Firewall | Real Comm srl


Carrello vuoto

Wishlist vuota

Firewall systems to manage your network safely

Real Comm offers solutions for Network Security firewall as the latest hardware, designed to satisfy all requirements. Our solutions provide hardware and software configurations that can meet the needs of both small and large companies and can be tailored to the specific needs of each company.

The solutions that Real Comm proposes, implement pfSense, a firewall distribution based on FreeBSD that ensures maximum security and record performance typical of UNIX systems. With pfSense firewalls Real Comm can give the opportunity to act as a captive portal, or by a system of monitoring access Wi-Fi in public places or as a DHCP server, DNS and PPPoE, perform traffic shaping. Support several types of VPN such as PPTP, IPSEC and many others, which OpenVPN. Firewalls Real Comm support multiple connections to the Internet with the possibility of then balance the load. They can be configured to create firewall cluster, replicating in automatic configuration and providing a service for high availability (HA).

Our models of firewall
EL SERIES Compact, quiet and energy efficient is the firewall suitable for professional offices and companies with a small number of Internet services.
A SERIES UTM A firewall with excellent performance, suitable for SMEs using the Internet intensively.
SERIES UTM2 Thanks to a remarkable processing capabilities, is the right tool for companies with larger number of jobs.

Key features of the firewall Real Comm:
1.Definition of firewall rules from the top class level;
2.Supporto VPN based on digital certificates;
3.Content filtering and URL Filtering;
4.Traffic shaping;
5.Redudancy hardware on the apparatus (High Availability)Netsens EL It is the entry level range Netsens. Compact, quiet and energy efficient is the firewall suitable for professional offices and companies with a small number of Internet services. E 'equipped with three interfaces: LAN, WAN and DMZ to 100 Mbps. NetSense EL is easy to install and configure, and through a web interface, you can manage the entire system. It provides effective protection and inspection for your company network and guarantees the security of your infrastructure. EL NetSense implements the functionality of DHCP server, DNS, PPPoE and is able to perform traffic shaping. Another feature that sets it apart is the ability to configure it for the creation of firewall cluster, replicating in automatic configuration and providing a service for high availability (HA). Thanks to its system of real-time reporting can take monitored the traffic of each interface. EL NetSense implements three types Connectivity VPN: IPsec, OpenVPN, and PPTP.

NetSense ELW Technical characteristicsNetsens ELW: compact, quiet and energy efficient is the firewall suitable for professional offices and companies with a small number of Internet services. Is equipped with three interfaces: LAN, WAN and DMZ to 100 Mbps. NetSense ELW has an external antenna to allow connections wireless 802.11 a / b / g, so you can use it as an access point. Thanks to the functionality of Captive Portal, which adds additional security authentication for wireless devices, you will have a constant monitoring access Wi-Fi. The appliance implements the functionality of DHCP server, DNS, PPPoE and is able to perform traffic shaping. ELW NetSense is easy to install and configure, and through a web interface, you can manage the entire system. It provides effective protection and inspection for your company network and guarantees the security of your infrastructure. Another distinguishing feature of this device is the ability to configure it for the creation of firewall cluster, replicating in automatic configuration and providing a service for high availability (HA). EL NetSense implements three types Connectivity VPN: IPsec, OpenVPN, and PPTP and thanks to its system of real-time reporting can take monitored the traffic of each interface. Technical characteristics

A firewall with excellent performance, suitable for SMEs using the Internet intensively. NetSense UTM has 5 cards 1 Gbps network and is rack-mountable. Thanks to its high-performance hardware and operating system installed on this SSD firewall provides speed and security to your corporate network. The administration web interface allows quick and practical in the initial configuration and change it. You will have no more problems for the configuration of the VPN into your company, NetSense UTM implements three types Connectivity VPN: IPsec, OpenVPN, and PPTP in unlimited numbers. NetSense UTM can be configured to create firewall cluster, replicating in automatic configuration and providing a service for high availability (HA). Nothing will escape your control, thanks to the real-time reporting can take monitored the traffic of each interface, system performance, and you can carry out checks on traffic queues and individual. With its 5 network ports you can configure the appliance to perform load balancing and output of multiple WAN to provide balancing and failover, both inbound to distribute the load across multiple servers. NetSense UTM implements the functionality of DHCP server, DNS, PPPoE and is able to perform traffic shaping.

NetSense UTMW Technical characteristicsIdeal for SMEs using the Internet intensively. Netsens UTM has 5 cards 1 Gbps network and is rack-mountable. It has an integrated wireless card that gives you a WiFi connectivity according to the IEEE 802.11b / g. Thanks to the functionality of Captive Portal, which adds additional security authentication for wireless devices, you can decide the maximum connections competitors, disconnects the clients that do not maintain connections to more than a certain number of minutes, force the disconnection of clients and more again. The operating system is installed on a hard disk solid state to give the whole system performance for large companies that need to control and top performance. The entire system is administered from web interface practical and comfortable to use. Through CARP Netsense UTMW it manages hadware failover, and you can create a stack of firewalls in high availability, with automatic replication configuration and rules. The problems are solved by the corporate VPN NetSense UTMW as implements three types Connectivity VPN: IPsec, OpenVPN, and PPTP in unlimited numbers. As with the UTM can configure the appliance to perform load balancing and output of multiple WAN to provide balancing and failover, both inbound to distribute the load across multiple servers. NetSense UTMW implements the functionality of DHCP server, DNS, PPPoE and is able to perform traffic shaping. Firewall best performing of the whole line NetSense. Thanks to a remarkable processing capabilities, is the right tool to companies with greater number of jobs, NetSenseUTM2 guarantees performance at the TOP. As the UTM model is equipped with 5 ports 1 Gbps that enable you to perform load balancing and output of multiple WAN, both incoming and to allow a better distribution of the load. The ability to create firewall cluster, replicating in automatic configuration and providing a service in high reliability makes this firewall a professional product for medium and large enterprises. Even NetSense UTM2 allows an unlimited number of VPN connections and implements IPsec, PPTP, OpenVPN is. Like the other models in the line NetSense implements the functionality of DHCP server, DNS, PPPoE and is able to perform traffic shaping. NetSense UTM2, like the other models, implements a web interface for managing all the firewall and is equipped with brackets for rack mounting.

• Filtering by source and destination IP, IP protocol, source and destination port for TCP and UDP traffic
• Enabling the limits for concurrent connections of basic rules
• Option to log or not log traffic matching each rule
• Policies routing high flexibility for selecting the gateway on the basic rules for balancing band, failover, multiple WAN, backup multiple ADSL, etc ...
• Ability to create aliases groups of IP and IP names, networks and ports.
• Filtering transparent Layer 2. Ability to bridgiare interfaces and filter traffic between these
• Standardization of the package.
• Ability to disable filtering (firewalling) for use as a pure router pfSense

Status Table
The table was the firewall maintains information about open connections. pfSense is a stateful firewall, by default, all rules are stateful. Many firewalls have the ability to control the state table. pfSense has several functions that can perform granular control state table, thanks to the characteristics of OpenBSD's pf.

Adjusting the size of the state table

Basic rules:
• Limits of simultaneous clients
• Limits state for hosts
• Limits of new connections per second
• Define the status of the timeout
• Define the type of state

Status types - pfSense offers numerous options for the management of the state
• Keep state - Works with all protocols. Default on all the rules
• Modulate state - works only with TCP. pfSense will generate ISNs (Initial Sequence Numbers) on behalf of the host
• synproxy state - Proxies begin TCP connections to help servers from spoofed TCP SYN floods
• None - There is no entry on the state seal

Tuning options of the table status - pfSense offers four states for optimizing the state table
• Normal - the default
• Hight latency - used for high-latency links, such as satellite links
• Aggressive - expiration of the idle state faster. More efficient by using more hardware resources, but it can eliminate right connections
• Conservative - Try to avoid the cancellation of correct connections at the expense of increased CPU usage and RAM

NAT: Network Address Translation
• In Port forwards it includes ranges and use of multiple public IP
• 1: 1 NAT for individual or entire IP subnet
• Outbound NAT
• Advanced Outbound NAT
• NAT Reflection

The ARP protocol by OpenBSD handles hardware failover. Two or more groups of hardware firewall can be configured as a failover group. If an interface fails on the primary or the primary device goes offline, the second is activated. pfSense also includes a capacity for automatic synchronization between the primary and the secondary device. pfsync ensures the firewall state table is replicated on all firewall included in failover. This means that existing connections will be maintained in the case of failure.

Load Balancing
Load balancing outbound: (Outbound)

The outbound load balancing is used on multiple WAN to provide balancing and failover. Traffic is directed to a designated gateway or a pool of load balancing rules defined in the basic firewall. Load balancing in entry (Inbound) Inbound Load Balancing. The balance input load is used to distribute the load between several servers. It is commonly used by web servers, mail servers and others. Servers that do not respond to the ping or TCP connection on port defined will be excluded from the pool.

•PPTP Server
•PPPoE Server

Reporting & Monitoring
• CPU Usage
• Total traffic
• Firewall status
• Traffic on individual interfaces
• Packets per second rates for all interfaces
• Response time to ping the gateway of the WAN
• Code of shaper on the system if the shaper is enabled

Real Time Information
The information of the history of the system are important, but sometimes are more important information in real time. The graphs show SVG traffic in real time for all interfaces. The home page includes AJAX graphics that show the real-time CPU load, memory, swap and disk space used and the status table.Captive Portal
• Maximum Connections competitors - Limit the number of concurrent connections for each client IP. This feature prevents DOS attacks
• Idle timeout - Disconnects clients that do not make connections to more than a certain number of minutes
• Hard timeout - Force disconnection of connected clients for more than a specified number of minutes
• Pop up logon - Option Pop up window with the disconnect button
• URL Rediretcion - after authentication users can be redirected to a default page defined
• MAC Filtering - default pfSense uses MAC address filtering
• Authentication options - There are three authentication methods
• No Authentication: enables navigation without the inclusion of any given
• Local users - the database of local users can be configured and used for authentication
• RADIUS Authentication - This is the method preferred by businesses, organizations and ISPs. It can be used with the Microsoft Active Directory authentication and many other serversRADIUS
• Ability to RADIUS
• Force re-authentication
• Enable updating accounts
• MAC authentication RADIUS enables the captive portal authentication of the client using the MAC address and username and password
• Accepts redundant configurations of RADIUS Server
• HTTP and HTTPS - The portal page can be configured both http and https
• Pass-through MAC and IP addresses - MAC and IP addresses can be entered in a white list bypassing the portal
• File Manager - This allows you to upload images that can be used in the home page of the captive portal

DHCP Server and Relay
pfSense includes DHCP Server and Relay functionality.