|
|
 |
| Security Gateway Solution |
| Turnkey SMB VPN/Firewall
Gateway |
The SecureF1rst Security Gateway Solution (SGS) from TeamF1
is a comprehensive turnkey software package that combines a rich set of
field-proven, standard components with an array of customizable options to
provide OEMs/ODMs the ultimate in product flexibility.
As a member of TeamF1’s SecureF1rst line of innovative prepackaged
solutions, the Security Gateway Solution enables OEMs/ODMs to deliver
leading-edge VPN/firewall gateway devices to the market in record time at far
less risk than traditional development approaches. Devices built around
SecureF1rst SGS offer end-customers ironclad, advanced networking security;
easy-to-use device management features; and multiple gateway options.
In order to create specific instances of SecureF1rst
SGS, TeamF1 leverages pre-existing software blocks that have proven their merit
in numerous deployments, not only minimizing risk for OEMs but also keeping
licensing terms flexible. And only SecureF1rst SGS can offer such a
comprehensive set of features with completely modular packaging that allows for
full customization to meet an OEM’s specific requirements.
|
|
|
|
|
|
|
|
|
|
|
|
 |
| Flexible Connectivity |
With SecureF1rst SGS,
OEMs can build gateways between multiple LAN, WAN, and
DMZ interfaces – plus any other security zones – of
several different types. WAN interfaces can include DSL,
cable modem, Ethernet, cellular data (3G/4G) links,
WiMAX or even a Wi-Fi client link. LAN interfaces can
include a simple Ethernet port connected to an external
switch, a built-in switch (an unmanaged or a “smart”
managed switch), or a Wi-Fi access point. SecureF1rst SGS supports any combination of these examples, as well
as auto failover from one ISP to another and load
balancing between multiple network interfaces on the WAN
side.
|
| Mix and match SecureF1rst
software modules |
To create a fully
customized device, OEMs first select from a
comprehensive set of SecureF1rst software modules.
TeamF1 then integrates the modules with other components
to create validated router packages that meet an OEM’s
specific needs. In addition to SecureF1rst modules, OEMs
can select from third party modules provided by TeamF1
partner companies or modules developed in-house by OEMs.
The final custom touches are added by TeamF1’s
professional services experts, who develop specific
features such as BSPs, bootloaders, drivers, and
hardware accelerators for OS platforms running Security
Gateway Solution; integrate non-TeamF1 software modules;
and customize end-user management interface.
The end result is a standard, field-tested software
solution in a production-ready custom package, with all
the hardware integration, porting, testing, and
validating completed by TeamF1. Some OEMs opt to use
this end-result as a platform for their own innovation
with more value-added OEM components added during the
life of the device. |
|
 |
Features |
 |
 |
 |
|
 |
Proven TeamF1 software
components lessen OEMs' risk. |
|
|
Comprehensive set of features
packaged to provide full customization of
devices: |
|
|
|
 |
TeamF1 modules. |
|
|
Third-party or OEM modules. |
|
|
Custom-developed modules. |
|
|
|
Ironclad networking security
features including IPsec VPN, SSL, IPS etc. |
|
|
Management features make it
easy to configure VPN tunnels. |
|
|
Multiple gateway options enable
OEMs to build more flexible devices. |
|
|
TeamF1’s validated software
modules with extensive protocol support. |
|
|
Full IPv6 support (Host &
Router) |
|
|
Performance features and
hardware acceleration enable high-throughput
networking. |
|
|
Branding options offer a
customized look & feel. |
|
|
OS Platforms: Linux®, VxWorks®
and other OSs. |
|
|
Hardware platforms: MIPS®, ARM/Xscale®,
PowerPC®, x86. |
|
|
 |
 |
 |
 |
|
|
|
|
Ironclad Networking Security |
 |
VPN provides secure, site-to-site
tunnels for, say, branch office workers,
telecommuters, or tunnels for “road warriors” who
need to connect from a remote endpoint to the head
office. A VPN redundancy feature provides back-up
tunnels for primary tunnel failover support. |
|
|
Stateful Packet Inspection (SPI)
firewall blocks unwanted Internet traffic such as
Denial of Service (DoS) attacks and logs security
events such as blocked incoming traffic, port scans,
attacks, and administrator logins. |
|
|
Perimeter security including
Intrusion Detection/Prevention (IDS/IPS) that can be
configured to send alert messages to administrators
when a significant event occurs or take preventive
action against threats and inline scanning for
zero-day protection against viruses and other
malware. |
|
|
Network Address Translation (NAT)
presents only one IP address to the Internet,
preventing outside users from directly addressing
any of a network’s local computers. |
|
|
Port forwarding directs inbound
traffic for a particular service to one local
server, blocking or allowing specific traffic. |
|
|
Web URL and keyword filtering
enables administrators to block unwanted web
addresses. |
|
|
A rock-solid DNS and DNSsec
implementation that thwarts common DNS
vulnerabilities. |
|
|
|
|
|
