Category Archives: Firewall Training

Best business firewalls: Which firewall is suitable for your business?

Best business firewalls: Which firewall is suitable for your business?

There are countless options to choose from when considering firewall protection. Should you invest in an external firewall, stick with a virtual firewall or take the plunge with both?

The firewalls listed here cater to most sizes of organisation, from small businesses that only require virtual firewalls to larger enterprises that should house external firewall hardware.

With recent data breaches highlighting the importance of securing your network, IT Monteur Firewall Firm investigates the best firewalls on the market for every business’ first line of defence.

Firewalls – Buyer’s Guide and Reviews – March 2018

A10 Networks
A10 Networks Thunder CFW
Barracuda Networks
Barracuda Networks NG Firewall
Check Point
Check Point Power-1
Check Point
Check Point UTM-1
Check Point
Check Point VPN-1
Check Point
Check Point VSX
Cisco
Cisco Sourcefire Firewalls
Cisco
Cisco ASA
Cisco
Meraki MX Firewalls
Cisco
Cisco Firepower NGFW
Cisco
Cisco ASAv
Fortinet
Fortinet FortiGate
Fortinet
FortiGate-VM
GFI
Kerio Control
Hewlett Packard
Enterprise
3Com H3C Firewall
Hillstone Networks
Hillstone E-Series
Hillstone Networks
Hillstone T-Series
Hillstone Networks
Hillstone X-Series Data Center Firewalls
Hillstone Networks
Hillstone CloudEdge
Intel Security
Intel Security StoneGate
Intel Security
Intel Security Firewall Enterprise MFE
Juniper
Juniper SRX
NetFortris
NetFortris Hosted Firewall
NetFortris
NetFortris Threat Analyzer
OPNsense
OPNsense
Palo Alto Networks
Palo Alto Networks WildFire
Palo Alto Networks
Palo Alto Networks VM-Series
pfSense
pfSense
SonicWall
SonicWall TZ
SonicWall
SonicWall NSA
Sophos
Sophos Cyberoam UTM
Sophos
Sophos UTM
Sophos
Sophos XG
Stormshield
Stormshield Network Security
Trustwave
Trustwave Firewalls
Untangle
Untangle NG Firewall
WatchGuard
WatchGuard XTM
WatchGuard
WatchGuard Firebox
Zscaler
Zscaler Web Security

Top Firewalls Solutions

1 Fortinet FortiGate
The FortiGate family of NG firewalls provides proven protection with unmatched performance across the network, from internal
segments, to data centers, to cloud environments. FortiGates are available in a large range of sizes and form factors and are key
components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats
throughout the entire network
2 Cisco ASA
Adaptive Security Appliance (ASA) is Cisco’s end-to-end software solution and core operating system that powers the Cisco ASA
product series. This software solution provides enterprise-level firewall capabilities for all types of ASA products, including blades,
standalone appliances and virtual devices. Adaptive Security Appliance provides protection to organizations of all sizes, and
allows end-users to access information securely anywhere, at any time, and through any device.Adaptive Security Appliance is
also fully compatible with other key security technologies, and so provides organizations with an all-encompassing security
solution.
3 Sophos UTM
The global network of highly skilled researchers and analysts, protecting businesses from known and emerging malware – viruses,
rootkits and spyware.
4 pfSense
Providing comprehensive network security solutions for the enterprise, large business and SOHO, pfSense solutions bring
together the most advanced technology available to make protecting your network easier than ever before. Our products are built
on the most reliable platforms and are engineered to provide the highest levels of performance, stability and confidence.
5 Palo Alto Networks WildFire
WildFire™ cloud-based threat analysis service is the industry’s most advanced analysis and prevention engine for highly evasive
zero-day exploits and malware. The cloud-based service employs a unique multi-technique approach combining dynamic and
static analysis, innovative machine learning techniques, and a groundbreaking bare metal analysis environment to detect and
prevent even the most evasive threats.
6 Sophos Cyberoam UTM
Cyberoam Unified Threat Management hardware appliances offer comprehensive security to organizations, ranging from large
enterprises to small and branch offices. Multiple security features integrated over a single, Layer 8 Identity-based platform make
security simple, yet highly effective.
7 SonicWall TZ
The secure, sophisticated SonicWALL TZ is widely deployed at small businesses, retail, government, remote sites and branch
offices. It combines high-performance intrusion prevention, malware blocking, content/URL filtering and application control.
8 Meraki MX Firewalls
With the proliferation of modern applications and mixed-use networks, host and port based security is no longer sufficient. Cisco
Meraki’s layer 7 “next generation” firewall, included in MX security appliances and every wireless AP, gives administrators
complete control over the users, content, and applications on their network.
9 WatchGuard XTM
Small businesses need big security, too, and the WatchGuard XTM Series firewall/VPN appliances deliver that strong protection Ð
but without the hefty price tag. Enterprise-grade security includes full HTTPS content inspection, VoIP support, and optional
security subscriptions like Application Control and Intrusion Prevention Service.
10 Juniper SRX
High-performance security with advanced, integrated threat intelligence, delivered on the industry’s most scalable and resilient
platform. SRX Series gateways set new benchmarks with 100GbE interfaces and feature Express Path technology, which enables
up to 1 Tbps performance for the data center.

For more details just call or email us on
Phone:+91 120 649 8887
Email: sales@itmonteur.net

Gajshield DLP Firewall

GAJSHIELD Next Generation Firewall Unique Context Sensitive Network based Data Leak Prevention System with Cloud Security

GAJSHIELD Next Generation DLP Firewall
Unique Context Sensitive Network based Data Leak Prevention System with Cloud Security

GAJSHIELD DLP Firewall

Next Generation DLP Firewall

Unique Context Sensitive Network based Data Leak Prevention System with Cloud Security

GajShield’s layered security platforms are designed to provide in depth protection against various attacks by tightly integrating key security functions and to securely connect remote offices and partners. GajShield Network Security Appliances combines ICSA Certified Firewall, IPS, VPN, URL Filtering, Virus screening and Bandwidth Management in a single appliance to provide in depth protection at the network edge.

ICSA Certified

  • User Sense UTM – Policy combination of User, Source, IP
  • address and Service
  • Policy based control for Firewall, IPS, URL Filtering,
  • Anti-virus, Anti-spam, DLP and Bandwidth Management
  • Access Scheduling
  • Policy based Source & Destination NAT
  • H.323 NAT Traversal, 802.1q VLAN Support
  • DoS, DDoS, Syn Flood Attack prevention

For SOHO specification

GS 15nu GS20nu
Firewall
– Concurrent Sessions 190000 3300000
– New Sessions/Second 5100 28000
– Firewall Throughput 230 Mbps 3.2 Gbps
– VPN Throughput 100 Mbps 325 Mbps
– UTM Throughput 170 Mbps 280 Mbps
– Antivirus Throughput 140 Mbps 450 Mbps
– IPS Throughput 160 Mbps 720 Mbps
– VPN Tunnels 25 550
– Configurable WAN / DMZ / LAN ports Yes Yes
– 10/100 Interfaces 4 4
– 10/100/1000 Interface

For SME

GS 80nu

GajShield ‘GS 40dc’ provides content aware data context, which helps you to secure your enterprise beyond next generation firewalls. The GajShield 40dc appliance is targeted at high speed Internet security device for SOHO/SMB. The 40dc appliance manages gigabit traffic with content aware data context platform providing enterprise grade security even to the smallest enterprise.

GS 40d c FEATURES SPEC IF ICAT IONS
10/100
10/100/1000 4
Concurrent Sessions 320000
New Sessions Per Second 8000
Firewall Throughput 2.5 Gbps
VPN Throughput 400 Mbps
UTM Throughput 350 Mbps
AntiVirus Throughput 425 Mbps
IPS Throughput 475 Mbps
VPN Tunnels 150
Configurable WAN/LAN/DMZ ports cx Yes

For Enterprise

GS 130d c FEATURES GajShield 260d Features GS 320dc-f  Features GajShield 330d Features GajShield 930d Features GajShield 1030d Features
10/100 6 10 20/16 20/16
10/100/1000 8 2 4 4/8 4/8
Concurrent Sessions 850000 850000 900000 1100000 3000000
New Sessions Per Second 26000 26000 30000 60000 150000
Firewall Throughput 5.5 Gbps 5.5 Gbps 7 Gbps 20 Gbps 25 Gbps
VPN Throughput 1.9 Gbps 1.9 Gbps 2.5 Gbps 12 Gbps 15 Gbps
UTM Throughput 1 Gbps 1 Gbps 2100 Mbps 3.5 Gbps 5 Gbps
AntiVirus Throughput 1200 Mbps 1200 Mbps 2200 Mbps 5.7 Gbps 7.2 Gbps
IPS Throughput 1500 Mbps 1500 Mbps 2400 Mbps 9.5 Gbps 11.5 Gbps
VPN Tunnels 4000 4000 6000 20000 25000
Configurable WAN/LAN/DMZ ports yes Yes Yes Yes Yes

Gajshield Firewall Price

Gajshield DLP Firewall Price

For more details just call or email us on
Phone:+91 120 649 8887
Email: sales@itmonteur.net

Firewall Training

Firewall Training & Workshops

Cyberoam Certified Network & Security Professional (CCNSP)

CCNSP is the certification for security professionals from Cyberoam firewall. The only Identity-based security certification available globally the course prepares individuals to recognize insider threats and user-targeted external threats while giving them expertise in networking and security fundamentals in addition to the deployment and configuration of Cyberoam identity-based UTM. The course is comprehensive, yet easy to follow, with real world scenarios, delivering practical value to aspiring security professionals.

 

Prerequisites:
While the course does not have any pre-requisites, security professionals interested in enrolling need to be familiar with networking concepts, including network topologies, networking infrastructure and application protocols:

Operational OS knowledge
Basics of Networking
Knowledge of Protocols
HTTP, HTTPS, IMAP, POP3, SMTP
TCP/IP Protocol Suite
Network Security Fundamentals
Operational Familiarity with Featured Modules
Firewall, VPN, IPS, Anti-virus, Anti-spam, Content Filtering, Bandwidth Management, Multiple Link Management, Reporting

Who Should Attend:
CCNSP has been designed for technical professionals providing support or performing deployment and administration of Cyberoam solutions, including System, Network, and Security Administrators.

CCNSP training is divided into the following modules –

Module 1: Cyberoam Product Overview
• Cyberoam UTM overview
• Cyberoam Central Console Overview
• Cyberoam on-cloud management overview
• Cyberoam iView Overview
Module 2: Deploying Cyberoam
• Prerequisites for deployment
• Network Diagrams & Scenarios
• Deployment Scenarios (Transparent/Gateway/Mixed) Mode
• Failure of Security Device & it’s Consequences
• Proxy Scenarios
• Managing connectivity with multiple ISP’s
• Manage 3G and Wi-Max connections
• Labs
Module 3: Firewall
• What is a Firewall?
• Types of Firewall
• How to Control Access
• Identifying Each Machine on the network
• Managing the Firewall
• NAT
• DoS (Denial of Service)
• Fusion Technology based Unified Control
• Firewall – as a single solution to identity, security, connectivity, productivity, and logging Labs
Module 4: User Authentication
• What is Authentication?
• Requirement to Authenticate
• How can Authentication be done?
• Types of Authentication (Single Sign On, Local, and External)
• Group Authentication
• Traffic Discovery
• Authenticating from Servers (AD, LDAP, or RADIUS)
• Labs
Module 5: Web Filter
• Need for Web Filtering
• Web 2.0 Filtering
• Filtering with Keywords
• Filtering with URL
• Filtering by Categories
• Filtering Web Traffic
• Labs
Module 6: Application Firewall
• Evolution of Application Firewall
• File Filtering
• Application & P2P Filtering
• Instant Messaging Filters
• Custom Filters
• Compliance based filtering
• Labs
Module 7: Network Threat Protection
• Functioning of Anti-Virus & Anti-Spam
• Basics of Virus, Spyware, Malware, Phising, and Pharming.
• Web/Mail/FTP Anti-Virus
• Gateway level Anti-Virus/Anti-Spam
• Instant Messaging Anti-Virus
• Virus Outbreak Detection
• Recurrent Pattern Detection
• RBL (Realtime Black List), IP Reputation
• Understanding of Intrusion
• Signature based detection
• Statistical anomaly based detection
• Stateful protocol analysis detection
• Network Based IPS (NIPS) & Wireless Based IPS (WIPS)
• Network Behaviour Analysis (NBA)
• Host Based IPS (HIPS)
• WAF
• Labs
Module 8: VPN
• What is VPN?
• Why use VPN?
• Advantages of VPN
• Types of VPN based on protocols
• Types of VPN Based on Tunnels
• Need of firewall in VPN
• Threat Free Tunneling
• VPN Bandwidth Management
• VPN Failover
• Identity based authentication in VPN
• Labs
Module 9: QoS
• What is QoS?
• Why QoS?
• Traffic Queuing
• Traffic Prioritisation
• Bandwidth Allocation
• Scheduling, and sharing bandwidth
• Guaranteed bandwidth
• QoS implementation on user, group, firewall, application, web category.
• Labs
Module 10: Network High Availability
• High Availability, LAN Failsafe?
• Clustering of devices
• What is link load balancing?
• Why undertake balancing?
• Link fails scenario
• Why failover?
• Multilink Manager
• Load balancing
• Active – Active load balancing and gateway fail over
• Active – Passive configuration and gateway fail over
• MPLS failover to VPN
• Automatic ISP failover detection
• Labs
Module 11: General Administration
• Setup Logging
• DNS Management
• DHCP Management
• Upgrading Device Firmware
• Backing Up
• Restoring
• Diagnostic Tools
• Troubleshooting Tools

• Labs to provide hands on to deal with maintenance

Module 12: Logging & Reporting
• Cyberoam iView Introduction
• Types of Reports
• Data Management
• Report Management
• Compliance reports
• Searching within reports
• Identity based reporting
Currently Firewall Training & Workshops done only Sundays 10am to 4pm
Cyberoam Firewall Training & Workshops Course duration is 3 months
Course Fees is Rs.36000