It goes without saying that when you connect a device to the internet, you expose yourself to severe threats. Connected devices remain vulnerable, even when protected by endpoint security tools. Cyber-criminals are constantly on the lookout for vulnerable devices to exploit in order to spy on you or steal your private data. They can also use your vulnerable devices as a launchpad to attack third-party IT systems and involve you in their criminal activities. CacheGuard UTM (Unified Threat Management) has been specifically developed to address vulnerabilities related to your internet access.
What is Unified Threat Management
A Unified Threat Management solution, or simply UTM, protects your connected devices against threats at different levels by integrating multiple technologies into a unified solution. Implementing a unified solution allows you to save time and money by avoiding the need to manage dozens of heterogeneous technologies. CacheGuard UTM has been specifically designed for organizations that need a functional and easy-to-handle solution that they can quickly implement in their networks.
The antivirus inspects web traffic at the gateway and eradicates any dangerous content before it can enter your network. Stumbled upon a suspicious webpage on the darknet? Received an email with a suspicious link that you accidentally clicked on? CacheGuard instantly blocks that suspicious content and logs the access attempt. The antivirus can also be used as a service by external systems, such as an MTA (Mail Transfer Agent), to block malware reaching your IT infrastructure via other protocols. You can find more information about the web antivirus at Web Gateway.
Firewall Gateway
The firewall protects PCs, servers, and other connected devices from hostile intrusions. CacheGuard is based on a stateful packet filtering module and provides Network Address Translation (NAT) and Port Address Translation (PAT). In addition, common network attacks, such as but not limited to DoS, SYN flood, Smurf, Xmas, and IP spoofing, are blocked by default. You can also implement firewall rules based on protocol, IP addresses, ports, and IP attributes. A diagram demonstrating the firewall can be found at Web Gateway.
Virtual Private Network
The VPN allows you to securely connect remote workers to your IT infrastructure or build permanent secure tunnels between sites using IPsec VPN (Virtual Private Network) technology. With IPsec VPN technology, remotely connected machines are authenticated, and the data exchanged between them remains confidential and unchanged.
CacheGuard Site to Site VPNCacheGuard Remote Access VPN
Web Access Authentication
Web Access Authentication allows you to restrict web access to authenticated users only, thus preventing access by unauthorized users or intruders. The authentication supports LDAP, LDAPS, and Kerberos.
Web Proxy
The proxy allows you to browse the web without being directly exposed to the internet. The proxy can be used explicitly or transparently, and it actively inspects web traffic and blocks dangerous content. You can find more information about the web proxy at Web Gateway.
SSL Inspection
SSL Inspection enables the decryption of encrypted web traffic (HTTPS) at the gateway to eradicate dangerous content. The SSL Inspection module is integrated with the embedded antivirus to block malware, even in encrypted formats.
Integrated PKI
To establish IPsec VPN tunnels between two points, each point must authenticate the other. This authentication can be based on a PSK (Pre-Shared Key) or SSL certificates. To facilitate all operations on SSL certificates, CacheGuard includes a PKI (Public Key Infrastructure). The CA certificate used for SSL inspection can also be managed by the integrated PKI. Additionally, an embedded OCSP server allows for certificate revocation.
CacheGuard UTM is integrated into our core product, CacheGuard-OS. CacheGuard-OS is an appliance-oriented operating system that transforms a virtual or bare-metal machine into a network appliance.
We use technical cookies to ensure that we deliver the best experience on our site. If you continue to use the site, we'll assume that you're happy with it.
