Fortifying Network Security across All WAN Links with Additional Layers of Protection

>  Stateful Inspection Firewall
The Q-Balancer solution is incorporated with stateful inspection firewall that allows or blocks traffic based on state, port, and protocol. The firewall monitors all activity from the opening of a connection until it is closed. When new packets arrive, the firewall compares information in the packet header to the state table and determines whether it is part of an established connection. If it is part of an existing connection, then the packet is allowed through without further analysis. If the packet doesn't match an existing connection, it is evaluated according to the rule set for new connections. Filtering decisions are made based on both user-defined rules as well as context, which refers to using information from previous connections and packets belonging to the same connection.

>  Application Firewall
The rise of hybrid WANs means more companies are doing local internet breakout at the branches, changing the security paradigm. This drives the need for businesses to deploy security tools at the edge or in the cloud. Application intelligence can provide a map of how to direct traffic to use the security tools most effectively. The Q-Balancer firewall comes with the ability of application intelligence.

The Q-Balancer firewall inspects and blocks traffic based on applications. This application-aware firewall feature provides granular control that secures applications delivered over business WAN.

>  DNS Firewall
Conventional DNS servers can possibly be a security hole in your network because it can't:

  • distinguish between normal and malicious domains
  • block access to specific domains
  • provide visibility to queries to blocked domains

The Q-Balancer solution is incorporated with inbuilt DNS firewall, which is a network security solution that prevents network users and systems from connecting to known malicious Internet locations. Q-Balancer DNS firewall selectively intercepts DNS resolution for known-malicious network assets including domain names, IP addresses, and name servers. The Q-Balancer DNS firewall can block:
Phishing - When a user clicks on a link in an email, for example from a fake banking site, you can intercept the lookup of that site.
Malware - When a user attempts to navigate to an IP address known to host malware, you can redirect them to a site of your own with instructions on scanning their computer.
Ransomware - Ransomware, is a type of malware in which someone takes over assets on your network and blocks access to them until you pay a ransom. This is a rapidly growing threat.
Botnet Command and Control sites - When devices inside your network attempt to contact suspected botnet command central, drop the queries, and log them for analysis and follow up.
Identify Infected Machines - By analyzing the query logs, you can track down the machines in your network that are attempting to contact these abuse sites, and clean up any infections or botnet code.

>  DoS Prevention
A distributed-denial-of-service, or DDoS, attack is sending the overwhelming data requests to a targeted system. In either simple or complex way, the attackers hope to exhaust the target’s Internet bandwidth and RAM, and are aimed at finally exhausting the resources available to a network, application, or service so that legitimate users will be stopped and slowed. The service could be a bank or e-commerce website, a SaaS application, or any other type of network service.

The Q-Balancer DDoS prevention is incorporated with the ability to detect and filter the malicious traffic, resisting or preventing the impact of DDoS attacks on business networks.

>  Connection Limit
The feature of connection limit is included in the Q-Balancer solution, and its policy allows or denies traffic based on source IP address, destination IP address, and service; and connection count. The purpose of the feature is to detect anomalous connection requests. The function check if a request matches the rules and reaches connection limit table. For example, if a request matches one of the rules, and the limit has not been reached, the connection is still forwarded for further processing; if a rule is matched and the limit has been reached, the connection is dropped.

The Q-Balancer connection limit offers protection from DoS attacks against specific or random ports. It can also be used as a way to simply limit resource usage by IP address to specific server services. 

Top Benefits

  • Fortified network security

  • Application, user and device control

  • Enhanced compliance

  • Mitigated network security threat through distributed Denial-of-Service (DDoS) Prevention

  • Enterprise-grade encryption

  • Improved productivity

  • Visibility