Endian UTM Hardware Appliance
Eine komplette Palette speziell entwickelter Appliances mit unserer UTM-Software, passend für jedes Sicherheitsbedürfnis - von Geschäftsniederlassungen und Industrieanlagen bis hin zu großen Netzwerken.
Kernelement des Endian-Ökosystems ist das EndianOS. Dieses Betriebssystem setzt den Fokus auf Sicherheit und bildet die Basis der gesamten Secure Digital Platform. Es bietet den kompletten Netzwerk-, Sicherheits- und Verbindungs-Stack in einer intuitiven und einfach zu bedienenden Lösung.
Network zone isolation and policy support |
Support for up to 32 internal network zones |
Multiple WAN |
Quality of service and bandwidth management |
Advanced TCP window scaling |
Support for untagged VLAN traffic |
Bonding mode configuration (UI) |
NTP (Network Time Protocol) |
DHCP server |
DHCP relay support |
SNMP server |
Dynamic DNS (DDNS) |
NAT (Network Address Translation) |
Static NAT |
Dynamic NAT |
PAT (Port Address Translation) |
IP Masquerading |
Full Cone NAT |
IPsec NAT traversal |
Routing |
Static routes |
Source-based routing |
Destination-based routing |
Policy-based routing |
Bridging |
Unlimited interfaces per bridge |
Transparent bridge mode |
OSI layer 2 firewall functionality |
Spanning tree |
Intrusion Detection & Prevention |
Deep packet inspection technology to detect or block advanced threats |
IDS Mode offers high performance threat detection |
IPS Mode offers powerful security to block threats in real-time |
Create security policies using threat categories |
Large signature database (over 20k signatures) |
Support for uploading custom signatures |
Application & DNS Security |
Deep packet application inspection and identification |
Block by application control (incl. Facebook, Twitter, Skype, WhatsApp...) |
DNS proxy filters network traffic for malware |
DNS proxy and routing ensures DNS security |
DNS-based phishing protection |
Firewall |
Geo-IP firewall filtering (block/allow traffic by country) |
Time-based firewall rules (day of week / time of day) |
Support for VoIP/SIP |
DoS & SYN/ICMP flood protection |
HTTP/HTTPS Proxy |
Multiple proxy modes: transparent, non-transparent and transparent bridge |
HTTPS proxy modes: decryption or URL-based (no decryption) |
Support for proxy whitelists and blacklists |
Cache management capabilties |
Support for upstream proxy server |
Security Features |
HTTP, HTTPS, FTP URL and antivirus filtering |
Easily block inappropriate, time-wasting or malware sites using filtering categories |
Build complex access policies based on time, mime-type, useragent and more |
Bitdefender URL filtering engine |
Bitdefender anti-malware engine |
SafeSearch enforcement |
User Management & Authentication |
Authentication methods include: Local, RADIUS, LDAP, Active Directory |
Support for NTLM single sign-on |
Group-based and user-based web access policies and filtering |
SMTP/POP3 Proxy |
Support for transparent and non-transparent proxy |
Bi-directional SMTP filtering (inbound and outbound) |
Block files by filetype (extensions) |
Advanced inbound/outbound mail routing |
Support for Delivery Status Notification (DSN) |
Support for smart host delivery (mail relays) |
Security Features |
Anti-spam with bayes, pattern and SPF |
Dual spam detection engines (with auto learning) |
Anti-virus email filtering and quarantine |
Support for multiple RBLs (real-time blacklists) |
Support for greylisting |
Bitdefender Anti-spam Engine |
Bitdefender Anti-malware Engine |
Email Quarantine Management |
Web-based quarantine monitoring and management |
SPAM quarantine notification options |
IPsec |
VPN Site-to-Site: Pre-Shared Key and X.509 certificate |
VPN Remote Access (Roadwarrior): L2TP, XAuth, or Raw IPsec |
Remote access platform support: iPhone/iPad (iOS), Android, Mac OS X, Windows |
Support for modern encryption algorithms |
Support for modern hashing algorithms |
Support for Diffie Hellman (DH) mode selection |
Support for IKEv1, IKEv2 |
Dead Peer Detection (DPD) |
NAT traversal |
Perfect Forward Secrecy (PFS) |
Compression |
OpenVPN |
VPN Site-to-Site: Pre-Shared Key, X.509 certificate or both |
VPN Remote Access (Roadwarrior) |
Endian SSL VPN client: Mac OS X, Windows |
Support for mobile SSL VPN: iPhone/iPad (iOS), Android |
Support for multiple SSL VPN server instances |
Support for VPN over HTTP Proxy |
Support for bridged or routed server configuration |
Support for VPN failover |
Push DNS, network routes and domain suffix information to clients |
Control client-to-client communication |
VPN Portal (Reverse Proxy) |
Provision secure access to internal HTTP/HTTPS resources |
Configurable portal page |
Support for multiple destinations |
Destination-based authentication |
SSL offloading |
User Management & Authentication |
Authentication methods include: Local, RADIUS, LDAP, Active Directory |
Unified user/group management for OpenVPN, L2TP, XAUTH, VPN Portal |
Integrated support for one-time password (OTP) |
Integrated certificate authority |
External certificate authority support |
User password and certificate management |
Support for Let’s Encrypt certificates |
Configurable captive portal |
Use your website as portal (SurfNowButton)S) |
Free access to allowed sites (walled garden) |
Wired / wireless support |
Integrated RADIUS service |
Connection logging |
Bandwidth limiting based on user, ticket or global settings |
Social login (Facebook, Google) |
Social Enabler (sharing on social networks) |
MAC-address based user accounts |
Configurable multiple logins per user |
User accounts import/export via CSV |
User password recovery |
Automatic client network configuration (support for DHCP and static IP) |
Fully integrated accounting |
Generic JSON API for external accounting and third party integration |
Instant WLAN ticket shop (SmartConnect) |
Single-click ticket generation (Quick ticket) |
SMS/e-mail user validation and ticketing |
Pre-/postpaid and free tickets |
Time-/traffic-based tickets |
Configurable ticket validity |
Terms of Service confirmation |
MAC address tracking for free hotspots |
Cyclic/recurring tickets (daily, weekly, monthly, yearly) |
Remember user after first authentication (SmartLogin) |
Multi-location setup through master/satellite configuration |
External authentication server (Local, LDAP, Active Directory, RADIUS) |
Feature supported in high availability |
High Availability |
Support for clustering up to 3 devices together in active-passive mode |
Easy web-based UI for quick HA setup (with feedback) |
Node data/configuration synchronization (not for BYOD/Hotspot) |
WAN Failover |
Create failover policies between available WAN interfaces |
Support for unlimited WAN interfaces (based on interface availability) |
Automatic failback support |
Backup & Recovery |
Easily backup and restore appliance configurations |
Support for storing backups on attached USB stick |
Customizable options to determine backup contents |
Create schedule backups: daily, weekly or monthly |
Send scheduled backups via email |
Event Management |
Setup event notifications for device and user events |
Support for email and SMS notifications |
Create custom scripts to be triggered by event |
Custom scripts powered by Python scripting engine |
Device Management |
Easy and secure web-based UI for managing appliance |
Full command-line access via SSH or serial console |
Web console provides serial console over secure web UI |
One-click to enable secure remote appliance support |
Centralized, secure access to any Endian appliance via Endian Network |
Multi-language support: English, Italian, German, Japanese, Spanish, Portuguese, Chinese, Russian, Turkish |
Software Management |
Easy web UI for managing software updates |
Schedule automatic software update checks and notifications |
Centralized, secure software updates/upgrades via Endian Network |
Network Awareness |
View real-time network activity and bandwidth |
Discover top user activity, applications, bandwidth consumption and more |
Reporting |
View reports for all major system features |
Detailed system, web, email, attack, virus and user reports |
Real-time log analysis with live log viewer |
Detailed user-based web access report |
Network, system and performance statistics |
Logging |
Web-based log viewer for system, services and VPN logging |
Rule-based logging settings (firewall rules) |
Support for local or remote syslog logging |
OpenTSA trusted timestamping |
Docker Engine and CLI included |
Enables hybrid/remote applications or micro-services |
Requires much less hardware and software resources than full-machine virtualization |
Reduce network latency and provide offline access to remote applications |
Increased application portability and faster software development and delivery |
Eine komplette Palette speziell entwickelter Appliances mit unserer UTM-Software, passend für jedes Sicherheitsbedürfnis - von Geschäftsniederlassungen und Industrieanlagen bis hin zu großen Netzwerken.
Verbinden und schützen Sie Ihre virtuellen Netzwerke und Infrastrukturen. Unterstützung aller führenden Hypervisor-basierten Plattformen, einschließlich VMware, Xen/XenServer, KVM und Hyper-V.
Die Software-Appliance ist ideal für alle, die die vorhandene Hardware (x86_64) für ihre Netzwerk- und Sicherheitsanforderungen nutzen möchten.