Scribd
Upload
19 views

WFilter NGF White Paper

The document describes the WFilter Next Generation Firewall. It provides real-time monitoring and control of network connections, bandwidth optimization features like multi-WAN load balancing, powerful internet filtering including web filtering and application control, and security features like DDos protection and intrusion prevention. It can be deployed in gateway or bridge mode and includes features like internet usage recording and reports, VPN, and extensions like MAC detection.

Uploaded by

Hugo Gonzalez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
19 views

WFilter NGF White Paper

The document describes the WFilter Next Generation Firewall. It provides real-time monitoring and control of network connections, bandwidth optimization features like multi-WAN load balancing, powerful internet filtering including web filtering and application control, and security features like DDos protection and intrusion prevention. It can be deployed in gateway or bridge mode and includes features like internet usage recording and reports, VPN, and extensions like MAC detection.

Uploaded by

Hugo Gonzalez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 25

WFilter Next Generation Firewall

WFilter NG Firewall
1 Introduction.....................................................................................................................................2
2 Highlights........................................................................................................................................ 2
3 Benefits........................................................................................................................................... 3
3.1 Bandwidth Optimization....................................................................................................... 3
3.2 Increase Productivity.............................................................................................................3
3.3 Data Loss Prevention............................................................................................................ 3
4 Features.......................................................................................................................................... 4
4.1 Real-time monitoring and control.........................................................................................4
4.1.1 Online Devices........................................................................................................4
4.1.2 Live Connections.................................................................................................... 5
4.1.3 Terminate & Punish................................................................................................ 5
4.2 Access Control.......................................................................................................................6
4.2.1 Set policy by devices or users..............................................................................6
4.2.2 Web Filtering........................................................................................................... 8
4.2.3 Application Control................................................................................................. 8
4.2.4 IP-MAC Binding...................................................................................................... 9
4.2.5 Mail Filter................................................................................................................. 9
4.2.6 SSL Inspection...................................................................................................... 10
4.3 Internet Usage Recording and Reports............................................................................... 11
4.3.1 Web Surf History...................................................................................................12
4.3.2 Email History......................................................................................................... 13
4.3.3 Reports...................................................................................................................14
4.4 Bandwidth Optimization..................................................................................................... 14
4.4.1 Optimize Rules......................................................................................................15
4.4.2 Rate Limit...............................................................................................................15
4.4.3 Multi-WAN..............................................................................................................15
4.5 User Authentication.............................................................................................................16
4.5.1 AD Integration....................................................................................................... 16
4.5.2 Web Auth................................................................................................................17
4.5.3 PPPoE....................................................................................................................18
4.5.4 ISP Management..................................................................................................19
4.6 VPN..................................................................................................................................... 20
4.7 Security................................................................................................................................21
4.7.1 DDos Protection....................................................................................................21
4.7.2 Intrusion Protection.............................................................................................. 22
4.7.3 Indicators of Compromise................................................................................... 23
4.8 Extensions........................................................................................................................... 24
4.8.1 MAC Detector........................................................................................................24
WFilter Next Generation Firewall
5 Deployment.................................................................................................................................. 25
5.1 Gateway...............................................................................................................................25
5.2 Bridge.................................................................................................................................. 25

1 Introduction
WFilter NG Firewall(NGF) is a linux-based next generation firewall system. Designed

for business networks, it can help you to monitor and filter internet access activities,

optimize bandwidth usage, and protect network security.

Since 2004, IMFirewall Software has been focused on business network security for

over ten years. Our products( WFilter internet content filter, WFilter NG firewall) provide

competitive internet content security and network security solutions for business

networks.

2 Highlights
 Real-time monitoring and control. Put every connection under control.

 Internet Usage Monitoring: recording of web and email activities, various statistics

and reports, SSL inspection.

 Powerful Internet Filtering Features: connection tracking, URL category filtering,

application control, messenger filter ...

 Bandwidth Shaper and Optimizer: multi-wan load balancing, advanced routing,

packet priority, bandwidth shaper.

 VPN: pptp server, ipsec tunnels.

 Continuous research and development for over ten years.


WFilter Next Generation Firewall

3 Benefits

3.1 Bandwidth Optimization

WFilter NG Firewall provides a set of solutions for bandwidth optimization, including:

1. Set traffic priority

2. Bandwidth Allocator

3. Multiple WANs load-balancing and routing

4. Internet access policy

For better internet experience, you're recommended to:

1. Apply multiple DSL lines according to your requirement, then enable the Muti-WAN

module to set load balancing and advanced routing.

2. Enable the Bandwidth Priority Module to set traffic priority, and let business traffic to

be delivered first.

3. Enable the Bandwidth Shaper Module to allocate bandwidth for client devices or

groups.

4. Set internet access policy with Access Policy Modules, and block unneeded traffic

during working hours to save bandwidth.

3.2 Increase Productivity

WFilter NGF provides enterprise-level internet access control features:

1. Set internet access policy by network, ip address, mac address or username.

2. Various types of user authentication: AD integration, web auth, radius server ...

3. Support up to 60+ web categories and 2000+ protocols.

4. Identify protocols by signature matching. P2P applications can all be completely

blocked.

3.3 Data Loss Prevention

WFilter NGF can provide recording of web and email activities, internet usage statistics
WFilter Next Generation Firewall
and reports, SSL inspection.

1. Recording of web and email usage.

2. SSL inspection of SMTP/POP3/IMAP over ssl and HTTP over SSL.

3. Internet usage statistics and reports.

4. Blocking online file storage and sharing services.

4 Features

4.1 Real-time monitoring and control

 Real-time bandwidth and connections monitoring. Put every connection under

control.

 List of live clients, with bandwidth, IP, MAC, username and OS information.

 List of live connections, with target port, ip and domain information.

 One click to kill live connections or set temporary punishing policy.

4.1.1 Online Devices


WFilter Next Generation Firewall

4.1.2 Live Connections

4.1.3 Terminate & Punish


WFilter Next Generation Firewall

4.2 Access Control

 Web filter, application control, IM filter, mail filter, IP-MAC binding…

 Set internet access policy by network, ip address, mac address or username.

 Various types of user authentication: AD integration, web auth, radius server ...

 Support up to 60+ web categories and 2000+ protocols.

 Identify protocols by signature matching. P2P applications can all be completely

blocked.

4.2.1 Set policy by devices or users

By devices

By Users
WFilter Next Generation Firewall

Time Settings
WFilter Next Generation Firewall

4.2.2 Web Filtering

Filter websites by category, website black&white list, block file downloading by type.

4.2.3 Application Control


WFilter Next Generation Firewall

4.2.4 IP-MAC Binding

4.2.5 Mail Filter

Filter POP3/SMTP/IMAP accounts.


WFilter Next Generation Firewall

4.2.6 SSL Inspection

When enabled, you will be able to monitor and filter the contents of HTTPS websites and
SSL emails(SMTP/POP3/IMAP over SSL)
WFilter Next Generation Firewall

4.3 Internet Usage Recording and Reports

 Record web, email, FTP activities, IP-mac

history. .

 SSL inspection of https websites and ssl emails.

 Various statistics and reports.


WFilter Next Generation Firewall

4.3.1 Web Surf History


WFilter Next Generation Firewall

4.3.2 Email History


WFilter Next Generation Firewall

4.3.3 Reports

4.4 Bandwidth Optimization

 Packet with higher priority goes first. This feature ensures important traffic won't be

delayed.
WFilter Next Generation Firewall
 Set bandwidth priority by protocols or domains. Online streaming won't delay web

browsing.

 Multi-wan load balancing and advanced routing. Maximum your WAN lines usage.

 Set bandwidth rate-limit by IP, group, username.

4.4.1 Optimize Rules

You can set priority based on IP, users group, usernames, protocols and domains.

4.4.2 Rate Limit

Limit bandwidth rate based on IP, group and user account.

4.4.3 Multi-WAN

Set load balancing and advanced routing when you have multiple WAN interfaces.
WFilter Next Generation Firewall

4.5 User Authentication

4.5.1 AD Integration

"AD Integration" enables you to integrate WFilter NG Firewall with Microsoft active

directory, so you can:

1. Detect AD username of online devices.

2. Set internet access and bandwidth shaper policies based on AD users.

3. Record AD users internet activity.


WFilter Next Generation Firewall

4.5.2 Web Auth

Authenticate with username and password of local accounts and remote radius users.

SMS authentication, QR code authentication


WFilter Next Generation Firewall

4.5.3 PPPoE

You can set multiple PPPoE services.


WFilter Next Generation Firewall

4.5.4 ISP Management

"ISP Management" provides an integrated solution for ISP management, including below

features:

1. Policy management: manage ISP bandwidth policies, support "rate limiting" and

"weekly/monthly bandwidth cap".

2. User management: add/edit/delete client users, query users bandwidth statistics.

3. User portal: a portal for client users to check bandwidth statistics.

4. Supports "PPPoE" and "Web Auth" and "Static IP" authentication.

5. Supports "Web Push" to send alerts and statistics to clients.


WFilter Next Generation Firewall

4.6 VPN

 Support pptp, l2tp, openVPN, zerotier networks.

 Connect multiple networks together with ipsec tunnels.

 Various VPN user authentication: local accounts, active directory, radius server.
WFilter Next Generation Firewall

4.7 Security

4.7.1 DDos Protection


WFilter Next Generation Firewall

4.7.2 Intrusion Protection


WFilter Next Generation Firewall

4.7.3 Indicators of Compromise


WFilter Next Generation Firewall

4.8 Extensions

 Scan of network client devices.

 Detection of NAT sharing.

 Scan of local proxy servers.

 Discovery of DHCP servers.

 More extensions for downloading. You also can build extensions by yourself.

4.8.1 MAC Detector

"MAC Detector" can gather client's physical MAC addresses via SNMP protocol.
WFilter Next Generation Firewall

5 Deployment

5.1 Gateway

5.2 Bridge

Business Name: IMFirewall Software Co., Ltd


Email: [email protected]
Wesite: http://www.wfilterngf.com

You might also like