Firewall & VPN Appliance genuscreen: Protection for Data Transfers and Networks
Data exchange between multiple locations via the Internet is convenient and economical – but must be reliably protected from eavesdroppers and prying eyes. In much the same way, your network also needs to be shielded from Internet hazards.
A common requirement above and beyond this is the creation of secure zones for especially sensitive systems within large networks. We developed our Firewall & VPN Appliance genuscreen for precisely this purpose: The security solution creates strongly encrypted virtual private networks (VPNs) for data communication via public networks. These can also be used to securely transfer highly sensitive information. In addition, the high-performance genuscreen firewall strictly filters data traffic at the interfaces and only allows expressly permitted connections. All other requests are blocked without exception. The Firewall & VPN Appliance genuscreen has been officially tested for compliance with the highest security standards as evidenced by the approval for the encrypted transmission of data up to the classification level German VS-NfD and the certification according to Common Criteria (CC) EAL 4+.
Your Benefits at a Glance
- Protection against data theft through backdoor-free VPN technology "Made in Germany"
- The VPN component including quantum-resistant key exchange for IPsec/IKEv2 as well as the firewall component are approved for classification levels German VS-NfD, NATO RESTRICTED, and RESTREINT UE/EU RESTRICTED
- Advanced update mechanism protects against attacks with quantum computers
Secure Data Transfers
High-Security Solution: Approval for the Classification Level German VS-NfD
genuscreen can be used to create virtual private networks (VPNs) for the secure transfer of data via public networks. Your data thereby traverses the Internet over encrypted connections known as VPN tunnels. This method can also be used to securely transfer sensitive data between distributed locations, with powerful encryption techniques guaranteeing confidentiality.
genuscreen can also be used as central component for the termination of various VPN clients such as genuconnect and ECOS SecureBootStick SX as well as iPhone and iPad in Apple indigo setups.
The genuscreen IPsec VPN solution has the official approval of the German Federal Office for Information Security (BSI) for classification level RESTRICTED. Official public bodies, military units as well as companies that have access to classified information as suppliers can therefore use genuscreen to conveniently exchange restricted information via the Internet, with security guaranteed by the German Federal Office for Information Security. However, genuscreen is not just for companies that handle classified data: Any organization will benefit from a high-security VPN appliance approved by an independent organization.
According to the new directive for classified information (Verschlusssachenanweisung), the approval includes the firewall functions in addition to the VPN.
Simple Operation
Convenient VPN for Various Requirements
The Firewall & VPN Appliance genuscreen offers a host of practical benefits for your VPN needs: Expertly applied IPsec functions can be used to operate large networks with many users via a handful of tunnels. Fully meshed and high-performance VPNs are available with easy-to-configure settings and low maintenance and computer capacity overhead. genuscreen is also capable of SSH VPNs to easily connect different networks. Unlike other methods, the IP addresses do not need to be synchronized for secure communication between networks via SSH.
genuscreen receives the data transmitted by the sender and transfers it to a remote station in the other network via SSH-VPN. Here, the data is then securely transmitted to the recipient by the second genuscreen appliance, even if the same IP addresses are used in this network as in that of the sender. You can thereby integrate customers and partners with IP addresses over which you have no control or even new corporate locations in the encrypted communication network.
Quality Seal: Certified by the BSI
The Firewall & VPN Appliance genuscreen is certified by the German Federal Office for Information Security (BSI) according to the international Standard Common Criteria (CC) at the challenging level EAL 4+.
This level requires the submission of comprehensive documentation, the source code, and extensive testing and verifies that all safety functions are correctly implemented. EAL 4+ is the highest level that can be used completely on a complex system such as a firewall. Through the certification, our customers can be assured that, with genuscreen, they are using a high-quality security solution that cannot be defeated even by skilled attackers.
Convenient Communication
Firewall Appliance at a Glance – Including Under IPv6
genuscreen takes the initiative. As a stateful packet filter, the system monitors the communication flow: If, for example, local computer A requests data from computer B in an external network, genuscreen allows the response from B pass to A. Any attempt by external computer B to establish an unsolicited network connection in computer A’s local network is rejected, however. The firewall always assesses the overall context before making a decision about the connection, thereby enabling convenient communication with high security. This, of course, also applies to your data communication under IPv6 – our solution fully implements this standard.
Specialized Test Instance SIP-Module
SIP Module for Securing IP-Based Communication
All-IP and other developments require the broad changeover to Voice-over-IP communication, for which the Session Initiation Protocol (SIP) is of key importance. Because new technologies lead to new attack vectors, IT security must ensure completely secure operation. With the additional option of the SIP module, you receive a specialized test instance that permits data communication only if the corresponding connection has been fully analyzed and determined to be secure. The SIP module can also be used on SSL/TLS connections. Session Border Controller (SBC) functionalities prevent attacks on telephones and telephone systems and allow security guidelines to be implemented. The SIP module also ensures the interoperability of systems that, e.g., use different encryption standards, and simplifies certificate management.
Top Bridging Firewall
The Firewall & VPN Appliance genuscreen plays a strong role as bridging firewall. The solution is simply inserted in the existing IT landscape and provides protection as a stealth system for, e.g., especially sensitive systems within your network, such as the servers of the development or personnel departments. These “invisible” firewalls are implemented without changing a single IP address and are certain to pose an unexpected obstacle to attackers.
Teamwork in Clusters and Centralized Administration
We offer genuscreen in a variety of hardware models to cater to wide-ranging performance requirements. Clusters handle even greater bandwidth and availability requirements:
All models can be bundled as high-performance clusters. genuscreen is administered via its own web-based GUI. If you use several of these firewall & VPN appliances or other solutions from genua, you can manage the full range of systems via the Central Management Station genucenter. You thereby have the status of all systems in view at all times, can make changes and updates and can easily transfer them to entire areas. The result is a very high security level in the entire network with very little effort.
Our sales team will be glad to answer your questions. We are looking forward to get in touch with you.