SecurIT Firewall - a high performance security solution for networks
SecurIT Firewall is a high performance firewall which takes negligible time in filtering any number of protocols. Read the article to know its features, price and review.
The high performance SecurIT Firewall is manufactured by SLM (previously known as MilkyWay). It is available for Windows NT and Unix operating systems. The firewall provides application level proxies for almost all protocols. It provides proxy redirection when the protocols pass from the internal network to internet. It does not have a packet filter but provides a very strong authentication for IP address based and user based controls. One can safely say that the firewall stands true to its name when it comes to network security. When it comes to performance, SecurIT is again a winner. This highly optimized proxy server uses shared memory and threads so that the time required for filtering protocols gets minimized. This allows more traffic to pass through SecurIT and consequently through the network.Minimum platform requirements
Security features
For security, SecurIT relies on its operating system which is sufficiently hardened to be resistant to IP level attacks. Solaris and Windows NT are made resistant to all potential attacks. Some major security features of the firewall are discussed below.
Proxy services
What differentiates SecurIT from other firewalls is the number of security proxies that it provides. It provides proxies for all major protocols including FTP, Generic SOCKS, Gopher, HTTP+, HTTP, Mail, LDAP, NNTP, POP, RPC, Real Media, SSL, Telnet and VDO Live. As all these protocols have different functions, they can be configured to block specific internet domains and IP addresses. There is probably no other firewall that provides so many proxies for common internet protocols. This gives strong protocol security. The data portions of IP packets are examined to ensure that the traffic passing through a particular port conforms to the protocol for that port only. This means that HTTP requests, for an example, will go to port 80 only. The SQL security proxy provided supports all SQL*Net transactions through the firewall.
Virtual Private Network (VPN)
The strong VPN component of the firewall allows establishing encrypted IP tunnels between the protected LANs. The TCP proxy hides the client on internet, restricting it to VPN. This functionality is not equivalent to true network layer address translation but it is referred as NAT in the documentation provided by SecurIT. True NAT and packet filter are absent in the firewall but the functions are not even necessary as the base operating system is sufficiently hardened.
Secure authentication
The authentication is performed by Telcordia's (previously known as Bellcore) S/Key one time password algorithm. Access controls are securely restricted.
Security alerts
The firewall is capable of logging to databases. On any event detection, it transmits security alerts to the administrator via email. Also, the system will be reconfigured when a suspicious event is detected.Pricing
To purchase SecurIT Firewall, visit the official site of milkyway or contact Neoteric. There is no evaluation edition at the website. US citizens can contact Neoteric at (212) 625-9100. SLM has no major marketing plan through commercial chains and the product is sold primarily through government and military channels. The product is sold by the number of sessions, i.e. the number of open simultaneous connections. The number of IP addresses used inside the network plays no role. The advantage of this is that a 20-user network can probably utilize a cheaper 10-session version of the firewall if less users work together at a time. The 10 session pack costs $3,600, the 40 session pack costs $7,200 and the 100 session pack costs $16,200. For unlimited sessions, you will have to pay $23,400. The VPN charges are over $1,200. Since the pack comes with a hardened Solaris version, you need not buy an operating system. The hardware cost will come around $5,000. Review
SecurIT has a lot to offer to its users. It gives high speed application proxying, centralized authentication and easy centralized management. Above all, it supports a wide range of protocols, ensuring very high security. On the other hand, it is very costly and difficult to acquire due to its limited channels. Some features like packet filter and NAT are absent but then the OS is hardened. Unix is close to an universal operating system, yet an additional operating system is provided to the users. It is hard to find a fault in the package. As for the price, I can only say that high-end things come at high prices.
Read IBM Firewall for AS/400 minicomputers