NOVOMETRIC®
- HARDWARE
- COMPACT 1-U 19-INCH LOW-PROFILE RACK-MOUNTABLE ENCLOSURE WITH HIGH EMF RESISTANCE
- ULTRA POWER-EFFICIENT : NOMINAL POWER CONSUMPTION IS ONLY 22 WATTS!
- COOL AND QUIET : NO MOVING PARTS, COMPLETELY SILENT, VERY LOW HEAT DISSIPATION
- PORTABLE COMPACT FLASH MEDIA DRIVE
- COMPACT DISC WRITER
- 4 1000 MB/S NETWORK INTERFACES
- 4 SERIAL PORTS FOR REMOTE MANAGEMENT OF SWITCHES, ROUTERS AND OTHER NETWORK DEVICES
- 6 USB PORTS FOR HUMAN INTERFACE AND EXTERNAL SENSOR DEVICES
- SOFTWARE
- NOVOMETA® OPERATING SYSTEM SOFTWARE
- EASY WEB OR SHELL-BASED MANAGEMENT : NO TECHNICAL SKILLS REQUIRED
- FULLY AUTOMATIC SOFTWARE UPDATE - NO PATCHING OR REBOOTING
- SNMP SUPPORT
- FULL NETWORKING FUNCTIONALITY
- ROUTING
- CLUSTERING
- LOAD-BALANCING
- TRAFFIC SHAPING
- NETWORK ADDRESS TRANSLATION : EFFICIENTLY UTILIZE ADDRESS SPACE
- CACHING DNS SERVER ACCELLERATES TRAFFIC AND REDUCES BANDWIDTH COSTS
- HTTP PROXY - IMPROVES PERFORMANCE AND REDUCES BANDWIDTH COSTS
- SPECIAL PROTOCOL SUPPORT
- COMPREHENSIVE ACCESS CONTROL
- CONTROL UNAUTHORIZED CONTENT : ELIMINATE LIABILITY & INCREASE PRODUCTIVITY
- ELIMINATE SPAM
- PROTECT USERS AGAINST INFECTION BY VIRUSES & SPYWARE
- PREVENT DISCLOSURE OF SENSITIVE PROPRIETARY INFORMATION
- MONITORING
- MONITOR SERVERS, STATIONS, STORAGE SYSTEMS FOR INTRUSIONS AND ANOMALIES
- GENERATE REAL-TIME ALERTS BASED ON OPERATOR-DEFINED METRICS
- PER-DEVICE BANDWIDTH MONITORING
- REPORTING
- Exceptional reporting capabilities provide insight into the true state of your network. Unlike "black box" solutions which may block attacks but provide no active status reporting, Novometric® gives you the information you need to know to stay secure.
- Get comprehensive reporting of who is visiting what web sites on your network. Is unwarranted use of hardware and bandwidth costing your organization time and money?
- Status reports can be delivered via e-mail, web access or even telephone -- on any schedule and in any detail level you require. Deliver the intelligence required to those who need it -- when it's needed. Integrate your Novometric® security assets throughout your organization's nervous system using SQL database connectivity.
- Customize report content with your organization's theme and layout preferences.
- Verify the integrity of the network with one click. Efficiently conduct installations and provisioning with the hard data you need to make critical choices. Compile historical statistics to guide future security decisions. Easily determine the impact of configuration changes or security incidents. Determine your network's level of standards compliance without expensive third-party auditing. Visualize trends and spot hidden anomalies with easy-to-use graphical charts.
- INTELAGENT® SOFTWARE
- DETECTS ALMOST ALL NETWORK-BASED INTRUSIONS
-
Here we provide a competitive analysis of the most popular firewall
products on the market.
- Only the Novometric® model supports an open architecture -- the system can be customized and improved by any developer to meet user requirements. All other models are closed-architecture and modifications can be performed only by the vendor.
- Only the Novometric® model can conduct probes against remote targets. All other models can only provide information about directly-connected devices.
- Novometric® provides full functionality at the standard price. Cisco, Sonicwall® and Watchguard® require additional license fees for enhanced functionality such as VPN and technical support.
- Only the Novometric® and Juniper® models contain an advanced exploit database. All other models contain only trivial support which causes frequent false-positive alerts and provides no protection against zero-day exploits.
- Only the Novometric® model contains load balancing support. Other vendors sell seperate devices to provide this functionality.
- Only the Novometric® model contains true traffic shaping support (ability to rate-limit specific services to operator-defined limits). Cisco supports QoS which is similar, but does not allow true traffic shaping, only prioritization of services
- Only the Novometric® model provides effective event logging capabilities, because it can store up to 1 Terrabyte of data. Other models do not contain enough storage to record enough information about real-world attacks.
- Only the Novometric® model supports full monitoring functionality including inspection of any device (including remote devices) for operator-defined parameters such as memory/disc utilization, system log events and web site performance. All other models provide only trivial monitoring functions (such as traffic graphing) which is supported only for devices directly connected to the firewall.
- Only the Novometric® model provides DNS, SMTP, PBX and file-server functionality. This enhances network performances, increases network reliability, and saves costs. Other vendors force the user to buy and manage additional devices to support such functionality.
- High-end models including Novometric® and Cisco® support management via web browser, SSH and desk-top client application. Low-end models provide only a single management interface. For example, Sonicwall® provides only web management; Watchguard® requires installation of a proprietary application for management.
- Only the Novometric® model supports rules based on advanced metrics such as string matching. Other models are limited to basic metrics such as source/destination address/port.
- Novometric® and Cisco® models support direct routing, suitable for large networks. Cisco® direct routing support is difficult to implement. Other models force devices to utilize NAT which has a negative performance impact and increases complexity.
- Only Novometric® provides advanced user support including on-site installation and emergency response. Other vendors require the user to purchase third-party support which is prohibitively expensive.
- Only the Novometric® model supports non-network sensors such as video cameras, breakage sensors, motion sensors, gas sensors, audio surveillance with voice recognition etc. Other models only cover the network and not the surrounding environment.
- Only the Novometric® model supports encrypted storage. With all other models, an intruder who gains physical access may compromise the firewall unit and extract enough information to completely compromise the protected network.
- Only the Novometric® model supports unlimited user/group accounts with fully granular access control. Cisco® devices support access levels which is not as flexible. Other models support only a fixed set of user/administrator account passwords.
- Only the Novometric® model supports true adaptive / reactive functionality. For example, an intrusion attempt detected at one location can cause the Novometric® IDS to block the intruder from accessing your entire network -- even remote networks. The Cisco® Adaptive Security Appliance is misnamed, as it does not support true adaptive functions.
- Only the Novometric® model supports a target database, which maintains records on all detected security threats. Other devices are limited to logging of intrusion attempts; these logs require extensive administrator effort to support effective forensic analysis of intruder activity.
- Only the Novometric® model supports passive traffic interception, useful for network surveillance. The presence of the firewall in this mode cannot be detected by network users. All other models must route traffic in order to intercept it.
| FULL-FEATURED MANAGEMENT | YES | YES | NO | NO | NO |
| OPEN ARCHITECTURE | YES | NO | NO | NO | NO |
| FULL EVENT LOGGING | YES | NO | NO | NO | NO |
| COST | $4,000 | $6,500+ | $30,000+ | $2,000+ | $2,000+ |
| VULNERABILITY DATABASE | YES | NO | YES | NO | NO |
| CLUSTERING | YES | YES | YES | NO (F/O ONLY) | NO |
| LOAD BALANCING | YES | NO | NO | NO | NO |
| TRAFFIC SHAPING | YES | NO | NO | NO | NO |
| MONITORING | YES | NO | NO | NO | NO |
| REMOTE PROBES | YES | NO | NO | NO | NO |
| NTP / DNS / HTTP / PBX FILE SERVER | YES | NO | NO | NO | NO |
| DIRECT ROUTING | YES | YES | NO | NO | NO |
| STRING MATCHING | YES | NO | NO | NO | NO |
| ADVANCED SUPPORT PACKAGE | YES | NO | NO | NO | NO |
| NON-NETWORK SENSORS | YES | NO | NO | NO | NO |
| ENCRYPTED STORAGE | YES | NO | NO | NO | NO |
| UNLIMITED USERS/GROUPS | YES | NO | NO | NO | NO |
| ADAPTIVE / REACTIVE | YES | NO | NO | NO | NO |
| TARGET DATABASE | YES | NO | NO | NO | NO |
| PASSIVE SURVEILLANCE | YES | NO | NO | NO | NO |
-
Our IDS product is amazingly easy to deploy. Straight out of the box, the
Novometric® IDS delivers top-of-the-line protection for your network
infrastructure. Simply install
the IDS server hardware, configure the Novometa®
operating system for your network, and unlock your encrypted storage.
All protections are activated as soon as you start the device. For your
protection, IntelAgent® monitoring
agents (which managed advanced intrusion detection and response features)
activate only after you unlock them. The confidentiality and integrity of
gathered intelligence data is assured via strong XENCRYPT encryption
(available in North America only). Data collected may be escrowed in such
a way as to allow only optimal combinations of security staffs are
permitted access.
The installation location must meet Novometrix® security standards.
Surveillance systems are required.
- inspect location ; 2 hours
- rack installation ; 2-4 hours
- O/S installation ; 2 hours
- initial configuration ; 6 hours
- 8 man-hours per month of average manual maintainance requirements can be expected.
