Security Features

Zone-Based Firewall

The network is segmented into security zones, allowing custom access rules between them. This enables isolation and management of areas such as internal, external, and guest networks.

Application Security (AppID)

Recognizes applications based on signatures or behavior, allowing traffic only to specific applications. Enables application-based access control.

IDS/IPS - Intrusion Detection and Prevention

Detects suspicious activity by identifying malicious traffic patterns (IDS) and can automatically block them (IPS). Continuously monitors the network.

SPI - Stateful Packet Inspection

Analyzes the connection history of incoming packets, allowing only trusted connections to continue. Enhances connection-based security.

DPI - Deep Packet Inspection

Inspects not only header information but also the content of network traffic. Helps detect protocol violations, malware, and data leaks.

Multiple Policy, Section, and Profile Support

Allows separate security policies for different user groups, device types, or time ranges. Enables flexible and customizable management.

Time-Based Security Policy Management

Security rules can be activated during specific days or hours. Tighter policies can be applied outside business hours.

Botnet Blocking and Honeypot Trapping

Known botnet communications are automatically blocked. Attackers can be deceived and tracked using honeypot traps.

Traffic Rate Limiting

Limits bandwidth for specific protocols or applications. Protects resources and improves service continuity.

HTTP / HTTPS Web Filtering (SNI / DPI)

Analyzes web traffic based on domain name (SNI) or content (DPI) to block access to malicious or unwanted websites.
SNI (Server Name Indication): Allows clients to specify the hostname they are connecting to during TLS handshake; enables domain-based filtering.
DPI (Deep Packet Inspection): Inspects both headers and payloads of packets for deeper analysis and filtering, improving security and access control.

XFF Scanning – Trusted Proxy Servers

Analyzes the X-Forwarded-For header to identify the real client IP. Reveals the user behind the proxy.

Interface-Based Anti-Spoofing (Symmetric and Asymmetric)

Verifies that packets received on each interface come from legitimate sources. Prevents spoofing attacks using fake source IPs in both symmetric and asymmetric routing scenarios.

ICAP and External Sandbox Integration

Suspicious files are sent to external sandbox systems for analysis. Enables detection of zero-day threats.

MAC-IP Binding and MAC Quarantine

Only specific MAC addresses are allowed per IP address. Unauthorized devices can be detected and quarantined.

ARP Spoofing Protection

Detects and prevents ARP spoofing attacks within the network. Prevents manipulation of gateway redirection.

Flood Attack Prevention

Blocks flood attacks involving excessive TCP SYN, ICMP, or UDP packets. Protects systems from being overwhelmed.

Port Scan Attack Prevention (TCP, UDP)

Detects attempts to scan for open ports in the network. Such activities can be automatically blocked.

Gateway Anti-Virus / Anti-Malware

Scans passing files and traffic for malware. Blocks threats such as viruses, trojans, and spyware.

SSH Inspection

Monitors SSH connections and commands to detect malicious behavior. Prevents unauthorized access.

DoS Protection – Connection Limiting

Limits the number of connections to prevent Denial-of-Service (DoS) attacks. Helps conserve system resources.

SSL Inspection on Inbound & Outbound Traffic

Decrypts and analyzes encrypted traffic. Allows detection and blocking of hidden threats.

Fragmented Packet Detection & Blocking

Prevents attacks using fragmented packets. Reassembles and inspects them for security purposes.

Basic WAF – Web Application Firewall

Blocks attacks targeting web applications such as SQL injection and XSS. Provides basic web protection.