AIS Managed Firewall
The AIS Managed Firewall solution includes a robust firewall device configured for with VPN, IDS (Intrusion Detection System), IPS (Intrusion Prevention System), and Web Filtering.
The AIS Managed Firewall solution includes a pair of redundant hardware firewall devices configured for high-availability and failover with VPN, IDS (Intrusion Detection System), IPS (Intrusion Prevention System), and Web Filtering included.
AIS Managed Firewall Quick Intro Video
AIS Managed Firewall Quick Intro Video
Features
- Overall
- SD WAN solution
- Remotely monitored with configuration backup
- Web and Internet Content Filtering
- No pre set software feature limits, maximum capacity limited only by hardware capability
- Captive Portal to force authentication, or redirection to a click through page for network access
- Traffic Monitoring and Application Filtering
- PPOE Server
- Multiple DHCP Interfaces
- Firewall
- Bandwidth Prioritization
- Robust NAT, DHCP, DNS, capabilities, monitoring and reporting
- Connection state synchronization for near seamless internet failover
- VPN
- Dynamic DNS and SSL VPN Support
- No Pre set limit for End User VPN connections
- Layer 2 bridging capability
- End User VPN Access
- Active Directory and RADIUS Authentication
- Site to Site VPN Tunnels
- Redundant/Mesh VPN Tunnels with OSPF routing
- Legacy IPSec Tunnel support
- Site to Cloud VPN Tunnels
- Microsoft Azure, Amazon AWS, Private Data Center support
- Routing
- Multi VLAN
- Multi WAN Internet Connection Support
- Robust Software Defined WAN Topology Support
- Hub and spoke, Partial Mesh, and Full Mesh
- IDS/IPS and Web Filter
- Google Safe Browsing support
- Hourly updates from the Google Safe Browsing database which includes information about websites that may be phishing sites or possible sources of malware
- ClamAV Anti Virus with Hourly ClamAV Database Update
- SD WAN solution
- Remotely monitored with configuration backup
- Web and Internet Content Filtering
- No pre set software feature limits, maximum capacity limited only by hardware capability
- Captive Portal to force authentication, or redirection to a click through page for network access
- Traffic Monitoring and Application Filtering
- PPOE Server
- Multiple DHCP Interfaces
- Bandwidth Prioritization
- Robust NAT, DHCP, DNS, capabilities, monitoring and reporting
- Connection state synchronization for near seamless internet failover
- Dynamic DNS and SSL VPN Support
- No Pre set limit for End User VPN connections
- Layer 2 bridging capability
- End User VPN Access
- Active Directory and RADIUS Authentication
- Site to Site VPN Tunnels
- Redundant/Mesh VPN Tunnels with OSPF routing
- Legacy IPSec Tunnel support
- Site to Cloud VPN Tunnels
- Microsoft Azure, Amazon AWS, Private Data Center support
- Multi VLAN
- Multi WAN Internet Connection Support
- Robust Software Defined WAN Topology Support
- Hub and spoke, Partial Mesh, and Full Mesh
- Google Safe Browsing support
- Hourly updates from the Google Safe Browsing database which includes information about websites that may be phishing sites or possible sources of malware
- ClamAV Anti Virus with Hourly ClamAV Database Update
Manufacturers
h u n s n
Example Project Plan
Validation
- AIS MFW Post Installation Testing
- Ensure connectivity of device within the network
- Verify environment connectivity and internet access within the environment (wireless / wired)
- Verify external services are accessible
- Confirm any unique line of business items are functional
- Troubleshoot (if needed)
- Perform Fault testing (if applicable):
- Add any relevant devices to NMS
- Test Oxidized configuration backup on applicable devices
Implementation
- AIS MFW Client Specific Configuration
- Confirm existing configuration (physical and data) from firewall and document special configuration needs for the AIS firewall
- Establish reference method for existing firewall / save existing firewall config
- Confirm any items that may impact configuration of new AIS firewall
- Modify standard config per existing firewall config reference
- Review downstream / upstream devices
- AIS MFW On site Installation
- Visit client site, review existing firewall connections
- Verify proper AIS equipment is present for cutover
- Stage firewalls for implementation
- Perform cutover at requested time
- Perform any upstream / downstream device changes
- AIS MFW Generic Configuration
- Initial configuration of AIS Firewall
- Setup Site to Site VPN
- Configure firewall vpn server settings
- Create a static a record in aisclients if using softether
Discovery
- Environment Access and Documentation
- Confirm all requested documentation has been received and reviewed
- Test environment access
- AIS MFW Client Environment Discovery
- Identify relevant connected devices to existing firewall
- Confirm IP scheme and relevant IPs
- Check DHCP configuration
- Review NAT rules
- Identify any firewall rules, blocked ports, web filtering etc
- Identify physically connected devices in the network
- Confirm physical cable mapping for new firewall
- Identify any other standout information
- Save copy of existing config
- Document existing firewall configuration / existing firewall access
- Identify list of users needing access
Last modified
February 13, 2023