• Server Firewall Protection Servers Only

• Selective Control of Other IP Per Device Servers Only

• Time-Sensitive Rules Servers Only

• Activity Viewer Servers Only

• Firewall Protection

• SYN Flood Protection

• IP Tracer

• Sequence Number Hardening

• Stateful Inspection

• Stand-alone PC or Workstation Firewall Protection

• Network Firewall Protection

• Configuration Wizard

• Rules Based Protection

• Separate Rule Sets for Each Network Adapter

• Importing/Exporting Rules

• Smart Copy

• Separate Filtering and Rules Per Device

• Logging

• Email Notification

• Password security

• Log File Export Scheduling

• Allow or Block Non-IP or Other IP Per Device

 

---

Server Firewall Protection Servers Only
VisNetic Firewall for Servers supplies a strong defense mechanism for host computers against data intrusion, attack, theft or damage. Incorporating all of the features of the workstation version, VisNetic Firewall for Servers includes extended features allowing Time-Sensitive Rules, Real-Time Activity Viewing, Selective Control of Other IP Protocols and more.
 

Selective Control of Other IP Per Device Servers Only
VisNetic Firewall for Servers may be configured to filter protocols other than IP protocols selectively. Examples of other protocols that VisNetic Firewall will filter include IGMP and GRE. The benefit of blocking these protocols independently, rather than globally, is that selective filtering can take place per device. As an example, GRE is a protocol used for many VPN implementations and is often ignored by a firewall as trusted traffic; whereas IGMP is a protocol of choice for some attacks. With this feature, an Administrator may allow GRE through the VPN, while blocking IGMP. Examples of a device include an internal network interface card (NIC), an external NIC linked to a cable modem connecting to the Internet, or a Dial-Up Adapter used to connect to an ISP (Internet Service Provider).
 

Time-Sensitive Rules Servers Only
With VisNetic Firewall for Servers, time-sensitive rules may be established. These rules determine if traffic is allowed or blocked, based on the time of day. As an example, this feature could empower VisNetic Firewall to block all requests, incoming and outgoing, after business hours, if necessary.
 

Activity Viewer Servers Only
The Activity Viewer provides real-time viewing of the firewall displaying all active TCP and ICMP connections as they occur. VisNetic Firewall provides this immediate account of the firewall allowing the Administration to actively oversee the firewall and address any issue that might take place while an attack is occurring.
 

Firewall Protection
Firewalls protect information stored on a computer or network of computers from unauthorized access. Designed to study each packet, a firewall guards against unwanted intrusions or attacks by determining the packet origin and destination. This information is used to determine whether to allow or deny its access through the firewall.
 

SYN Flood Protection
A SYN flood is a large number of valid-looking connection attempts that can overwhelm a server and prevent it from being able to accept connections from legitimate users. VisNetic Firewall recognizes when a SYN flood occurs and prevents it from interrupting normal server operation. When the SYN flood is detected, a log message is generated and "SYN cookies" are used so that valid connections can be made and SYN flood connection attempts are ignored. Once the SYN flood ends, SYN cookies are no longer used.
[learn more about a SYN flood]
 

IP Tracer
The IP Tracer allows the user to right click on an 'allowed' or 'blocked' log entry packet, select "Who is IP Address", and search for that remote system's IP address. This permits the user to search for an IP address of a possible hacker performing a broadcast or an attack on their network. The option to perform a simple reverse DNS is also available.
 

Sequence Number Hardening

Sequence Number Hardening helps protect Windows from spoofed TCP connections resulting from initial sequence number (ISN) guessing. Windows 2000 is considered "slightly vulnerable" to ISN guessing, and the ISNs in Windows 9x are considered "100% predictable". This feature improves the randomness of the sequence numbers, thereby helping to compensate for vulnerabilities inherent in Windows.
 

Stateful Inspection
Stateful inspection delivers firewall protection beyond pure packet filtering. Rather than simply verifying the packet source and destination, Stateful Inspection ensures the legitimacy of the packet by matching its presence to an actual request. For example, rather than accepting all ping replies, VisNetic Firewall will permit a ping response only following a confirmed ping request. This example is pertinent because certain DoS (Denial of Service) Attacks can initiate with an unending stream of ping responses to overwhelm and crash a server. Without Stateful Inspection, this attack would be undetected and unblocked.
 

Stand-alone PC or Workstation Firewall Protection
VisNetic Firewall for Workstations effectively guards the computer of a mobile professional, telecommuter or power-user in stand-alone, networked or changing environments. More than a simple personal firewall, VisNetic Firewall for Workstations offers customized security through user-defined rule creation and the ability to configure devices individually. Examples of a device include an internal network interface card (NIC), an external NIC linked to a cable modem connecting to the Internet, or a Dial-Up Adapter used to connect to an ISP (Internet Service Provider).
 

Network Firewall Protection
Placing VisNetic Firewall for Servers on the gateway computer or proxy server accessing the Internet on behalf of the network expands the security to the entire LAN. The whole network is then protected from attacks originating outside of the network.
 

Configuration Wizard
VisNetic Firewall utilizes a Configuration Wizard during software installation. The Configuration Wizard automatically creates the rules for the user. It does this by asking a series of questions relating to the environment in which the firewall is being installed. The answers provided in the Configuration Wizard establish the initial rules VisNetic Firewall will follow. The Configuration Wizard eases set-up and ensures comprehensive protection immediately upon installation.
 

Rules Based Protection
Rules established in VisNetic Firewall dictate how the software handles incoming and outgoing packets. The rules defined within the software detail instructions for the firewall for what traffic to allow and what traffic to block. Rules utilize parameters such as source and destination IP addresses, source and destination ports, direction of traffic (i.e. inbound and/or outbound) and protocol.
 

Separate Rule Sets for Each Network Adapter
VisNetic Firewall allows the Administrator to maintain a separate set of rules to be applied to each network adapter in the system. The Administrator can then configure a set of rules to be applied to traffic passing over the external/Internet interface, while having a separate set of rules that apply to traffic through the internal/LAN interface.
 

Easy Importing/Exporting of Rules
Deploying VisNetic Firewall across a number of workstations or servers is simplified by the ability to Export and Import rules. These rule subsets can be shared amongst VisNetic Firewalls running on different operating systems, which is particularly helpful for computer consultants reselling VisNetic Firewall.
 

Smart Copy
Smart Copy enables the user to Copy/Cut/Paste (Ctrl-C/Ctrl-X/Ctrl-P) rules from one device to another. For example, simply Copy a useful internal rule and Paste it to the external rule set instead of recreating it manually.
 

Separate Filtering and Rules Per Device
VisNetic Firewall allows filtering to be enabled or disabled per device. Examples of a device include an internal network interface card (NIC), an external NIC linked to a cable modem connecting to the Internet, or a Dial-Up Adapter used to connect to an ISP (Internet Service Provider). If filtering is enabled, unique rules established for each device control the data permitted to pass through the firewall. If filtering is disabled on a given device, the firewall will not filter any traffic traveling through said device. Based on how a particular device is used and the security it requires, the need for filtering and rules may be customized to route or deny packets appropriately through that device, without affecting other devices. VisNetic Firewall not only guards the network from unknown threats, but also preserves access for trusted sources.
 

Logging
With logging enabled, the firewall will record the following fields: the device the request was made to, the action firewall took (i.e. blocked), the direction the traffic was flowing from (inbound or outbound), the source and destination IP addresses, the protocol, the source and destination ports, and the date/time of the event. Each log entry follows a standard, comma delimited format enabling the data to be imported into spreadsheets or other analysis tools. From this data, the VisNetic Firewall administrator can determine how the firewall is handling traffic and if additional rules are required. Right clicking on any logged event can quickly create a rule tailored to the selected log entry.
 

Email Notification
When Administrator-specified rules are "hit", Email Notification can be provided to the email address selected by the Administrator. For example, if a rule is created to block an attempt at the port used by Back Orifice or NetBus, VisNetic Firewall can be configured to block and log the packet followed by sending an email to the Administrator as notification that an intrusion was attempted. Email Notification will be sent via a text message including the device number, rule number and rule description.
 

Password Security
The configuration of VisNetic Firewall is protected by password security. To access or change the settings of VisNetic Firewall, including filtering, rules and logs, the user must authenticate with a password. This protection ensures that the settings of the firewall remain intact and tamper-proof.
 

Log File Export Scheduling
The Log Files of VisNetic Firewall may be automatically exported and sent via email at a specified time (such as daily, monthly, etc.). This allows the Administrator to remotely monitor the firewall on a regular basis, overseeing the protection of the computer(s) it shields.
 

Allow or Block Non-IP or Other IP Per Device
VisNetic Firewall may be configured to allow or block protocols other than common IP protocols. Examples of common IP protocols include TCP (such as HTTP, SMTP, POP3, and FTP), UDP, and ICMP. Examples of non-standard protocols include IGMP and GRE. Examples of Other IP include NetBEUI and IPX/SPX. VisNetic Firewall filters on each of these protocols to extend the firewall capability to the majority of protocols used for networking. Examples of a device include an internal network interface card (NIC), an external NIC linked to a cable modem connecting to the Internet, or a Dial-Up Adapter used to connect to an ISP (Internet Service Provider).