Embed Size (px)
Citation preview
VISIONTo provide ethical, efficient and professional
security with sustained commitment based on the specific needs and expectations of our clients.
MISSIONContinuously improving on all aspects of our
business while building on our culture of excellence.Make the Internet a safe place to work.
VALUEStrong leadership is enacted at all levels of the business by providing clear direction,
active support and speedy decision.
COMPANY OVERVIEW
Small Thing About Us
GajShield Infotech (I) Pvt. Ltd. head-quartered in Mumbai, India, since its inception in 2002, focuses on providing Complete Security Solution to Corporate’s. Our Mission is to “make the Internet a safe place to work”.
GajShield is a leading Security Company having the distinction of being one of the few companies worldwide and the 1st Indian Firewall Product Company to have earned ICSA Labs Firewall Certification criteria 4.1. It recently was honored as among 20 Most Promising Cyber Security companies by CIO Review and the Company of the Year by Silicon India. It was also honored with EIST Award by ICSA Labs. It has lead innovation in firewall technology and has always been a step ahead by providing next generation technologies like Context based Data Leak Prevention, Cloud Firewall, Oops technology for Firewall Management and many more.
GajShield provides solutions for Network Security and Email Security. GajShield develops Integrated Security Firewall Product to meet the needs of Internet-generation businesses. GajShield's products remove the complexity and reduce the cost of implementing and managing today's mandatory business services -including Firewall, Encryption, VPN, URL Filtering, Virus Scanning and more - by delivering unprecedented levels of security, performance, simplicity, functionality, and cost-efficiency in a single product.
“GajShield clearly understands the importance of ICSA Labs testing and has demonstrated through their ongoing involvement with the Firewall Certification testing program that they are dedicated to maintaining the highest security standards” - Brian Monkman, Technology Programs Manager – ICSA Labs.
AWARDS & CERTIFICATION
'Company of the Year' 2016 by Silicon India.
20 Most Promising Cyber Security Company of 2016 by CIO Review.
ICSA Award for Excellence in Information Security Testing.
OUR CLIENTS
PRODUCT FEATURES
FEATURES:
• Detection and Prevention of data leaks.
• Set policies to monitor/block data leaks via Email, File upload and Chats.
• Set policies to allow read only access to corporate email/social networking.
• In-depth reporting of data moving out of network.
• DLP & UTM on a single appliance, which makes it cost effective.
• Monitor IM & Web chats and block content, if data leak is suspected.
• Policies can be set based on users, groups. Also based on the application context.
• Easy to configure and integrated into single firewall policy window.
• Powerful DLP Engine sense data on filters set in DLP polices for a granular analysis.
DATA LEAK PREVENTION
PRODUCT FEATURES
DATA LEAK PREVENTION
With GajShield Data Leak Prevention System, policies can be configured at the organizational level, to block /trace email content and attachments sent by disgruntled employee and necessary action can be taken.You can create policies based on the ‘From’, ‘To’, ‘Subject’, ‘Cc’, ‘Bcc’, ‘Email Body’, ‘Email size’, ‘Attachmentname’, ‘Attachment size’ of email applications.
PRODUCT FEATURES
FEATURES:
• Roaming users comply to company policies even when they are not in the network
• Cloud Client enforces and routes all traffic securely through the Cloud Firewall (Public or Private)
• Secures roaming users even when they use insecure networks (public Wi-Fi etc.)
• Central policies with ease of management for Roaming Users
• All processing done in cloud & hence no performance impact on end-point
• Connect/disconnect status report
CLOUDSECURITY
PRODUCT FEATURES
Enterprise Cloud Security-Remote Filter
PRODUCT FEATURES
FEATURES:
• Control and Visibility of Layer 7 Applications
• Enhance business-critical application performance by limiting bandwidth for non-business traffic
• Inbuilt Application Categories
• 2,500+ Application Signatures
• Sub-classification within a category supported
• Saves bandwidth and reduces infrastructure costs
• Protects corporate users including BYOD devices
APPLICATION FILTER
PRODUCT FEATURES
FEATURES:
❑ Create Guest Users manually or Users can register themselves through Registration process
❑ Apply Security Policies (like URL, DLP, Application Filter Policies) based on Guest Users
❑ Apply Bandwidth Capping/Queue on Guest Users
❑ Apply BYOD restriction on Guest Users
❑ Guest user authentication can be easily integrated with SMS gateways
FEATURES:
r Setup policies to limit access to internet from devices.
r Control and limit the bandwidth used by devices.
r Limit access to internet based on time.
r Block access to critical servers in DMZ to BYOD devices.
r Block risky applications which can lead to data leak.
SECURE GUEST INTERNETMANAGEMENT SYSTEM
BRING YOUR OWN DEVICE
PRODUCT FEATURES
FEATURES:
r Define Firewall, IPS, URL, Gateway Antivirus, from central offices.
r Add Groups and configure multiple Firewalls together at same time.
r Take Firewall backups and save them in a central location.
r Auto-synchronize all your Firewalls at regular intervals.
r Real-time visibility of threat summary and trends.
r Intuitive and comfortable UI.
FEATURES:
r Protect against remote attacks such as phishing.
r One time password for additional security.
r Easy to setup and manage.
r Inexpensive as it uses your smart phone.
r Protects your data not only from outsiders, but also prevents data leaks from inside your network.
CENTRALISED MANAGEMENT SYSTEM
2 FACTOR AUTHENTICATION
PRODUCT FEATURES
Stateful Inspection Firewall (ICSA Labs Certified)
• Stateful and deep packet inspection• Prevents intrusions and attacks from
internal and external sources• Prevents popular forms of attacks like
DoS, fragmented, reply, spoofing and malformed packet attacks
• IPv6 enabled firewall• MAC based policies default white-listing
or black-listing of MAC addresses• Geo IP• Third party user authentication integration
with radius, TACACUS+, LDAP & active directory with SSO
• Route, Bridge Mode• Multi-Zone Security• Policy based NAT (DNAT, SNAT and PNAT)
and Loop back NAT• H.323, SIP• 802.1q VLAN Support• Time based Scheduling of policies
System Management
• Two Factor Authentication support for WebUI, CLI or Console with OTP
• Manage through a browser, ssh and terminal• Single window policy management• Role based Administration• On Appliance Analytics• User based firewall policies• Policy inheritance (Oops)• Remote Syslog and SNMP support• Administration activity logs for auditing
Virtual Private Network
• Industry standard: IPSec, L2TP & PPTP VPN• VPN High Availability for IPSec• Strong authentication : RSA SecureID,
VASCO tokens, Radius, LDAP & Active Directory• Encryption : DES, 3DES, AES encryption & Hash • Algorithms : MD5, SHA1, SHA2• Authentication : Pre-shared key, Digital Certificates• IPSec NAT Traversal, Dead Peer Detection and • PFS support• IPSec VPN tunnel up/down logs • Active VPN user logs
Networking
• Static IP Address, PPPoE, DHCP• Policy based Multi-WAN Failover & Load
balancing• WRR based Load Balancing• Policy based Routing• Multicast forwarding• Dynamic Routing (RIP v1 & 2, OSPF) • DHCP server support on multiple interfaces• Support for dynamic DNS
Bring Your Own Device
• Setup policies to limit access to internet from devices• Control and limit the bandwidth used by devices• Control and limit unauthorized access• Limit access to internet based on time• Block access to critical servers in DMZ to BYOD • devices• Block risky applications which can lead to data leak• Individual user wise reports based on BYOD devices
PRODUCT FEATURES
Gateway Anti-Spam
• Scans SMTP, POP3 traffic for spam• Detects, tags or quarantines spam mail• Content-agnostic spam protection including • Image-spam• Preemptively stops sophisticated threats like • phishing, pharming, zombie attacks &
supports • RBL lists• Enforces black and white lists• Real-Time protection from emerging threats• Language, content and format independent
spam prevention• Detects phishing URL in emails• Quarantine Spam Mails• Mail Archiving
Gateway Anti-Malware
• Multiple Engine – uses cloud based sandboxing• Powerful and Real-Time protection from Virus
outbreaks• Scans HTTP, HTTPS, FTP, POP3, SMTP & • SMTPS traffic• Detects and removes viruses, worms and all
kinds of malware• Instant identification of virus infected users• ZERO Hour Virus protection• Spyware, Malware, Phishing protection• Automatic real-time Virus update• Complete protection of traffic over all protocols• Last virus update definition• Complete report of viruses caught
URL Filtering
• Automated web categorization engine blocks non-productive websites
• Millions of sites in arranged in 85+ categories• URL Filtering for HTTP & HTTPS protocols• MIME Type and file extension blocking• User, group-based URL filtering and download size
restriction policies• Time-based access schedule• Prevents downloads of streaming media,
images, popup ads• Block malware, phishing, pharming URL’s• Block Java Applets, Cookies, Active X• URL Exempt/White List• Automatic updates to the URL Categories
Appliance based Security Analytics
• Complete reporting on appliance• User, Application specific reporting• Daily Internet activity user/group wise
report on e-mail• Real time reports, automated alerts,
historical reporting• Security reports include Firewall, IPS & VPN• Real time reporting of bandwidth and users• Policy violation alert on E-mail & Reporting• Virus filtering reporting• Guest user authentication activity logs
Intrusion Prevention system
• Database of over 6000 signatures.• Prevents exploits, intrusion attempts, malicious
code, backdoor activity and network-based blended threats.
• Anomaly Detection System mitigate evolving and internal threats
• High performance security with real-time attack, malicious code and hybrid threat blocking
• Automatic updates for new threats• Notification via email• Report of source IP from where the intrusion
has been originated
Adaptive ISP Failover & Load Balancing
• Service based ISP Load Balancing or Failover• Both Failover and Load Balancing can be set up
simultaneously• Load balances traffic based on weighted round
robin distribution• ISP Failover automatically shifts traffic from a failed
link to a working link• Automatic traffic fallback when failed ISP comes up • Zone based failover• Customized NAT on failover• ISP failover and fallback notifications on email
PRODUCT FEATURES
Bandwidth Management
• Policy based Bandwidth Management & Queuing
• Hierarchy based Bandwidth Management• Committed on the fly bandwidth borrow• Time Quota and Bandwidth Quota• Bandwidth policy for browsing• Bandwidth utilization chart based
on Bandwidth Queues
High Availability
• Active / Passive and Active / Active with State synchronization
• Stateful Failover• Email Alerts on HA Status• Auto synchronization of entire configuration • made on Master firewall to Backup firewall• Email notification when firewall state change
from Master to Backup and vice versa
Diagnosis
• Debug network using ping, traceroute and ARP• Real time packet capture utility • URL filter check to identify which policy is used to • allow / block an URL for an user or IP• Utility to check the web cetagory of an URL• Firewall live log to check network traffic is allowed • or blocked with firewall policy rule number
PRODUCTS
PROVIDING SECURITY ACCELERATION TOIMPROVE PERFORMANCE AND EFFICIENCY FOR
GS 15nu
GS 18nu
GS 40nu
GS 80nu
GS 120nu
GS 160dc
GS 240dc
GS 360dc
GS 560dc
GS 980nu
GS 1160nu
GS 1360nu
GS 20nu
PRODUCTS OVERVIEW
Small Office Home Office (SOHO)
GajShield SOHO products are ideal for small organizations or branch offices and is based on the same technology and architecture as all of our next generation firewalls. The form factor is sized for desktop deployments. This firewall supports High Availability with Active-Active and Active-Passive HA. It can also be easily managed using GajShield's Centralized Firewall Management System.
GajShield SOHO products enables you to provide context based firewall security with application visibility, control and data leak prevention system. SOHO products are ICSA Labs certified and provides state of the art security for small enterprises too.
FEATURES GS15nu GS18nu GS20nu
10/100/1000 Interfaces 4 4 4
Concurrent Sessions 2100000 3300000 6150000
New Sessions/Second 19000 28000 32000
Firewall Throughput 2.1 Gbps 3.1 Gbps 3.6 Gbps
VPN Throughput 275 Mbps 315 Mbps 360 Mbps
UTM Throughput 250 Mbps 280 Mbps 320 Mbps
Antivirus Throughput 380 Mbps 440 Mbps 550 Mbps
IPS Throughput 520 Mbps 710 Mbps 920 Mbps
VPN Tunnels 550 550 550
Configurable WAN / DMZ / LAN ports YES YES YES
ICSA Labs certified YES YES YES
High Availability (HA) Active-Active, Active-Passive Active-Active, Active-Passive Active-Active, Active-Passive
PRODUCTS OVERVIEW
Small Medium Enterprises (SME)
GajShield SME products are ideal for small and medium organizations based on the same technology and architecture as all of our next generation firewalls. The form factor is sized for desktop deployments. This firewall supports High Availability with Active-Active and Active-Passive HA. It can also be easily managed using GajShield's Centralized Firewall Management System.
GajShield SME products enables you to provide context based firewall security with application visibility, control and data leak prevention system. SME products are ICSA Labs certified and provides state of the art security for your enterprises.
FEATURES GS40nu GS80nu GS120nu GS160dc
10/100/1000 Interfaces 4 6 6 8
Concurrent Sessions 6350000 7275000 8225000 8500000
New Sessions/Second 36000 52000 82500 135000
Firewall Throughput 5.1 Gbps 6 Gbps 7.1 Gbps 16.5 Gbps
VPN Throughput 430 Mbps 860 Mbps 1.05 Gbps 1.5 Gbps
UTM Throughput 365 Mbps 900 Mbps 980 Gbps 2.5 Gbps
Antivirus Throughput 600 Mbps 1.7 Gbps 1.95 Gbps 2.75 Gbps
IPS Throughput 1.1 Gbps 1.85 Gbps 2.2 Gbps 3 Gbps
VPN Tunnels 850 2225 3100 4000
Configurable WAN / DMZ / LAN ports YES YES YES YES
ICSA Labs certified YES YES YES YES
High Availability (HA) Active-Active,Active-Passive
Active-Active, Active-Passive
Active-Active, Active-Passive
Active-Active, Active-Passive
PRODUCTS OVERVIEW
ENTERPRISES
GajShield Enterprise products enables you to provide context based firewall security with Application visibility, URL Filtering, Gateway Antivirus, Intrusion Prevention System and Performance Management as Traffic Analysis, Network behavior analysis, Policy based ISP Failover and Load Balancing as well as Bandwidth Management. These products are ICSA Labs certified and provides state of the art security for your enterprises.
FEATURES GS240dc GS360dc GS560dc
10/100/1000 Interfaces 6 6 8
Concurrent Sessions 9800000 18000000 21000000
New Sessions/Second 140000 200000 290000
Firewall Throughput 20 Gbps 34 Gbps 52 Gbps
VPN Throughput 1.75 Gbps 3.6 Gbps 5.6 Gbps
UTM Throughput 3.2 Gbps 6 Gbps 7.8 Gbps
Antivirus Throughput 3.9 Gbps 6.5 Gbps 8.6 Gbps
IPS Throughput 4.5 Gbps 9 Gbps 10.2 Gbps
VPN Tunnels 5500 6500 7500
Configurable WAN / DMZ / LAN ports YES YES YES
Number of Expandable Slots 1 1 2
Expandable Ports Module* Ethernet Ports 4 or 8 / Fiber Ports 4 or 8 / 10GbE Fiber Ports 2
Ethernet Ports 4 or 8 / Fiber Ports 4 or 8 / 10GbE Fiber Ports 2
Ethernet Ports 4 or 8 / Fiber Ports 4 or 8 / 10GbE Fiber Ports 2
Redundant Power Supply NO NO YES
ICSA Labs certified YES YES YES
High Availability (HA) Active-Active, Active-Passive Active-Active, Active-Passive Active-Active, Active-Passive
* Expandable Ports Module needs to be procured additionally.
PRODUCTS OVERVIEW
ENTERPRISES (Contd..)
FEATURES GS980nu
10/100/1000 Interfaces 10
Concurrent Sessions 30000000
New Sessions/Second 290000
Firewall Throughput 66 Gbps
VPN Throughput 8.6 Gbps
UTM Throughput 9.1 Gbps
Antivirus Throughput 10 Gbps
IPS Throughput 17.2 Gbps
VPN Tunnels 9000
Configurable WAN / DMZ / LAN ports YES
Expandable Ports Module* Ethernet Ports 4 or 8 / Fiber Ports 4 or 8 / 10GbE Fiber Ports 2
Number of Expandable Slots 7
Redundant Power Supply YES
ICSA Labs certified YES
High Availability (HA) Active-Active, Active-Passive
* Expandable Ports Module needs to be procured additionally.
GS1160dc GS1360dc
10 10
32000000 35000000
320000 448000
86 Gbps 155 Gbps
13.2 Gbps 18.4 Gbps
10.8 Gbps 15.1 Gbps
15.1 Gbps 21.1 Gbps
24 Gbps 33.6 Gbps
10000 10000
YES YES
Ethernet Ports 4 or 8 / Fiber Ports 4 or 8 / 10GbE Fiber Ports 2
Ethernet Ports 4 or 8 / Fiber Ports 4 or 8 / 10GbE Fiber Ports 2
7 7
YES NO
YES YES
Active-Active, Active-Passive Active-Active, Active-Passive
Thank you
