Application Level Firewall

Designed to be able to replace an existing firewall the EdgeXOS platform includes a host of network protection services developed in conjunction with our security vendor partners. Included within the suite is an enterprise class SPI firewall, enhanced DDoS protection, web content filtering, anti-virus, anti-spyware, and anti-phishing support, along with application blocking and built-in SSL VPN client software.

To Contact An XRoads Networks Sales Engineer
If you have questions regarding how our products work, or how they might be implemented within your network environment, please click the arrow to contact one of our sales engineers.

With The Edge Platform

    Dual-WAN Unified Threat Management

Delivering a comprehensive solution by partnering with security specialist means that the Edge platform always has the most advanced protections possible and the latest rule sets and signatures as developed by those specialists.

Application Level Firewall
Incorporated into the EdgeXOS platform is a sophisticated layer seven packet analizer which can examine the actual data within the packet. This is useful for blocking traffic based on specifc keywords or string values. With this capability the EdgeXOS platform is able to block unwanted traffic which means these values.

Stateful Inspection
A stateful inspection firewall is one that keeps track of the state of network connections (such as TCP streams, UDP communication) traveling across it. The firewall is programmed to distinguish legitimate packets for different types of connections. Only packets matching a known connection state will be allowed by the firewall; others will be rejected.

SSL VPN Connectivity
The EdgeXOS platform provides full SSL-based VPN capabilities (it does not support the older IPSec framework). Built-in to the appliance is the ability to terminate either an SSL-client for remote user connectivity, or create tunnels between two or more sites. All of our VPNs support full failover and redundancy across multiple WAN links.

Firewall Logging
With the ability to enable logging on any rule the Edge SPI firewall provides an excellent tool for troubleshooting network connections and viewing packet captures. These logs can also be exported via syslog reporting.

DDoS Protection
When a potential distributed denial of service attack is detected the firewall will begin monitoring the inbound requests and isolating those remote nodes which appear to be generating high traffic volumes. As the nodes are isolated the firewall begin to launch counter-measures to reduce the flow of traffic and minimize the effect of the attack.

Application Filtering
In conjunction with the deep inspection capabilities the firewall is able to match on certain string values and request a reset of the application by the server. This essentailly prevents the application from being used. This technique is very useful for P2P and other recreational applications.

Secure Services
Through our partnerships we have enabled a number of additional security services through the EdgeXOS platform, including content filtering, web threat protection, anti-virus, anti-spyware, and anti-phishing. Additionally the EdgeXOS platform incorporates email defense (anti-spam and anti-worm) security as well as data backup and recovery services.

Without The Edge Platform

While many products offer generic firewall protection, few have followed the unified approach to security as the Edge platform. Our core competencies are in traffic management and so we have partnered with various security vendors which specialize in different aspects of security to deliver a comprehensive solution.

Distributed Denial of Service
Without proper protection a distributed denial of service attach could cripple a site. DDoS attacks consist of hundreds of computers from around the world all sending tremendous amounts of data toward your site in an attempt to cease all legitimate network traffic.

Unauthorized Web Access
Organizations face potential liability by allowing open access to the Internet, enable unwanted software downloads, and enhance the odds of being infected by network born viruses.

Network Hack Attempts & Viruses
Every network has vulnerabilities and hackers are developing new exploits every day. Without the proper protection an organization is simply playing the waiting game as sooner or later someone will find a hole and attempt to exploit it.