|
 |
Clavister makes what we believe to be the best Security Gateway in the world. Customers (mainly security integrators, enterprises and service providers) use it as a firewall, a virtual private networking (VPN) terminator,
an intrusion prevention system, a traffic shaper, a virus blocker, a content filter or any combination of the above. Our customers use our products at the heart of their security infrastructures, taking advantage of the unique
combination of super-granular control and seamless scalability that we offer.
The Clavister Security Gateways all share the same unique operating system, Clavister CorePlus™, and come in three different shapes, namely as turn-key appliances, as a software-only version to be used on your own choice of hardware or as a virtual gateway that runs in your virtual infrastructure.
Appliance Series
|
Clavister offer an comprehensive portfolio of turn-key Security Gateway Appliances. Important parameters in all our appliances are carrier-class level security, performance and reliability.
|
Software Series
|
The Clavister Software Series is designed for users who preffer to use their own choice of hardware platform. Reasons for choosing the software only version ranges specific functional requirements to platform design or simply because you decided to standardize on a specific platform in your datacenter.
|
Virtual Series
 |
The Clavister Virtual Series offers the same security features and functionality as the turn-key appliances and the software only version but can run inside your virtual infrastructure.
|
Clavister CorePlus™
At the heart of the all Clavister Security Gateways, including the turn-key appliances, the software only version as well as the virtual series, lies CorePlus™ an in-house developed, high performance kernel with an invisible attack surface and airtight component integration. We write every line of code ourselves to ensure that it all works perfectly together at
staggeringly high performance levels. This stands in direct contrast to most security products on the market which piece solutions together from several different sources.
Clavister CorePlus™ is designed as a network security operating system, CorePlus features high throughput performance with high reliability plus super-granular control. In contrast to products built on standard operating systems such as Unix or Microsoft Windows, CorePlus offers seamless integration of all subsystems, in-depth administrative control of all functionality as well as a minimal attack surface which helps negate the risk of being a target for security attacks.
From the administrator's perspective the conceptual approach of CorePlus is to visualize operations through a set of logical building blocks or objects, which allow the configuration of the product in an almost limitless number of different ways. This granular control allows the administrator to meet the requirements of the most demanding network security scenario.
CorePlus is an extensive and feature-rich network operating system. The list below presents the most essential features:
Features
| Feature |
Description |
| |
| Firewalling |
At the heart of the product, CorePlus features stateful inspection-based firewalling for common protocols such as TCP, UDP and ICMP. As an administrator, you have the possibility to define detailed firewalling policies based on source and destination network and interface, protocol, ports, user credentials, time-of-day and much more.
|
|
| Virtual Private Networking |
A device running CorePlus is highly suitable for participating in a Virtual Private Network (VPN). CorePlus supports IPsec, L2TP and PPTP based VPNs concurrently, can act as either server or client for all of the VPN types, and can provide individual security policies for each VPN tunnel.
|
|
| Intrusion Detection and Prevention |
To mitigate application-layer attacks towards vulnerabilities in services and applications, CorePlus provides a powerful Intrusion Detection and Prevention (IDP) engine. The IDP engine is policy-based and is able to perform high-performance scanning and detection of attacks and can perform blocking and optional black-listing of attacking hosts.
Download the IDP Datasheet here
|
|
Web Content
Filtering |
CorePlus provides various mechanisms for filtering web content that is deemed inappropriate according to your web usage policy. Web content can be blocked based on category, malicious objects can be removed and web sites can be whitelisted or blacklisted in multiple policies.
Download the Web Content Filtering datasheet here
|
|
| Anti-Virus |
The Anti-Virus scan-engine included in the Clavister CorePlus™ kernel supports a unique stream-based anti-virus feature.
Thanks to the highly optimized engine and the stream-based approach you are able to keep your network protected against "in-the-wild" viruses by scanning files regardless of file sizes. The Clavister Anti-Virus engine also supports scanning of thousands of concurrent downloads with minimal performance impact or latency which means that you do not need to compromise performance for security.
Virus definitions (signatures) from Kaspersky Labs are automatically provided by the Clavister Service Provisioning Network (CSPN). The updates are automatically installed on you Clavister Security Gateway to ensure the highest level of security and speed of delivery.
|
|
Traffic
Management |
With the support of Traffic Shaping, Threshold Rules and Server Load Balancing features, CorePlus is optimized for traffic management. The Traffic Shaping feature enables fine granular limiting and balancing of bandwidth; Threshold Rules allows for implementing various types of thresholds to alarm or limit network traffic, and Server Load Balancing enables a device running CorePlus to distribute network load to multiple hosts.
|
|
User
Authentication |
A CorePlus device can be used for authenticating users before allowing access to protected resources. Multiple local user databases are supported as well as multiple external RADIUS servers, and separate authentication policies can be defined to support separate authentication schemes for different kinds of traffic.
|
|
| IP Routing |
CorePlus provides a variety of options for IP routing including static routing, dynamic routing, multicast routing and advanced virtual routing capabilities. In addition, CorePlus supports features such as Virtual LANs, Route Monitoring, Proxy ARP and Transparency.
|
|
Address
Translation |
For functionality as well as security reasons, CorePlus supports policy-based address translation. Dynamic Address Translation (NAT) as well as Static Address Translation (SAT) is supported, and resolves most types of address translation needs.
|
|
Operations
and
Maintenance |
To facilitate management of a CorePlus device, administrative control is enabled through the built-in Web User Interface, the Command Line Interface or Clavister InControl™. In addition, CorePlus provides very detailed event and logging capabilities and support for monitoring using standards such as SNMP.
|
|
High
Availability |
High Availability is supported through automatic fault-tolerant fail-over to a secondary CorePlus device.
|
|
