Network Security and Threat Protection
The built-in firewall provides UserGate UTM with additional LAN protection against hacker attacks and other sophisticated types of protocol-based intrusions by blocking traffic through particular ports (TCP, UDP, or any other internet protocol).
Intrusion Detection and Prevention
IDPS (Intrusion Detection and Prevention System) is a network-based malicious activity monitoring solution. The primary purpose of IDPS is the detection of potentially dangerous activities, logging, and threat prevention and reporting.
Security breaches are usually detected with the help of heuristic rules and the analysis of signatures of known attacks. IDPS tracks activities in real time and quickly blocks attacks. Possible preventive measures include blocking particular segments of network traffic, disconnection, and notifying the network administrator.
Cloud Antivirus, developed and maintained by Entensys, makes it possible to provide a high level of user protection without reducing system performance. This module sends the signatures of uploaded files and scripts to the cloud. Entensys utilizes a database containing hundreds of thousands of dangerous files and script signatures that is updated hourly from a number of non-proprietary systems and sandboxes. This approach is extremely effective at high load because it blocks malicious files, addressing zero-hour problems without negatively affecting system performance.
Gateway Antivirus for File and Attachment Filtering
UserGate UTM incorporates the Kaspersky Labs antivirus engine to provide optional additional antivirus control and check all inbound and outbound traffic on HTTP, FTP, SMTP, and POP3.
Advanced Persistent Threat Detection
UserGate UTM detects known and previously-unknown web malware in scripts and downloads and detects command and control traffic from advanced persistent threats (APT). Various modules allow UserGate UTM to protect against a variety of potential threats. These include a firewall, intrusion detection and prevention, an application control module (at level 7), cloud antivirus, a web filtering module, reputation services, and special loadable blacklists. Entensys’s real-time reputation service containing a large number of known malicious and whitelisted files, scripts, and applications allows IT security administrators to easily and effectively stop the spread of emerging threats through their networks before they infect devices.
Increased Internet Performance and High Availability
Multiple ISPs and Connection Failover
Depending on the number of available lines, UserGate UTM can perform line failover and line cycling across multiple connected ISPs.
Web caching accelerates service requests by retrieving content saved from a previous request in local storage (cache). A caching proxy keeps local copies of frequently requested resources, reducing their bandwidth usage and cost, while significantly increasing performance.
Traffic shaping makes it possible to manipulate and prioritize network traffic, thereby reducing the impact of heavy users or machines on other users. This bandwidth throttling or rate limiting guarantees that business-critical applications can function well.
High Availability mode allows you to strongly reduce the risks and damages that could be caused by a UTM hardware crash. Deploying UserGate UTM in a High Availability pair allows for continuous uptime of the UserGate UTM services in the event that one of the nodes fails.
Traffic Management and Network Access Control
Network Access Control
UserGate UTM provides granular application and access control through the creation of accurate, identity-based policies. It ensures granular access to network resources and can limit bandwidth or allocate more bandwidth to certain applications or services. The Network Access Control functionality automatically enforces security policies for everyone and everything on your network, which helps you minimize your security risks.
User Identity Awareness
UserGate UTM supports authentication of users and enforcement of user-aware firewall rules, web filter settings, and Application Control 2.0 using Active Directory, Kerberos, RADIUS, and LDAP. Administrators can assign security policies to a specific user or group, or to general objects such as all known users, all unknown users, or both. The product also supports Transient users and Captive Portal authentication, which runs through a web interface before granting them access to internet resources. UserGate UTM Terminal Services Agent identifies individual users who are supported by the same terminal server, so all rules and policies can be also applied to terminal services users.
Text Message Authentication
UserGate UTM supports the SMPP protocol, which makes it possible to authenticate guest users via text message.
BYOD (Bring Your Own Device) Concept Support
UserGate UTM allows you to apply special access rules to any device accessing the network, including corporate and private laptops, tablets, and smartphones. UserGate UTM allows you to set limits on the maximum number of devices per user (total and used simultaneously) and create a list of specific devices that can be used to gain network access.
VPN (Virtual Private Network) technology protects the traffic of any intranet and extranet systems, audio- and video-conferences, and e-commerce solutions. UserGate UTM allows you to create a "server-to-server" tunnel or inter-network routing and supports current VPN connections.
Content Filtering and Application Control
The Entensys URL Filtering module adds extra security to your local network. It is designed to enable administrative control over employee internet downloads and restrict access to potentially dangerous websites if needed.
Deep Content Analysis
UserGate UTM analyzes web pages for specific words and phrases, intelligently parsing the morphology of the most commonly-used languages. This kind of control is applied to specific sections of a site, without blocking the entire site at the category or domain level. This approach is useful for social networks, forums, and other portals with a large share of user-generated content (Web 2.0).
Social Media Control
UserGate UTM provides control over Web 2.0 applications and social media, enforcing granular policies on application functions and communications. Administrators can allow selective access to social media content while restricting non-productive activities. Granular control over content policies can ensure that employees' social media communications conform to company guidelines.
Alongside ordinary unencrypted traffic, UserGate UTM can be configured to filter HTTPS traffic. The server performs certificate-swapping and content filtering on the fly. UserGate UTM uses all of its filtering mechanisms to process HTTPS traffic.
Blocking of Banners, Pop-Ups and Spying Scripts
Pop-ups are the bane of web surfers – it’s all too easy to accidentally click on a link in an obnoxious ad image. UserGate UTM solves the problem of banners and third-party ad images by simply zapping banner ads before users can see them.
The product also protects your privacy by blocking invisible tracking cookies and plug-ins on many websites and preventing social networks from transmitting data about you after you leave those sites.
Injector: HTML Code Substitution
UserGate Web Filter makes it possible to modify the page code delivered to the user. It can be applied for the replacement of blocked content in order to insert specific information or advertising. This function may be useful for telecom operators and public WiFi access providers.
Application control is designed to protect against security threats posed by internet-based applications. Its purpose is twofold: enable administrators to restrict the personal use of internet-based applications such as instant messengers or peer-to-peer clients, and protect the local network against application-specific internet threats.
The Entensys Cloud Antispam Module sends a UID of a message to our cloud-based service, which helps to determine whether the message contains spam, and continues to block this specific message or stop a spam attack instead of blocking the IP address, domain, or email address. This feature of Entensys Antispam makes it useful for companies where the deletion of messages considered to be spam can cause the loss of clients or other problems. Cloud Antispam filters messages based on their content and heuristics analysis. One of the main advantages of Entensys Cloud Antispam is its very low rate of false detections – less than one in 1.5 million messages – while its spam detection rate is over 97%.
UserGate UTM uses Entensys Cloud Antivirus and the Kaspersky Labs AV engine, just as with HTTP-traffic.
Additional Spam Protection Methods
When processed by UserGate UTM, messages go through several filtering stages, including connection filtering, sender filtering, recipient filtering, and content filtering. Using some of these functions such as DNSBL allows UserGate UTM to significantly reduce the load on the system.
Real-time Monitoring and Statistics
UserGate UTM features a full-fledged statistics module that allows administrators and supervisors to enforce the company’s internet access policy effectively. Statistics can prove the extent to which the internet is being abused in the workplace and can serve as the primary basis for decision-making when it comes to restricting or blocking certain internet resources for a specific user in order to fight such abuse.
Sometimes it may be necessary to make certain corporate services available externally. UserGate UTM is able to redirect requests sent to a gateway computer to the server or workstation where the target service is running, thus providing end users with the ability to access resources on the corporate network from a remote location.
Dynamic Host Configuration Protocol (DHCP) allows an administrator to supervise and distribute IP addresses from a central point, automatically sending a new IP address when a computer is plugged into a different location in the network.
UserGate UTM can be accessed remotely from any computer through a browser, making it possible to efficiently manage many locations or branch offices.