Integrated UTM Security Appliance for IM/P2P/SSL management
Layer-7 Firewall to protect your network against external threats and internal application abuse
New Integrated UTM Appliance: Unidirectional Protection vs Bi-Directional Protection
The development of the Internet has been brought forth endless network
intrusion attacks, but Firewall technologies also change with each passing
day in order to prevent internet threats. Hence, anti-virus, intrusion prevention,
anti-spam, multi-WAN load balancer, etc. has been integrated into modern Unified
Threat Management (UTM) appliance, besides the original features of Firewall / NAT /
VPN / Router / QoS. However, a lot of network threats are coming from internal
application abuse, such as instant messaging, peer-to-peer applications, VPN,
SSL-encrypted webmail, etc. These applications are popular because of their ability
to work across almost all practical firewall deployments. L7 Networks Application
Firewall is the right UTM appliance with bi-direction protection for your Network.
Built-in IM Management Module: Block Completely vs User-Level Control
Nowadays, Instant Messengers have been indispensable to enterprises for communication
so that you cannot just block them. L7 Networks leading IM management solution can manage
MSN/Yahoo/ICQ/AOL/Google Talk activities by user's login accounts, including Login /
File Transfer / File Sharing / Photoswap / Voice / Webcam / Whiteboard / Remote Assistance
/ Game / Handwrite, etc. Employees cannot avoid being managed, no matter IM applications
run over HTTP or Socks server. It can also prevent Viruses hiding in MSN File Transfers.
Built-in P2P Management Module: Helplessness vs Block Selectively
P2P applications have the ability to work across almost all practical firewall deployments.
They always create the security threats, as these protocols are easy to download piratic
software/music/movie across the security infrastructure relatively unchecked. InstantBlock
can manage more than 30 P2P applications and prevent bandwidth waste on illegal downloads selectively.
Built-in SSL Content Filtering: Trust Completely vs Trust Selectively
SSL-enabled environments, such as HTTTPS, SMTPS, POP3S, and IMAPS, are end-to-end security tunnels
that may contain viruses or information leakage. L7 Networks SSL content filtering module can transparently
intercept SSL connections and scan for viruses and spam emails. Its "Exempt Zone" design can be set to trust
partial server's IP / Domain / URL (such as Network Bank), and let them avoid SSL content filtering. For
security and performance issues, SSL/IPSec encryption and decryption can choose SaftNet ASIC Acceleration.
Built-in Intrusion Prevention Module: Passive Prevention vs Active Outfall
Unlike passive prevention solution, InstantBlock guards the network with a built-in virus engine to block
viruses actively in HTTP(S)/SMTP(S)/POP3(S)/IMAP(S) environments no matter what the attacks are (such as
packet-type attacks, network-type worms, file-type viruses). Currently, it supports more than 2,000 threats
and more than 20,000 viruses. Virus patterns/engines can be frequently updated if needed.
Built-in Co-Defense Module: Single-point Prevention vs Intersectional Co-Defense
InstantBlock can co-defend with LAN switches to stop infectious PCs to spread viruses/attacks.
General UTM firewalls can only do single-point prevention but cannot stop attacks to spread. L7 Networks
leading Co-Defense system can issue ACL commands to switches close to the infectious sources according
the pre-set rules when network viruses are detected. Currently, Co-Defense system supports D-Link, Extreme,
Cisco, Alcatel L2/L3 switches.
All-in-One Appliance With High Quality
IL7 Networks' award-winning InstantBlock series Application Firewall has been delivered to our ODM
customers for more than three years. It won many bids and has been expanded its business to global
market because of its high quality. It supports firewall which rules can be set by group, high performance
IPsec / L2TP / PPTP / SSL VPNs by SafeNet® ASICs, enterprise-level VPN hub & spoke, HA, WAN backup for no
disconnection, and content filtering to prevent employees from browsing unwanted webpages (such as gamble,
shopping, pornography, etc). Besides, it can enforce a strong user authentication mechanism. Employees are
automatically redirected to a web page to authenticate with POP3(s)/IMAP(s)/LDAP/RADIUS servers before they
can connect to the Internet.
Support InstantReport Centralized Reporting System
In order to enhance operational performance, InstantBlock sends events to database in InstantReport
Centralized Reporting system for analysis. It can also collect events from multiple InstantBlock devices
simultaneously so that the intrusion records allow the network administrators to trace both attack sources
and targets IP addresses, connection ports and communication protocols. In addition, InstantReport can
generate various reports to send to network administrator by emergent email, periodical email sending,
or FTP backup.
Support InstantConfig Security Operating Center
In addition to built-in all InstantReport's features, InstantConfig's 3-tier Architecture can
centrally control IPS/Anti-Virus/URL/IM/P2P and synchronously update patterns/signatures and L7 Firewall.
Furthermore, InstantConfig can establish VPN tunnels for more than 2,000 InstantBlock devices so that it
will greatly save administrative cost.
Update Rapidly With World-Wide Service
L7 Networks has a group of professional Network Security Team to collect and study diverse attacks /
application behaviors. Its global update mechanism provides users with real-time virus signatures /
patterns update and continuous service.