygate Online Scan (SOS) service. This online
service allows the scanning of each computer to determine
which ports are open and which are closed.
- Trusted
IP
– Easily allows certain computers in a network to
access the secured PC while blocking others.
- Auto-Interface
Detection – Automatically protects any
active Internet connection without any user intervention
(e.g., switching from LAN to dialup).
- Interactive
Learning Mode – Automatically prompts the user
if any unauthorized application is trying to access the
network. With a single click, administrators can add it
their list of trusted applications for network access.
- Multiple
Database Support - With support for Microsoft
Data Engine (MSDE), Microsoft SQL, and Oracle, Sygate
Enterprise Network is truly enterprise-ready. No proprietary
systems to impede your workflow. Sygate Enterprise Network
allows you to use your existing knowledge and tools therein.
You can even configure Sygate Enterprise Network to utilize
one remote database for your global operation resulting
in significant IT cost reductions.
System
Requirements
Management
Server
- Intel
Pentium-class processor or faster
- Windows
NT 4.0 (SP5-SP6a)/2000
- 128
MB RAM or higher
- MSDE
(included), SQL 7.0 or higher Oracle 8 or 8i
Administration
Console
- Intel
486-class processor or faster
- 16
MB RAM or higher
- 1024
X 768 minimum monitor resolution
- Java-enabled
web browser (Microsoft Internet Explorer or Netscape Navigator
4.0 or higher recommended)
Distributed
Firewall Client
- Intel
486 (or equivalent) processor or faster
- Windows
95 OSR2 or higher/98/2000/NT 4.0 (SP3-SP6a)
- 16
MB RAM or higher
- 10
MB HDD
- Internal
or external analog, ISDN, xDSL, cable or other network
based Internet connection
- TCP/IP
protocol installed
<<
Back To Top >>
|
|
|
Home
| Company
| Products
| News
| Downloads
| Buy
| Support
| Partners
| Contact
Us |
1997-2001
Sygate Technologies, Inc.
All content, brands,
and products referenced herein are the trademarks or registered trademarks of
their respective holders. Sygate® is a registered trademark of Sygate Technologies,
Inc. No part of this document may be reproduced or transmitted in any form or
by any means, electronic, mechanical, or otherwise, without prior written permission
of Sygate Technologies, Inc. Please be advised that Sygate Technologies, Inc.
actively and aggressively enforces its intellectual property rights to the fullest
extent of the law.
|
|