RBTi
HomeSolutionsServicesProductsContact Us
OverviewPerimeter ProtectionContent FilteringEnd Point SecuritySecure Network AccessInformation ManagementWireless SecurityManaged/Hosted SecurityAuthenticationVirtual SecuritySecure MessagingPoint of Sales Security (POS)Penetration TestingRisk AssessmentCompliance AssessmentNetwork DiscoveryDeployment ServicesTraining & CertificationPCI ComplianceGovernment ContractsRBTi eStore

Home > Solutions > Perimeter Protection
  Print  Contact Us


Firewall Solutions

A firewall's basic task is to regulate the flow of traffic between computer networks of different trust levels. Typical examples are the Internet which is a zone with no trust and an internal network which is a zone of higher trust. A zone with an intermediate trust level, situated between the Internet and a trusted internal network, is often referred to as a "perimeter network" or Demilitarized zone (DMZ).

Web Application Firewalls

Web application firewalls (WAF) are a new breed of information security technology designed to protect web sites from attack. WAF solutions are capable of preventing attacks that network firewalls and intrusion detection systems can't, and they do not require modification of application source code. As today's web application attacks expand and their relative level of sophistication increases, it is vitally important to develop a standardized criteria for product evaluation.

UTM Solutions

UTM Solutions are network firewalls that have many features in one box, including junk e-mail filtering, anti-virus capability, an intrusion detection (or prevention) system (IDS or IPS), and URL content filtering, along with the traditional activities of a firewall. These are application-layer firewalls that use proxies to process and forward all incoming traffic, though they can still frequently work in a transparent mode that disguises this fact.

Intrusion Prevention/Detection

An intrusion detection system (IDS) generally detects unwanted manipulations to computer systems, mainly through the Internet. The manipulations may take the form of attacks by crackers. An intrusion detection system is used to detect many types of malicious network traffic and computer usage that can't be detected by a conventional firewall. This includes network attacks against vulnerable services, data driven attacks on applications, host based attacks such as privilege escalation, unauthorized logins and access to sensitive files, and malware (viruses, trojan horses, and worms). An IDS is composed of several components: Sensors which generate security events, a Console to monitor events and alerts and control the sensors, and a central Engine that records events logged by the sensors in a database and uses a system of rules to generate alerts from security events received.

Application and Network High Availability

High-availability clusters (also known as HA Clusters or Failover Clusters) are computer clusters that are implemented primarily for the purpose of improving the availability of services which the cluster provides. They operate by having redundant computers or nodes which are then used to provide service when system components fail. Normally, if a server with a particular application crashes, the application will be unavailable until someone fixes the crashed server. HA clustering remedies this situation by detecting hardware/software faults, and immediately restarting the application on another system without requiring administrative intervention. As part of this process, clustering software may configure the node before starting the application on it. For example, appropriate filesystems may need to be imported and mounted, network hardware may have to be configured, and some supporting applications may need to be running as well.



  
© 2007 RBTi| Privacy Policy| Legal| Home| Solutions| Services| Products| Careers