Endian UTM Software Sicurezza Completa Per La Tua Rete
Total Page:16
File Type:pdf, Size:1020Kb
Secure everyThing www.endian.com Endian UTM Software Sicurezza completa per la tua rete Crea la tua appliance: compatibilità Sicurezza UTM: proteggi le Scalabilità: supporta estesa con le piattaforme hardware risorse critiche della tua azienda l’espansione della tua rete Trasforma il tuo hardware in una appliance Unified Threat Management Le software appliance UTM Endian mettono a disposizione dell’utente la stessa tecnologia della versione hardware, rendendo possibile trasformare qualsiasi PC in un gateway di sicurezza full UTM. Scatena tutta la potenza dello scudo di Endian attraverso una piattaforma hardware di tua scelta e proteggi la tua rete da qualsiasi minaccia. Stateful inspec- tion firewall, VPN, gateway antivirus, anti-spam, web security e filtro dei contenuti email offrono protezione granulare in un unico prodotto, riducendo tempi e costi di gestione. Le software appliance Endian sono perfette per coprire le necessità di qualsiasi tipo di rete, dalle più piccole ai network più complessi, di classe enterprise. Sicurezza della rete: stateful inspection firewall e feature Sicurezza email: gateway anti-spam e anti-virus a protezi- avanzate per proteggere il tuo network. one delle tue comunicazioni email. Quality of Service e gestione della banda: per garantire la Alta affidabilità: il tuo network resta in piena efficienza, più alta qualità alle chiamate VoiP e ai servizi critici sulla anche in seguito al fallimento della connessione Internet tua rete. o a un problema hardware. Intrusion Prevention: tramite Snort puoi bloccare, loggare Endian Network: configura e aggiorna le tue appliance da o lasciar passare i pacchetti che rispondono a determinati un’unica piattaforma. requisiti. Web security: anti-virus e filtro dei contenuti per la navi- Hotspot: permette di accedere in maniera sicura a Inter- gazione Internet sicura. net. In modalità wireless nelle aree pubbliche o via cavo. Event management: e-mail o sms di notifica sono spediti VPN: comunicazioni sicure con sedi remote, filiali e te- in automatico all’amministratore di sistema, all’occorrere le-lavoratori. In contatto sempre, da qualsiasi luogo. di eventi predefiniti. Possibilità di agganciare il singolo evento ad uno script eseguito in automatico dal sistema. Tutto nel tuo hardware dedicato Hotspot Firewall Network Security Web Security Email Security VPN (SSL & IPsec) IPS Centralized Management High Availability Updates and Backup Logging/Reporting Disaster Recovery Secure everyThing www.endian.com Endian UTM Features Network Security Virtual Private Networking BYOD / Hotspot* Bridging • Stateful packet firewall IPsec • Configurable captive portal • Firewall stealth mode • Application control (including • Encryption: Null, 3DES, CAST-128, • Use your website as portal (SurfNow • OSI layer 2 firewall functionality Facebook, Twitter, Skype, WhatsApp AES 128/192/256-bit, Button) • Spanning tree and more) • Blowfish 128/192/256-bit, • Free access to allowed sites • Unlimited interfaces per bridge • Demilitarized zone (DMZ) Twofish 128/192/256-bit, (walled garden) • Intrusion detection and prevention • Serpent 128/192/256-bit, • Wired / wireless support High Availability • Multiple public IP addresses Camellia 128/192/256-bit • Integrated RADIUS service • Hot standby (active/passive) • Multiple WAN • Hash algorithms: MD5, SHA1, SHA2 • Connection logging • Node data/configuration synchroni- • Quality of service and bandwidth 256/384/512-bit, AESXCBC • Bandwidth limiting based on user, zation (not for BYOD/Hotspot) management • Diffie Hellman modes: 1, 2, 5, 14, 15, ticket or global settings Event Management • SNMP support 16, 17, 18, 22, 23, 24 • Social login (Facebook, Google) • More Than 30 Individually Configur- • VoIP/SIP support • Authentication: pre-shared key (PSK), • Social Enabler (sharing on social able Events • SYN/ICMP flood protection RSA keys networks) • Email Notifications • VLAN support (IEEE 802.1Q trunking) • X.509 certificates • MAC-address based user accounts • SMS Notifications • DNS proxy/routing • IKEv1, IKEv2 • Configurable multiple logins per user • Powerful Python Scripting Engine • Anti-spyware • Dead Peer Detection (DPD) • User accounts import/export via CSV • Phishing protection • NAT traversal • User password recovery Logging and Reporting • Compression • Automatic client network Web Security • Reporting dashboard • Perfect Forward Secrecy (PFS) configuration (support for DHCP • Detailed system, web, email, attack • HTTP & FTP proxies • VPN Site-to-Site and static IP) and virus reports • HTTPS filtering • VPN Client-to-Site (roadwarrior) • Fully integrated accounting • Live network traffic monitoring • Transparent proxy support • L2TP user authentication • Generic JSON API for external (powered by ntopng) • URL blacklist • XAUTH user authentication accounting and third party • Live log viewer • Authentication: Local, RADIUS, LDAP, OpenVPN integration • Detailed user-based web access re- Active Directory • Encryption: DES, 3DES, AES • Instant WLAN ticket shop (Smart- port (not in Mini 10 and Mini 10 WiFi) • NTLM single sign-on 128/192/256-bit, CAST5, Blowfish Connect) • Network/system/performance • Group-based and user-based web • Authentication: pre-shared key, X.509 • Single-click ticket generation statistics content filter certificates (Quick ticket) • Rule-based logging settings (firewall • Time based access control with • Support for VPN over HTTP Proxy • SMS/e-mail user validation and rules) multiple time intervals • PPTP passthrough ticketing • Syslog: local or remote • Bitdefender Anti-malware Engine • VPN client-to-site (roadwarrior) • Pre-/postpaid and free tickets • OpenTSA trusted timestamping • Bitdefender Content filter Engine • VPN client for Microsoft Windows • Time-/traffic-based tickets • SafeSearch enforcement and Apple OS X • Configurable ticket validity Extra Services Mail Security • Possibility of multiple logins per user • Terms of Service confirmation • NTP (Network Time Protocol) • VPN failover • MAC address tracking for free • DHCP server • SMTP & POP3 proxies • Multiple server support hotspots • SNMP server • Anti-spam with bayes, pattern • Support for mobile devices • Cyclic/recurring tickets (daily, weekly, • Dynamic DNS and SPF (Android, iOS) monthly, yearly) • Heuristics, black- and whitelists Management / GUI VPN Portal for Clientless Connections* • Remember user after first support • Web-based access to internal authentication (SmartLogin) • Centralized management through • Anti-virus resources • Multi-location setup through Endian Network (SSL) • Transparent proxy support • Configurable portal page master/satellite configuration** • Easy Web-Based Administration • Email quarantine management • Support for multiple destinations • External authentication server (Local, (SSL) • Spam auto-learning • Destination-based authentication LDAP, Active Directory, RADIUS) • Multi-language web-interface • Transparent mail forwarding (BCC) • SSL offloading (English, Italian, German, Japanese, • Greylisting User Management & Authentication Network Address Translation Spanish, Portuguese, Chinese, Rus- • Bitdefender Anti-spam Engine • Unified user management for Open- • Destination NAT sian, Turkish) • Bitdefender Anti-malware Engine VPN, L2TP, XAUTH, VPN Portal • Incoming routed traffic • Secure remote SSH/SCP access WAN Failover • Group management • One-to-one NAT • Serial console • Source NAT (SNAT) • Automatic WAN uplink failover • Integrated certificate authority Updates and Backups • IPsec NAT traversal • Monitoring of WAN uplinks • External certificate authority support • Centralized updates through Endian • Uplink types: Ethernet (static/DHCP), • User password and certificate Routing Network management PPPoE, PPTP • Static routes • Scheduled automatic backups • Multiple authentication servers (local, • Support for UMTS/GPRS/3G USB • Source-based routing • Encrypted backups via email LDAP, Active Directory, RADIUS) dongles • Destination-based routing • Instant recovery / Backup to USB • Fully integrated one-time password • Policy-based routing (based on inter- stick (Endian Recovery Key) User Authentication (OTP) support face, MAC address, protocol or port) • Active Directory / NTLM • Let‘s Encrypt Support • LDAP • RADIUS • Local * Not in UTM Software 10, UTM Virtual 10, UTM Mini 10, UTM Mini 10 WiFi ** Master functionality not in UTM Mini 25, UTM Mini 25 WiFi and UTM Mercury 50 Secure everyThing www.endian.com System Requirements/Hardware Support Intel x86_64 compatible / 1GHz minimum (dual-core 2 GHz CPU: recommended) Supporto per Multi-Processor Symmetric Multi-Processor (SMP) Mulit-Processor: incluso RAM: 2 GB minimum (4 GB recommended) Necessario un Hard Disk SCSI, SATA, SAS o IDE (8GB minimo, Disk: 20GB raccomandato) Per il software RAID1 (mirroring) sono richiesti due Hard Disk Software RAID: dello stesso tipo (la capacità non deve necessariamente essere identica) CDROM è richiesto un CDROM IDE, SCSI o USB solo per CDROM: l'installazione Sono supportate le più comuni schede di rete incluse Gigabit e Schede di Rete: Fibra ottica Monitor/Keyboard: Richiesti esclusivamente per l'installazione Endian Firewall comprende un sistema operativo basato su Linux Operating System: e ottimizzato per la sicurezza © 2021 Endian SRL. Soggetto a modifica senza preavviso. Endian e Endian UTM sono marchi di Endian SRL. Tutti gli altri marchi e marchi registrati sono di proprietà dei loro rispettivi proprietari. Endian International Endian Deutschland Tel: +39 0471 631 763 Tel: +49 (0) 8106 30750 - 13 E-mail: [email protected] E-mail: [email protected] Endian Italia Endian US Tel: +39 0471 631 763 Tel: +1 832 775 8795 E-mail: [email protected] E-mail: [email protected].