Overview

The PORTUS Application Protection System (APS) functions as an in-line Network Intrusion Prevention System (NIPS) and firewall. PORTUS delivers in-depth protection against known and unknown forms of attack. Protocol Anomaly Detection (PAD) detects and blocks previously unknown forms of attack without the need for signatures. Stateful Signature Analysis (SSA) of the payload data allows detection and blocking of known attacks. Both PAD and SSA can be fine tuned to your unique applications, to provide the highest level of security without producing false alarms. PORTUS is capable of stopping all forms of attack in real-time and preventing them from reaching your protected systems.

In addition to unequaled security PORTUS also provides content filtering, web caching, workload balancing, a fault-tolerant High Availability option and extensive report generation.

PORTUS provides unequaled scalability to meet the requirements of small, medium, large and ultra-large organizations.

Zero-Hour™ Protection

PORTUS provides Zero-Hour protection, which means new forms of attack are blocked the instant they reach the PORTUS gateway. One does not have to wait days for the latest attack signature to be identified and downloaded for use in an IDS.

Unequaled Security Record

PORTUS has been securing large organizations for more than eleven years and has undergone fifteen product releases. Today PORTUS is the only firewall that has been on the market for more than 11 years without being compromised. No vulnerabilities have ever been reported by CERT, BugTraq, SANS or the FBI's NIPC.

More than a Firewall

PORTUS provides application level defenses that block thousands of application attacks that pass undetected through the best of the Stateful Packet Filters. Embedded intrusion prevention eliminates the need for intrusion detection software at the network boundary.

Unequaled Scalability and Performance

PORTUS provides unequaled performance and scalability and is limited by the I/O bandwidth of the hardware. Single systems can configured to deliver more than 8 gigabit per second throughput. Multiple systems can be clustered to provide even higher levels of performance.

Integrated High Availability (99.999%) Design

High Availability is integrated into PORTUS using fault tolerant hardware and software technology. This provides customers with a highly reliable product that detects, isolates and recovers from hardware and software errors on the fly. PORTUS leads the industry with a demonstrated Mean Time Between Failure of 40 years.

Integrated Workload Balancing

Workload balancing allows the use of clustered servers to provide higher levels of throughput. PORTUS automatically detects a server failure and redirects traffic the remaining servers in the server pool. PORTUS automatically reschedules work to the server when it comes back online.

Architecture

Hybrid architecture provides maximum security and performance. Application specific proxies provide high levels of security and access control tailored for the application. The Application Program Interface (API) allows site specific extensions to the application proxy. This provides fine grain application control beyond the standard product. Stateful Packet Filters can also be employed for applications that do not require the same level of security. A circuit level proxy provides additional flexibility. This unprecedented flexibility allows the security administrator to configure the firewall to meet unique site requirements.

Key Benefits

• Prevent unauthorized access to protected networks
• Prevent unauthorized access, modification or destruction of secured data.
• Protect data privacy with encrypted transmissions.
• Block viruses and worms the instant they reach the gateway.
• Defends against Denial of Service Attacks
• Log and report network usage including break-in attempts• Balance workloads across multiple servers improving performance
• Prevent unscheduled outages that deny access to servers
• Improve service availability with dynamic traffic re-direct.
• Improves user productivity and conserves Internet bandwidth by blocking undesired web sites such as porn, spyware, adware, malware, radio, music and videos.
• Improves user productivity by blocking more than 97% of SPAM.

Key Features

• Access Control
• Integrated Authentication and Strong User Authentication
• Application Specific Defenses
• Extensible Application Controls provided by API
• Intrusion Prevention System with Protocol Anomaly Detection and Stateful Signature Analysis.
• Extendable defenses using Perl Compatible Regular expressions.
• Network Address Translation (NAT)
• Fault Tolerant High Availability (99.999%)
• Non-disruptive hardware & software upgrades
• Content Filtering
• Workload Balancing
• GUI Administration tool supporting centralized firewall management
• Granular access control
• Integrated web caching
• Complete access logging
• Automated log management
• Automated reporting with more than 57 customizable access reports
• Realtime performance monitor
• Network scanning and intrusion detection tools
• Scalable high performance architecture
• Dynamic software tuning maximizes network performance

Main Technologies

The main technologies found in PORTUS include:

• Application specific proxies for: e-mail, FTP, HTTP, terminal services (telnet, TN3270), Real Audio & Real Video, Real Time Streaming Protocol (RTSP)
• Advanced Application proxy with an API and PCRE pattern matching
• RPC & UDP proxy
• Integrated Interoperable VPN support
• Hardware Assisted encryption feature available
• Socks V4 & V5 proxy
• E-mail controls
• Integrated content filtering (URL, Java,JavaScript, ActiveX, SPAM)
• Fault Tolerant High Availability (99.999%) Option
• Integrated workload balancing
• High Speed web caching
• Dual DNS
• Intrusion Monitoring and Detection
• Graphical User Interface
• Network and Host Security scanners
• Built-in monitors for detecting attacks, checking system and network integrity
• Real-time performance monitor,
• Extensive auditing with report programs that generate more than 57 unique reports
• Automated operations with log rotation and archiving

Software

PORTUS is supported on three operating systems: AIX 5.x , Red Hat Linux ES and Solaris 8+. Automated installation permits the system to be installed in minutes. The installation process hardens the OS and deactivates unwanted programs. PORTUS is also available as an appliance.

Hardware

PORTUS runs on all systems supported by AIX 5.x, Red Hat Linux ES and Solaris 8+. PORTUS supports all network adapters supported by the OS, including 10/100/1000 megabit Ethernet Adapters, 155 and 622 Megabit ATM Adapters, Token Ring and gigabit HIPPI channels. PORTUS fully supports and exploits the benefits of SMP servers.