Contextual Gateway

The Contextual Gateway, at the core of the CEQURUX Firewall, maintains a session table that is used in subsequent checks to determine whether a network packet belongs to an allowed session. This allows for session context to assist in the determination of whether ICMP and UDP packets should be forwarded, or whether FTP PORT commands should be processed, for example. Network Address Translation is performed, where appropriate, on forwarded packets. The Contextual Gateway has been designed to maximize network throughput and minimize traffic latency.

Application Proxies and Services

The CEQURUX Firewall supports virtually any Internet service, either directly using provided proxies, or by secure relays to internal servers. In addition, the following network services are integrated with the Firewall:

  • World Wide Web server
  • POP3 Email server
  • Anonymous FTP
  • Domain Name Server
This eliminates the need for additional, external servers, and allows for all Internet services to be managed by a single administration tool.

Split DNS

The intelligent Domain Name Server acts as the DNS server for the externally visible domain space, hiding internal detail, and acts as the internal domain name resolver. Domain Name Servers may be chained through departmental level firewalls, while the Distributed DNS mechanism tunnels DNS requests throughout firewalls in the same domain. Overall Internet performance can be enhanced by enabling the Asynchronous DNS Cache, which stores up to 2000 recently accessed names for instant retrieval.

top.