NGFW dynamically protects against external threats.
Part of Versa SASE, Versa Next Generation Firewall includes decryption capabilities that perform macro and micro segmentation in addition to full multi-tenancy providing complete protection inside, outside, and along the border of the Enterprise.
Due to the rise of cloud-based applications, remote work, and mobile devices, the expanding Enterprise perimeter is becoming more of a point of concern where the growing attack surface can lend itself to a host of external threats.
Securing the data center and branch offices is complicated and backhauling all branch traffic through a centrally deployed firewall in the data center is inefficient, introduces latency, and negatively impacts application performance.
Versa enables the identification of users, flows, packets, and applications while establishing, monitoring, and automatically adjusting security and network policies based on threats, vulnerabilities, and changes in the network environment.
Versa’s Next Generation Firewall offers comprehensive security.
Stateful Firewall – Zone-based Firewall, support Address Objects, Address Groups, Services, Geo-Location, Time-Of-Day, Rules, Policies, Zone Protection, DDoS (TCP/UDP/ICMP Flood), Syn-cookies, Port-scans, ALG support, SIP, FTP, PPTP, TFTP, ICMP, QAT support.
Application Visibility – Identifies more than 3000 applications and protocols, Supports Application groups, Application filters, Application visibility and log.
Next-Generation Firewall – Policy Match Triggers: Applications, App Filters, App Groups, URL Categories, Geo Location, Application Identity based (AppID) policy rules, Application Group and Filters, Packet Capture on AppID, IP Blacklisting, Whitelisting, Custom App-ID signatures, SSL Certificate-based protection, Expired certificates, Untrusted Cas, Unsupported cyphers and key lengths, Unsupported Versions, NSSLabs Recommended Rating.
IP Filtering – Filtering of traffic based on Geo-Location, DNS name, Reputation of Source/Destination IP Addresses – support for both IPv4 and IPv6. Automatic updates of IP Reputation database.
URL Categorization and Filtering – URL categories and reputation including customer-defined, Cloud-based lookups, Policy trigger based on URL category, URL profile (blacklist, whitelist, category reputation), Captive portal response including customer defined, Actions include block, inform, ask, justify, and override.
Anti-Virus – Network/Flow based protection with auto signature updates, HTTP, FTP, MTP, POP3, IMAP, MAPI support, 35+ file types supported (exe, dll, office, pdf & flash file types), Decompression support, Storage profile support, Auto signature updates.
Intelligent NGFW security for Enterprise needs.
Versa NGFW is dynamic and encompasses the contextual intelligence and awareness of users, devices, sites, circuits and clouds; enabling robust and dynamic policies to achieve a multi-layered security posture. IT teams can deploy contextual network and security policies for specific users and specific devices, such as anti-virus and URL-filtering, when utilizing particular site-to-site or Internet links.
In addition, all connectivity is based on industry standard IPsec tunnel encapsulation and all traffic is encrypted and secure. IT security teams are able to set unique security policies, differentiated services or security service-chains for guest access, corporate access and partner access networks at the branch. This enables the Enterprise to meet business security and compliance policy requirements — all with a single unified software platform.