Internet Security

Skip to Main Content »

Have a Question? Call Us!
Toll Free: 877.449.5102

Welcome to NTSecurity.com

You're currently on:

Common Features Found in a UTM Firewall

25/10/2012 Learn about the common features that can be found in any UTM firewall.

Many of the firewalls on the market today have several common features (outlined below).  The list of these is not entirely complete but should give you a good sense of direction when researching your new firewall.  In today's terms, you will find that firewalls are not necessarily chosen purely on these technical capabilities but more so on their performance.

 

Feature

Description

Bandwidth Management

Allows you to shape the download and upload speed for users, computers and protocols. For example you can limit how much bandwidth can consume the HTTP protocol.

CLI

Command Line Interface; a firewall can have a CLI for configuration and monitoring/troubleshooting tasks.

DMZ

One interface (or more) of a firewall can be configured as a Demilitarize Zone interface; behind this interface will be isolated the servers directly accessible from the Internet.

Dual WAN ISP

Two Internet connections can be used to distribute or load-balance outbound WAN traffic; WAN failover is also possible for reliable Internet connectivity.

Email Filtering

Used to filter at the edge email traffic for spam and other unwanted emails.

Gateway Antivirus

Inspect the traffic at the gateway for viruses and malware.

GUI

A Graphical User Interface for managing the firewall; normally a web interface is used.

High Availability

(Hardware failover)

Two identical appliances are placed in a cluster monitoring each other and synchronizing the configurations and statuses. Normally an active/passive model is used; when the primary firewall malfunctions, the secondary one takes over.

IPS

Intrusion Prevention System to detect and block attacks and malicious activities.

Logging

Some form of logging must be present to log allowed/blocked traffic and firewall events.

Monitoring

Integrated tools to monitor the firewall and its operations.

NAT

Network Address Translation modifies the IP addresses and TCP/UDP ports within the packet headers while they traverse the firewall; it is commonly used to hide private IP addresses behind the firewall.

QoS

Quality of Service enables you to prioritize IP packets according to the value of the TOS field; for example you can use QoS to prioritize VoIP traffic.

Reporting

Integrated tools to create reports about the firewall and its operations.

Routing Support

At the basic level static routes are supported; at the intermediate level dynamic routing protocol like RIP and OSPF while at the advanced level policy-based routing may be available.

Server Load Balancing

Used to distribute the incoming connections between a couple of servers located behind the firewall.

Stateful Packet Inspection

Stateful Packet Inspection (SPI) enables a firewall to keep track of the state of the network connections traveling across it; therefore the firewall is capable of allowing connections based on their state (new, established) and direction (inbound, outbound).

Stateful Inspection

In addition to SPI, the firewall is also application layer aware being able to filter traffic at the application layer; for example it can allow only a certain protocol and certain protocol commands over a specific port.

Transparent | Bridge Mode

Modes of deploying a firewall into the network without requiring IP re-addressing.

User Authentication

Controlling access to resources per source IP or MAC address is inefficient; modern UTMs allow the creation of firewall rules based on users and group of users. For example users are authenticated in order to gain Internet access.

VLAN Support

The firewall supports 802.1Q VLAN tagging.

VPN Remote Access

Enables users to securely access from remote locations corporate resources; PPTP, L2TP, IPsec-based and SSL-based VPNs may be available.

VPN Site-to-Site

Allows you to connect your office to remote offices or to partners’ networks; typically IPsec-based VPNs are used.

VPN Client

The firewall vendor provides a VPN client to enhance the VPN remote access solution.

Web Filtering

Used to filter the users’ web traffic by URLs and content.

 

4.20 out of 5 based on 25 reviews

Common Features Found in a UTM Firewall

Many of the firewalls on the market today have several common features (outlined below).  The list of these is not entirely complete but should give you a good sense of direction when researching your new firewall.  In today's terms, you will find that firewalls are not necessarily chosen purely on these technical capabilities but more so on their performance.

 

Feature

Description

Bandwidth Management

Allows you to shape the download and upload speed for users, computers and protocols. For example you can limit how much bandwidth can consume the HTTP protocol.

CLI

Command Line Interface; a firewall can have a CLI for configuration and monitoring/troubleshooting tasks.

DMZ

One interface (or more) of a firewall can be configured as a Demilitarize Zone interface; behind this interface will be isolated the servers directly accessible from the Internet.

Dual WAN ISP

Two Internet connections can be used to distribute or load-balance outbound WAN traffic; WAN failover is also possible for reliable Internet connectivity.

Email Filtering

Used to filter at the edge email traffic for spam and other unwanted emails.

Gateway Antivirus

Inspect the traffic at the gateway for viruses and malware.

GUI

A Graphical User Interface for managing the firewall; normally a web interface is used.

High Availability

(Hardware failover)

Two identical appliances are placed in a cluster monitoring each other and synchronizing the configurations and statuses. Normally an active/passive model is used; when the primary firewall malfunctions, the secondary one takes over.

IPS

Intrusion Prevention System to detect and block attacks and malicious activities.

Logging

Some form of logging must be present to log allowed/blocked traffic and firewall events.

Monitoring

Integrated tools to monitor the firewall and its operations.

NAT

Network Address Translation modifies the IP addresses and TCP/UDP ports within the packet headers while they traverse the firewall; it is commonly used to hide private IP addresses behind the firewall.

QoS

Quality of Service enables you to prioritize IP packets according to the value of the TOS field; for example you can use QoS to prioritize VoIP traffic.

Reporting

Integrated tools to create reports about the firewall and its operations.

Routing Support

At the basic level static routes are supported; at the intermediate level dynamic routing protocol like RIP and OSPF while at the advanced level policy-based routing may be available.

Server Load Balancing

Used to distribute the incoming connections between a couple of servers located behind the firewall.

Stateful Packet Inspection

Stateful Packet Inspection (SPI) enables a firewall to keep track of the state of the network connections traveling across it; therefore the firewall is capable of allowing connections based on their state (new, established) and direction (inbound, outbound).

Stateful Inspection

In addition to SPI, the firewall is also application layer aware being able to filter traffic at the application layer; for example it can allow only a certain protocol and certain protocol commands over a specific port.

Transparent | Bridge Mode

Modes of deploying a firewall into the network without requiring IP re-addressing.

User Authentication

Controlling access to resources per source IP or MAC address is inefficient; modern UTMs allow the creation of firewall rules based on users and group of users. For example users are authenticated in order to gain Internet access.

VLAN Support

The firewall supports 802.1Q VLAN tagging.

VPN Remote Access

Enables users to securely access from remote locations corporate resources; PPTP, L2TP, IPsec-based and SSL-based VPNs may be available.

VPN Site-to-Site

Allows you to connect your office to remote offices or to partners’ networks; typically IPsec-based VPNs are used.

VPN Client

The firewall vendor provides a VPN client to enhance the VPN remote access solution.

Web Filtering

Used to filter the users’ web traffic by URLs and content.

 

Attachments : Attachment 1

Rating :
4.20 out of 5

Recommended Products :

  1. Mobile VPN (IPSec) License Pack for XTM Series - 250 Users

    The WatchGuard Mobile VPN with IPSec client is a software application that is installed on a remote computer. The client makes a secure connection from the remote computer to your protected network through an unsecured network. The Mobile VPN client uses Internet Protocol Security (IPSec) to secure the connection.