As soon as you connect your devices to the Internet, you expose your activities to sever threats. Remote hackers can completely damage your IT services, spy on you or steal your private data. CacheGuard Firewall protects your network from threats coming from the network while CacheGuard VPN allows your employees to work from anywhere as they where locals. In addition, with CacheGuard you can securely establish private and secure networks between remote sites.
With CacheGuard you can build VPNs (Virtual Private Networks) based on the public and non trusted Internet network. VPNs allow you to provide secure and trustworthy communications. You can configure CacheGuard VPN to permanently link remotes sites as if they were locals (site to site VPN) or configure it as remote access VPN to securely connect remote users to your central IT infrastructures.
CacheGuard VPN uses the IPsec standard and is compatible with third party products that respect this standard. In remote access mode, CacheGuard VPN is compatible with most of native IPSec VPN clients that come with popular OS in the market. In some rare cases (Android OS) the installation of a IPSec VPN client App (such as StrongSwan) is required.
IPsec stands for Internet Protocol Security and is a secure network protocol suite that authenticates and encrypts the packets of data to provide secure encrypted communication between two computers over an Internet Protocol network.
With CacheGuard Firewall you can control the network traffic traversing your IT infrastructure and only allow traffic that are really needed for your business. The security provided by CacheGuard Firewall is not limited to control the traffic with your rules but it natively integrates smart protections to block network attacks such as
SynFlood, Smurf, XMas and many others.
CacheGuard Firewall supports NAT (Network Address Translation) and PAT (Port Address Translation) technologies to translate and route allowed traffic as per your needs. Firewall rules that you create with CacheGuard are natively designed to block any IP spoofing attempts in order to fully master your network topology security.
In addition to the Firewall and VPN, CacheGuard UTM comes with a Gateway Antivirus, a Web Proxy, a Reverse Proxy, a WAF, a URL Guard, a Traffic Shaper, a Web Cache, a Web Compressor, an SSL Mediator/Inspector and much more.
Powered by Linux Netfilter & StrongSwan
CacheGuard Firewall is based on the netfilter module coming with a Linux kernel and as such represents an outstanding value. CacheGuard-OS then compiles CacheGuard Firewall rules and smartly translates them into netfilter rules by respecting multiple security constraints to take full advantage of netfilter.
CacheGuard VPN is based on the IPsec and ESP implementation coming with a Linux Kernel and StrongSwan: an Open Source IPsec VPN and IKE implementation. CacheGuard-OS cloaks the StrongSwan configuration complexity by proposing an easy to handle VPN solution that is fully integrated and compatible with other CacheGuard functions such as the Firewall, QoS and the transparent Proxy.