AIS Managed Firewall

The AIS Managed Firewall solution includes a pair of redundant hardware firewall devices configured for high-availability and failover with VPN, IDS (Intrusion Detection System), IPS (Intrusion Prevention System), and Web Filtering included.

The AIS Managed Firewall solution includes a pair of redundant hardware firewall devices configured for high-availability and failover with VPN, IDS (Intrusion Detection System), IPS (Intrusion Prevention System), and Web Filtering included.

AIS Managed Firewall Quick Intro Video

Features

  • Overall
    • Standard Configuration Is Two Physical Devices Configured For High Availability And Fail Over To Protect Against Hardware Or Internet Connection Failure Scenarios
    • SD WAN Solution
    • Remotely Monitored With Configuration Backup
    • Web And Internet Content Filtering​
    • No Pre Set Software Feature Limits, Maximum Capacity Limited Only By Hardware Capability
    • Captive Portal To Force Authentication, Or Redirection To A Click Through Page For Network Access
    • ​​Traffic Monitoring And Application Filtering
    • PPOE Server
    • Multiple DHCP Interfaces
  • Firewall
    • Bandwidth Prioritization
    • Robust NAT, DHCP, DNS, Capabilities, Monitoring And Reporting
    • Connection State Synchronization For Near Seamless Internet Failover
  • VPN
    • Dynamic DNS And SSL VPN Support
      • No Pre Set Limit For End User VPN Connections
    • Layer 2 Bridging Capability
    • End User VPN Access
      • ​Active Directory And RADIUS Authentication
    • Site To Site VPN Tunnels
      • ​​​​Redundant/Mesh VPN Tunnels With OSPF Routing
      • Legacy IPSec Tunnel Support
    • Site To Cloud VPN Tunnels
      • Microsoft Azure, Amazon AWS, Private Data Center Support
  • Routing
    • Multi VLAN
    • Multi WAN Internet Connection Support
      • Active/Active Or Active/Standby
    • Robust Software Defined WAN Topology Support
      • Hub And Spoke, Partial Mesh, And Full Mesh
      • LAN And WAN CARP Capability – Two Devices Can Share A Single External IP Addresses
  • IDS/IPS And Web Filter
    • Google Safe Browsing Support
      • Hourly Updates From The Google Safe Browsing Database Which Includes Information About Websites That May Be Phishing Sites Or Possible Sources Of Malware ​
    • ClamAV Anti Virus With Hourly ClamAV Database Update​




Manufacturers

Qotom

Qualification Questions

Do You Need AIS Firewalls Implemented? If So, At How Many Locations?
Do You Need To Connect Your Sites Together With Site To Site VPN Tunnels? If So, How Many Tunnels Do You Need?
Do You Need Radius/LDAP Configured? If So, How Many Directory Services Are Needed?
Do You Need Nat Rules Configured? If So, How Many?
How Many VLANs Do You Need Configured?
Do Users Need To VPN Into The Network? If So, How Many?
Will The Cutover Take Place Outside Standard Business Hours?
Do You Need A Web Filter Configured? If So, How Many User Groups Are Needed?
Do You Need A Pair Of AIS Firewalls?

Example Project Plan

Validation
  • AIS MFW Post Installation Testing
    • Ensure Connectivity Of Device Within The Network
    • Verify Environment Connectivity And Internet Access Within The Environment (wireless / Wired)
    • Verify External Services Are Accessible
    • Confirm Any Unique Line Of Business Items Are Functional
    • Troubleshoot (if Needed)
    • Perform Fault Testing (if Applicable):
    • Add Any Relevant Devices To NMS
    • Test Oxidized Configuration Backup On Applicable Devices
Discovery
  • Environment Access And Documentation
    • Confirm All Requested Documentation Has Been Received And Reviewed
    • Test Environment Access
  • AIS MFW Client Environment Discovery
    • Identify Relevant Connected Devices To Existing Firewall
    • Confirm IP Scheme And Relevant IPs
    • Check DHCP Configuration
    • Review NAT Rules
    • Identify Any Firewall Rules, Blocked Ports, Web Filtering Etc
    • Identify Physically Connected Devices In The Network
    • Confirm Physical Cable Mapping For New Firewall
    • Identify Any Other Standout Information
    • Save Copy Of Existing Config
    • Document Existing Firewall Configuration / Existing Firewall Access
  • Identify List Of Users Needing Access
Implementation
  • AIS MFW Generic Configuration
    • Initial Configuration Of AIS Firewall
  • AIS MFW Client Specific Configuration
    • Confirm Existing Configuration (physical And Data) From Firewall And Document Special Configuration Needs For The AIS Firewall
    • Establish Reference Method For Existing Firewall / Save Existing Firewall Config
    • Confirm Any Items That May Impact Configuration Of New AIS Firewall
    • Modify Standard Config Per Existing Firewall Config Reference
    • Review Downstream / Upstream Devices
  • AIS MFW On Site Installation
    • Visit Client Site, Review Existing Firewall Connections
    • Verify Proper AIS Equipment Is Present For Cutover
    • Stage Firewalls For Implementation
    • Perform Cutover At Requested Time
    • Perform Any Upstream / Downstream Device Changes
  • AIS MFW Hardware Preparation
  • Setup Site To Site VPN
  • Configure Firewall Vpn Server Settings
  • Create A Static A Record In Aisclients If Using Softether

Last modified August 2, 2022