OVERVIEW
FirewallNow! Small Business Edition for Windows NT, Windows 2000, Windows
XP and Windows 2003 is the perfect solution for companies looking to
protect and secure their servers from the threats of malicious hackers and
intruders from the Internet. A must have for any server that has Internet
access. For companies already have hardware firewalls, FirewallNow!
provides additional anti-Trojan protection. An indispensable tool for any
servers where data security is important.
With FirewallNow! intruders will be stopped dead in their tracks. Trojans,
zombies and viruses can hijack your server and turn it into a launching
platform for distribution of any data. A corporate firewall cannot
differentiate between the valid applications in the server and the
malicious ones. By utilizing legal ports, malicious
Trojans/zombies/viruses/worms gets a free ride on your server. FirewallNow!
brings an end to these nuisance codes by identifying valid applications in
the servers and monitoring in multiple layers.
FirewallNow! only protects your server and that is where protection matter
most.
MAIN FEATURES:
Intrusion Detection & Prevention
Intrusion detection from both application and the network/Internet is
detected by FirewallNow! using high speed conditional algorithm.
Intrusions are logged with FirewallNow! powerful logging engine (X6-Log),
logs can range from a direct application/packet header log to every single
byte of data from each packet!
Packets and application connections that violates the FirewallNow! rules
are logged as intrusions. With the brilliant rule creation feature of
FirewallNow! (One-Rule-All), complex and unique rules that frequently
require multiple rules might just require one rule in FirewallNow!
Unlike others IDS products that only detects, FirewallNow! does more than
that. It actually stops the intruder from coming in.
Anti-Port Scanning
Using a powerful and sensitive algorithm, FirewallNow! detects and reports
port scanning activities on your server, both from the Intranet and
Internet. The algorithm is also used to provide a summarized information
of the port scanning activities.
Event Reporting via Email
FirewallNow! supports email notification whenever an intrusion is
reported. Smart interval reporting will not clogged up your email account.
With this notification administrators can monitor, maintain and fine-tune
the organizations security policy in an easy manner.
Layered Protection
FirewallNow! prevents security breaches using a unique two layers
protection system.
The application level protection via TDI monitor each application in the
server and flags a security warning the moment any of the application
issues an undefined connection.
The second protection using NDIS works on the packet level and FirewallNow!
destroys any abnormal packet. Incoming packets are matched against rules
and any violations of the rules are then flagged as an intrusion.
* Technical description:
TDI (Transport Driver Interface)
NDIS (Network Driver Interface Specification)
Trojans imprisonment
FirewallNow! Application level (TDI) protection brings the threats of
possible Internet Trojans running on your server to zero. Using various
proven techniques to counter Internet Trojans, FirewallNow! creates an
environment that inhibit the possibility of these Trojans from functioning
in your server.
Rules confinement per application: Applications can be compared against
rules and Internet Trojans will cease to function online. No rules mean no
access. No application can have Internet access without you giving it the
permission and in a defined behavior.
Anti-Hijacking
To date hijacking are the techniques that enable Internet Trojans and
‘Zombie’ programs the abilities to hijack server or your Internet Explorer
to perform its required connections. While these technique would cause
most if not all hardware firewalls and even personal firewalls to fail,
FirewallNow! “spy-check” will detect these loopholes and deny the
connection.
Smart CRC
FirewallNow! performs CRC check on your applications. Smart Trojans that
replaces your application will result in a CRC alert. Each application
will have its “fingerprint” checked out and any suspicious checksum will
be reported.
Full Path Support
Any application attempting to make a connection to the Internet must be
executed from it’s registered path.
