8 Signs Firewall si fa apprezzare per la grande versatilità e completezza

Piattaforma: Windows 98, Windows ME, Windows 2000, Windows NT, Windows XP
Dimensione: 4,57 Mb
Licenza: Freeware

Caratteristiche: Questo software ha conosciuto una buona diffusione negli ultimi anni. Presenta una configurazione non troppo semplice, soprattutto per gli utenti di Windows NT, interfaccia non agevole e velocità non eccelsa.

Tuttavia si fa apprezzare per la grande versatilità e completezza. Ogni utente può definire regole di controllo per la trasmissione e ricezione dei dati, cliccando sulla scheda "Regole", per ognuna delle quali è possibile specificare quando deve essere applicata e se deve registrare su un file il traffico filtrato.

In definitiva, molto efficace ma difficile da gestire in presenza di molte connessioni di rete e programmi. Inadatto ad utenti alle prime armi. Stateful Packet Inspection

Features:

8Signs Firewall falls into a class of firewalls called Stateful Inspection Firewalls. Stateful inspection firewalls overcome the limitations of packet filter firewalls and application proxy servers. They examine more than just the "to" and "from" addresses in the data packets, and do not require a proxy for every application being accessed. Stateful inspection firewalls determine whether packets can get through the firewall based on the protocol, port, and source and destination addresses. For every request that is allowed by this strategy, stateful inspection firewalls open up a limited time window to allow response packets, but ONLY from the same host. Also, by maintaining information about previous packets, stateful inspection firewalls can quickly verify that packets meet the criteria for authorized traffic, making them inherently fast.

Tarpits
8Signs Firewall allow you to trap hackers, slow down the spread of worms and stall spammers by creating tarpits. A tarpit is a trap for troublesome outsiders. Your system accepts TCP connections but never replies and ignores disconnect requests. This can leave ports scanners and hackers stuck for hours, even days.

Web Server Protection (Servers Only)
Specifically designed as a safeguard for web servers, 8Signs Firewall for Servers scans open ports for malicious activity and blocks these attacks automatically, providing an additional layer of security to an organization's security model.

Port Scan Detection ( Servers Only )
8Signs Firewall identifies port scans - generally a precursor to hack attempts - and blocks them automatically.

Ban IP Addresses
8Signs Firewall lets you block IP addresses or ranges of addresses to prevent unwanted connection attempts. This can be particularly effective in stopping repeated requests from a hacker who is trying a large number of hacks, looking for one that works. Entries to the Ban List can be made manually, or automatically using the "Ban IP" action on a Block rule, the Port Scan feature or the by using HTTP Filtering option.

Filter by MAC Address
The ability to allow or deny a computer by its MAC address ensures that malicious or unwanted users on your network are unable to bypass security filters.
Remote Administration ( Servers Only )
8Signs Firewall for Servers allows access to an entire network or single installation of the Firewall from the Firewall Server or remote locations. This feature gives administrators incomparable freedom and ensures the highest level of security through password protection.
SYN Flood Protection
A SYN flood is large number of valid-looking connection attempts that can overwhelm a server and prevent it from being able to accept connections from legitimate users. 8Signs Firewall recognizes when a SYN flood occurs and prevents it from interrupting normal server operation. When the SYN flood is detected, a log message is generated and "SYN cookies" are used so that valid connections can be made and SYN flood connection attempts are ignored. Once the SYN flood ends, SYN cookies are no longer used. Address/Port/MAC Groups
Simplify your ruleset and tighten security by using the port, IP and MAC address groups when creating rules in 8Signs Firewall. Using groups, you can create one rule that can apply to multiple ports, IP addresses or MAC addresses.

Fine-Grained Access Control
8Signs Firewall gives the administrator unparalleled control over the traffic passing through the firewall. All traffic is blocked by the firewall, unless you have specifically configured a rule to allow it. Rules are configured per-device, and you have full control over the local and remote IP address(es), local and remote port(s), protocol, and direction of the traffic that you will allow through the firewall.

Separate Rulesets for Each Network Adapter
8Signs Firewall allows you to maintain a separate set of rules to be applied to each network adapter in your system. Thus you can configure a set of rules to be applied to traffic passing over your external/Internet interface, while having a separate set of rules that apply to traffic through your internal/LAN interface.

Connections Viewer
The Connections Viewer is a real-time display showing all active connections going through the firewall. For example, with 8Signs Firewall installed on a web server a quick glance at the Connections Viewer would show the administrator how many visitors are currently at their web site.

Easy Importing/Exporting of Rules Deploying 8Signs Firewall across a number of workstations or servers is simplified by your ability to Export and Import rules. These rule subsets can even be shared amongst 8Signs Firewalls running on different operating systems.

Full-Time Security
In addition to securing your computer while running, 8Signs Firewall is also protecting your system during the boot process. 8Signs Firewall can also be configured to block all traffic to and from your computer when the firewall is not even running!

Comprehensive Logging
8Signs Firewall has full logging capabilities. You have complete control over what to log, how large the log file can become, where to store the logs, and how often to begin a new log file.

Automatic Emailing of Log File
Keeping an eye on your own or a customer's firewall is made easier with 8Signs Firewall's ability to schedule automatic emailing of the log file to any email address that you specify.

Remote Notification of Rule Hits
Rules can be configured to trigger an email to be sent to any email address that you specify if the rule is 'hit'. For example, if you want to be notified immediately if a hacker is scanning your firewall for the Back Orifice trojan, simply configure a rule that will specifically block this type of traffic and send an email to you if the rule is hit. Time-Sensitive Rules
Rules can be configured to only be active on certain days, or at certain times of the day. For example, you may want to allow web browsing only on weekdays between 9:00 am and 5:00 pm, or allow for remote access to your server only on Tuesday evenings for maintenance............this is easily accomplished using time-sensitive rules.

Password Security
8Signs Firewall can require that a user must log into the firewall before having access to any of the firewall administration or logging screens. Using password security prevents an unauthorized user from tampering with, or shutting down, the firewall.