A Linux Firewall instance

The Astaro Security Linux firewall is used to manage data traffic between the internal network and the external network. administrators can control each protocol to block or allow access to any internal network, server, service, and user group. the firewall checks all online information (headers) and application information (payload) to detect and block suspicious data traffic. the firewall is installed in a separate standard PC device and must exist as the only exit of the internal network to act as a security guard.
Firewall function description:
Status detection package filtering(Stateful Packet Inspection)
In Astaro Security Linux, Network Information headers are checked to manage data transmission between the Internet and internal networks, servers, and users. with an easy-to-use graphical interface, administrators can quickly develop rules to block or allow transmission between two sources of information and the target site through protocols or ports.
Astaro Security Linux checks personal information and Astaro Security Linux also detects attacks or interference to normal programs by tracking the connection results.


Deep Packet filtering at the application layer
The Astaro Security Linux Firewall uses an application proxy to scan information packets related to the application for transmission of content (payload ), this ensures that it is consistent with network transmission, email, DNS, and other rules for a wide range of application types.

Security Proxy Astaro Secur Linux provides full proxy for the following protocols. These proxies simplify management, allowing administrators to quickly and easily activate or cancel protocols and functions, such: content filtering, buffering, whitelist and blacklist, file extension filtering, and MIME error check. HTTP | DNS | SOCKS | POP3 | Ident | SMTP NAT address translation and address disguise Dynamic and Static Network Address Translation (NAT) and hiding internal IP addresses in a "public" IP address can effectively prevent hackers from obtaining information from internal networks, servers, and users. DoS Protection Astaro Security Linux blocks common DoS attacks, such as tcp syn flood, ICMP flood, UDP flood, Smurf, Trinoo, and IP spoofing. Bandwidth control and QoS Administrators can increase or reduce the priority of different information transmission types between special nodes to ensure the quality of service (QoS) for key data transmission ). Detailed log reports Astaro Security Linux provides detailed record reports for network transmission, connection, information packet filtering, firewall system hardware usage, and other firewall management-related information.

Firewall is the foundation of the six Security applications of Astaro Security Linux. It works with application modules such as intrusion protection and anti-virus to block security information in a timely and effective manner before it infringes on the internal network. the six Security applications of Astaro Security Linux not only facilitate management, but also reduce management costs.