NDISMiniportDriver and TDI Driver based firewall:All filter algorithms are implemented at the driver level (as an NDIS Driver). The firewall is therefore always on, providing maximum protection to the user even if the firewall application itself is not running. This ensures that all network traffic is blocked, thus eliminating any risk of a security vacuum during system start-up.
Profile system with automatic Network detection rules:This automatically switches the way your personal firewall is configured when you are working on a different network – even if two or more networks are using the same IP address range.
Secure Component Checking and protection against Process Hijacking:By verifying the calculated checksum, the firewall checks the integrity of the application that is trying to communicate. If this has been modified, you are told. By tracing an application’s parent process, the computer firewall knows if another application is trying to spawn an already trusted application and thus denies access to the network, even for the trusted application.
Deny unknown processes from executing:NetOp Desktop firewall software protects the system against unknown threats by configuring the firewall to prevent unknown processes from executing and communicating.
Bidirectional blocking of ports and protocols:Only opens the required ports and protocols in either the inbound or outbound direction, or both, to tighten firewall security.
Bidirectional control of trusted networks:Ensures that applications only communicate on trusted networks and not to the outside world.
Bidirectional control of banned networks:Prevents communication with specific networks. Firewall security rules are active the moment the operating system detects a network connection. The firewall software protects the computer from any threat originating from the network.
Stealth ports:Hides the computer’s presence to prevent attacks and port-scans, enhancing computer firewall security. Anyone using tools like Nmap to fingerprint a system to exploit known vulnerabilities to specific operating systems, will not reveal the computer.
Advanced event logging and real time packet view:Live statistics with Network Matrix give you a complete graphic overview of the activity on your network in real-time. Resizable console traffic gives a full-screen view of traffic to enhance your ability to make better real-time security policy adjustments.
Encrypted communication:Encrypted communication to the NetOp Policy Server and local system databases provide security against malicious code trying to attack the firewall software configuration.
Maintenance password:Password protection enables the user or administrator to lock components of the firewall software to prevent unwanted configuration of the product. If desired, when used with the NetOp Policy Server, the user cannot manually disconnect from the server without the correct password.
Gigabit & Wireless compatibility:Full support for the latest communication technologies.
Low system overhead:Ensures that the computer can be protected without the user experiencing performance degradation.
MSI Installation:Installation of the NetOp Desktop Firewall is accomplished with the Microsoft Windows Installer and can run either interactively or in silent mode for mass deployment. Engagement of the firewall security software can be postponed until the next planned reboot to ensure all users an uninterrupted working day.
NetOp Policy Server
NetOp Policy Server Console:The main user interface allows the administrator to perform security management and maintenance from a Master Server to control security policy assignments to individual NetOp Desktop Firewalls. The console can be launched from any supported platform.
Master Server:This module maintains the master configuration and interacts with individual NetOp Desktop Firewalls through one or more Replica Servers. The initial installation places both a Master and Replica on the same computer.
Replica Servers:These are arranged in a cluster to allow for redundancy, load distribution, and to interact with NetOp Desktop Firewalls and record these interactions. Replica Servers regularly interact with their Master Server to receive security policy updates and return their NetOp Desktop Firewall interaction recordings for storage on the Master Server. Each Replica Server can service several thousands firewalls.
Manage Servers:Approve, delete, or move Replica Servers and monitor their status in real-time.
Manage Administrators:Every Master Server has one administrator. The NetOp Desktop Firewall software lets you define and manage multiple assistant administrators, allowing you to distribute the workload to local administrators.
Security Policy Management:The NetOp Policy Server Console controls the configuration of Programs, Ports, Protocols, Trusted Nets and Banned Nets. The console also controls the Profiles and Profile Rules for each Security Policy. New programs that users have tried to launch can be approved or denied for a certain Security Policy. This can be effective at the NetOp Desktop Firewalls within seconds.
Centralized administration:Define the security policies and assign these to Microsoft Active Directory security groups for easy security management. The NetOp Policy Server can also maintain separate groups for computers that are not members of a Microsoft Active Directory.
Stop all Internet access:In a virus outbreak or other harmful situation, the NetOp Policy Server administrator can block all network access for the entire company or for an individual security group until the situation has been resolved..
Advanced statistics and logging:The NetOp Policy Server records requests for confirmed programs and unconfirmed programs, logons, and synchronizations. These data can be displayed graphically to monitor server load and performance or as list views.
