phion product guide€¦ · your business and is of benefit to their clients. ... unified threat...
TRANSCRIPT
1010101110101010110101010101010101001010110101101101101010101011011010101010110110101010101010111011011101101010101000101011010101010101011011010101011101010101101010101010101010010101 1010
110110
11010
1010
10110
11010
1010
10110
11010
1010
1010
101110
1101110110101010100010101101010101010101101101010101110101010110101010101010101001010110101101101101010101011011010101010110
1101010101010101110
1101110
11010101010001010110101010101010110110101010111010101011010
1010
1
0
1010
1010
010
1011
010
110
110
110
1010
1010
110
11010
1010
10110
11010
1010
101010111011011101101010101000101011010101010101011011
phion Solution Guide
10101011101010101101010101010101010010101101011011011010101010110110101010101101101010101010101110110111011010101010001010110101010101010110110101010111010101011010101010
1010
1010
010
10110
10110
110110
10 10
1010
110110
1010
1010
110110
1010
1010
1010
1110110
111011010101010001010110101010101010110110101010111010101011010101010101010100101011010110110110101010101101101010101011011010101010101011101101110110101010100010101101010101010101101101010101110
10101011010
1010
1010
10
1010
01010
11010
110
110
110
1010
1010
110
110
1010
1010
110
110
1010
1010
1010
1110
110
1110
110
1010
1010
00
1010
11010
1010
1010
1011
011010
1010
111010
1010
11010
101010101010100101
2
phion‘s customers include
Network Security
WAN Protection & Optimisation
Network Access Control
Secure Web Access
Web Application Security
3Content
At a glance 4
Network Security 6
WAN Protection & Optimisation 8
Web Application Security 10
Secure Web Access 12
Network Access Control 14
Management and Reporting 16
Compliance 18
Unified Threat Management 19
As global competition increases companies today are – more than ever before - faced with the challenges optimising their IT and telecommunications processes and increasing employee pro-ductivity. Brand new opportunities are arising as developments leap forward for IP-based architectures, inexpensive broadband connections and wireless data transfer technologies. In principle, critical applications such as ERP or CRM for example can be made available to any user at any location and at any time. IT security, in particular the protection of IP communications, is one of the key components for every modern IT architecture system.
While in the past it was “only” a few hackers, annoying viruses and worms that put the cat among the pigeons, the danger today is posed by highly professional, paid attackers who deliberately exploit their web applications to access information that damages your business and is of benefit to their clients. On the other hand security systems have taken on the task of providing comprehen-sive protection for this worldwide availability.
We at phion have therefore made it our business to design com-prehensive protection systems for corporate communications. Our products stand for fending off attacks, preventing information theft and maintaining secured communications.
Business and Strategy Alignment
Two main things are demanded of IT security solutions in order for them to be able to assume their respective position within modern IT architectures:
1. Value Provision – Business alignment2. Strategic influence on IT architechture – Strategy alignment
Business alignment means to provide value: Although IT security can hardly contribute directly to business success, security solu-tions can have the same enemies as the business. We at phion look outside of the box and provide comprehensive protection against a diversity of threats.
Sustained security solutions are characterised by the fact that they are not just sticky plasters for a sore wound, but that they have a strategic influence upon the IT architecture’s immune system.
The phion solutions allow you to convert the unsafe, non-uniform and qualitatively unpredictable basic network infrastructure into a secure, available, cost-optimised and controllable platform for corporate applications.
phion protects your Corporate Communication4
At a glance
Gap
Gap
Communication ProtectionReal scenario
The Enemiesof your Network
ERP, CRM, SCM,SoABusiness Applications
Secure and Fault Resilient Data Highway
Physical „Noisy“ Corporate Network Infrastructure
phion’s vision is to fill the gap between the shortcomings of the bare network and provide it with security, availability and reliability. Actually this leads to secur, available and reliable business applications.
Gap
Gap
Communication ProtectionReal scenario
The Enemiesof your Network
ERP, CRM, SCM,SoABusiness Applications
Physical „Noisy“ Corporate Network Infrastructure
Secure and Fault Resilient Data Highway
The shortcomings of network infrastructures allow different forms of threats (from viruses to con-truction works) to influence business applications. The consisten, controlled, secure data highway is a myth never to be realised in itself.
The Communication Protection Architecture – Unified Threat Management for the Enterprise
The exciting new subjects that make the value of convergent, scalable architectures visible are depicted here by the intersections and clearly highlight the strength of the phion solutions.
Ê Network Security Firewall technology at its best
WAN Protection and Optimisation ÊTo fulfil the promise VPNs made
Secure Web Access ÊFar more than just a proxy
Network Access Control Ê Secure VPN-access via IPsec and SSL and full control over your LAN endpoints and their healthstate
Web Application Security ÊProtection for your most vulnerable and valuable perimeter – your web applications
Management and Reporting ÊSave costs by enhancing your control level efficiently
Compliance Ê From Payment Card Industry Data Security Standard (PCI-DSS) to Sarbanes-Oxley Act (SOX), phion’s products help your enterprise to be compliant
Comprehensive Solutions for the mid market Êphion’s UTM appliances
5
Network Access Control
Management & Reporting
Secure Web Access
WAN Protection & Optimazation
Web ApplicationSecurity
Network Security
phion’s products allows organisations to build a communication protection architecture. netfence appliances, airlock and entegra clients work seamless together to realise the vision of secure reliable infrastructure.
Today’s challenge for organisations is to build convergent solutions. phion has given highest attenti-on to transform the naked technologies into turnkey solution building blocks.
The Challenge
The more important global communications are for your company, the more consequently you have to protect your corporate network boundaries. After all, the perimeter is still the most important front line of defence against hackers and malicious code. The performance of security solutions at the Internet and VPN gateway levels will determine whether or not external attacks can penetrate your network or can be blocked from the outset.
As the most successful attacks mounted today are within the network, a single remote access link with an unsecured external PC or laptop is often sufficient to allow hackers and malicious codes to open a back door into the company. There are also additional hazards that arise as a result of intentional or unintentional misconduct by some employees. This threat cannot be mastered with perimeter protection alone, because attackers are already behind the network limits.
phion’s Solution for Your Network Security Needs
Crucial business processes run smoothly thanks to multi-gigabit firewall performance and integrated bandwidth management. By combining a Stateful Inspection Firewall with Intrusion Prevention, Denial of Service Protection, intelligent application-selective bandwidth and multipath management plus VPN technology, guarantee constant availability and protection must be guaranteed. This is exactly what phion is delivering with netfence gateways.
Protection is no longer limited only to the perimeter and branches, but extends to all sensitive network areas. Flexible deployment and support for virtualized environments is crucial for successful realisation of clean bit structures in your LAN.
netfence sectorwalls complement the netfence gateways at the perimeter and are the optimal solution for internal firewalling and LAN segmentation: Security guidelines are implemented consistently company-wide with these appliances.
Uncompromised Protection and Availabilty for your Corporate Network Boundaries and Segmentations6
Network Security
Feature Benefit
Combination of stateful inspection, application protectionand intrusion prevention
Maximum network protection at all Êdata traffic levels
Fully developed high availability functionality
Interrupt-free availability for scheduled Êand unscheduled downtime
VPN with traffic intelligence Ultimate traffic optimisation for the Êintegrated VPN and external service level agreements (SLAs)
Central management Allows organisations to uphold and Êimprove internal and external service level agreements (SLAs)
Correlation of global and local rulesets
Allows a maximum of scalability for Êcontrolling and monitoring thousands of devices
Real-time Monitoring, logging and statistics
Complete and immediate control of all Êcompany network processes
Complete reporting Costs transparency for enterprises Ê
Extendable by secure application gateways (SSH and SSL proxies)
Compliance with different regulati- Êons by maximum control of external network accesses
Extendable by secure web access, WAN protection and optimiza-tion and network access control solutions
As the backbone of a highly scalable Êand flexible communication protection platform, netfence gateways enable companies to increase their corporate IT security
phion’s firewall technology was audited and evaluated according to the highest international standards
Business Alignment
Although IT security can hardly contribute directly to business success, security solutions can have the same enemies as the business. With netfence gateways and sectorwall, IT security becomes a vital part of a business enabling environment.
Cost Efficiency
n Lifecycle Costs phion’s extendable netfence systems offer companies sustainable investment protection. The central management covers centralised update management and comprehensive hardware replacement options.
n Deployment Costs phion’s unique management functions allow for quick and efficient roll-outs.
n Operating Costs phion’s central management lets you save significant time and effort.
n License and Hardware Costs phion’s unique license and appliances/server hardware combination lets you achieve a maximum of flexibility and cost optimisation.
phion’s Products for Network Security – Summary of the Key Differentiators
n netfence gateways – security solutions for uncompromising perimeter protection
n netfence sectorwall – security solutions for internal firewalling and LAN segmentation in vital corporate divisions:
≥ Hybrid firewall technology combining stateful inspection and application layer protection with integrated intrusion detection/prevention
≥ Integrated load sharing functionality for protected servers
≥ Unique functions for optimised troubleshooting
≥ Highly efficient management with multi-tenancy and revision control
≥ Expansion to Unified Threat Management
≥ Optimum support of Compliance Specifications with the highest level of certification, extension with access control and scheduling of encoded data traffic
7
Controlling and troubleshooting are of utter importance to maintain a secure network. phion provides these tools out of the box.
The Challenge
There is hardly a company that can still discount the benefits arising from integrating geographically distributed subsidiaries into their existing network infrastructure. However, the prerequisite for their subsidiary network’s success is that they can provide all critical business applications and data at all times – even in the smallest of subsidiaries and under adverse circumstances. One of the major challenges facing a network in this context is the steep rise in the number of applications in use and as a result - the associated application data traffic. The optimum utilisation of bandwidths in the wide area network (WAN) is therefore of critical significance for your networked subsidiaries’ productivity, just as is the intelligent traffic control across alternative lines in cases of system failure. Experience in recent years has also shown that comprehensive protection is an indispensable factor when it comes to guarding the confidentiality and integrity of your corporate communications. In times of increasing global competition it is almost the order of the day in many regions to bug and evaluate data traffic - be it by the competition, cyber criminals or even state authorities.
phion’s Solution for Your WAN Protection and Optimization Needs
With its realisation of the branch office box (BOB) concept, phion provides a solution that convincingly addresses all subsidiary network requirements. What this brings among other benefits is: security at enterprise-wide level through integrated firewall and VPN gateways with a leading encryption system. Reaction times are optimised and bandwidth load reduced by local holding of frequently accessed contents, prioritising of data flows and loss-free data compression. Some specific services such as DHCP can also be provided locally. The Traffic-Intelligence-Technology phion has developed takes care of smart traffic distribution among dedicated lines, xDSL, ISDN, satellites, UMTS or Multi-Provider-Uplinks. Furthermore every line is monitored and will allow for fail-safe redistribution and re-prioritising of your communication. This ensures that all branches can always rely on accessing essential resources with adequate performance and can stay productive.
Much more than VPN8
WAN Protection and Optimization
Graphical con-figuration tools make complex topolgies easy to establish and easy to maintain.
In a command centre style, phion provides operations with a quick and comprehensive overview of the communication fabric.
Feature Benefit
IPSec and SSL-based VPN tunnel technology
Use of favourable types of connection Êwhile still upholding confidentiality
Full redundant use of available network paths
Enhance application availability to the Êsheer optimum
Different encryption algorithms up to AES 256
Information never leaves the corporate ÊrealmsAdherence to diverse IT Governance ÊSpecifications
Utilizing ISP´s Quality of Service for encrypted traffic in MPLS networks
Integration of QoS concepts regardless Êwhether your traffic use MPLS or Internet uplinks
Application-based routing Depending on the application, the Êleast expensive route is selected, while simultaneously increasing availability
Bandwidth management with different technologies
Optimum acceleration of critical Êapplications
Distributed Internet breakouts Improved user friendliness and ease of Êuse without compromising security or increasing costs.
Leading compression technologies Virtual bandwidth enlargement Ê
Graphical interface for configuration and control
Cost savings resulting from greater Êscalability and overview
UMTS integration The ultimate response to cable damage Ê
1010101110101010110101010101010101001010110101101101101010101011011010101010110110101010101010111011011101101010101000101011010101010101011011010101011101010101101010101010101010010101 1010
110110
11010
1010
10110
11010
1010
10110
11010
1010
1010
101110
1101110110101010100010101101010101010101101101010101110101010110101010101010101001010110101101101101010101011011010101010110
1101010101010101110
1101110
11010101010001010110101010101010110110101010111010101011010
1010
1
0
1010
1010
010
1011
010
110
110
110
1010
1010
110
11010
1010
10110
11010
1010
101010111011011101101010101000101011010101010101011011
10101011101010101101010101010101010010101101011011011010101010110110101010101101101010101010101110110111011010101010001010110101010101010110110101010111010101011010101010
1010
1010
010
10110
10110
110110
10 10
1010
110110
1010
1010
110110
1010
1010
1010
1110110
111011010101010001010110101010101010110110101010111010101011010101010101010100101011010110110110101010101101101010101011011010101010101011101101110110101010100010101101010101010101101101010101110
10101011010
1010
1010
10
1010
01010
11010
110
110
110
1010
1010
110
110
1010
1010
110
110
1010
1010
1010
1110
110
1110
110
1010
1010
00
1010
11010
1010
1010
1011
011010
1010
111010
1010
11010
101010101010100101
www.phion.com