With the current license the same machine can be installed a maximum of 10 times. If the right of installation is needed email@example.com e-mail address.
When the antikor web interface is opened, you can see your license content and version list by clicking on the card icon next to log out in the upper right corner.
After you access the console panel with user name: admin, password: antikor by connecting the keyboard and monitor to your device, you will be entered into the Administration panel Access Settings from the system settings and the IP address to be accessed with the add new registration wizard must be added.
After you access the console panel with user name: admin, password: antikor by connecting the keyboard and monitor to your device, you can enter Change User Password from System Settings, list users and change your password.
After accessing the console panel with user name: admin, password: antikor by connecting the keyboard and monitor to your device, you can enter Network IP settings, WAN Settings, list users and change your IP address.
Users must first produce ssh-key and introduce it to the AntiKor. You can access your product’S IP address and port 22022 by using the ssh key that you produced and introduced to the antikor.
Antikor products detect hardware during installation and provide installation according to your hardware. No hardware changes should be made after installation.
Static NAT configuration example will solve this problem.
What to do on the Active Directory and Antikor side is described in the step - by-step example of configuring Active Directory-Kerberos SSO integration.
The AntiKor NGFW is also capable of authorization according to the network group when it makes authorization. You can authorize the management of each network to different users and share your workload. Administrators can only View and manage settings for the networks they are authorized to use. For detailed information, see the Administration Panel Users document.
The AntiKor is positioned just in front of the incoming internet connection. It supports PPPoE mode for Xdsls as operating mode, and Routing mode for Metro ethernet and routers. It also supports Transparent (Bridge) mode for those who do not want to make any changes to their network.
Yes, there are. Feature that supports redundant operation of the system. It is based on the basis of simultaneous and collaborative work of AntiKor’s developed in order to ensure continuity. If a server in the cluster has a hardware or software problem, another server is automatically activated. Thus, continuity is ensured. For detailed information, see the Cluster Settings document and the Cluster Configuration example.
The AntiKor has an Automatic Update System. New updates are checked online with AntiKor NGFW’s automatic update system. Individual packages are listed as” ready to update”. When the user says “start updating”, the update is done. If the update is critical, “critical” is displayed in red. Databases are” automatically “ updated. All packages can be rolled back to the previous version.
Any client who wishes to join your local network in the AntiKor is met with the AntiKor NGFW Registration Service Form. Here is a check of TC identification number accuracy. In the background, the user’S MAC and IP information is also automatically retrieved. The credentials obtained from the form can be verified via KPS(MERNIS), as well as SMS, LDAP, RADIUS, POP3 verification. For more information, see the registration service configuration example.
The AntiKor NGFW Antibot module intercepts communication with botnet command servers so that infected computers on your Network do not serve botnets. For detailed information, see the Network Definitions document.
The AntiKor NGFW sends IP addresses that are not in its own IP pool to the Black Hole Service. These packets are not routed and ignored.
- It should protect the network from IP spoofing attacks, known as IP Spoofing, by analyzing traffic from all users within the organization.
- The AntiSpoof service can automatically block IP traffic outside the network by mapping the network’s communications.
- It can prevent dirty traffic from coming out of the network and prevent getting caught in the honeypot.
In the AntiKor, Dual Stack, i.e. both IPv4 and IPv6, both protocols work at the same time. It provides traffic control and analysis over both IPv4 and IPv6 simultaneously.
AntiKor Dual Layer-double layer works simultaneously. You can take advantage of both Layer 2 and Layer 3 Communication at the same time. The AntiKor NGFW can communicate with your VLANs with Layer2 and collect MAC addresses, detect abnormalities, and even direct routing of Layer3+ and above in your connected networks.
The AntiKor has SynFlood protection. Protects against Syn attacks from both the local network and the internet. The desired IP and ports can be excluded from this system.
The AntiKor has a SPI-Statefull Packet Inspection module. Keeps track of what stage your packages are at from the start. Each link that is followed is stored in the state table. It takes your security to the next level by preventing intrusions and unsolicited answers.
AntiKor has QoS-enabled Bandwidth Management. Person-based maximum bandwidth can be defined. Speed Guarantee, priority assignment, rule-based QoS implementation, different configuration possibilities for each Ethernet interface. For detailed information, see the Ethernet QoS and Ethernet QoS Rules document.
The AntiKor can create network groups, and these groups can be defined as IP addresses or networks. These definitions can also be used in security rules, in access permissions, and in the private users section. Network group members can also automatically pull from the internet.(for example, ready IP lists or URL lists) For detailed information, see the network definitions document .
In the AntiKor, Port definitions (Group) are made and port can be defined in 140 different protocols. These definitions are used in the firewall. For detailed information, see the Port Definitions document.
For clients, scope can be specified and groups can be created. It is also set here whether or not the group of users subject to the created groups will be shown in the registration form. The necessary operations can be done in filtering these groups. For detailed information, see the Client groups document.
In the AntiKor, which users and computers will have what kind of powers are assigned. Filters also work as assigned to these clients. For detailed information, see the Private Users document.
Authentication can be performed in the AntiKor through RADIUS service. AntiKor users are allowed to perform AAA (Authentication, Authorization, Accounting), authorization and registration. The required adjustments for RADIUS profiles, NAS definitions, RADIUS Proxy pools, and Proxy domains are made here. For detailed information, see the RADIUS Settings document.
Through the Proxy service, sites and memberships with membership of the institution can be entered as if they were at work from home. It can also be selected whether users will be included in the policies defined in the Web Filtering Management section. Logs of users entering the House are also kept. For detailed information, see the Proxy configuration example on the client side.
The AntiKor supports 24 different log types and 7 different log formats. The settings of the syslog server/servers on which the server system logs will be recorded are made and forwarded to your log collector or SIEM in the preferred raw or structural log format. For detailed information, see the Syslog Settings document.
In AntiKor, the SSL Certificate Management menu is the section where the institution’s SSL certificate is defined. You can create your own certificate or install your existing certificate using the same module. For more information, see the SSL Certificate Management document.
HTTP(s) server forwarding is the module in which forwarding is made necessary to eliminate the problem of access to network components that use the same WAN (real) IP address in an enterprise and serve people inside or outside the enterprise with the IP addresses they use. For detailed information, see the HTTP(s) Server Forwarding document.
The AntiKor performs a special IP assignment to the devices thanks to DHCP. During the registration service, it automatically connects to the IP-MAC binary and matches it to the user.When the IP-MAC match is turned on from the services, those who change the IP cannot go online. For more information, see the DHCP Settings document.
The NetFlow service in the AntiKor can hold header(IP and TCP/UDP header) information and send it to a collector, not the content of traffic information. When sending this information, it can send all the information, only an IP, or a network group to the Collector. For detailed information, see the NetFlow Settings document.
It is the area where language settings are made in AntiKor. Total of 3 language options (Turkish, English, Arabic). For different web interface operations (e.g. user registration, announcement screen, access block Page, etc.) can work with different language options. For detailed information, see the Language Settings document.
Settings for the LLDP connection are made in this menu. The settings are complemented by entering the system name and description of the LLDP network. After the necessary settings are made, observation can be made from the LLDP status under the Instant observation menu. For detailed information, see the LLDP Settings document.
We need to define the IP ranges (internal and external) of the network you are managing in the IP Pools section of the AntiKor. These ranges will be used in AntiKor control mechanisms. Automatically fetches the added VLAN IP addresses. Some operations (client definitions, static NAT, etc. Can not be done without adding IP addresses to the IP pool. See the IP Pools document for detailed information.
In AntiKor, Ethernet settings, Ethernet (LAN), internet output (WAN), server zone (DMZ) and PPPoE settings are made from this section. Multiple LAN, WAN and DMZ interfaces can be added according to license content. If more than one IP address is required to be given to different or same ethernet interfaces in AntiKor, it can be given from this section. For detailed information, see the IP Alias, Ethernet Assignment and VLAN Configuration documentation.
It is used to increase the rate at which the AntiKor passes over it or to run the AntiKor as a Cluster. There are 6 different options as a merge type.
- Bridging - Rapid STP
- Link Aggregation - Failover
- Link Aggregation - Load Balance
- Link Aggregation - LACP
- Link Aggregation - Round Robin
For detailed information, see the Virtual Ethernet Aggregation document.
Ethernet packets (audio, video, etc.) is used to determine the order of precedence. The main purpose of QoS applications is to enable the most efficient use of bandwidth. 3 different types of QOS (Quality of Service) can be defined: qfq (Quick Fair queuing), CBQ (Class Based queuing), HFSC (Hierarchical Fair-Service Curve). See the Ethernet QoS document for detailed information.
You can make announcements to all users, groups, IP or IP blocks on your Network. No matter which Page the people you are making an announcement on appear in front of the announcement. He can’t keep going on the internet unless you press the I’ve Read button. For detailed information, see the Announcement Entry document.
It has Samba or NFS support. You can discard these reports to your remote server. 6 of law 5651.these reports should be kept for 2 years as required by Paragraph B. For detailed information, see the Report Archive document.
Services such as Hotspot, Proxy, VPN can be assigned an authentication policy with different identity providers. Supported Sources;
- Local Sources
- HTTP (Authentication)
- SSO : Negotiate/Kerberos - Active Directory
- Local Groups
- POP3 / IMAP
- HTTP (Api)
For detailed information, see the Local Users document and Hotspot HTTP API Integration, Hotspot HTTP Authentication Integration, Hotspot LDAP Integration, Hotspot POP3 - IMAP Integration, Hotspot RADIUS Integration, Hotspot SMS Integration, Hotspot Local User configuration examples.
Time-based quota support, traffic-based quota support, tracking of quota limits in relation to the account, per person login limit, support to continue traffic despite closing session information window, Hotspot module integrated into the software, staff in the organization, student mail addresses or student information systems can work together with the structure, the client/networks to be included in the Hotspot service and The software can verify credentials from mernis servers. If requested, it is possible to verify credentials by SMS. The service has LDAP, Active Directory, RADIUS, POP3, IMAP, POP3 SSL, IMAP SSL, JSON Web Service, XML Web service integrations. For detailed information, see the Hotspot Settings document.
It provides high performance thanks to the RSS-sensitive Multithreaded application recognition engine. It detects over 4500 applications with its extensive AppID database. The system can automatically update application signatures over the internet. System Layer 7 can perform deep packet inspection, detect and block application signatures. For detailed information, see the Application Security and IPS Settings document.
The AntiKor NGFW makes Attack Detection fast and powerful with its Multi-threaded analysis engine. By making rule-based identification, you can run different application filters on each client or network:
- Signature-based Intrusion Detection and Prevention
- ARP poisoning Attack Detection and Prevention
- Syn Flood Attack Detection and Prevention
- UDP Flood Attack Detection and Prevention
- DoS Attack Detection and Prevention
See the Intrusion Detection and Prevention(IPS) document for detailed information.
DNS blocking process is done and domain names, address-based, Active Time Zone, category-based configuration can be written. Different policies can be created according to client groups. For detailed information, see the DNS Filtering document and examples of DNS Filtering Address-Based Configuration, DNS Filtering Active Time Period Configuration, DNS Filtering SafeSearch Configuration, DNS Filtering Category-Based Configuration.
In the sites to be cached section, the names of the sites that users visit frequently and the programs that perform updates are written here. For example, update addresses of Windows and antivirus addresses can be written. In this way, after the first person who downloads, others receive automatic updates from this service. For detailed information, see the Cached Sites document.
Limits the speed of the sites entered in the sites to limit section to per client, the total of users in that VLAN(network) to per Network, and the total of all VLANs to the total category. Especially sites like rapidshare, megaupload, Hotmail are entered. For detailed information, see the document of Speed Limit Sites.
Category management can be added On Demand. There are also more than a hundred predefined categories on the AntiKor. The desired categories are allowed and the desired ones can be blocked in web and DNS filtering. For detailed information, see the Category Management document.
There are 3 different types of servers separation on the AntiKor;
- Access Without NAT → DMZ zone the actual IP is used. Again, certain ports can be opened and closed to these IPs.
- Real IP Access from Anywhere → DMZ zone. Both from the local network and from the outside world, this server is entered by NAT.
- Real IP Access Only from the WAN → the server can be accessed via virtual IP from our local network, while it can be accessed via NAT from the outside world.
PBR is performed according to Protocol ( IP, TCP, UDP, ICMP … ), source address ( IPv4 / IPv6 ), source Port, destination address ( IPv4 / IPv6 ), Destination Port criteria. For detailed information, see the Policy-based Routing document.
In the case of AntiKor quarantine, it quarantines computers that perform arp poisoning at the Layer 2 level and present themselves as gateways and distribute the MAC address. After that, it prevents poisoning of the network by giving IP addresses from an unused IP block. Unless the system administrator removes that MAC address from quarantine from the web Administration panel, that computer will be denied internet access. In addition, manually add the MAC address we want to prevent the internet. For detailed information, see the Quarantine Status document.
On the honeypot service, they are traps that can detect port scans and connections to popular services. Trap and multi-attacked ports are entered into the system. The system fakes these ports. It prohibits those who attack these ports until the selected “blocking time”. We may enter and exclude “ignored” on our own network within our own IP. For detailed information, see the Honeypot Settings document.
All the settings in the AntiKor can be taken to our own computer and restored from backup at any time with Restore or these settings can be uploaded to another AntiKor. It is saved to our backup computer by pressing the Download button. AntiKor setting backups can be automatically assigned to an external server using FTP, SAMBA, SCP, NFS, SFTP, yearly, monthly, weekly and daily. For detailed information, see the Backup / Restore document.
Important states on the AntiKor are identified to the notification system. The group and users to which these notifications go are also defined. It is also defined by which method it will be delivered. For example, CPU, Ram, Disk usage exceeds the specified value, or ethernets are turned off and on. For detailed information, see the Notification History document.
ePati Cyber Security Co.
Mersin Üniversitesi Çiftlikköy Kampüsü
Teknopark İdari Binası Kat:4 No: 411
Posta Kodu: 33343
Yenişehir / Mersin / TURKEY
Tel: +90 324 361 02 33
Fax: +90 324 361 02 39