SnapGear SG640
Buy Now SG640Integrated Firewall/VPN/IDS on a PCI Card Protects Desktops and Critical Servers
The SnapGear™ model SG640 is a cost-effective
firewall/VPN/IDS solution packaged on a PCI card. By offloading all firewall,
VPN, and IDS processing from the host computer, the SG640 ensures high
performance and throughput with the convenience of remote management and
simplified installation. Unlike "co-processing" products, the
SG640 is an advanced, self-contained multi-tasking stateful firewall,
VPN, and IDS appliance. It includes a RISC processor and two Ethernet interfaces for host and LAN communications.
The SG640 packs the power of a firewall, VPN and IDS solution while eliminating
the cabling, IDS solution while eliminating the cabling, space and power
requirements of an external appliance PDAs, web and applications servers
to the Internet via business- and consumer-grade broadband, dedicated
circuits from T-1 to T-3 or narrow-band connections (modem/ISDN). The
SnapGear SG640 provides connectivity and security features normally found
only in enterprise-class solutions.
| Recommended for: | |||
| • |
Security-conscious businesses that wish to deploy a defense-in-depth security strategy | • |
Data Centers with Web and Application Server Farms |
| • |
Environments where the integrity of the host server operating environment cannot be controlled or trusted | • |
Organizations seeking to demonstrate compliance with regulatory requirements concerning privacy and access to personal information |
| • |
A co-location/Web hosting center | ||
Embedded distributed firewalls offer external and internal protection
The SnapGear SG640 is a cost-effective, VPN Firewall PCI card that offloads
all firewall and VPN processing from the host computer to the card yielding
greater performance, higher security, remote management, and simplified
installation. Unlike "co-processing" products on the market,
the SG640 is an advanced self-contained VPN and stateful firewall multi-tasking
appliance. It contains a RISC processor, encryption accelerator for IPSec
VPN traffic and two Ethernet NICs for host and LAN communications. As
it presents a normal Ethernet interface to the LAN, it also eliminates
the cabling, space and power issues associated with external firewall
appliances.
While perimeter firewalls are the first line of external defense, they cannot see activity behind them and cannot defend against internal threats. The SG640 fulfils this role, protecting the host and complementing the existing perimeter firewall. Many SG640 adapters can be installed throughout an organization providing a robust distributed firewall that operates even when the host systems are down or entirely unresponsive. These can be managed through the SnapGear Central Management System (CMS) running on a management station on the network.
Protects against external and internal intruders
While most firewall products focus on external intruders, the SG640 adapter
card can also protect from internal intruders whether intentional or not.
It has been estimated that 90% of security violations are internal, not
external. The US military is also pursuing research into distributed embedded
firewalls as the best line of defence against intrusion. The SG640 can
be configured to enable every desktop user to have their access to the
general LAN and critical servers significantly restricted. Therefore every
host and network service that a user is authorized to utilize is allowed
while any other actions are blocked. It therefore provides access separation,
which can be along departmental lines such as sales department, e-commerce,
finance, customer records, etc. This can be useful in providing isolation
between access to credit card details, personal information, payment history,
etc. Increasingly this is becoming obligatory for e-commerce, electronic
health records (e.g. HIPAA) and other privacy sensitive applications.
Protect Hosts on your DMZ or in your DataCenter
Often web, e-mail and download servers are made publicly accessible through
the Internet on a network that has less stringent security than the private
internal network. Although these servers can be accessed across the hostile
Internet, they can be protected against attack by installing a SG640
in each system. The same can be applied to critical hosts within a data center
in your enterprise, a hosting provider or ASP(Application Service Provider).
Host-based without suffering from 'software firewall' vulnerabilities
The SG640 also eliminates the problems with software firewalls that run
on the host operating system, which is most vulnerable to attack. The
SG640 places a hardware firewall as close to the host system as possible
without suffering from host vulnerabilities. It is also tamperproof as
it is internal to the system and can only be configured by the system
administrator. The SG640 can be configured to enforce strict access filters
per system and draws from the fine pedigree of all SnapGear embedded Linux
based security appliances.
| Features |  |
||
|
|
| Ordering Information | |
| SKU | Base Product |
| SG640-12-US | 10/100 Ethernet port, PCI card form factor. This appliance includes 90 days of 24 x 7 support and 1 year of email support and advance replacement hardware warranty service with the one-time option to extend the hardware support to a total of 3 years. |
| SKU | Tech Support Upgrade and Renewal - 12 Months |
| SGTS-SG640-12-A | Upgrade and Renewal: SnapGear 24/7 phone and email Support and Maintenance, SG640, 12 Months, (does not include HW warranty extension) |
| SKU | Hardware Warranty Extension - 24 months |
| SGHM-SG640-EXT-24 | One-Time Hardware Warranty Extension, SG640, 24 Mon. (Must be registered before the initial 12 month warranty expires) |
| SKU | SnapGear Subscriptions |
| TRSG-SG640-12 | SnapGear TrustedSource Subscription, SG640, 12 Months |
| WWSG-SG640-12 | Webwasher URL Filtering Subscription, SG640, 12 Months |
Buy Now