Produkte & Lösungen
H&W Service Direkt

H&W Service GmbH
Holzländestrasse 27
I-39015 St. Leonhard in Passeier (BZ)
Tel-00390473641217
Fax-00390473650535
E-Mail info@hwservice.com

 

 Deutsch - Italiano

 

 
Endian Firewall 2.2 - Now Available

Endian, the leading provider of open source network security solutions, is proud to announce the global availability of
 Endian Firewall Appliance 2.2, the result of over 20 months of development, with over 80 new features and
 enhancements. Version 2.2 dramatically increases the functionality and performance of Endian Firewall Appliances
 for an improved management and security experience.

This release introduces a set of advanced networking features, that can be managed using the brand new web-based management interface, 
including multi-WAN support with failover, policy-based routing, high availability (clustering), Live Log, Hotspot enhancements, VLAN support,
VPN failover and much more.

 

Multi-WAN support with failover

Endian Firewall 2.2 introduces support for multiple internet connections with automatic link monitoring.
Just define a backup link for any internet uplink and Endian Firewall will automatically detect failures,
activating the backup uplink and switching back to the main uplink as soon as it's available.

Policy-based routing

Combined with the support for multiple internet connections, the policy-based routing allows you to define which
 connection should be used for outgoing internet traffic. Rules based on the protocol (HTTP, SMTP, POP, etc.) or other criteria can be defined and used
to balance traffic over multiple uplinks.

High Availability

Two or more Endian Firewall Appliances can now be configured in High Availability Mode, increasing reliability and
 eliminating the problem of network outages due to hardware failure. Configuration is synchronized from the master to
 the slave nodes. In case of failure a slave can take over automatically in less than 30 seconds.

Live Log

Version 2.2 incorporates a new feature that allows viewing system log events in realtime, with powerful options for
 filtering and highlighting events. Using an innovative AJAX based technology, new log entries will appear on the
 browser as soon as they arrive, without the need to refresh manually.

Enhanced Hotspot features

Endian has enhanced the Hotspot module with many new features such as usability and scalability improvements for
 large networks. A new generic interface enables integration with any third-party software increasing interoperability
 and the new "Zero-configuration" feature supports any end-user laptop without network configuration changes.

Availability

Endian Firewall Appliance 2.2 is available immediately and can be purchased through H&W Service Endian Distributor.
For customers that already own an Endian Firewall Appliance 2.1 (or earlier) an upgrade will be released shortly.

 

New Features in Version 2.2

Web Interface

  • Completely redesigned web interface
  • Many usability enhancements
Enhanced management of WAN/RED connections
  • Support for multiple uplinks
  • Multiple IPs/networks on each WAN/RED interface
  • Uplink monitoring with automatic failover (ISP failover)
  • Easy editing/management of uplinks
  • Support for new uplink types: UMTS, PPTP
Networking
  • VLAN support (IEEE 802.1Q trunking)
  • Policy Routing: routing based on user, interface, mac, protocol or port
Port Forwarding / NAT
  • Multiple uplink support, allowing different rules per uplink
  • Port Forwarding of traffic coming from VPN endpoints
  • Source NAT management
  • Option for rule based Logging
System Access
  • External Access has now been enhanced and renamed to System Access
  • Fine grained management of permissions regarding access to the system from LAN, WAN, DMZ and VPN endpoints
  • Default policy for firewall/system access is now set to DENY
  • Firewall services automatically define ports required for their proper function, but access can be restricted
  • Support for ICMP protocol
Outgoing Firewall
  • Support for ICMP protocol
  • Handling of multiple sources/ports/protocols per Rule
Zone Firewall
  • DMZ Pinholes has been enhanced and renamed to Zone Firewall
  • Fine grained filtering of local network traffic
  • Rules based on zones, physical interfaces, MAC addresses
  • Support for ICMP protocol
  • Handling of multiple sources/ports/protocols per rule
Intrusion Detection
  • New version of Snort IDS with reduced RAM usage and enhanced performance
  • Support for inline intrusion detection
High Availability
  • Multi-Node Appliance Cluster
  • Hot Standby (active/passive)
  • Automatic Node Data Synchronization
  • Process monitoring/watchdog
HTTP Proxy
  • Time based access control with multiple time intervals
  • Group based web access policies
  • Zone based operation mode: transparent, authentication or no authentication
Content Filter
  • Better handling of content filter categories
  • Enhanced performance
SMTP Proxy
  • Enhanced performance
  • Optional setting for Smarthost port
  • Additionally secures SMTP traffic coming from VPNs (Roadwarrior and Gateway2Gateway)
DNS Proxy
  • Route specific domains to a custom DNS
Hotspot
  • Better account listing, with pagination, sorting and search
  • Per user and global bandwidth limiting
  • MAC-address based user accounts
  • User accounts import/export per CSV
  • Single-click ticket generation (Quick ticket)
  • Automatic client network configuration (support for DHCP and static IP)
  • Enhanced user/client portal
  • Generic JSON-API for external accounting and third party integration (like Hotel Management Software)
  • Support for multiple network interfaces
OpenVPN
  • X.509 and 2 factor based authentication
  • Pushing of DNS settings to clients
  • Pushing of global or per client routes
  • Support for NATed VPN endpoints
  • Support for VPN over HTTP Proxy
  • Automatic connection failover
  • Every VPN endpoint is resolvable through DNS (vpn.<username>.domain)
Endian VPN Client
  • Downloadable from Endian Network
  • Works with Windows (Vista, XP, 2000), MacOSX, Linux
  • Multiple connections at once
  • Encrypted configuration profiles
  • PSK, X509 based and 2 factor authentication
  • Runs as service and allows unprivileged users to start a connection
  • Can start the connection automatically on boot / on user logon
  • Supports openvpn server fallback, when primary server fails
IPSEC
  • Rewrite of the base
  • Added debugging possibilities
  • Ipsec on orange
  • Default MTU can be overridden
  • Simplified GUI by removing Side (Left/Right) configuration and swapped completely to Local/Remote labeling
  • added ID fields
  • Added Dead Peer Detection options
Live Log Viewer
  • Realtime log viewer with filtering and highlighting
  • Displays all the logfiles you are interested in at the same time
Logs
  • Every service supports remote logging
  • Daily log rotation
Backup
  • Zero-configuration backups to USB stick: just plug in a USB stick and it "just works"
  • Restore a from any USB stick
Support
  • One click to grant access to Endian Support Team
  • Integrated ticketing support