axsguard gatekeeper
DESCRIPTION
aXsGuard Gatekeeper - 201201 - v1TRANSCRIPT
![Page 1: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/1.jpg)
The world’s leading software company specializing in Internet Security
aXsGUARD Gatekeeper
DIGIPASS® BY VASCO
![Page 2: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/2.jpg)
aXsGUARD Gatekeeper aXsGUARD Gatekeeper 1
AXsGUARD Gatekeeper at a glance ______________________________________________________________________ 2
Overview __________________________________________________________________________________________ 3 1 software bundle – 5 hardware platforms _________________________________________________________________ 3 1 hardware platform – 4 software bundles _________________________________________________________________ 3 Additional user licenses ______________________________________________________________________________ 3 Recommended users ________________________________________________________________________________ 3
Software bundles ____________________________________________________________________________________ 4 aXsGUARD Gatekeeper basic ras _______________________________________________________________________ 5 aXsGUARD Gatekeeper standard ras _____________________________________________________________________ 5 aXsGUARD Gatekeeper enterprise ras ____________________________________________________________________ 6 aXsGUARD Gatekeeper enterprise backup ras ______________________________________________________________ 6 aXsGUARD Gatekeeper internet redundancy bundle __________________________________________________________ 7
Content scanning ____________________________________________________________________________________ 8 Content scanning: mail ______________________________________________________________________________ 8 Content scanning: web ______________________________________________________________________________ 9 Reporting & statistics ________________________________________________________________________________ 9
Authentication _____________________________________________________________________________________ 10
Hardware _________________________________________________________________________________________ 11 Hardware platforms ________________________________________________________________________________ 11 Hardware maintenance _____________________________________________________________________________ 11
Personal aXsGUARD _________________________________________________________________________________ 12 Secure and wireless connection to the corporate network _____________________________________________________ 12 Easy configuration and setup _________________________________________________________________________ 12
5 solutions with aXsGUARD Gatekeeper __________________________________________________________________ 13 Solution 1: secure government infrastructure with limited resources ______________________________________________ 13 Solution 2: aXsGUARD enables services for Value Added Resellers _______________________________________________ 14 Solution 3: aXsGUARD Gatekeeper as an outstanding all-in-one security solution _____________________________________ 14 Solution 4: business automation for secure remote assistance __________________________________________________ 15 Solution 5: guarenteed business continuity for SMEs _________________________________________________________ 15
Technical specifications ______________________________________________________________________________ 16 Hardware specifications _____________________________________________________________________________ 16 Specifications personal aXsGUARD _____________________________________________________________________ 17
Software specifications ______________________________________________________________________________ 18 Administration ___________________________________________________________________________________ 18 Network ________________________________________________________________________________________ 18 Monitoring and logging _____________________________________________________________________________ 19 Authentication ____________________________________________________________________________________ 19 Firewall ________________________________________________________________________________________ 19 IPS and iDS _____________________________________________________________________________________ 19 VPN server ______________________________________________________________________________________ 20 Multiple internet gateways ___________________________________________________________________________ 20 Bandwidth management ____________________________________________________________________________ 20 Public dns ______________________________________________________________________________________ 20 Application firewall ________________________________________________________________________________ 21 Ssl-vpn webportal _________________________________________________________________________________ 21 High availability ___________________________________________________________________________________ 21 Content scanning: web traffic _________________________________________________________________________ 22 Content scanning: mail traffic _________________________________________________________________________ 22 Statistics _______________________________________________________________________________________ 22
Contents
![Page 3: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/3.jpg)
aXsGUARD Gatekeeper aXsGUARD Gatekeeper 2
aXsGUARD Gatekeeper is part of VASCO’s remote access product line and offers a complete solution for secure network connectivity.
aXsGUARD Gatekeeper is a security appliance dedicated to the needs of the SME market. The solution is designed for administrators who want an all-in-one solution for Internet connectivity and security. 24 functional features are bundled together into four software packages with additional content scanning licenses. Each software bundle can run on one of the five available hardware models allowing organizations of any size to choose the most suitable combination of performance and features. aXsGUARD Gatekeeper works transparently with any other solution allowing organizations to activate only those features they really need. Additionally, aXsGUARD fits perfectly into any network environment, whether it’s a Microsoft, Linux, Mac or mixed environment.
Secure LAN
DMZ ZONE
Bandwith Management
with QoS
Internet Redundancy
SPICT
FIREWALL
INTERNET
IDS
AND
IPS
STATISTICS
STRONG
USER
AUTHENTICATION
SPICT
FIREWALL
SECURE LAN
STRONG
USER
AUTHENTICATION
NETWORK PROTOCOLS
DMZ FIREWALL
RADIUS SERVER
PKI CA
WEBMAIL SERVER
MAIL SERVER
DIRECTORYSERVICE
INTEGRATIONAPPLICATION FIREWALL HTTP/HTTPS/FTP
SSL VPN WEB PORTAL
VPN/RAS SERVER
PROXY SERVER
SMTP RELAY
MONITORING & REPORTING
CONTENT SCANNING
MALWARE PROTECTION
CONTENT SCANNING
MALWARE PROTECTION
Remote Office
SOHO
Road Warrior
PUBLIC DNS
COMMUNICATION
REMOTE ACCESS
SECURITY
AUTHENTICATION
AUDITING
A full-blown solution
for remote Access
aXsGUARD Gatekeeper at a glance
![Page 4: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/4.jpg)
1 software bundle - 5 hardware platforms Each aXsGUARD Gatekeeper software bundle is available on any hardware platform. The different hardware platforms only differ in performance and in the number of network connections available. Each appliance has the same functional features and user interface which makes administration of multiple devices a lot easier. The web-based GUI ensures intuitive administrator use for all aXsGUARD appliances, from large installations on multiple sites to a single appliance on a remote location.
1 hardware platform - 4 software bundles
The four Remote Access Solution software bundles can operate on each available aXsGUARD Gatekeeper hardware platform. Should you require additional features, you simply can upgrade to another software bundle, even without switching the hardware appliance. An automated updating and licensing system will remotely push the new features to the appliance, avoiding lengthy upgrade or installation procedures as your current configuration will continue to run as before.
ADDITIONAL user licenses
To offer complete protection for your network, aXsGUARD Gatekeeper comes with separate content scanning and authentication licenses. Content scanning exists in a basic and a standard version with yearly renewable licenses. The authentication feature can complement the Gatekeeper appliance by simply adding the VACMAN plugin and DIGIPASS authentication devices.
Recommended users
Each combination of hardware and software has a recommended number of users. The number of users is an indication of best performance and hardware maintenance for the appliance and surmises that all available features – including the content scanning option – have been activated. There is no user limit, however, when the number of users exceeds recommendations, system performance may be influenced. As expected, the number of users can be increased when fewer options have been selected.
Overview recommended users including Standard content scanning
AG2504 AG3443 AG3604 AG5506 AG7500
BASIC RAS 25 50 250 1000 2000
STANDARD RAS 10 25 100 500 1500
ENTERPRISE RAS 10 25 100 500 1500
Optional licenses
Basic Content Scanning √ √ √ √ √
Standard Content Scanning √ √ √ √ √
DIGIPASS √ √ √ √ √
aXsGUARD Gatekeeper aXsGUARD Gatekeeper 3
Overview
aXsGuArD GAtekeeper
Grows with your compAny
![Page 5: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/5.jpg)
Software bundles
aXsGUARD Gatekeeper has four different software bundles to choose from, allowing you to select the most suitable solution to address your remote access challenges. Each bundle adds additional functionalities on top of the previous bundle, turning aXsGUARD Gatekeeper in a future proof solution that grows with your business needs. Depending on your requirements with regards to network connectivity, you can select the appropriate bundle.
Gatekeeper Core OS including authentication Firewall with IPSVPN Server
Bandwith ManagementMultiple Internet ConnectionsPublic DNS
Reverse proxySSL VPN Web portal
High Availability
BASIC STANDARD
ENTERPRISE
ENTERPRISE BACKUP
All the security you
neeD bunDleD toGether
aXsGUARD Gatekeeper aXsGUARD Gatekeeper 44
Software bundles
![Page 6: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/6.jpg)
aXsGUARD Gatekeeper aXsGUARD Gatekeeper 5
aXsGUARD Gatekeeper STANDARD RAS
The Standard Remote Access bundle offers additional network
connectivity tools, on top of the Basic bundle.
It allows you to add multiple Internet lines with automated failover
and load balancing. IT administrators are able to determine whether
internet traffic should be redirected over another line or be blocked
in case of internet failure. When no rules are applied, traffic will be
divided over all other available lines.
The bundle also includes a bandwidth management module with
QoS which will help you to use the available Internet capacity in an
optimal way. Rules can be determined based on IP address or type
of traffic per interface or inside a VPN tunnel… It’s an ideal option
for enterprises using cloud applications or companies that have
remote offices or are implementing a VoiP system with remote
sites, using cloud applications…
Companies hosting their own web servers can benefit from the
public DNS server module which will guarantee continuity of web
services in case of Internet outage from a provider.
The public DNS server allows you to publish your own public DNS
names without the need of your ISP. In case your Internet line fails
which has the public IP of your webservers assigned to it, the public
DNS server will automatically detect the failure and publishes the
IP address from your other Internet line to the DNS root servers on
the Internet. This is ideal for enterprises offering webmail, citrix,
rdp, vpn… to their users.
Includes software modules:
• Administration
• Network
• Monitoringandlogging
• Authentication
• Firewall
• IPSandIDS
• VPNserver
• MultipleInternetGateways
• Bandwidthmanagement
• PublicDNS
Software bundles
aXsGUARD Gatekeeper BASIC RAS
The Basic Remote Access Solution bundle allows your users to connect in a secure way to the local network. The bundle was designed for the SMB market, offering small and medium companies a simple solution to connect remote users while providing full protection by aXsGUARD Gatekeeper.
The Gatekeeper Core OS includes all necessary networking and routing protocols to connect your network to the Internet. Complete logging and monitoring is available on the appliance itself but logging and monitoring reports can also be sent towards an external syslog server.
The Directory Integration Services allow you to synchronize your users from any LDAP server to aXsGUARD Gatekeeper. Users and groups are directly managed in aXsGUARD Gatekeeper’s administration interface.
Users can authenticate themselves using a DIGIPASS. DIGIPASS functionalities and management are incorporated in aXsGUARD Gatekeeper in which VASCO’s core authentication platform VACMAN Controller is integrated. Should you prefer to work with certificates, a CA is incorporated.
The network is protected from hacking attempts through the SPICT Firewall with IPS. Firewall rules can be determined and implemented on IP address, user or group level. User and group policies are added from a list of predefined rules. This allows an IT administrators to build a more secure setup of the network and perform better control and more efficient management through aXsGUARD Gatekeeper. Remote access can be achieved with any standard VPN client over pptp, l2tp and ssl-vpn. The VPN server supports access from Personal aXsGUARD, a remote VPN appliance dedicated for SOHO use.
Includes software modules:• Administration• Network• Monitoringandlogging• Authentication• Firewall• IPSandIDS• VPNserver
![Page 7: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/7.jpg)
aXsGUARD Gatekeeper aXsGUARD Gatekeeper 6
Software bundles
aXsGUARD Gatekeeper ENTERPRISE RAS
The Enterprise Remote Access bundle offers secure web-based
access to your network on top of the STANDARD Bundle.
The bundle includes a Reverse Proxy which protects internal
webservers from hacking attempts. To authenticate your users it
can use the built in VACMAN Controller. This enables strong user
authentication to protect any webserver without the need to adapt
your website. For dedicated web applications, like Outlook Web
Access and Citrix, it allows single sign-on features.
The SSL VPN web portal allows a connection from any browser
towards the local network. The default web portal page - protected
with two-factor authentication - can be customized for each user
according to his needs. Default applications are available, which
will allow you to set up Remote Desktop Protocol (RDP) RDP
sessions, browse internal web servers, access local file servers…
You can optionally extend the Enterprise RAS bundle with an active/
passive High Availability appliance.
aXsGUARD Gatekeeper ENTERPRISE BACKUP RAS
Reliability of the aXsGUARD Gatekeeper hardware is among the
highest in its category. Nevertheless, to allow 100% uptime, there
is the possibility to have a second aXsGUARD in High availability
mode. The active/passive high availability (HA) allows a full time
continuity of your aXsGUARD Gatekeeper.
Includes software modules:
• Administration
• Network
• Monitoringandlogging
• Authentication
• Firewall
• IPSandIDS
• VPNserver
• MultipleInternetGateways
• Bandwidthmanagement
• PublicDNS
• ApplicationFirewall
• SSL-VPNWebportal
• HighAvailability(optional)
![Page 8: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/8.jpg)
aXsGUARD Gatekeeper aXsGUARD Gatekeeper 7
Software bundles
aXsGUARD Gatekeeper INTERNET REDUNDANCY bundle
How important is the internet for sme’s?Do you need the internet for the execution of your daily work? Do
you place orders through the internet? Do you use online banking
for your financial transactions? Do you receive your orders through
the internet? Would you lose customers when your website is not
available? How much would you lose when your internet connection
fails? The internet has become indispensable in today’s business
world. A reliable internet connection is crucial for SME’s to ensure
business continuity. Or to be prepared for cloud applications, such
as online accounting, online banking, back-up or a remote mail
server.
Why would you choose this bundle?Your internet connection always fails at the worst possible time.
When you urgently need to mail an offer, when your store is
filled with customers or when you need to find something on the
internet. To ensure the continuity and availability of your company
and employees at all times, VASCO launches a tailor-made solution
for SME’s. Continuity is always guaranteed even if a problem with
your internet connection should occur.
The solution?The aXsGUARD Gatekeeper Internet Redundancy bundle is a
solution where a second internet line is deployed in addition to
the line of your existing provider. By installing internet lines using
different technologies (cable – xDSL), connectivity is guaranteed
and you can continue working without any problems even when
the internet connection should fail. aXsGUARD Gatekeeper will
immediately detect failures and automatically switch to another
available line.
Includes software modules:
• Administration
• Network
• Monitoringandlogging
• Authentication
• Firewall
• MultipleInternetGateways
• PublicDNS
![Page 9: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/9.jpg)
aXsGUARD Gatekeeper aXsGUARD Gatekeeper 8
Content Scanning: mail
The content scanner supports the most common mail protocols. E-mails can be stored on aXsGUARD Gatekeeper’s mail server or can be delivered to an external mail server after scanning for spam and malware.
To stop all unsolicited mails, the content scanner has a multi-layered way of scanning e-mails. A first scan will take the custom configured rules of blacklisting and whitelisting into consideration. Secondly, all known malevolent mails will be blocked based on default blocking mechanisms such as header checks or a list of banned IP addresses.
Optionally, greylisting can be activated. With this feature, aXsGUARD will bounce received mails a first time. An actual mail server will resend the mail which will be accepted by the aXsGUARD appliance which will then list the sender’s mail address as ‘safe’ after a couple of successful mail deliveries. The reasoning behind this is that most spammers will not resend mails.
In the standard version, DCC (Distributed Checksum Clearinghouse) will check with the central VASCO database to determine whether mail is spam. Mail virus scanning is also included: the Basic version uses Clamav; the Standard version additionally uses the Trend Micro engine.
Each mail is scanned and scored based on its’ content. The administrator can then decide for each user or group if the mail should be blocked, delivered or marked as spam. The administrator can also decide what needs to be done with mail attachments, based on the mime type.
Because spam can sometimes be very local and personalized, users can resend detected spam (or non-spam) mails back to aXsGUARD Gatekeeper, which will learn from these mails and as a result will adjust the spam scores.
aXsGUARD Gatekeeper can be extended with Content Scanning licenses providing secure mail and web traffic. Content scanning is available in combination with all aXsGUARD Gatekeeper software versions. It exists in two versions:
1. BASIC with default content scanning features and2. STANDARD with additional features such as an Anti-Virus engine from Trend Micro© and web-based content scanning
Content scanning
internet without
heADAches
![Page 10: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/10.jpg)
aXsGUARD Gatekeeper aXsGUARD Gatekeeper 9
Content Scanning: web
To avoid that users import all kinds of malware and to increase productivity, all web traffic should pass the proxy on aXsGUARD Gatekeeper. After authentication (web-based or SSO by using static passwords or 2-factor authentication), specific rules can be applied to each user or group of users. It doesn’t matter which PC the user logs on to, he will always receive his specific web browsing rules.
In order to create those rules aXsGUARD Gatekeeper first needs lists: A site list can exist out of a list of defined URLs or parts of URLs in wording. It can contain words and URLs that you want to block, or words and URLs that should pass. (E.g. the administrator might want to block URLs with the word sex, but would want to allow URLs with the word msexchange
Predefined blacklists are available on aXsGUARD Gatekeeper, categorizing 3.5 million sites into 90 different categories such as, malicious web pages (spyware, phishing, virus infected,…); adult related content (adult, porn, art nudes,…); social networking (chat, blog, im, mail, …); gaming (gambling, online gaming,…); whitelist (!) 100% suitable for kids;…
Since site lists never can provide a complete list of all malicious sites on the Internet (due to localizations and new sites popping up every day), the standard version of Content Scanning also includes web content scanning: every web page will be scanned and analyzed, based on the content of a page.
Using content analysis, the content scanner tags particular words and phrases with a score and a category (e.g. the word breast would lead to give a negative score, but when the word cancer is found in the same page, it would give a better score). 30 different predefined wordlists (positive and negative) in multiple languages are provisioned in aXsGUARD Gatekeeper. Administrators can create their own additional wordlists to give an even better result. After content scanning, the total web page receives a certain score.
These site lists and wordlists are then combined into categories, to create a complete list of rules. It avoids repetitive work and adds granularity to the access rights you want to give to different users.A category can be defined as an allowed list, a forbidden list and an exception list. The exception list is used to block URLs inside a webpage, without blocking the whole page.
These categories are then added to access control lists (ACL). An ACL exist of categories of sites and the time when this ACL applies (e.g. during or outside working hours). It also adds virus scanning and blocking of specific extensions. In the ACL you also set the score for the web based content scanning, to decide which pages are shown or blocked.
There is one general ACL, for all web traffic in the company, which can be overruled by ACLs which are applied for a specific IP address (e.g. printers, servers…), a group of people or a specific user.
Reporting & statistics
Every action through the proxy is logged on aXsGUARD Gatekeeper. Administrators can view and search through these reports during 2 months, or export them and use other analytic tools. A statistics tool is available as well which gives a complete overview of web and mail behavior. Statistics can be viewed per client, per website and per hour.
Content scanning
![Page 11: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/11.jpg)
aXsGUARD Gatekeeper aXsGUARD Gatekeeper 10
To provide secure remote access, VACMAN Controller is integrated in aXsGUARD Gatekeeper. This allows users to authenticate themselves with a DIGIPASS on their network. The administrator can decide which level of authentication is needed for a certain application. Strong user authentication can be added to access the tool, authenticate on the proxy, VPN access and connecting to webservers through the reverse proxy or SSL Web portal.
If you have another Radius client, it can also authenticate it’s users on the aXsGUARD Gatekeeper. The Gatekeeper supports hardware DIGIPASS (GO-series and 2xx series) as well as the DIGIPASS for Mobile. Belgian citizens who want to authenticate with their e-ID card can also authenticate on the aXsGUARD Gatekeeper with the DIGIPASS 810 for e-ID.
Authentication
DIGIPASS 270
DIGIPASS for Mobile
DIGIPASS GO 7
DIGIPASS GO 6
DIGIPASS GO 100
DIGIPASS 810 eID
we AuthenticAte the worlD
![Page 12: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/12.jpg)
aXsGUARD Gatekeeper aXsGUARD Gatekeeper 11
Hardware platforms
aXsGUARD Gatekeeper comprises one software solution which can run on different hardware platforms. The hardware platforms only differ in performance and in the number of available network connections. aXsGUARD Gatekeeper hardware is meant to last. VASCO chooses industry hardware to run its aXsGUARD Gatekeeper software on. This ensures that aXsGUARD appliances have a longer lifetime than other comparable systems on the market.
It also ensures the highest performance necessary for any environment. Every time aXsGUARD Gatekeeper connects to the VASCO Managed Service environment, the hardware status is sent over, so VASCO can take preemptive actions in case of imminent hardware failure.
Hardware maintenance
Each aXsGUARD Gatekeeper bundle includes one year software and hardware maintenance (Standard Exchange). The hardware maintenance covers all defects of aXsGUARD including tear and wear of specific parts. Standard Exchange is a yearly renewable contract, with no end date. As long as an appliance is under Standard Exchange, VASCO guaranties it will work in normal operating conditions for the recommended number of users. If aXsGUARD Gatekeeper under Standard Exchange does suffer from underperformance and the normal operation conditions and recommended user settings have been followed, VASCO will replace it by a refurbished appliance with more performance.
If an upgrade to more robust hardware is required, for example due to an increasing number of users or features, the new appliance can be purchased at a reduced price, almost covering the price difference between the new and old appliance. The new appliance will be shipped with the latest available back-up already preinstalled. The customer only needs to switch the hardware.
AG2504 AG3443 AG3604 AG5506 AG7500
BASIC RAS 25 50 250 1000 2000
STANDARD RAS 10 25 100 500 1500
Enterprise RAS 10 25 100 500 1500
Hardware
optimAl performAnce,
AlwAys
![Page 13: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/13.jpg)
Secure and wireless connection to the corporate network
Personal aXsGUARD enables branch offices or home workers to connect in a straightforward and secure manner to the main aXsGUARD Gatekeeper appliance at the company’s headquarters. Built upon proven VASCO GATEKEEPER core technology, aXsGUARD Gatekeeper offers a comprehensive solution for secure network connectivity.
Personal aXsGUARD is centrally managed in aXsGUARD Gatekeeper and has a Wifi receiver, enabling the remote user to work wireless. The security of the wireless network is also centrally managed on the parent aXsGUARD Gatekeeper appliance.
Easy configuration and setup
The configuration of Personal aXsGUARD is kept to a strict minimum. Only three parameters need to be defined: how to connect to the internet, the main aXsGUARD Gatekeeper and the Certificate of the main appliance. The Certificate contains the encryption keys to securely connect to the main site through VPN. All other security parameters are configured in the main aXsGUARD Gatekeeper appliance and are automatically pushed to Personal aXsGUARD. End-users only need to plug the Internet cable in the Personal aXsGUARD appliance to connect to the corporate network.
Remote parameters such as DHCP, WIFI settings and firewall policies are managed on the parent aXsGUARD Gatekeeper. Administrators can hence determine who can access the main site through VPN and who has direct access to Internet. The configuration allows administrators to route and monitor all network traffic on one central location while at the same time ensuring the highest security for remote or home offices with a minimum of effort. To achieve maximum uptime, multiple parent aXsGUARD Gatekeeper appliances can be defined in the configuration of Personal aXsGUARD. If for some reason Personal aXsGUARD is unable to connect to one parent appliance, a connection with another aXsGUARD Gatekeeper will automatically be set up.
Personal aXsGUARD establishes secure network connections for home workers and branch offices to companies’ headquarters With mobile workforces increasing, companies face a growing number of security concerns. Whenever an employee remotely connects to the company’s network it has to be done in a secure way. At the same time, security concerns must be balanced with the end-user’s needs ensuring a smooth and user friendly experience.
aXsGUARD Gatekeeper aXsGUARD Gatekeeper 12
Personal aXsGUARD
remote connections
mADe eAsy
![Page 14: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/14.jpg)
aXsGUARD Gatekeeper aXsGUARD Gatekeeper
5 solutions with aXsGUARD Gatekeeper
Information and network access security are of vital importance for
local governments in order to prevent confidential information from
falling into the wrong hands.
VASCO has years of experience and a proven track record of
successfully mitigating security vulnerabilities. With aXsGUARD
Gatekeeper VASCO helps local municipalities and governmental
organizations to implement complete IT security solutions to protect
valuable information and assets. Access is provided through a
secure, encrypted connection in order to protect the network from
hackers. Users can authenticate themselves by generating an OTP
using for instance their electronic identity card, By adding additional
content scanning licenses, users are protected from malware and
malicious sites can be blacklisted.
The all-in-one concept allows the municipality’s IT department to
organize and control its own security, without having to acquaint
itself with different multiple systems and the complexity of making
different appliances work together.
If necessary, aXsGUARD Gatekeeper can be remotely managed
by the IT partner helping local governments to stay ahead of the
onslaught of IT threats at a fixed price.
aXsGUARD Gatekeeper provides several possibilities for secure
remote access, making it easy to connect different sites of
municipalities through aXsGUARD Gatekeeper’s e-tunnels with
automatic failover. Smaller sites with only a couple of workplaces
can be connected and centrally managed with a Personal
aXsGUARD. Confidential documents are securely shared through
the SSL web portal, protected with a DIGIPASS device.
Benefits
• Complete solution, covering all aspects of network security • Ideal for undermanned IT staff• Full scale of remote access possibilities. Choose the best fit
for each location and application• Cost savings through centralization• Enhanced confidentiality• High-availability of services• Increased transparency• Guarantees privacy of employees surfing behavior, but allows
control
simple solutions for
compleX problems
Solution 1: secure government infrastructure with limited resources
13
![Page 15: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/15.jpg)
aXsGUARD Gatekeeper aXsGUARD Gatekeeper 14
5 solutions with aXsGUARD Gatekeeper
aXsGUARD Gatekeeper RAS software is the same software suite which is deployed on each hardware platform. You only need to acquaint yourself with one solution to service all your customers, regardless of the size of their organization.
An easy upgrade path allows you to expand the aXsGUARD Gatekeeper as the needs of your customer grow. Since the software remains the same only the hardware needs to be replaced. Every aXsGUARD connects to VASCO’ service center every 4 hours to back-up its configuration. In case of unexpected hardware failure, or when upgrading towards a stronger hardware system, the configuration can easily be restored from the service center back-up system.
Every customer’s infrastructure runs on the same version thank to automated updates There’s no need for patch management at the customer’s site as everything is automated and centrally managed.
With VASCO’s central management portal ,resellers get an overview of all the customers’ systems increasing upsell possibilities. Every aXsGUARD Gatekeeper reports his status back to this central platform, so you immediately get an overview of the managed systems. Furthermore, you can access every customer’s appliance remotely through a secure connection.
Because of the completeness of the solution and the availability of servers for the complete SME market, there’s no need to invest in training, support and spare parts of multiple different vendors. aXsGUARD Gatekeeper can easily be preconfigured in the setup you desire, and can be copied to every new system.
The standard exchange warranty system allows you to give lifetime warranty on your customer’s environment, and allows upgrades at almost the price difference, guaranteeing the best ROI and TCO.
All these unique points severely reduce the chance of mistakes and oversights meaning that your customers get a faster and better service. The SEAL training program allows your support staff to become certified engineers allowing you to better service your customers. aXsGUARD Gatekeeper and VASCO allow you to focus on new business while providing you with a time-saving, high-quality solution.
Benefits
• Easy and complete solution• One solution to secure all your customers• Central management providing an overview of your customers• Upgrade path• Remote assistance from reseller to customer• Assistance from the vendor for certified engineers• End-customer gets offering high quality service
Solution 2: aXsGUARD enables services for Value Added Resellers
Organizations worldwide understand the need to secure their business-critical data and network from unauthorized access. At the same time they are also aware that anytime, anywhere access becomes overall important for a dispersed workforce and remote offices. Companies are looking for a one-stop shop to provide an overall security solution that can secure network, mail and web traffic; ensure secure access to the central network from remote sites and guarantees high availability to ensure productivity.
VASCO’s aXsGUARD Gatekeeper is an all-in-one security concept that offers secure remote access to your business-critical data through VPN tunnels. Depending on your needs, aXsGUARD offers out-of-the-box different site to site connections, as well as highly secured, personalized remote access solutions.
Productivity is enhanced as downtime is eliminated with offered features such as high availability and Internet redundancy.
Benefits
• All-in-one security solution• Business continuity is guaranteed thanks to high availability
and Internet redundancy (multiple Internet lines)• All offices are connected through an easy to manage star
network• Secure network access using VPN tunnels• Reduced complexity (one central appliance)• Two-factor authentication integrated out-of-the-box• Flexible solution, which can be integrated into any
environment (Windows, Mac, Linux)• Easy to manage• Focus on your core business, while aXsGUARD takes care of
your security
Solution 3: aXsGUARD Gatekeeper as an outstanding all-in-one security solution
![Page 16: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/16.jpg)
aXsGUARD Gatekeeper aXsGUARD Gatekeeper 15
5 solutions with aXsGUARD Gatekeeper
Remote assistance and support is a valuable asset for customer retention. Management and support at a customer’s site however, is not as evident as it seems. Organizations are confronted with different procedures and workflows, specific network implementations and rules, administration issues, the deployment of machinery, logistic hassles…
VASCO has developed a specific aXsGUARD Gatekeeper concept for business automation enabling remote assistance and management across the entire business ensuring service continuity and eliminating costly manual processes. . A solution ideally suited to meet the provisioning and configuration needs of large, heterogeneous, geographically distributed environments. aXsGUARD Gatekeeper is deployed at the main site and VASCO’s Personal aXsGUARD is deployed at the customer’s site or built-in into your remote products and machinery, but managed on the central aXsGUARD Gatekeeper.
The secure link between the main and remote site enables remote assistance and support, automatic software updates etc.
Benefits
• Secure remote access to remote sites and equipment• Enhanced supportability
• aXsGUARD Gatekeeper can help companies to create an easily supported and consistent environment
• Helps companies to implement a fixed method of work flow • Server and network automation• Central administration• Time- saving (instant remote access, no need to deploy
people on remote site)• Cost-efficient• Overcomes network issues and policies at remote sites• Flexibility
• Administrators can define different sets of policies and rules for different user types and a different number of environments
Solution 4: business automation for secure remote assistance
Internet has become indispensable in today’s business world. A reliable internet connection is crucial for SME’s to ensure business continuity. To ensure the continuity and availability of your company and employees at all times, VASCO launches a tailor-made solution for SMEs.
The aXsGUARD Gatekeeper Internet Redundancy bundle is a solution where a second internet line is deployed in addition to the line of your existing provider. By installing internet lines using different technologies (cable – xDSL), connectivity is guaranteed and you can continue working without any problems even when the internet connection should fail. aXsGUARD Gatekeeper will immediately detect failures and automatically switch to another available line.
Benefits
• Business continuity guaranteed for all incoming/outgoing traffic (e-mail, internal and external websites, VPN, …)
• Flexibility • Connect multiple internet connections to your network and
choose which type of internet traffic passes through which line (surfing, mailing, downloading files, …)
• Reliability• Ample experience (>3500 installations)• Robust hardware with the possibility of a lifetime warranty
• Speed• Divide your internet traffic over your available Internet lines.
This gives you the best speed according to your needs• Easy maintenance with automatic software updates and
remote configuration back-up• Future proof solution:• Ready for strong authentication via DIGIPASS-technology• Easy to extend (software bundles, content scanning,
DIGIPASS)• Upgrade to more performing hardware against the price
difference
Solution 5: guaranteed business continuity for SMEs
![Page 17: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/17.jpg)
aXsGUARD Gatekeeper aXsGUARD Gatekeeper
Technical specifications
16
unDer the hooD
Hardware specifications
AG2504 AG3443 AG3604 r2 AG5506 AG7500 Operating System Gatekeeper Core OS 7.6 Gatekeeper Core OS 7.6 Gatekeeper Core OS 7.6 Gatekeeper Core OS 7.6 Gatekeeper Core OS 7.6
Chassis Form Factor Desktop model 1U Rack Mount 1U Rack Mount 1U Rack Mount 2U Rack Mount
Processor Type Intel® Atom™ N450 processor
Intel® Atom™ D510 processor
Intel® Atom™ D525 Intel® Core™ 2 Duo E8400 3GHz 1333MHz 6MB LGA775
Intel® Xeon Proc. 5620/ 2.4GHz/ 5.86GTs 12MB
Memory 1 GB 667 Mhz DDR2 SO-DIMM
1GB 667MHz DDR2 SO-DIMM
4GB 800MHz DDR3 SO-DIMM
4GB 800MHz DDR2 ECC CL5 DIMM
12GB 1066Mhz DDR3 ECC CL7
Disk n/size 1 x HDD/160 GB SATA 2.5” 5400rpm 8MB
1 x HDD/WD RE4/250GB SATA 7200rpm 64MB
1 x HDD/WD RE4/500GB SATA 7200rpm 64MB
1 x HDD/WD RE4/500GB SATA 7200rpm 64MB
2 x HDD/WD RE4/500GB SATA 7200rpm 64MB
Hot Swappable No No No No YES
Raid formatted No No No No RAID1
Power Supply 60W, 15V power adapter
AC 100~240V, 50/60 Hz, 4-2 Amp Max 200W max
AC 100~240V, 50/60 Hz, 4-2 Amp Max 200W max
AC 100~240V, 50/60 Hz, 4-2 Amp Max 200W max
AC 100~240V, 50/60 Hz, 10-4 Amp Max 700W max
Power Redundancy No No No No Hot swappable
Network Ports 4 GbE NIC 3 GbE NIC 4 GbE NIC 6 GbE NIC 10 GbE NIC
Management Web GUI SSH
Web GUI SSH
Web GUI SSH
Web GUI SSH
Web GUI SSH
Dimensions (W/H/D) 182 x 150 x 40mm7.1” x 5.9” x 1.65”
437mm x 43mm x 249mm 17.2” x 1.7” x 9.8”
437mm x 43mm x 249mm 17.2” x 1.7” x 9.8”
426mm x 43mm x 365mm 16.8” x 1.7” x 14”
437mm x 89mm x 450mm 17.2” x 3.5” x 17.7”
Weight 0,8 kg (<1,8lbs) excl. adapter
1,1 kg (<2,4lbs) incl. adapter
6,7 kg (<15lbs) 6,7 kg (<15lbs) 7.7 kg (<17 lbs) 17.6 kg (<38.8 lbs)
Compliance to standards
Safety UL, CE, ECC-EMC, LVD
Safety UL, C-UL, CE EMC FCC, CE Environment RoHS
Safety UL, C-UL, CE EMC FCC, CE Environment RoHS
Safety UL, C-UL, CE EMC FCC, CE Environment RoHS
Safety UL, C-UL, CE EMC FCC, CE Environment RoHS
Mounting Position Desktop model Horizontal orientation,19” Rack, 1 U
Horizontal orientation,19” Rack, 1 U
Horizontal orientation, 19” Rack, 1 U
Horizontal orientation,19” Rack, 2 U
Operating Temperature
5°C to 35°C, 40°F to 90°F. Fanless
10 to 35 °C, 50 to 90 °F 10 to 35 °C, 50 to 90 °F 10 to 35 °C, 50 to 90 °F 10 to 35 °C, 50 to 90 °F
Operating Humidity 20 to 90% (non-condensing)
8 to 90% (non-condensing)
8 to 90% (non-condensing)
8 to 90% (non-condensing)
8 to 90% (non-condensing)
Storage Temperature 0°C to 70°C, 32°F to 158°F
-40 to +70 °C, -40 to 158 °F
-40 to +70 °C, -40 to 158 °F
-40 to +70 °C, -40 to 158 °F
-40 to +70 °C, -40 to 158 °F
Storage Humidity 5 to 95% (non-condensing)
5 to 95% (non-condensing)
5 to 95% (non-condensing)
5 to 95% (non-condensing)
5 to 95% (non-condensing)
![Page 18: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/18.jpg)
aXsGUARD Gatekeeper aXsGUARD Gatekeeper 17
Technical specifications
aXsGUARD AG2504
aXsGUARD AG3443
Personal aXsGUARD (AG1296)
aXsGUARD AG5506 aXsGUARD AG7500
Specifications Personal aXsGUARD
SPECIFICATIONS - Recommended for up to 5 unique IP devices
Model AG1296 Standards IEEE 802.3, IEEE 802.3u, IEEE 802.11g, IEEE 802.11b
Internet port One 10/100 RJ-45 Port
Ethernet Four 10/100 RJ-45 Switched Ports, WIFI
LEDs Power, DMZ, WLAN, Ethernet (1, 2, 3, 4), Internet
Cabling Type CAT 5
RF Power (EIRP) in dBm 18
Security Features Statefull Packet Inspection Firewall, Internet Policy, Central management on corporate aXsGUARD Gatekeeper, PKI Certificates (can be generated by the CA of the central aXsGUARD), Custom NAT rules, routing, DHCP Server
Wireless Security WEP, WPA-PSK-AES encryption, WPA-PSK-TKIP encryption
Internet Connections DHCP Client, PPPoE with external xDSL modem, Static IP address
Remote access •TowardscentralaXsGUARDGatekeeperthroughSSLVPN•AutomaticrecoveryofVPNconnections•FailovertowardsotheraXsGUARDGatekeeperappliancespossible
aXsGUARD AG3604
![Page 19: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/19.jpg)
aXsGUARD Gatekeeper aXsGUARD Gatekeeper 18
Software specifications
Administration
Basic Standard Enterprise Internet Redundancy bundle
√ √ √ √
• Web-based GUI for appliance administration
• Clickable status overview and health monitor
• Automated configuration check
• Automated license upgrade tool
• Manual or automated upgrades, with pre-testing
• Automated online updating system
• Back-up options:
• remote back-ups of configuration at VASCO Service
Center
• Back-up of configuration sent by e-mail
• Back-up of configuration, logs and mail on local file
servers
• Group- and use- based configuration allowing easy and
secure setup
• LDAP Synchronization (users/groups) from:
• Microsoft Active Directory
• Novell e-Directory
• Generic LDAP
• Predefined rules and policies allowingfast setup
• Layered access levels for admin tool
Network
Basic Standard Enterprise Internet Redundancy bundle
√ √ √ √
• Complete set of network protocols:
• Routing tables
• NAT with helper for FTP, PPTP VPN, IRC, H.323, SIP,
SNMP, TFTP, Amanda
• Portforwarding & redirection
• SNAT/DNAT
• Masquerading
• Internet connectivity:
• Static
• DHCP Client
• PPTP
• PPPoE
• DHCP server(s)
• NTP client and server
• DNS server
• VLAN support
• Bridging support
• Dynamic DNS support (DynDNS and EasyDNS)
• Ping and trace route tool
the bits AnD the bytes
![Page 20: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/20.jpg)
aXsGUARD Gatekeeper aXsGUARD Gatekeeper 19
Software specifications
Monitoring and logging
Basic Standard Enterprise Internet Redundancy bundle
√ √ √ √
• Internal Logging Capacity• Built- in hard disk• Detailed Real Time monitoring• Historical Reporting• e-mail notification on viruses and attacks• Syslog server delivery (local, network, relay)• Local log files of all activities• Log files kept during 2 months• Graphics
• load• Cpu usage• memory• all conifgured devices
Authentication
Basic Standard Enterprise Internet Redundancy bundle
√ √ √ √
• Radius Server• Single Sign-on tool• Ident server• AD back-end authentication • Built in strong user authentication for:
• Admin tool• Radius clients• Firewall and Web access• VPN (PPtP, IPSec, OpenVPN)• SSL-VPN web portal (Enterprise Edition)• Application Firewall (Enterprise Edition)• Imap/Webmail (Content Scanning)
• DIGIPASS clients supported (*)• DIGIPASS GO 6 and GO 7• DIGIPASS 260 and 270• DIGIPASS for Mobile• DIGIPASS 810 e-ID card reader
• Belgian e-ID card with DIGIPASS810 eID Card Reader delivery procedure
• Integrated PKI with Certificate Authority (CA)
Firewall
Basic Standard Enterprise Internet Redundancy bundle
√ √ √ √
• Self-adaptive Firewall• Statefull Packet Inspection (Connection Tracking)• Denial-Of-Service attack blocking• Distributed Denial-Of-Service attack blocking• IP / Packet Filter• Bad Packet Management• Predefined rules and policies • Policies based on device, type of traffic, or IP address/range• Static/Dynamic/Advanced Policies• Unlimited rules and policies• Company Policies• Group Policies (overrule Company)• User Policies (overrule/append Group)• Host Policies• Separate RAS policies• Authenticated port forwarding• DMZ zone• SPICT Firewall Performance 150 Mbps - 2Gbps• Concurrent sessions 4000 - 600.000• New sessions/second 5.000 - 15.000
IPS and IDS
Basic Standard Enterprise Internet Redundancy bundle
√ √ √ X
• Active System Attack monitoring• Protocol Anomaly prevention & detection• Customizable detection signature list• DoS and DDoS Prevention• Fragmented Packet Reassembly• Malformed Packet Protection• Analysis of all popular application protocols• Detect network-level packet based attacks• Detection of all types of port scans, including stealth types• Automatic reconfiguration of firewall
![Page 21: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/21.jpg)
aXsGUARD Gatekeeper aXsGUARD Gatekeeper 20
Software specifications
VPN server
Basic Standard Enterprise Internet Redundancy bundle
√ √ √ X
• PPtP Server• Propose IP Address support for PPtP Server • NAT helper for PPtP• L2TP Support• IPSEC Client to Gateway• IPSEC NAT-Traversal• IPSEC VPN Keep Alive• IPSEC VPN Dead Peer Detection• IPSec PSK (pre shared secret)• IPSec RSA Key• IPSec X.509• Integrated PKI• Internal Certificate Authority
• Certificate creation / revocation handling• Xauth support• Encryption (DES/3DES/AES/BF)• MD5 / DH2/ PFS/ SHA-1/CBC authentication• IPSec Gateway to Gateway• SSL-VPN Support with Open VPN client• SSL VPN • Fault tolerant VPN (e-tunnels)• Simplified routing using e-tunnels• Personal aXsGUARD support• Max. number VPN tunnels: unlimited• Max. number VPN users: unlimited
Multiple Internet Gateways
Basic Standard Enterprise Internet Redundancy bundle
X √ √ √
• Redundant Internet Connections • Automatic failover• Failover decision to dedicated Internet connection• Option to drop traffic on failure of Internet connection• Policy based routing• Policies on protocol (TCP, UDP, ICMP, GRE, ESP, AH)• Policies on source address and port/range• Policies on destination address and port/range• Load balancing
Bandwidth management
Basic Standard Enterprise Internet Redundancy bundle
X √ √ X
• Quality of Service• Internal Bandwidth management• Full Policy based traffic shaping• Static and Dynamic bandwidth shaping• Time based policies• Policies on protocol (TCP, UDP, ICMP, GRE, ESP, AH)• Policies on source address and port/range• Policies on destination address and port/range• Bandwidth management inside VPN tunnels
Public DNS
Basic Standard Enterprise Internet Redundancy bundle
X √ √ √
• Publish public domain names and subdomain names on the Internet
• Primary and secondary zones• Forward and Reverse DNS• Allow multiple DNS servers• Publish SOA, NS, PTR, A, CNAME, MX and SPF records• Set Refresh, Retry, Expiry and Minimum time• Set TTL• Set Priorities• Automatic failover allows to reroute your web servers and VPN
tunnels instantly
![Page 22: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/22.jpg)
aXsGUARD Gatekeeper aXsGUARD Gatekeeper 21
Software specifications
Application Firewall
Basic Standard Enterprise Internet Redundancy bundle
X X √ X
• Protects web servers in your LAN and DMZ• Malicious URL filter• URL Sanitizer• Predefined rules for OWA and Citrix with Single Sign On• FTP server protection• https to http gateway• Active Sync Compatible• Multiple Webservers• Routing based on hostname• Routing based on port number• Routing based on IP address• Strong user authentication
SSL-VPN Webportal
Basic Standard Enterprise Internet Redundancy bundle
X X √ X
• Allows connection to all your applications through a java
compatible web browser• No additional client software needed• Personalized web portals• Single Sign-on with DIGIPASS• Predefined applications:• Terminal Server / Remote Desktop / VNC• Citrix (ICA)• Fileserver (Webbased/Webdav)• Port forwarding, allowing fat clients• Web forwards (Reverse proxy, Replacement proxy, Tunneled
Web forward)
High Availability
Basic Standard Enterprise Internet Redundancy bundle
X X √ X
(when purchasing the Enterprise Backup bundle)
• Active/Passive• Active/Active• Automatic Configuration Synchronization• Automatic Data Replication (e-mail, logs, website, ...)• Session Synchronization for Firewall• Device failure detection • Internet Link monitoring• Link failover
![Page 23: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/23.jpg)
aXsGUARD Gatekeeper aXsGUARD Gatekeeper 22
Software specifications
Content Scanning: Mail traffic
• Separate user/group/company web access policies• E-mail attachment filter• E-mail spam detection/quarantine delete• Black and white list (e-mail, IP, text, dns)• Pattern matching with points• Customizable score threshold for object reject• MIME header check• File analysis (extension checker match)• Files embedded in other files recognition and decoding
(ZIP,RAR,TAR,LHA,...)• File content control in attachment filter• Recursive algorithm for embeddings (1000 levels)• Blocks Java Applet, Cookies, Active X Y• E-mail white & black list filters• IP white & black list filters• Text white & black list filters• Multiple blacklist servers• SPF support• Quarantine blocked files and blocked due to black list• Greylisting• Pattern matching with regular expressions• Pattern match results in points score• Sender or site blocking• sender <--> recipient relations• allow/block mail sending/receiving• allow/block attachments• spam checking/e-mail security checks• Embedded HTML or XML parser• Preconfigured backlist• Virus scanning• Multiple Virus scanners (Standard version)• SMTP Relay Server• E-mail server• POP3, IMAP4 mail server• Unlimited number of mailboxes• Distribution lists• Outgoing e-mail disclaimer (ascii / html)• Central address book• Out of Office• Mail forwarding• Remote mailbox retrieval• Group mailbox retrieving and dispatching• Webmail (https to aXsGUARD mail server or external mail server• Embedded Virus Scanner ClamAV• Embedded Virus Scanner Trend Micro (Standard)• Automatic Signature update• Automatic Engine update• Delay of update check every 15 minutes• Auto unpack of attachments
• SMTP Scanning• IMAP scanning• POP3 scanning (remote mailbox retrieval)• Encrypted VPN tunnel scanning• Quarantine / delete infected messages• Distributed Checksum Clearinghouse (DCC)• Domainkeys (check signature on mailheader)• Backscatter (check bounced mails sent from owned domain• TLS encryption
Content Scanning: Web traffic
• Separate user/group/company e-mail policies• Web proxy with adjustable cache• Single Sign on for Domain and Workgroup client PC• Additional authentication allowed for kiosk PCs• HTTP URL filter• HTTP extension filter• Time-based URL filtering• Policy-based URL filtering• User defined Black and Whitelisting• Predefined blacklists:
• Over 3 million sites• Daily updates• Predefined sitelists• Customizable categories
• Web based content scanning: (standard version)• Score based system• 30 predefined wordlists• multilingual• Customizable categories
• Extension filtering• Multi-layered Defense system• Filter selection for statistics• ClamAV virus and malware scanning with automated engine
updates• Trend Micro virus and malware scanning with automated engine
updates (standard version)• Ident authentication
Statistics
• Graphical overview• User based web traffic statistics• Computer (IP) based web traffic statistics• Site based statistics• Time based statistics• Overview of visited webpages• Obfuscating users possible• Sent e-mails• Received e-mails• Overview rejected mails
![Page 24: aXsGuard Gatekeeper](https://reader036.vdocuments.us/reader036/viewer/2022081400/554f4f3fb4c905524c8b4d22/html5/thumbnails/24.jpg)
The world’s leading software company specializing in Internet Security
About VASCO
VASCO Offices
VASCO Sales Presence
Eur ope , M i dd le Eas t , A f r i ca - Wemmelpho ne : +32 . 2 . 60 9 .9 7 .0 0e ma i l : i n f o - e u r ope@vasco . c om
US A - Bos tonpho ne : +1 508 3 6 6 3 4 0 0e ma i l : i n f o - u sa@vasco . c om
USA - Ca l i f o rn iaphone : +1 6 5 0 3 7 8 1 2 0 2ema i l : i n f o - u sa@vasco . c om
www.vasco.com
CORP ORATE HQ - Ch icagopho ne : +1 630 9 3 2 8 8 4 4e ma i l : i n f o - u sa@vasco . c om
INTERNAT IO N A L H Q - Sw i t ze r l andphone : +41 43 555 35 00em a i l : i n f o - eu r ope@ vas c o . c om
Copyright © 2012 VASCO Data Security, Inc, VASCO Data Security International GmbH. All rights reserved. VASCO®, CertiID™, VACMAN®, IDENTIKEY®, aXsGUARD®, DIGIPASS®, the ® logo and the ™ logo are registered or unregistered trademarks of VASCO Data Security, Inc. and/or VASCO Data Security International GmbH in the U.S. and other countries. VASCO Data Security, Inc. and/or VASCO Data Security International GmbH own or are licensed under all title, rights and interest in VASCO Products, updates and upgrades thereof, including copyrights, patent rights, trade secret rights, mask work rights, database rights and all other intellectual and industrial property rights in the U.S. and other countries. Other names may be trademarks of their respective owners.
VASCO is a leading supplier of strong authentication and e-signature solutions and services specializing in Internet Security applications and transactions. VASCO has positioned itself as global software company for Internet Security and designs, develops, markets and supports DIGIPASS®, CertiID™, VACMAN®, IDENTIKEY® and aXsGUARD® authentication products. VASCO’s prime markets are the financial sector, enterprise security, e-commerce and e-government.
BR201202 - v1
Aus t ra l i a - Syd ne yphone : +61 2 8061 3700em a i l : i n f o - aus t r a l i a@ v as c o . c o m
La t in Am e r i c a - B ra z i lphone : +5511 3443 7541em a i l : ES -b r a z i l@ v as c o . c om
As ia - Pac i f i c - S inga porephone : +65 6323 09 06em a i l : i n f o - a s i a@ v as c o . c om
As i a - Pac i f i c - Japanpho ne : +81 3 5 5 3 2 7 8 6 2e ma i l : i n f o - j a pan@vasco . c om
As ia - Pac i f i c - I nd iaphone : +9 1 2 2 4 0 9 0 7 1 1 2 -1 4ema i l : i n f o - i n d i a@vasco . c om
Euro pe , M idd le Eas t , A f r i ca - Aus t r i aphone : +4 3 1 9 0 4 3 1 3 2 -0ema i l : i n f o - eu r ope@vasco . c om
Sales offices