B DOUBNSFDPONHDTOPH · 2020-07-08 · information about threats detected in detail, allowing a...
Transcript of B DOUBNSFDPONHDTOPH · 2020-07-08 · information about threats detected in detail, allowing a...
B DOUBNSFDPONHDTOPH
Highlights
• Advanced Application Control:
Easily manage access to Web Applications like Facebook, LinkedIn, Google, Twitter, Dropbox, among others.
• Advanced Threat Protection:
Innovative security against advanced malware and call back.
• Centralized Management:
Easily manage multiple devices with Blockbit GSM (Global Security Management), which has native integration with Blockbit Next-Generation Firewall. Manage device profiles, administration and automation, inventory and monitoring.
• Unified Policy and Reporting Dashboard:
Agile access control, with application of policies by groups of users, which unifies resources in a simple and innovative way. Customize and automate management and detailed reports.
• Timeline:
Timeline per user showing the history with all accesses, applications and threats detected in a simple way.
• Reduce cost and time to implement:
Centralize settings and automatically distribute them to remote assets. With the ZTP (Zero-Touch Provising) feature, it is possible to reduce time and cost with the implementation.
Key Features
Next-Generation Firewall The Blockbit Platform is much more than a firewall. Combining the most advanced network management technology with advanced detection and protection capabilities against digital attacks and threats. Blockbit NGFW (Next-Generation Firewall) simplifies the creation of complex security rules and policies, using addresses, users, user groups, applications, threats and services in their settings, which can be named to facilitate understanding of policies and ensure total control of your environment.
Zero-Touch Providing With the ZTP (Zero-Touch Provising) feature, it is possible to pre-configure security policies and automatically implement them on the linked remote device, as soon as it receives a network connection. This reduces the complexity of the installation and, consequently, the saving of financial and technical resources.
SSL Inspection Most information that travels on the web uses encrypted connections. Blockbit Platform features SSL decryption for traffic inspection, ensuring full access control and applying advanced features such as ATP, Content Filter and Anti-Malware.
Content Filtering The Blockbit Platform has more than 46 million addresses classified in more than 88 categories. This information, together with SSL inspection, allows you to fully control access to online content, which can be configured by user, user groups, IPs, bandwidth, connection priority, links, different browsers and their versions. You can also set limits on the size of files to download, running web applications, allowed browsing time and more.
Application Control The advancement of the Internet has allowed the creation of applications such as Facebook, Youtube, Google Apps, Twitter, LinkedIn and Dropbox, which have become very popular and can impact the productivity of their teams if not used correctly. Blockbit Platform allows you to fully control Web Applications, restricting or allowing access according to your business rules.
IPS – Intrusion Prevention System Blockbit Platform continuously protects your network against the growing number of digital threats. O IPS has thousands of signatures for identifying threats in a database updated daily by Blockbit Labs. It is possible to create multiple protection profiles to apply them to different types of network traffic. In addition, the dashboard displays information about threats detected in detail, allowing a quick and efficient risk analysis.
ATP – Advanced Threat Protection Blockbit Platform has sophisticated security and intelligence technologies that detect and protect your company against known and unknown threats. Blockbit Platform can detect advanced malware such as Trojans and viruses, advanced persistent threats and malicious callback attacks. ATP can also block IPs with bad reputation in different categories (abusers, anonymizers, attackers, malware, reputation, spam) in addition to geolocation attacks.
SSL VPN The Blockbit Platform allows you to create secure access to applications on your network through a web portal that can be quickly configured and executed in any browser. The platform also supports client-to-site connection.
IPSec VPN The Blockbit Platform allows you to create virtual private networks with native tunneling encryption, which ensures interoperability with other products and increases security. Supports hub and spoke IPSec VPN architecture for both site-to-site ("Full Meshed" and "Star") and client-to-site (remote access) topologies.
QoS – Quality of Service The Blockbit Platform has an exclusive QoS feature that allows, via a centralized and local graphical interface, to prioritize traffic and control bandwidth according to the configured security and compliance policies, in addition to the classification of packages (Shaping). The advanced QoS feature categorizes connections according to their importance and makes it possible to prioritize packets using DSCP and TOS protocols.
SD-WAN Blockbit Platform offers a dynamic link balancing service for long distance connection, which allows you to connect your company to any location - branches, datacenters, cloud etc. You have more visibility about all activities in any location and integrate the SD-WAN with all Blockbit security features, being able to manage the entire environment from a single interface, making it easier to analyze results and make decisions about network optimizations.
High Availability The Blockbit Platform has native support for H.A. (high availability) implementations. The feature maintains a backup appliance, which goes into service immediately if the primary appliance fails. H.A. support mirrors firewall and user authentication sessions between the primary and secondary devices so that the switch over is transparent and fast.
Captive Portal The Blockbit Platform makes it easy to manage visitor access through authentication that the web browser uses. Captive Portal allows self-registration, personalization of access policies, content control, user management, exchange of passwords and personalized reports. In addition, it is possible to authenticate via social media accounts (Facebook, Google and Twitter).
Centralized Management Blockbit NGFW has native integration with GSM (Global Security Management), which makes it possible to manage multiple devices, with encrypted and authenticated connection through a central point. Enables centralized and local management of IPS / IDS and Anti-Malware functionalities, monitoring your events in an integrated manner.
Appliance Models
Model BB1* | BB2* | BB5* | BB10* Small enterprises
Model BB30* Small enterprises
Model BB50* | BB100* Medium-sized enterprises
Model BB500* | BB1000* | BB2000* Large Enterprises
Model BB10000* Corporations and Datacenters
Virtual Appliances
Firewall Throughput (UDP) Minimum Segments Maximum Segments
BBV 2 900 Mbps 2 4 BBV 5 2.0 Gbps 2 4 BBV 10 3.0 Gbps 2 4 BBV 50 4.0 Gbps 2 6 BBV 100 8.0 Gbps 2 6 BBV 500 12 Gbps 2 24 BBV 1000 20 Gbps 2 24 BBV 2000 30 Gbps 2 24 BBV 10000 40 Gbps 2 34
* merely illustrative images
Security Policies • Filtering Web content Web applications • Inspections SSL, IPS (Intrusion Prevention System). ATP
(Advanced Threat Protection) • QoS (bandwidth control/prioritization) • Multiple services • Security rules editor (Filtering policies) Enable and disable logs Types of action: allow, deny and reject Traffic simulator and policy finder Confliting Policy Detector
Web Cache • Proxy Transparent Active • Support for web services (HTTP and HTTPS
versions 1.0, 1.1 and FTP) • Configuration of web cache in memory and disk • Enabling dynamic contente web caching
(Facebook, Google Maps, MSN Video, Sourceforge Downloads, Windows Update, Youtube)
• Cache exception, configurable by regular expressions
• Proxy hierarchy with and without authentication • Support for HTTP Anti-Virus integration through
proxy hierarchy • Blocking message for the end user
Firewall • Policy with authentication option NAT (SNAT and DNAT) • Security DoS (Denial Of Service) Protection PortScan Protection Protection of invalid packages ICMP Sweep Protection Flood Protection (SYN, ICMP, UDP) ICMP (controls, transmission, redirection) PING (Echo/Request) Source routing Checksum Invalid logs TCP_be_liberal IP spoofing • TCP/UDP/ICMP/IP connection controls • Supports transparente mode (layer 2) • Supports gateway mode (layer 3) • Supports real time protocols
QoS – Quality of Service • Packet marking for traffic priorization (TOS and
DSCP) • Traffic control and bandwidth guarantee per
policy
IPS Intrusion Prevention System • Detection and prevention of attacks and intrusions
based on +60 thousand signatures and +65 categories • Preprocessors • Impact Levels Low Medium High • Protection agains threats at the application layer
(Exploit, Shellcode etc.) • Protection against malformed packages • DoS and DDoS Prevention • Prevention against PORT SCAN • Prevention of protocol anomalies (HTTP, SMTP, NTP,
NetBIOS, HTTPS, FTP, DNS, SMB, RPC, SSH and Telnet)
• Support for exception configuration by source or destination subscription
• Log record of incidences for each type of attack identified
• Automatic and periodic update • Decodes multiple Unicode formats • IP fragmentation and defragmentation • Policies applied to interfaces or security zones • Inline implementation support (bridge / transparent
mode)
Threat Protection
• Antivirus and Anti-Malware HTTP, HTTPS, FTP, POP3 and SMTP (native in the
solution) • Protection against unauthorized applications o (Packed, PwTool, NetTool, P2P, IRC, RAT, Tool, Spy) • Password protection against files • Anti-Malware Quarantine • Scanned file report • Identifies, classifies and blocks malware such as trojans,
spyware, worms and viruses • Allow reputation blockbing of the address classified in
6 categories: Spam, reputation, malware, attacks, anonymous and abuse
• Automatic and periodic update
SD-WAN
• Support for multiple configuration profiles Failover, Load Balance, Spillover and Performance • Monitoring link availability Verification by TCP, ICMP and HTTP protocol • Analysis for bandwidth consumption, packet loss,
jitter, latency • Analysis by bandwidth, packet loss, jitter, latency
Zero-touch Provisioning
• Automatic provisioning • Apply security templates at initial installation
Content Filtering • Content Filter • 88 categories, +47 million cataloged URLs,
Google domain login control, SafeSearch integration, Google, Bing and Yahoo, end user block message
• SSL Inspection Integration with ATP inspection • Web Application Control Facebook (Post, Like, Comment), LinkedIn (job
search), Gmail (Attachment), Twitter, Instagram and more
• SNI control by category • Website filtering, categorizing and reclassifying
by URL • LDAP, Radius and Microsoft Active Directory
User Authentication • Blocking by creating specific filters with textual
search engine • Invalid certificates blocking • Custom lists (whitelist and blacklist) • Captive Portal with social login (Facebook,
Twitter, Google) • Navigation quotas by time and/or traffic volume
VPN IPSec and VPN SSL
• VPN tunnel (LAN to LAN) • RAS VPN (remote access allows VPN cliente
access or direct support at the station without client)
• Authentication Pre-Shared Key, X-Auth (AD, LDAP, Local,
RADIUS), Digital Certificate, EAP (MSCHAPv2) • High Availability FQDN (Full Quality Domain Name) DDNS Support • NAT-T (UDP encapsulation) • DPD (Dead Peer Detection) • Exchange mode Main mode Aggressive mode • Compressed data support • Fragment Size (MTU) • Protocols IKEv1 and IKEv2 (for phase 1 and phase 2) ESP • VPN Clients • Suporta Auto-Discovery VPN (AD-VPN) Allows multiple devices (Spokes) with
centralized gateway (hub) Supports type-tunnels (Site-to-Site, Full Mesh,
Star) • Supports RSA and Diffie-Hellman algorithms • Supports X.509 v3 digital certificate • Supports enrollment of certification authorities • Support for RIPv2 and OSPFv3 routing
protocols • Support for certificates issued by certification
authority in the ICP-Brasil standard • Support for certificate revocation list (CRL)
verification • Clientless VPN • SSL certificate management (X.509)
Other Features • Interfaces o Ethernet o VLAN (IEEE 802.1q) up to 4096 per interface o DSL • SNMP v2 and v3 protocol support • H.A. (High Availability) / Active-Active and Active-
Passive • Date and time update with support for Network
Time Protocol (NTP) servers • Option of automatic and periodic updates of the
system for corrections and HTTPS web releases • Management dashboard • Disaster recovery (backup /restore) • Link aggregation o Ethernet bonding (802.3ad) • TCPDUMP (allows capture and download in
PCAP format) o User registration in authentication events, access,
blocking and threat events • Detailed event preview window • Disk maintenance tool • Proxy Services (HTTP, FTP, SMTP, POP3) • Exporting reports in multiple formats (PDF, CSV,
HTML)
• IPv6 NAT64, NAT46 and NAT66 • Storage o NFS o DISK (HDD) o SSH • Dynamic Routing BGP4 OSPF3 RIPv2 • Static routing (source and destination IP and port) • Policy-based routing • Synchronization of users and groups with servers • Windows AD and LDAP servers • Authentication • Local, Windows, AD / LDAP, SSO Windows (single
sign on) – unified authentication, X-Auth for VPN services, authentication on Radius servers, RSSO (radius single sign on), password complexity identifier
• TACACS+ support for administration users and firewall users
• LDAP integration for Blockbit Platform administration
• Snapshot • Support for multiple domain authentication • Resource objects o IP address o MAC address o Port services and protocols o Timetable o Table of period and dates o Dictionaries (set of words and/or regular
expressions) o Content types • DHCP (dynamic host configuration protocol) Relay Server • Recursive DNS • DDNS Client (dynamic DNS) NoIP.org DynDNS.com • Remote Syslog • CLI (command line interface for management
and diagnostics) • System and Security Notifications
Performance Specifications and Options
BB 1
BB 2
BB 5
BB 10
BB 30
BB 50
BB 100
BB 500
BB 1000
BB 2000
BB 10000
Firewall Throughput (UDP)
400 Mbps 900 Mbps 2 Gbps 3 Gbps 3 Gbps 4 Gbps 8 Gbps 12 Gbps 20 Gbps 30 Gbps 40 Gbps
Conexões Simultâneas 30.000 100.000 170.000 250.000 250.000 500.000 1.000.000 1.500.000 2.000.000 3.000.000 6.300.000
Conexões Novas por Segundo
6.000 13.000 14.000 17.000 17.000 30.000 55.000 80.000 110.000 150.000 200.000
NGFW Throughput (IMIX)1
50 Mbps 70 Mbps 100 Mbps 200 Mbps 200 Mbps 500 Mbps 800 Mbps 1.0 Gbps 1.3 Gbps 3.0 Gbps 4.0 Gbps
Web Filter Throughput 37 Mbps 100 Mbps 260 Mbps 500 Mbps 500 Mbps 900 Mbps 1.5 Gbps 2.0 Gbps 3.8 Gbps 8 Gbps 10 Gbps
SSL Inspection Throughput
30 Mbps 40 Mbps 100 Mbps 200 Mbps 200 Mbps 300 Mbps 420 Mbps 900 Mbps 1.2 Gbps 2.0 Gbps 3.0 Gbps
IPS Throughput 40 Mbps 500 Mbps 700 Mbps 1 Gbps 1 Gbps 1.2 Gbps 1.6 Gbps 4.0 Gbps 6.0 Gbps 7.0 Gbps 10 Gbps
Threat Protection Throughput
30 Mbps 44 Mbps 60 Mbps 130 Mbps 130 Mbps 150 Mbps 200 Mbps 800 Mbps 1.23 Gbps 1.9 Gbps 2.8 Gbps
IPSEC VPN Throughput (AES-128 + SHA256)
130 Mbps 250 Mbps 280 Mbps 350 Mbps 350 Mbps 700 Mbps 1.0 Gbps 1.5 Gbps 3.5 Gbps 6.0 Gbps 8.0 Gbps
SSL VPN Throughput (AES-128)
70 Mbps 100 Mbps 140 Mbps 250 Mbps 250 Mbps 520 Mbps 850 Mbps 1.3 Gbps 1.8 Gbps 3.0 Gbps 7.0 Gbps
Network Interfaces 4X GE RJ45
4X GE RJ45
4X GE RJ45
4X GE RJ45
6 X GE RJ45
6X GE RJ45
6X GE RJ45
8X GE RJ45
8X GE RJ45
8X GE RJ45
8X GE RJ45
Storage 32 GB
32 GB
32 GB
32 GB
32 GB
120 GB
120 GB
240 GB
240 GB
240 GB
480 GB
Optional
Solid State Drive (SSD) - 64/120 GB
64/120 GB
120/240 GB
120/240 GB
240 GB
240 GB
480 GB
480 GB
480 GB
600 GB
40GbE Network Module - 2 QSFP+ ports
- - - - - - - 1x 1x 1x 2x
10GbE Network Module - 4 SFP+ ports
- - - - - 1x 1x 1x 1x 1x 7x
1GbE Network Module - 4 SFP ports
- - - - - 1x 1x 1x 1x 1x 7x
1GbE Network Module - 8 RJ45 ports
- - - - - - - 1x 1x 1x 7x
10GbE Network Module - 2 SFP + ports
- - - - - 1x 1x - - - -
1GbE Network Module - 2 SFP ports
- - - - - 1x 1x - - - -
Redundant Power Source - - - - - - - Yes Yes Yes -
TESTS WERE PERFORMED IN LABORATORY USING AVALANCHE ON Blockbit Platform V1.5, WITHOUT USER SUMMARIZATION, IPS AND SERVICES, DISABLED APPLICATION DETECTORS, FIREWALL THROUGHPUT UDP 1518 BYTES PACKAGES , FIREWALL THROUGHPUT HTTP GET 1280Kb e PUT 1280K, IPS/ATP THROUGHPUT WITH FACTORY PATTERN SIGNATURES ENABLED. 1 NGFW performance is measured with Firewall, IPS and Application Control enabled, IMIX traffic.
Features by Subscription
Features Basic Standard Advanced
Next-Generation Firewall (NGFW)
Secure SD-WAN
WEB proxy
VPN IPSEC
VPN SSL
QoS
Cluster
Captive Portal
DHCP SERVER/RELAY
Hardware Warranty
URL Category Base
Intrusion Prevention System (IPS)
Gateway Antivirus
Threat Protection
Remote Support - 04 hours month