Nowadays most enterprises and organizations have fortified themselves with some network protection measures, such as basic encryptions, anti-virus and web-filtering. However, as cyber attacks are constantly evolving and becoming more innovative than ever, these conventional protections are encountering their limits against the sophisticated cyber intrusions like social engineering, zero day attack and advanced persistent threat. Therefore, cyber security measures also have to evolve and the answer is next-generation threat prevention firewall.
An European UTM/firewall provider has worked with Lanner to build up the next-generation threat prevention firewall designated for enterprise data centers that manage high volumes of sensitive transactions at constant uptimes, for instance, banking and e-commerce websites. Designed to fight advanced cyber attacks and social engineering, the next-generation firewall shall integrate the following functions:
- Sandbox: sets up an isolated environment that mimics the real situations towards suspicious packets.
- Web Application Firewall Gateway: detect and prevent the access of malicious web requests.
- Advanced Threat Protection: integrating multiple technologies and endpoint devices to build up a multi-dimensional network protection
- Multi-core computing platform: high-core CPU offers optimal performance for multiple virtualized network functions and applications.
- Flexible modular design: the modularized design of firewall provides flexibility in future bandwidth or functional expansions.
- Hardware-assisted crypto engine: since cryptographic applications requires tremendous processing power, it is optimal to have hardware, built-in crypto engine to accelerate the encryption and decryption.
By taking the requirements in mind, Lanner recommended its optimal 2U network appliance FW-8896, empowered by Intel Haswell/Broadwell-EP Xeon E5-2600 v3/v4 CPU with C612 chipset, DDR4, built-in crypto engine and 8 NIC module slots for bandwidth expansions. The hardware capability of FW-8896 enables it to function as the next-generation threat prevention firewall and integrates multiple processing/bandwidth intensive security applications including deep packet inspections, application awareness towards malicious attempts beyond protocol, and threat prevention.
Aside from high-performance and high-throughput, FW-8896 offers the modular design to meet various cyber security applications. FW-8896 is built with 8 NIC module slots supporting both copper and fiber interface, and speed ranging from 1GbE to 100GbE. For bandwidth expansion, Lanner has a wide variety of Ethernet modules to go with FW-8896, for instance, NCS-IMM802 with 4 copper GbE ports and 4 fiber GbE ports, NCS2-IQM201 with two 40GbE QSFP fiber ports, or N2S-RRC01A with two 100GbE QSFP28 ports. The flexible modular design of FW-8896 offers future-proof scalability for wide application needs.
On the other hand, Lanner’s modules are based on PCI Express interface, which promises the interoperability with other Lanner’s FW- series and NCA- product lines.