Computer Network Security and Virus and Spam Protection

Symantec offers a large family of Firewall/VPN solutions including software, appliances and integrated products. The Symantec Raptor Firewall acquired from Axent is designed to provide comprehensive security by hiding system and address information on your intranet from the outside world, processing all network traffic through rules that are consistent with your company's security requirements, automatically blocking ports to protect the systems that have inadvertently been misconfigured, enabling anti-spamming technology that prevents your Firewall from acting as an email spamming relay while querying the Realtime Blackhole List of known spammers, and proactively monitoring and logging suspicious activity.

Symantec's newer VelociRaptor Firewall/VPN appliance combines high security and high performance, making it easy and cost-effective to extend enterprise-class security to smaller businesses as well as branch offices of larger organizations. Symantec VelociRaptor offers enterprise-class security by incorporating the security architecture of Symantec Enterprise Firewall. Utilizing full-inspection technology and continuous system hardening, Symantec VelociRaptor is able to protect both the Internet gateway and subnets of corporate LANs and WANs, while providing a fast and robust connection to the Internet, regardless of the size of the network. VelociRaptor’s data inspection technology filters traffic and integrates application-level proxies, network circuit analysis, and packet filtering into the perimeter security architecture.

VelociRaptor integrates Proxy Secured Symantec Enterprise VPN that includes AES (Advanced Encryption Standard) to provide high-level VPN security at speeds three-times faster than conventional 3DES technology. Its VPN supports the Public Key Infrastructure (PKI) so that VelociRaptor can extend enterprise networks and deliver secure site-to-site remote access to corporate LANs. Additionally, since it can filter data through its proxies after the data has been received and decrypted by the Symantec VelociRaptor appliance, Symantec Enterprise VPN also provides an extra level of security against threats that reside within the network perimeter. The full VPN option provides secure remote-to-site tunnels for telecommuters and other remote users equipped with the Symantec Enterprise Firewall/VPN client and personal Firewall.

Symantec VelociRaptor includes a GUI-based management system that enables easy configuration of scalable gateway protection for networks of any size. Using the Symantec Raptor Management Console gives administrators control over both local and remote Symantec VelociRaptor appliances via any Internet connection. It also allows them to establish procedures for email alerts, pager notifications, and SMTP traps (in the event of network attack) as well as create configurable policies for users and user groups.

Symantec VelociRaptor Firewall/VPN appliances come with a wide variety of authentication options from which administrators can choose, such as OOBA (out-of-band authentication), LDAP servers, BellCore Skey, Gateway Password, CryptoCard, and SecureID. It also supports the TACAS+ and Radius authentication protocols. With the Symantec Raptor Management Console, administrators are able to export a wealth of network usage data, such as the log files generated by Symantec VelociRaptor covering session durations, byte counts, URLs, user names, and authentication methods. Administrators can use log information to create detailed statistical and session-trend reports. Log files are rotated each 24-hour period and can be imported to other reporting software such as Telemate.com or WebTrends, or exported to databases to perform custom analysis. Symantec VelociRaptor offers several integrated options that can be activated to enhance the appliance's performance and functionality. A built-in high-availability/load-balancing (HA/LB) option is available to provide failover and maximum uptime for high-volume sites. Activating the HA/LB option allows for the clustering of up to eight Symantec VelociRaptor appliances, enabling the sharing of traffic loads among multiple security devices and the expansion of capacity as network loads grow. Through HA/LB, Symantec VelociRaptor solutions can scale from small business environments of 100 nodes or less to large enterprise networks of up to 10, 000 nodes.

Performance throughput can scale from 20 Mbps up to 500 Mbps. Symantec VelociRaptor also offers additional integrated options for full remote-to-site VPN functionality and WebNot URL filtering and blocking.

How Progent Can Help with Symantec Firewall/VPN Appliances
Progent's Symantec consultants can help you maintain earlier versions of Symantec Firewall/VPN appliances such as the Raptor or help you upgrade to more recent technology from Symantec or other vendors. Progent can also help you plan and execute a comprehensive security strategy that can include Firewall/VPN appliances and software, managed security and virus protection services, monitoring tools, and formal policies and enforcement procedures. Progent has the expertise to be your single source of on-going technical support, maintenance, training and consulting for company-wide security.

Find out how to contact a Progent security consultant.