AIS Managed Firewall

The AIS Managed Firewall solution includes a robust firewall device configured for with VPN, IDS (Intrusion Detection System), IPS (Intrusion Prevention System), and Web Filtering.

The AIS Managed Firewall solution includes a pair of redundant hardware firewall devices configured for high-availability and failover with VPN, IDS (Intrusion Detection System), IPS (Intrusion Prevention System), and Web Filtering included.

AIS Managed Firewall Quick Intro Video

Features

  • Overall
    • SD WAN solution
    • Remotely monitored with configuration backup
    • Web and Internet Content Filtering​
    • No pre set software feature limits, maximum capacity limited only by hardware capability
    • Captive Portal to force authentication, or redirection to a click through page for network access
    • ​​Traffic Monitoring and Application Filtering
    • PPOE Server
    • Multiple DHCP Interfaces
  • Firewall
    • Bandwidth Prioritization
    • Robust NAT, DHCP, DNS, capabilities, monitoring and reporting
    • Connection state synchronization for near seamless internet failover
  • VPN
    • Dynamic DNS and SSL VPN Support
      • No Pre set limit for End User VPN connections
    • Layer 2 bridging capability
    • End User VPN Access
      • ​Active Directory and RADIUS Authentication
    • Site to Site VPN Tunnels
      • ​​​​Redundant/Mesh VPN Tunnels with OSPF routing
      • Legacy IPSec Tunnel support
    • Site to Cloud VPN Tunnels
      • Microsoft Azure, Amazon AWS, Private Data Center support
  • Routing
    • Multi VLAN
    • Multi WAN Internet Connection Support
    • Robust Software Defined WAN Topology Support
    • Hub and spoke, Partial Mesh, and Full Mesh
  • IDS/IPS and Web Filter
    • Google Safe Browsing support
      • Hourly updates from the Google Safe Browsing database which includes information about websites that may be phishing sites or possible sources of malware ​
    • ClamAV Anti Virus with Hourly ClamAV Database Update​






Manufacturers

h u n s n

Example Project Plan

Validation
  • AIS MFW Post Installation Testing
    • Ensure connectivity of device within the network
    • Verify environment connectivity and internet access within the environment (wireless / wired)
    • Verify external services are accessible
    • Confirm any unique line of business items are functional
    • Troubleshoot (if needed)
    • Perform Fault testing (if applicable):
    • Add any relevant devices to NMS
    • Test Oxidized configuration backup on applicable devices
Implementation
  • AIS MFW Client Specific Configuration
    • Confirm existing configuration (physical and data) from firewall and document special configuration needs for the AIS firewall
    • Establish reference method for existing firewall / save existing firewall config
    • Confirm any items that may impact configuration of new AIS firewall
    • Modify standard config per existing firewall config reference
    • Review downstream / upstream devices
  • AIS MFW On site Installation
    • Visit client site, review existing firewall connections
    • Verify proper AIS equipment is present for cutover
    • Stage firewalls for implementation
    • Perform cutover at requested time
    • Perform any upstream / downstream device changes
  • AIS MFW Generic Configuration
    • Initial configuration of AIS Firewall
  • Setup Site to Site VPN
  • Configure firewall vpn server settings
  • Create a static a record in aisclients if using softether
Discovery
  • Environment Access and Documentation
    • Confirm all requested documentation has been received and reviewed
    • Test environment access
  • AIS MFW Client Environment Discovery
    • Identify relevant connected devices to existing firewall
    • Confirm IP scheme and relevant IPs
    • Check DHCP configuration
    • Review NAT rules
    • Identify any firewall rules, blocked ports, web filtering etc
    • Identify physically connected devices in the network
    • Confirm physical cable mapping for new firewall
    • Identify any other standout information
    • Save copy of existing config
    • Document existing firewall configuration / existing firewall access
  • Identify list of users needing access
Last modified February 13, 2023