Network Security Appliances Customized for Your Business

Protect your business's network with a Custom Security Appliance from DPC. This solution is completely customized to meet your needs. With our solution you don't have to worry about buying hardware that isn't powerful enough or is much more than what you need. We use well-known software to provide you with a flexible solution that will provide you with excellent security and remote connectivity for your employees to work outside the office.


Call for a quote today!

731-642-8627

Features and Benefits of Custom-Built Solutions

Firewall


  • Filtering by source and destination IP, IP protocol, source, and destination port for TCP and UDP traffic.
  • Limit simultaneous connections on a per-rule basis.
  • Option to log or not log traffic matching each rule.
  • Highly flexible policy routing possible by selecting gateway on a per-rule basis (for load balancing, failover, multiple WAN, etc.).
  • Aliases allow grouping and naming of IPs, networks, and ports. This helps keep your firewall ruleset clean and easy to understand, especially in environments with multiple public IPs and numerous servers.
  • Transparent layer 2 firewalling capable - can bridge interfaces and filter traffic between them, even allowing for an IP-less firewall (though you probably want an IP for management purposes).
  • Packet normalization - Description from the pf scrub documentation - "'Scrubbing' is the normalization of packets so there are no ambiguities in interpretation by the ultimate destination of the packet. The scrub directive also reassembles fragmented packets, protecting some operating systems from some forms of attack, and drops TCP packets that have invalid flag combinations." 
  • Enabled in the pfSense software by default.
  • Can disable if necessary. This option causes problems for some NFS implementations but is safe and should be left enabled on most installations.
  • Disable filter - you can turn off the firewall filter entirely if you wish to turn your pfSense software into a pure router.


Network Address Translation (NAT)



  • Port forwards including ranges and the use of multiple public Ips.
  • 1:1 NAT for individual IPs or entire subnets.
  • Outbound NAT.
  • NAT Reflection - NAT reflection is possible so services can be accessed by public IP from internal networks.





High Availability

The combination of CARP, pfsync, and our configuration synchronization provides high availability functionality. Two or more firewalls can be configured as a failover group. If one interface fails on the primary or the primary goes offline entirely, the secondary becomes active. The software also includes configuration synchronization capabilities, so you make your configuration changes on the primary and they automatically synchronize to the secondary firewall.


The firewall's state table is replicated to all failover configured firewalls. This means your existing connections will be maintained in the case of failure, which is important to prevent network disruptions.



Multi-WAN

Multi-WAN functionality enables the use of multiple internet connections, with load balancing and/or failover, for improved internet availability and bandwidth usage distribution.

Virtual Private Network (VPN)

The Network Security Appliance software offers three options for VPN connectivity: IPsec, OpenVPN, and PPTP.

Server Load Balancing

Server load balancing is used to distribute load between multiple servers. This is commonly used with web servers, mail servers, and others. Servers that fail to respond to ping requests or TCP port connections are removed from the pool.


Dynamic DNS

A Dynamic DNS client is included to allow you to register your public IP with a number of dynamic DNS service providers.

Captive Portal

Captive portal allows you to force authentication or redirection to a click-through page for network access. This is commonly used on hot spot networks but is also widely used in corporate networks for an additional layer of security on wireless or internet access. Call for more information on captive portal technology in general.


  • Maximum concurrent connections - limit the number of connections to the portal itself per client IP. This feature prevents a denial of service from client PCs sending network traffic repeatedly without authenticating or clicking through the splash page.
  • Idle timeout - disconnect clients who are idle for more than the defined number of minutes.
  • Hard timeout - force a disconnect of all clients after the defined number of minutes.
  • Logon pop up window - option to pop up a window with a log off button.
  • URL Redirection - after authenticating or clicking through the captive portal, users can be forcefully redirected to the defined URL.
  • MAC filtering - by default, pfSense filters using MAC addresses. If you have a subnet behind a router on a captive portal enabled interface, every machine behind the router will be authorized after one user is authorized. MAC filtering can be disabled for these scenarios.
  • Authentication options - there are three authentication options available.
  • RADIUS capabilities.
  • HTTP or HTTPS - the portal page can be configured to use either HTTP or HTTPS.
  • Pass-through MAC and IP addresses - MAC and IP addresses can be white-listed to bypass the portal. Any machines with NAT port forwards will need to be bypassed so the reply traffic does not hit the portal. You may wish to exclude some machines for other reasons.
  • File Manager - this allows you to upload images for use in your portal pages.


DHCP Server and Relay

The Network Security Appliance software includes both DHCP Server and Relay functionality.


And More!



Call to learn more or for a quote today!

731-642-8627
Share by: