NuFW : the authenticating firewall

The concept of User is the base of any organisation security policy. Does your firewall really recognise your users, or does it work considering their computer?

NuFW provides a strict authentication of connexions passing through the IP filter. This means that security policies can interface with users directory and the user notion is broucht to the IP layer, with no IP=user association.

NuFW fonctionnalities:

NuFW can :

• Authenticate any connection that goes through your gateway or only from/to a chosen subset or a specific protocol.
• Perform accounting, routing and quality of service based on users and not simply on IPs, even if several users share the same IP address.
• Filter packets with criteria such as application and OS used by distant users.
• Be the key of a secure and simple Single Sign On system.

Quality of service and user activity logging

Beyond its filtering capabilities, NuFW also provides the following functionnalities :

• per-user quality of service : NuFW allows for definition of quality of service for each user, even if they are connected to the same computer (Terminal Server, Citrix)
• user activity logging : user activity can be written in a SQL database, which eases detection of suspicious activities. The audit tool allows to consult this base in real time.(demonstration on demo.edenwall.com)

• administration simplicity, thanks to tools developped around NuFW and integrated to EdenWall (Demonstration of the unified administration interface).

More technical information is available on the NuFW project website : www.nufw.org.