L7 NETWORKS INC. - Secure Networks at Layer-7

>>> CONTACT US

Features

HOME > PRODUCTS > InstantBlock Features

InstantBlock Features

Integrated UTM Security Appliance for IM/P2P/SSL management
Layer-7 Firewall to protect your network against external threats and internal application abuse

New Integrated UTM Appliance: Unidirectional Protection vs Bi-Directional Protection

The development of the Internet has been brought forth endless network intrusion attacks, but Firewall technologies also change with each passing day in order to prevent internet threats. Hence, anti-virus, intrusion prevention, anti-spam, multi-WAN load balancer, etc. has been integrated into modern Unified Threat Management (UTM) appliance, besides the original features of Firewall / NAT / VPN / Router / QoS. However, a lot of network threats are coming from internal application abuse, such as instant messaging, peer-to-peer applications, VPN, SSL-encrypted webmail, etc. These applications are popular because of their ability to work across almost all practical firewall deployments. L7 Networks Application Firewall is the right UTM appliance with bi-direction protection for your Network.

Built-in IM Management Module: Block Completely vs User-Level Control

Nowadays, Instant Messengers have been indispensable to enterprises for communication so that you cannot just block them. L7 Networks leading IM management solution can manage MSN/Yahoo/ICQ/AOL/Google Talk activities by user's login accounts, including Login / File Transfer / File Sharing / Photoswap / Voice / Webcam / Whiteboard / Remote Assistance / Game / Handwrite, etc. Employees cannot avoid being managed, no matter IM applications run over HTTP or Socks server. It can also prevent Viruses hiding in MSN File Transfers.

Built-in P2P Management Module: Helplessness vs Block Selectively

P2P applications have the ability to work across almost all practical firewall deployments. They always create the security threats, as these protocols are easy to download piratic software/music/movie across the security infrastructure relatively unchecked. InstantBlock can manage more than 30 P2P applications and prevent bandwidth waste on illegal downloads selectively.

Built-in SSL Content Filtering: Trust Completely vs Trust Selectively

SSL-enabled environments, such as HTTTPS, SMTPS, POP3S, and IMAPS, are end-to-end security tunnels that may contain viruses or information leakage. L7 Networks SSL content filtering module can transparently intercept SSL connections and scan for viruses and spam emails. Its "Exempt Zone" design can be set to trust partial server's IP / Domain / URL (such as Network Bank), and let them avoid SSL content filtering. For security and performance issues, SSL/IPSec encryption and decryption can choose SaftNet ASIC Acceleration.

Built-in Intrusion Prevention Module: Passive Prevention vs Active Outfall

Unlike passive prevention solution, InstantBlock guards the network with a built-in virus engine to block viruses actively in HTTP(S)/SMTP(S)/POP3(S)/IMAP(S) environments no matter what the attacks are (such as packet-type attacks, network-type worms, file-type viruses). Currently, it supports more than 2,000 threats and more than 20,000 viruses. Virus patterns/engines can be frequently updated if needed.

Built-in Co-Defense Module: Single-point Prevention vs Intersectional Co-Defense

InstantBlock can co-defend with LAN switches to stop infectious PCs to spread viruses/attacks. General UTM firewalls can only do single-point prevention but cannot stop attacks to spread. L7 Networks leading Co-Defense system can issue ACL commands to switches close to the infectious sources according the pre-set rules when network viruses are detected. Currently, Co-Defense system supports D-Link, Extreme, Cisco, Alcatel L2/L3 switches.

All-in-One Appliance With High Quality

IL7 Networks' award-winning InstantBlock series Application Firewall has been delivered to our ODM customers for more than three years. It won many bids and has been expanded its business to global market because of its high quality. It supports firewall which rules can be set by group, high performance IPsec / L2TP / PPTP / SSL VPNs by SafeNet® ASICs, enterprise-level VPN hub & spoke, HA, WAN backup for no disconnection, and content filtering to prevent employees from browsing unwanted webpages (such as gamble, shopping, pornography, etc). Besides, it can enforce a strong user authentication mechanism. Employees are automatically redirected to a web page to authenticate with POP3(s)/IMAP(s)/LDAP/RADIUS servers before they can connect to the Internet.

Support InstantReport Centralized Reporting System

In order to enhance operational performance, InstantBlock sends events to database in InstantReport Centralized Reporting system for analysis. It can also collect events from multiple InstantBlock devices simultaneously so that the intrusion records allow the network administrators to trace both attack sources and targets IP addresses, connection ports and communication protocols. In addition, InstantReport can generate various reports to send to network administrator by emergent email, periodical email sending, or FTP backup.

Support InstantConfig Security Operating Center

In addition to built-in all InstantReport's features, InstantConfig's 3-tier Architecture can centrally control IPS/Anti-Virus/URL/IM/P2P and synchronously update patterns/signatures and L7 Firewall. Furthermore, InstantConfig can establish VPN tunnels for more than 2,000 InstantBlock devices so that it will greatly save administrative cost.

Update Rapidly With World-Wide Service

L7 Networks has a group of professional Network Security Team to collect and study diverse attacks / application behaviors. Its global update mechanism provides users with real-time virus signatures / patterns update and continuous service.