Watchguard–Firebox T10

Logo WatchGuard

Watchguard va sortir en mars un nouveau firewall le Firebox T10.

Ce boitier UTM est fait pour les travailleurs à la maison ou les petites agences distantes.

il est un peu plus design que les autres modèles de la gamme XTM.

Voilà une vue de face

WatchGuard Firebox T10 devant

Et une vue de l’arrière

WatchGuard Firebox T10 arrière

 

Il est peu fourni en port Ethernet mais ce sont des ports Gigabit.

La puissance de calcul du CPU permet de le faire fonctionner sur des petits sites avec peu de connections.

Le débit en UTM est de 55 Mbps soit largement suffisant pour une ou deux ligne ADSL/SDSL.

Le boitier est orienté TPE.

Il s’intègrera aussi dans l’administration WatchGuard et dans le logiciel de gestion Dimension

A découvir à partir du 5 mars 2014

 

Spécifications Techniques

Firebox T10

Throughput

Firewall throughput 200 Mbps

VPN throughput 30 Mbps

AV throughput 70 Mbps

IPS throughput 80 Mbps

UTM throughput 55 Mbps

Interfaces 10/100/1000 3 cuivres

I/O interfaces 1 SRL/1 USB

Concurrent connections

(bi-directional) 7,500

New connections per second 1,000

VLANs 10

Authenticated users limit 200

VPN Tunnels

Branch Office VPN 5

Mobile VPN IPSec 5

Mobile VPN SSL/L2TP 5

Security Features

Firewall Stateful packet inspection, deep packet inspection, proxy firewall

Application proxies HTTP, HTTPS, SMTP, FTP, DNS, TCP, POP3

Threat protection DoS attacks, fragmented packets, blended threats and more

VoIP H.323, SIP, call setup and session security

Filtering options Browser Safe Search, YouTube for Schools

Security subscriptions Application Control, IPS, WebBlocker, Gateway AV, Data Loss

Prevention, spamBlocker, Reputation Enabled Defense

VPN & Authentication

Encryption DES, 3DES, AES 128-, 192-, 256-bit

IPSec SHA-1, SHA-2, MD5, IKE pre-shared key, 3rd party cert

Single sign-on Supports Windows, Mac OS X, mobile operating systems

Authentication RADIUS, LDAP, Windows Active Directory, VASCO, RSA SecurID, internal database

Management

Logging and notifications WatchGuard, Syslog, SNMP v2/v3

User interfaces Centralized console (WSM), Web UI, scriptable CLI

Reporting WatchGuard Dimension includes 70 pre-defined reports, executive summary and visibility tools

Certifications

Security Pending: ICSA Firewall, ICSA IPSec VPN

Safety NRTL/C, CB

Network IPv6 Ready Gold (routing)

Hazardous substance control WEEE, RoHS, REACH

Standard Networking

QoS 8 priority queues, DiffServ, modified strict queuing

IP address assignment Static, DHCP (server, client, relay), PPPoE, DynDNS

NAT Static, dynamic, 1:1, IPSec traversal, policy-based

Other features Static routing, port Independence, transparent/drop-in mode

Les détecteurs d’intrusion réseau et hôtes HIDS

Voilà un panorama non exhaustif des détecteurs d’intrusions.

Network Intrusion Detection System(NIDS)

NIDS WatchGuard Firebox /XTM

Sonicwall

NetScreen

TopLayer

Arkoon IDPS

Prelude IDS

NetRanger [http://www.cisco.com]

Dragon [http://www.securitywizards.com]

NFR [http://www.nfr.net]

Snort [http://www.snort.org]

DTK [http://all.net/dtk/dtk.html]

ISS RealSecure [http://www.uh.edu/infotech/software/unix/realsecure/index.html]

Enterprise Security for Communication and CollaborationTrend Micro Email, instant messaging, and collaboration systems connect your employees, partners, and customers, but they also open doors for cybercriminals. In…Commercial

Apani EpiForce Apani Networks Apani® EpiForce® is a software-based, cross-platform server isolation, encryption and access management solution that enables logical security zoning…Commercial

Cisco Catalyst 6500 Series Intrusion Detection System ModuleCisco Systems Inc With the increased complexity of security threats, such as malicious Internet worms, denial of service (DoS) attacks, and e-business application…Commercial

Core ControllerHewlett-Packard Core network upgrades driven by data center consolidation, high performance computing and high bandwidth applications like video on demand and file…Commercial

Corero Top Layer IPS™Corero Network Security Top Layer IPS™ (Intrusion Prevention System) delivers the most comprehensive network protection compared to other IPS products. The company’s IPS…Commercial

Digital Vaccine® Security Filter ServiceHewlett-Packard In providing the vulnerability analysis for SANS every week, the TippingPoint DVLabs security team simultaneously develops new attack filters to address…Commercial

fwsnortCipherDyne Application Layer IDS/IPS with iptables fwsnort parses the rules files included in the SNORT ® intrusion detection system and builds an equivalent…Commercial

Intrusion Detection and Prevention Appliances (IDP)

Juniper Networks Juniper Networks intrusion detection and prevention products provide comprehensive inline network security from worms, Trojans, spyware, keyloggers, and…Commercial

Lan-Secure Network Management Monitoring Software

Lan-Secure Security Center is network security software for real-time intrusion detection IDS and prevention IPS that helps to protect networks from potential…Commercial

NetWitness NextGen™NetWitness Know Everything. Answer Anything. Move into the Next Generation of Network Security Monitoring. NetWitness NextGen™. NetWitness NextGen is the most…Commercial

Reputation Digital Vaccine® ServiceHewlett-Packard In providing the vulnerability analysis for SANS every week, the TippingPoint DVLabs security team simultaneously develops new attack filters to address…Commercial

Secospace NIP Series Network Intrusion Detection System

Huawei Symantec The Network Intelligent Police (NIP) Intrusion Detection System (IDS) is a new generation of session-based intelligent network IDS developed by Huawei…Commercial

Strata Guard®StillSecure Our multi-Gig, multi-segment intrusion detection/prevention system (IDS/IPS) stops hackers dead in their tracks, preventing malware, spyware, port…Commercial

UTM & Product ServicesClavister When you buy a Clavister Security Gateway, regardless whether it is a physical or virtual product, they all support a wide range of optional…Commercial

Venusense Intrusion Detection and Management System (IDMS)Beijing Venustech Inc. Venusense Intrusion Detection and Management System (IDMS) is a security product for intrusion detecting. It is independently developed by Venustech….Commercial

Host Intrusion Detection System (HIDS)

Patriot NG

Swatch

Nocol

Osiris

OSSEC HIDS

Entercept

Okena (Cisco)

ServerLock

Tripwire

Logsufer

Prelude

Problème consomme enormement de CPU