Unified network and threats management system Raha UTM
What is UTM?
Unified Threat Management is a unified threat management system.
This system is in the category of 3rd generation firewalls, which are also called Next-Generation Firewall (NGFW).
And the meaning of their integration is that in these systems, various monitoring, management and security systems are also embedded, in addition to the firewall.
Linux base system, unified threat management system based on Kerio, SOPHOS and Bitdefender
security products is a comprehensive security, monitoring and management solution that makes you needless from other types of products.
In general, this system meets the needs of all small and large companies, which in addition to the role of all products and hardware it plays such as:
- Cache Server
- Proxy Server
- VPN Server
- Full Option DHCP Server
It does much more completely and optimally than them, so that you will not need any of the above products for your monitoring, management and security needs even in the future.
And if you already have some of the above hardware in your network, you can safely remove them by installing this system.
For example, load balance between your internet lines much better than a hardware device called Peplink which is specially designed for this task.
Attractive features of the UTM system
In addition, the unified threat management system also provides managers with other useful features in the form of a system with a user-friendly work environment.
So that you can apply any policy with minimal network knowledge very quickly.
In the following, we will discuss some of the attractive features of the UTM system and explain each one in detail:
This feature of the threat management system allows you to establish a balance between your Internet links in a way you want
so that you can remove any type of traffic from a specific link or have a bunch of backup Internet links to be in the circuit when necessary.
میتوانید برای هر یک از لینکهای اینترنت یک Watch-Dog تعریف کنید تا بهمحض کاهش کیفیت آن لینک و یا قطعی، بهسرعت لینک جایگزین در مدار قرار گیرد.
Or when the capacity of a link is completed in terms of bandwidth, direct the excess traffic to other links.
Or use the bandwidth aggregation ability of several links and increase your internet speed.
Using this feature, you will be able to define special accounts for your network users and apply any policy you want to these accounts.
Policies such as minimum and maximum speed, permitted download volume per hour, day, etc. and legal and unauthorized sites, legal hours, number of legal simultaneous connections, etc.
But it doesn’t end in here and you can apply all the policies you want in different time frames.
And of course, Raha unified threat management system has the ability to read users from your Active Directory server or RADIUS server, in which case you will not need to redefine users.
And in addition to fetching your users from the mentioned servers, you can also group them in the UTM system itself and define different policies for each group.
Using this feature, you will be able to create different DHCP for your different networks and isolate them from each other.
Or manage, limit and monitor switching and routing between them with the smallest details.
This feature eliminates the need for all kinds of routers and provides you with all the features you need for routing much better and more optimally than even expensive Cisco routers.
Using this feature, you will be able to configure each of the DHCP parameters that you set up.
That is, you can completely manage more than 252 features related to a DHCP manually, a complete and functional management.
DNS settings in the Raha UTM system are very comprehensive and all management and security monitoring details are available to you.
And you can apply your own policies on this, including custom solve, custom result, custom forward, custom multiple references and many more.
This feature is embedded in the highly advanced Raha threat management system you can have all kinds of direct and indirect proxies (transparent and non-transparent) with its help.
You can even define the parent proxy server in it or place your proxy only for direct communication.
Or allow users to tunnel to these proxies or not, in addition, you can turn on the cache of the proxy section for faster access.
This feature in the UTM system is suitable for those groups that plan to place their internal services and systems on the edge of the Internet.
in such a way that they make it available to people outside the company with the URL address.
By using this feature, you will be able to have a powerful cache server in your company.
With the help of which, in addition to reducing internet usage by more than 80%, you can increase your internet speed and of course free up your internet bandwidth.
This feature works in such a way that they save all the sites that users open.
If another person wants to enter a site that someone has already entered, instead of opening that site again from the Internet, it intelligently checks it first.
Whether the site that has been saved before has had changes on the Internet with its current version or not, if it has changed, it will only take its changes from the Internet.
And it replaces the saved version and presents it to the user, the result of which is that the mentioned site is presented to the new user much faster.
In addition, the same volume of the Internet has not been consumed and the Internet bandwidth has not been involved in this repeated traffic.
This caching process happens for almost all information packages and includes download files, DNS requests, etc.
that you can configure the parameters related to this section according to the policies of your company.
In addition to be multiple VPN servers at the same time, the unified threat management system of Raha can establish multiple VPNs to different destinations with PPTP, L2tp, IP-Sec protocols.
With this feature, you don’t need to set up other VPN servers, and you can easily manage all the tunneling-based security needs of your company through this feature.
And you can even set a specific route for each of the VPN servers you set up to access a specific destination.
In addition, a user who connect VPN Raha UTM from outside the company can use their internet from the client.
instead of being supplied from the company and only their non-internet traffic passing through the tunnel.
So that all the traffic that passes through these tunnels is set completely according to your policies.
And for example, the branches do not have access to each other’s entire network, but through this tunnel, they only have access to the destinations that you want and with defined ports and protocols.
you can circuit two or more of these Raha threat management systems in parallel and configure only one.
Through this feature, it is enough to place the second and subsequent systems as the first HA.
In this case, all the settings you apply to the first one is automatically applied to the rest.
If there is a problem with the first system for any reason, the next system will be put into operation as soon as possible.
And the notification system informs the manager about the occurrence of an error for one of the systems.
In this case, there will be no problem for your business and having this capability will guarantee the stability of your company.
A powerful and up-to-date firewall from the Bitdefender company is included in the unified threat management system of Raha, which guarantees the security of your organization’s information.
This firewall can be managed and programmed in the most detailed and lowest layers.
In a way that prevents all types of threats including: : Virus, Worm, Ransomware, Trojan, Bot, Spamhause, Malware, Attended attack, unattended attack,…
and reports them and immediately blocks the entry path of such threats.
This feature allows you to have an in-depth inspection of all data flowing through your network.
Even e-mails are scanned so that manager can be assured that no suspicious files are included in the company.
And in the form of an e-mail attachment or even you can monitor the e-mails that are exit the company.
So that the file that should not be removed from the company remain safe and you can apply all kinds of policies to them.
For example, specify the maximum size of email attachments and file types, and even specify if a user sends a non-virtual email,
notify him/her that the email was sent successfully, but instead of the email being sent to the recipient, it was sent to the network administrator.
or even the files that are in a website and a user wants to open that site in the company,
The firewall scans all those files so that virus does not enter the company by opening insecure wesites.
Intrusion prevention system or IPS is another feature that this unified threat management system uses.
And it secures your network against all kinds of threats such as botnets, attacks and intrusions.
With the help of filtering web applications, you can apply various restrictions and security management policies to them while categorizing web applications.
To ensure the maximum efficiency and security of your company.
The guest user interface system allows you to provide a safe Wi-Fi internet to the guests of your company without worrying about security.
And besides the fact that they do not have any access to your network, you can have complete monitoring of their devices.
And even design a special guest login page to welcome them.
Using content filtering, you can categorize and filter websites based on their content. For example, you can filter all sites related to Adobe product updates.
that users cannot disable their crack by updating this group of software or filter the websites advertisements.
And even if a website uses non-secure protocols and information in its content, you can filter them as well. And many other capabilities that are specific to internet content management are included in this part of the UTM system.
Using this feature, you can define the minimum and maximum amount of bandwidth allowed for each user, user group, service type, protocol type, etc.
Or manage your internet bandwidth based on your priority.
Moreover, with the help of QoS (Quality of Services) service, for example, you can set the highest priority for your VoIP packets. Here, the priority will be to use your Internet bandwidth with voice data packets or your VoIP. In this case, users downloads will not affect the quality of your internet conversations.
You can apply all your communication policies and scenarios with the help of the threat management system.
For example, you can manage and limit all accesses from outside to inside and vice versa.
For example, if a user comes from the Internet with X port and direct them to the NVR and change their input port to the desired number.
In this way, the communication port of your NVR remains hidden and many other options are included in this section to achieve maximum management.
Considering that more than 90% of the security threats on the Internet originate from outside Iran,
You can remove all these threats at once by filtering the IPs of other countries.
With the help of this key feature, you will be able to get rid of attacks based on impersonation.
In a way that an external agent can no longer enter your network by impersonating one of the users or the virtual services.
These types of attacks are very common in attended mode and have a very high risk from the perspective of information security, which are well taken into account in this system.
Most security systems whitelist websites that have a security certificate or are HTTPS.
And they don’t inspect them, or they don’t have the ability to inspect and filter them, but with Raha UTM system, all these websites pass the inspection stage.
Using this type of filtering, you can filter websites based on forbidden words with the smallest details.
And even include a specific negative score for each word and define that if the score of a web page exceeds a certain number, then it will be filtered.
In addition, you can only filter the prohibited contents of a web page that will not be displayed and the other contents of that page will be visible.
Using this part of the system, you can also create and manage all types of routing based on IP version 6.
In this part of the threat management system, you can easily create any types of routes you want automatically or manually.
And use your UTM as an advanced and very complete router.
In this part of the system, you can manage how to notify the system.
In case of any kind of security risk, how to notify them to the network administrators through methods such as email, SMS, etc.
This part is very useful for companies that have several branches, using the cloud management feature,
you can fully manage all your UTM systems through the cloud platform and remotely.
And moreover, you have all your UTM management consuls in a single window and monitor and manage them.
The Raha UTM system is fully compatible with Active Directory and Radius and can retrieve all the users defined in them.
In this case, you don’t need to redefine users in this system, and in addition, you can use the automatic authentication system.
So that, for example, if a user enters his computer with his domain username, the same username will be the criterion for using the Internet.
This is a key feature for companies that use VDI or Microsoft’s Terminal Service.
Some of their users who share the same operating system and have the same IP can be identified from each other.
And apply different internet policies for each of them.
In the absence of this capability, those who are using a shared operating system are all identified as one identity.
In this case, it is not possible to monitor and manage their behavior.
By using this feature of the unified threat management system, you will be able to define different time frames.
And define your supervisory and management policies in different time frames.
You can restrict users’ access outside of office hours.
Or minimize the speed and internet restrictions of users during their mid-day break.
Or allow your remote users to connect only during the working hours.
Or use the Internet security certificates you have in your internal network and secure (SSL) the access of users to these services within the network.
You can create all kinds of categories based on IP, URL, Service, Protocol, Port, in this part of the system.
In other parts of the system, you can use their group name, instead of entering each one manually.
This option is very practical and appealing in managing this system and makes it easy to operate.
This capability generally means monitoring all current events in the UTM system.
For example, which users are online and exchanging information, which user is connected to which websites, which websites he observes, and which files he downloads and uploads to.
How is the traffic of each network port and whatever you want to examine and check at the moment.
and manage or check the report of that item in a certain period of time, in short, this option is very useful and popular.
Special tools for network administrators are placed in this part of the system.
So that you can access this tool from within your system and do Ping, Trace, Lookup, Whois from the source of the system.
In Raha UTM reports section, all the logs are collected in various and useful categories.
So that when you need a specific report, it’s easier to find it among the pile of reports.
And in addition, many other features are included in this section so that you can easily find the report you are looking for.
These reports are very precise and detailed, and in fact, all details of the system, users and network components are recorded in this section and archived for a long time.
In this part of the UTM system, you can have a variety of statistical reports in the form of attractive charts.
For example, the graph of the internet consumption of a user or a group of users in a specific or arbitrary time period, or the report of the type of consumption of all users, or the report of the consumption of an internet link, and many other reports that are very suitable for managers.
Finally, it should be noted that the items mentioned above may sometimes be introduced as options in some products similar to UTM.
But be careful that simply mentioning them as an option is not a proof of their performance quality and ease of use.
Integrating all these things in the threat management system together is a very complex and sensitive issue.
The coordination and stability of their performance together with each other is the result of too much time and a very large community of customers and consumers.
That the manufacturer can find more problems and bugs in their system every day by getting feedback and solve them with the help of a large and expert team.
Therefore, Iranian products in this field are not comparable to global products of reputable companies such as Kerio, SOPHOS, FortiGate, Bitdefender in terms of the number of consumers.
Therefore, it is obvious that it cannot be compared with them in terms of quality and efficiency, so the best advice of Raha company is to get your unified threat management system only from the mentioned companies and don’t be satisfied with providing it!
This means that preparing this system is only 20% of the story and the remaining 80% is its specialized and precise configuration.
So don’t feel relieved for just having this product, even if you have bought it from the manufacturing company itself,
Leave its configuration and setup to an experienced team.
Raha, with more than 20 years of experience in the field of IT and information security, is at your side with the help of an expert’s team with international degrees, including information security management audit.
In order to comply with the security requirements regarding your system configuration and finally provide a report of the status and configuration map and the result of the penetration test of your network.