Firewall: prevent unknown connections between the network and the Internet.
The aim of the perimeter firewall is to prevent connections between the corporate network and the Internet that do not comply with the company's security policy. In a perimeter device the firewall is always the first line of protection.
The Panda firewall can carry out a series of filters:
- Static filteringat network-level, based on rules defined by the administrator depending on the content of the headers of IP packets, the source and destination IP address, the interval, etc., for both inbound and outbound traffic.
- Dynamic filter at application level with two features.
- “Stateful Inspection” monitors the status and content of basic communications in all protocols and of advanced communications in FTP, PPTP, L2TP, IPSEC, the status of the connection, timeouts, connections established, etc.
- “Deep Packet Inspection” scans the content of packets to inspect messages in HTTP, FTP, SMTP, IMAP, POP3, etc., when other modules are enabled.
Moreover, the firewall system in Panda appliances incorporates integrated NAT functionality to allow private IP addresses to be used and implement basic and advanced NAT (modifying the protocol messages, if necessary) for FTP, PPTP, L2TP and IPSec (NAT transversal).
The firewall system also allows administrators to configure traffic filtering or certain types of traffic for different protocols, according to a timetable or calendar and allow or deny access to certain network services during the intervals configured by the administrator.