Products

Embedded & Automation Solutions Engineering
Test & Measurement
Network & Security
Satellite Communication

Products :: Network and Security :: Arkoon Network Security :: Fast360

The FAST360 product line is Arkoon’s family of UTM appliances. FAST360 appliances integrate a full range of security technologies (firewall, VPN, antivirus, antispam, web filtering), network services (NAT, VLAN, dynamic routing); and QoS features (bandwidth management, link load balancing).

Advantages

  1. Install security that corresponds to your business needs
    Guarantee the security and availability of your network and your key applications:
    • A wide range of appliances offering performances adapted to your needs (up to 4Gbps)
    • Capable of being integrated in a transparent way in the existing network
    • Providing QoS and availability functions
  2. Protect your network from current and future threats
    Cover the entire spectrum of network threats
    Offer maximum reactivity when faced by new threats
    • Appliances integrating Firewall, VPN, IDPS, antivirus, antispyware, antispam, Web motor filtering
    • Analysis of more than 20 application protocols
    • Update in real time, 24/24 and remotely, and proactivity of the motors thanks to the use of generic signatures
  3. Anticipate Voice/Data convergence and protect VoIP
    Ensure VoIP availability
    Manage convergence
    • Centralisation of voice and data protection
    • Protection of VoIP applications (protocols and flow correlation)
    • Fireconverge® = unique innovative software interface so that the VoIP security is synchronised with the company telephony rules


Firewall (FAST – Fast Applicative Shield Technology)

  • Real time Firewall technology at the heart of FAST360 systems
  • Analysis of network protocol conformity, transport and applications:
    • HTTP, ftp, smtp, pop3, nntp, dns, dns udp, h323, SQLNet, snmp, flux netbios, imap4, rtsp, ssl, SIP, MGCP, RTP, RTCP
    • Control or restriction of use and protection against threats: Flux P2P, IM, Skype
  • Technology patented by Arkoon and Common Criteria certified at level EAL2+

IDPS (Intrusion Detection and Prevention System)

  • Extension of FAST technology to detect applicative attacks with no protocol violation
  • “Cut-off” mode (attack blocking) or “Standby” mode (alert)
  • More than 900 signatures, automatically updated remotely
  • Contextual analysis:
    • Only attacks relevant to the analysed connection are sought
    • Detection of a signature is weighted by the context

VoIP protection

Analysis in real time of VoIP H.323, SIP, MGCP, SDP, RTP/RTCP protocols:

  • Adaptive Filtering:
    VoIP FAST modules communicate between themselves to adapt the analysis of the media flow to that of the signal flow.
  • Fireconverge:
    An intelligent software interface to synchronise the VoIP security policy and the telephony policy

VPN IPSEC

  • Site to site and roaming mode
  • Extremely high interoperability
    • Standard IPSEC compatibility
  • Support of external PKI and the authentication mechanisms
  • Simple operation
    • Support of meshed and hierarchical architectures
    • Definition of VPN communities
  • Support of help links and load distribution

Antivirus / Antispyware

  • Antivirus and antispyware motor analysing Web flow (http), file transfer (ftp), incoming and outgoing messaging (smtp, pop3)
  • Technology supplied and supported by SOPHOS (largest laboratory in Europe for the fight against malicious codes)
  • Exclusive genotype, viral technology that proactively uses generic signatures to block malicious codes derived from known virus families
  • More than 100 000 signatures automatically updated, remotely and centralised

Antispam

Antispam analysis on the SMTP and POP3 flux.

  • Standard:
    Analysis of e-mail source addresses with regard to the blacklists supplied by the public servers (DNS BL)
  • Optional:
    “Real-time” antispam,this technology enables content analysis of both incoming and outgoing e-mails (via SMTP and POP3 protocols).Depending on the result of the analysis, the spam may be deleted or quarantined for the user or centrally

URL filtering

  • Standard:
    • URL filter based on 13 “open source” black lists, automatically updated.
    • Customised black lists (URL or key words)
    • Capacity to work in “white list” mode with parameters set by the administrator
    • Controlled access to Web sites according to the times of users or groups of users
    • Authentication on an intern al or external database (LDAP, Active Directory, NT etc)
    • Blocking “hostiles applets”: ActivX, scripts Java etc
  • Optional:
    • 56 additional categories, public, international and global (pornography, violence, drugs)

Network services

  • VLAN management (support 802.11q)
    • Filtering and interconnection
    • Support of 4095 Vlans
  • Translation mechanisms
    • NAT static, NAT network, PAT and masking
  • Operation in bridge mode
  • Static and dynamic routing
    • Rip, OSPF, BGP
  • Aggregation of 802.1d links
  • DHCP Server and Relay* Support

Availability

  • QoS
    • Reservation or restriction of bandwidth per application, user, time, access interfaces
    • DiffServ Compatibility (norm 802.1q)*
  • Load distribution and help function on several Wan links
    • on Wan and VPN IPSEC links
  • High availability
    • Active-passive mode
    • Conservation of active connections