Remote Administration Servers Only
Access individual VisNetic Firewall installations or entire Firewall networks from remote locations. This feature provides incomparable freedom, and complete control over a network using password protection. Administrators can access every setting in Firewall installations without having to access each computer.
Web Server Protection Servers Only
VisNetic Firewall 2.0 checks requests to your web server and blocks malicious attacks upon detection. Web Server Security Features include: Specify Acceptable Methods/Commands
Disallow malicious commands that request unwanted activity, and accept valid requests. Filter Character Sequences
- Reject suspicious character sequences that are often used by hackers. Provides an additional layer of security through analyzing URL characters that are telltale signs of hack attempts. Block URL File Name Extensions
- Determine inappropriate file name extensions (.exe, etc.), and prevent users from running programs on your web server (such as NIMDA).
Port Scan Detection
Detects all TCP port scans, including: connection scan, NULL, ACK, Window, FIN, Xmas and Full-Xmas. Port scans are frequently used before hack attempts. Controls are available to modify the
scan to your environment and to ban port scanners automatically.
Trap hackers, slow down the spread of worms and stall spammers by creating tarpits. A tarpit is a trap for harmful intruders. VisNetic Firewall accepts TCP connections but never replies and ignores disconnect requests. This leaves ports scanners and hackers stuck for hours, even days.
Ban IP Addresses
Allows administrators to ban individual or groups of IP's, and provides the necessary utilities to customize the ban list to meet requirements. Bans can be set permanently, or to expire after 1 day or 1 week.
Filter by MAC Address
The ability to allow or deny a computer by its MAC address ensures that malicious or unwanted users are unable to bypass security filters.
Server Firewall Protection Servers Only
VisNetic Firewall for Servers supplies a strong defense mechanism for host computers against data intrusion, attack, theft or damage. Incorporating all of the features of the workstation version, VisNetic Firewall for Servers includes extended features allowing Time-Sensitive Rules, Real-Time Activity Viewing, Selective Control of Other IP Protocols and more.
Selective Control of Other IP Per Device Servers Only
VisNetic Firewall for Servers may be configured to filter protocols other than IP protocols selectively. Examples of other protocols that VisNetic Firewall will filter include IGMP and GRE. The benefit of blocking these protocols independently, rather than globally, is that selective filtering can take place per device. As an example, GRE is a protocol used for many VPN implementations and is often ignored by a firewall as trusted traffic; whereas IGMP is a protocol of choice for some attacks. With this feature, an Administrator may allow GRE through the VPN, while blocking IGMP. Examples of a device include an internal network interface card (NIC), an external NIC linked to a cable modem connecting to the Internet, or a Dial-Up Adapter used to connect to an ISP (Internet Service Provider).
Port Activity Monitor Servers Only
Provides administrators with a live view of what ports are active and what applications are using them, similar to the "netstat" command.
Time Sensitive Rules Servers Only
Configure rules to only be active during certain days of the week, and/or certain times of the day. For instance, you can create a rule specifying that web browsing is only allowed on weekdays from 8:00 a.m. - 5 p.m.
Connections Viewer Servers Only
View all active connections through the firewall in real-time. This feature is a useful administrative trouble-shooting tool, and provides informative data; for example, how many external users are currently at your web site, etc.
Firewalls protect information stored on a computer or network of computers from unauthorized access. Designed to study each packet, a firewall guards against unwanted intrusions or attacks by determining the packet origin and destination. This information is used to determine whether to allow or deny its access through the firewall.
SYN Flood Protection
A SYN flood is a large number of valid-looking connection attempts that can overwhelm a server and prevent it from being able to accept connections from legitimate users. VisNetic Firewall recognizes when a SYN flood occurs and prevents it from interrupting normal server operation. When the SYN flood is detected, a log message is generated and "SYN cookies" are used so that valid connections can be made and SYN flood connection attempts are ignored. Once the SYN flood ends, SYN cookies are no longer used.
The IP Tracer allows the user to right click on an 'allowed' or 'blocked' log entry packet, select "Who is IP Address", and search for that remote system's IP address. This permits the user to search for an IP address of a possible hacker performing a broadcast or an attack on their network. The option to perform a simple reverse DNS is also available.
Sequence Number Hardening
Sequence Number Hardening helps protect Windows from spoofed TCP connections resulting from initial sequence number (ISN) guessing. Windows 2000 is considered "slightly vulnerable" to ISN guessing, and the ISNs in Windows 9x are considered "100% predictable". This feature improves the randomness of the sequence numbers, thereby helping to compensate for vulnerabilities inherent in Windows.
Stateful inspection delivers firewall protection beyond pure packet filtering. Rather than simply verifying the packet source and destination, Stateful Inspection ensures the legitimacy of the packet by matching its presence to an actual request. For example, rather than accepting all ping replies, VisNetic Firewall will permit a ping response only following a confirmed ping request. This example is pertinent because certain DoS (Denial of Service) Attacks can initiate with an unending stream of ping responses to overwhelm and crash a server. Without Stateful Inspection, this attack would be undetected and unblocked.
Simplify your ruleset and tighten security by creating rules using port, IP and MAC address groups. Using groups, you can create one rule that applies to multiple ports, IP addresses or MAC addresses.
Stand-alone PC or Workstation Firewall Protection
VisNetic Firewall for Workstations effectively guards the computer of a mobile professional, telecommuter or power-user in stand-alone, networked or changing environments. More than a simple personal firewall, VisNetic Firewall for Workstations offers customized security through user-defined rule creation and the ability to configure devices individually. Examples of a device include an internal network interface card (NIC), an external NIC linked to a cable modem connecting to the Internet, or a Dial-Up Adapter used to connect to an ISP (Internet Service Provider).
Network Firewall Protection
Placing VisNetic Firewall for Servers on the gateway computer or proxy server accessing the Internet on behalf of the network expands the security to the entire LAN. The whole network is then protected from attacks originating outside of the network.
VisNetic Firewall utilizes a Configuration Wizard during software installation. The Configuration Wizard automatically creates the rules for the user. It does this by asking a series of questions relating to the environment in which the firewall is being installed. The answers provided in the Configuration Wizard establish the initial rules VisNetic Firewall will follow. The Configuration Wizard eases set-up and ensures comprehensive protection immediately upon installation.
Rules Based Protection
Rules established in VisNetic Firewall dictate how the software handles incoming and outgoing packets. The rules defined within the software detail instructions for the firewall for what traffic to allow and what traffic to block. Rules utilize parameters such as source and destination IP addresses, source and destination ports, direction of traffic (i.e. inbound and/or outbound) and protocol.
Separate Rule Sets for Each Network Adapter
VisNetic Firewall allows the Administrator to maintain a separate set of rules to be applied to each network adapter in the system. The Administrator can then configure a set of rules to be applied to traffic passing over the external/Internet interface, while having a separate set of rules that apply to traffic through the internal/LAN interface.
Easy Importing/Exporting of Rules
Deploying VisNetic Firewall across a number of workstations or servers is simplified by the ability to Export and Import rules. These rule subsets can be shared amongst VisNetic Firewalls running on different operating systems, which is particularly helpful for computer consultants reselling VisNetic Firewall.
Smart Copy enables the user to Copy/Cut/Paste (Ctrl-C/Ctrl-X/Ctrl-P) rules from one device to another. For example, simply Copy a useful internal rule and Paste it to the external rule set instead of recreating it manually.
Separate Filtering and Rules Per Device
VisNetic Firewall allows filtering to be enabled or disabled per device. Examples of a device include an internal network interface card (NIC), an external NIC linked to a cable modem connecting to the Internet, or a Dial-Up Adapter used to connect to an ISP (Internet Service Provider). If filtering is enabled, unique rules established for each device control the data permitted to pass through the firewall. If filtering is disabled on a given device, the firewall will not filter any traffic traveling through said device. Based on how a particular device is used and the security it requires, the need for filtering and rules may be customized to route or deny packets appropriately through that device, without affecting other devices. VisNetic Firewall not only guards the network from unknown threats, but also preserves access for trusted sources.
With logging enabled, the firewall will record the following fields: the device the request was made to, the action firewall took (i.e. blocked), the direction the traffic was flowing from (inbound or outbound), the source and destination IP addresses, the protocol, the source and destination ports, and the date/time of the event. Each log entry follows a standard, comma delimited format enabling the data to be imported into spreadsheets or other analysis tools. From this data, the VisNetic Firewall administrator can determine how the firewall is handling traffic and if additional rules are required. Right clicking on any logged event can quickly create a rule tailored to the selected log entry.
When Administrator-specified rules are "hit", Email Notification can be provided to the email address selected by the Administrator. For example, if a rule is created to block an attempt at the port used by Back Orifice or NetBus, VisNetic Firewall can be configured to block and log the packet followed by sending an email to the Administrator as notification that an intrusion was attempted. Email Notification will be sent via a text message including the device number, rule number and rule description.
The configuration of VisNetic Firewall is protected by password security. To access or change the settings of VisNetic Firewall, including filtering, rules and logs, the user must authenticate with a password. This protection ensures that the settings of the firewall remain intact and tamper-proof.
Log File Export Scheduling
The Log Files of VisNetic Firewall may be automatically exported and sent via email at a specified time (such as daily, monthly, etc.). This allows the Administrator to remotely monitor the firewall on a regular basis, overseeing the protection of the computer(s) it shields.
Allow or Block Non-IP or Other IP Per Device
VisNetic Firewall may be configured to allow or block protocols other than common IP protocols. Examples of common IP protocols include TCP (such as HTTP, SMTP, POP3, and FTP), UDP, and ICMP. Examples of non-standard protocols include IGMP and GRE. Examples of Other IP include NetBEUI and IPX/SPX. VisNetic Firewall filters on each of these protocols to extend the firewall capability to the majority of protocols used for networking. Examples of a device include an internal network interface card (NIC), an external NIC linked to a cable modem connecting to the Internet, or a Dial-Up Adapter used to connect to an ISP (Internet Service Provider).