Symantec was at one time an important player in the security appliance business but has withdrawn from the hardware side of the market and now focuses on security management and services. The Symantec Raptor firewall, acquired from Axent, is a popular legacy firewall but has by now been overtaken in performance and features by firewall appliances from current vendors. The Raptor provides security by hiding the system and address information on an intranet from the outside world, processing all network traffic through configurable rules that enforce a company's security policies. The Raptor automatically blocks ports to protect systems that have inadvertently been misconfigured, runs spam filtering while querying the Realtime Blackhole List of known spammers to prevent a firewall from acting as an email spamming relay, and proactively monitors and logs suspicious activity.
Symantec's newer VelociRaptor firewall/VPN appliance, which like the Raptor is discontinued, provides tighter security and better performance than the Raptor and was designed to extend what was once considered enterprise-class security to smaller businesses and branch offices. Symantec VelociRaptor incorporates the security architecture of the Symantec Enterprise Firewall engine to provide full-inspection and continuous system hardening for protecting both the Internet gateway and subnets of corporate LANs and WANs, while providing a safe connection to the Internet. VelociRaptor's data inspection technology filters traffic and integrates application-level proxies, network circuit analysis, and packet filtering into the perimeter security architecture.
Progent's firewall experts have extensive backgrounds supporting legacy firewall appliances from Symantec and other vendors and can provide online consulting and troubleshooting services to help you manage and maintain your existing security infrastructure or provide guidance on migrating to more current technology that can add significant business value to your information network.
VelociRaptor incorporates Symantec's Symantec Enterprise VPN technology, a proxy-secured VPN solution that includes the Advanced Encryption Standard (AES) to provide VPN security at speeds three-times faster than the older Triple Data Encryption Algorithm (3DES) technology was able to achieve. VelociRaptor's VPN function supports the Public Key Infrastructure (PKI) to extend enterprise networks and deliver secure site-to-site remote access to corporate LANs. Additionally, since the VelociRaptor filters data through its proxies after the data has been received and decrypted, Symantec Enterprise VPN also protects against threats that reside within the network perimeter. The full VPN option provides secure remote-to-site tunnels for telecommuters and other remote users equipped with the Symantec Enterprise Firewall/VPN client and personal Firewall. The VelociRaptor does not have integrated support for SSL VPN.
Symantec VelociRaptor includes a GUI-based management system that allows configuration of scalable gateway protection. The Symantec Raptor Management Console gives administrators control over local and remote Symantec VelociRaptor appliances via an Internet connection. The management console simplifies the creation of user and group policies and the establishment of procedures for email alerts, pager notifications and, in the event of a network attack, SMTP traps.
Symantec VelociRaptor Firewall/VPN appliances have a variety of authentication options such as OOBA (out-of-band authentication), LDAP servers, BellCore S/KEY, Gateway Password, CryptoCard, and SecurID. The VelociRaptor also supports the TACAS+ and Radius authentication protocols. The Symantec Raptor Management Console lets administrators export network usage data such as VelociRaptor log files covering session durations, byte counts, URLs, user names, and authentication methods. Administrators can use log information to create statistical and session-trend reports. Log files are rotated each 24-hour period and can be exported to other reporting software such as WebTrends or to general-purpose databases to perform custom analysis.
Symantec VelociRaptor has several integrated options that can be activated to enhance the appliance's performance and functionality. A built-in high-availability/load-balancing (HA/LB) option provides failover and maximum uptime for high-volume sites. Activating the HA/LB option allows for the clustering of up to eight Symantec VelociRaptor appliances, enabling the sharing of traffic loads among multiple security devices and the expansion of capacity as network loads grow. Through HA/LB, Symantec VelociRaptor solutions can scale from small business environments of 100 nodes or less to enterprise networks of up to 10,000 nodes. VelociRaptor performance can scale from 20 Mbps up to 500 Mbps, which is far exceeded by the latest generation of firewall/VPN devices.
How Progent Can Help with Symantec Firewall/VPN Appliances
Progent's Symantec consultants can help you maintain legacy Symantec firewall/VPN appliances or help you upgrade to more up-to-date solutions. Progent can also help you plan and execute a comprehensive security strategy that can include firewall/VPN appliances and software, managed security and virus protection services, monitoring tools, and formal policies and enforcement procedures. Progent has the expertise to be your go-to source for on-going technical support, maintenance, training and consulting for company-wide security.
Progent's security engineers have earned security certifications recognized worldwide including CISM, CISSP-ISSAP, CISA, and GIAC. Progent's experts can help small and mid-size businesses throughout the U.S. to design, deploy, manage, and troubleshoot a cost-effective, high-availability security infrastructure that delivers the right balance between protection and performance and that complies with industry and regulatory standards. Security consulting services offered by Progent include:
Contact Progent for Security Consulting and Troubleshooting
To contact Progent about support for Symantec security appliances, call Progent at