- SafeFire Firewall is designed to work with LAN-to-LAN type of
connections, such as cable modems, xDSL or
ordinary LAN connections.
- SafeFire Firewall allows you to share single real IP address provided
by ISP with as many network clients as you want. This approach greatly
reduces cost of installing, extending and maintenance of the network.
- SafeFire Firewall is designed to utilize the power and flexibility
of OS/2 operating system: SafeFire is pure 32 bit, multi-threaded
application.
- The Network Address Translation (NAT) feature allows to connect network
to Internet using only one real IP address regardless from a number of
PC's in an internal network access almost all Internet services transparently,
as if these PC's where connected to Internet directly.
- Another advantage of using NAT is that all incoming and outgoing packets
are checked for correctness and translated so it is
impossible to access PC's in the internal net without special and
controlled actions (see description of a
Port Mapping feature) and
therefore internal net is protected from external attacks even
without any additional actions.
- Firewall (Packet Filter) feature supported by SafeFire allows system administrator
to limit access of users from internal net to Internet services or sites
and external access from Internet to PC where SafeFire is running.
- MAC Packet Filter is the facility for protection of a network
from illegal access. This filter is valid only within current LAN
segment and can be used for prevent ARP attacks and IP address substitution.
- Transactions in the filter configuration via remote control
enable system administrator to prepare new configuration of the filter
and set it in one step and therefore avoid intermediate, potentially
unsafe, stages.
- Port Mapping feature allows system administrators to move services
accessible from Internet behind firewall while retaining controlled
access to this services. This feature also allows system administrator
to place different services to different computers and therefore can be
used for simple load balancing.
- Remote Control feature allows to configure nearly all parameters
of SafeFire Firewall at run time. They are accessible through simple
in use command line utility.
- To achieve maximum performance and retain minimal dependence from the
LAN adapter it uses low level access to adapter through the set of NDIS
helper drivers. This allows SafeFire use any Ethernet LAN adapters
with available MAC NDIS drivers for OS/2.
- SafeFire Firewall exploits "separated drivers" model and it
is true firewall because when SafeFire is not running
internal net is protected from the external attacks.
|
