Firewall Technology; Virtual Private Network (Vpn) Technology; Antivirus Policy Enforcement (Avpe); Static Content Filtering - Symantec 460R - Gateway Security Administrator's Manual

10 Introducing the Symantec Gateway Security 400 Series
Key features

Firewall technology

The Symantec Gateway Security 400 Series appliance protects enterprise assets and business transactions
with one of the most secure, high-performance solutions for ensuring safe connections with the Internet and
between networks. Its unique architecture delivers security and speed, providing strong and transparent
firewall protection against unwanted intrusion without slowing the flow of approved traffic on enterprise
networks.

Virtual Private Network (VPN) technology

Symantec Gateway Security 400 Series lets organizations securely extend their network perimeters beyond
the security gateway by providing VPN server proxy-secured scanning and personal firewall protection
using Symantec Client VPN. A completely integrated and standards-based solution, it lets organizations
establish safe, fast, and inexpensive connections, enabling new forms of business and secure access to
information for authorized partners, customers, telecommuters, and remote offices.
The security gateway appliance uses VPN tunnels to send encrypted and encapsulated IP packets over public
networks securely to another VPN server.

Antivirus policy enforcement (AVpe)

Symantec Gateway Security 400 Series provides antivirus policy enforcement (AVpe) at the security
gateway. Symantec Gateway Security 400 Series acts as an intermediary between Symantec AntiVirus
Corporate Edition servers and clients. The appliance validates that the clients are up-to-date with their virus
definitions prior to allowing inbound/outbound VPN client connections and other outbound traffic.

Static content filtering

Symantec Gateway Security 400 Series supports content filtering for outbound traffic using allow and deny
lists controlled by groups of security gateway users. When a group is configured to use an allow list, the
content filtering component filters and drops connection requests sent to a destination that does not match
an entry in the allow list.
Likewise, when a group is configured to use a deny list, the content filtering component filters and drops
connection requests sent to a destination that matches an entry in the deny list.

Intrusion detection and intrusion prevention (IDS and IPS)

Symantec Gateway Security 400 Series provides an intrusion detection and intrusion prevention component
that protects internal network resources from attack by pinpointing malicious activities and identifying
intrusions in real-time, letting you respond rapidly to the attacks.

LiveUpdate support

Symantec Gateway Security 400 Series incorporates patented LiveUpdate technology to keep your product
up-to-date by downloading firmware updates.

Managing Symantec Gateway Security 400 Series locally

You can manage the full set of features of the Symantec Gateway Security 400 Series using the local
interface, the Security Gateway Management Interface (SGMI). You can access the SGMI from an external
Web browser by entering the appliance's WAN port IP address, and then supplying the administrator's user
name and password.
The guide you are reading describes in detail the use of the SGMI.
See "Administering the security gateway" on page 15.