AIS Managed Firewall
The AIS Managed Firewall solution includes a robust firewall device configured for with VPN, IDS (Intrusion Detection System), IPS (Intrusion Prevention System), and Web Filtering.
The AIS Managed Firewall solution includes a pair of redundant hardware firewall devices configured for high-availability and failover with VPN, IDS (Intrusion Detection System), IPS (Intrusion Prevention System), and Web Filtering included.
AIS Managed Firewall Quick Intro Video
AIS Managed Firewall Quick Intro Video
Features
- Overall
- SD WAN solution
- Remotely monitored with configuration backup
- Web and Internet Content Filtering
- No pre set software feature limits, maximum capacity limited only by hardware capability
- Captive Portal to force authentication, or redirection to a click through page for network access
- Traffic Monitoring and Application Filtering
- PPOE Server
- Multiple DHCP Interfaces
- Firewall
- Bandwidth Prioritization
- Robust NAT, DHCP, DNS, capabilities, monitoring and reporting
- Connection state synchronization for near seamless internet failover
- VPN
- Dynamic DNS and SSL VPN Support
- No Pre set limit for End User VPN connections
- Layer 2 bridging capability
- End User VPN Access
- Active Directory and RADIUS Authentication
- Site to Site VPN Tunnels
- Redundant/Mesh VPN Tunnels with OSPF routing
- Legacy IPSec Tunnel support
- Site to Cloud VPN Tunnels
- Microsoft Azure, Amazon AWS, Private Data Center support
- Routing
- Multi VLAN
- Multi WAN Internet Connection Support
- Robust Software Defined WAN Topology Support
- Hub and spoke, Partial Mesh, and Full Mesh
- IDS/IPS and Web Filter
- Google Safe Browsing support
- Hourly updates from the Google Safe Browsing database which includes information about websites that may be phishing sites or possible sources of malware
- ClamAV Anti Virus with Hourly ClamAV Database Update
- SD WAN solution
- Remotely monitored with configuration backup
- Web and Internet Content Filtering
- No pre set software feature limits, maximum capacity limited only by hardware capability
- Captive Portal to force authentication, or redirection to a click through page for network access
- Traffic Monitoring and Application Filtering
- PPOE Server
- Multiple DHCP Interfaces
- Bandwidth Prioritization
- Robust NAT, DHCP, DNS, capabilities, monitoring and reporting
- Connection state synchronization for near seamless internet failover
- Dynamic DNS and SSL VPN Support
- No Pre set limit for End User VPN connections
- Layer 2 bridging capability
- End User VPN Access
- Active Directory and RADIUS Authentication
- Site to Site VPN Tunnels
- Redundant/Mesh VPN Tunnels with OSPF routing
- Legacy IPSec Tunnel support
- Site to Cloud VPN Tunnels
- Microsoft Azure, Amazon AWS, Private Data Center support
- Multi VLAN
- Multi WAN Internet Connection Support
- Robust Software Defined WAN Topology Support
- Hub and spoke, Partial Mesh, and Full Mesh
- Google Safe Browsing support
- Hourly updates from the Google Safe Browsing database which includes information about websites that may be phishing sites or possible sources of malware
- ClamAV Anti Virus with Hourly ClamAV Database Update
Manufacturers
h u n s n
Qualification Questions
Do you need AIS Firewalls Implemented? If so, at how many locations?
Do you need to connect your sites together with Site to Site VPN tunnels? If so, how many tunnels do you need?
Do you need Radius/LDAP Configured?
How many Nat rules do you have?
How many VLANs do you need configured?
How many users VPN into the network?
Will the cutover take place outside standard business hours?
Do you need a web filter configured? If so, how many user groups are needed?
Do you need a pair of AIS Firewalls?
Example Project Plan
Validation
- AIS MFW Post Installation Testing
- Ensure connectivity of device within the network
- Verify environment connectivity and internet access within the environment (wireless / wired)
- Verify external services are accessible
- Confirm any unique line of business items are functional
- Troubleshoot (if needed)
- Perform Fault testing (if applicable):
- Add any relevant devices to NMS
- Test Oxidized configuration backup on applicable devices
Discovery
- Environment Access and Documentation
- Confirm all requested documentation has been received and reviewed
- Test environment access
- AIS MFW Client Environment Discovery
- Identify relevant connected devices to existing firewall
- Confirm IP scheme and relevant IPs
- Check DHCP configuration
- Review NAT rules
- Identify any firewall rules, blocked ports, web filtering etc
- Identify physically connected devices in the network
- Confirm physical cable mapping for new firewall
- Identify any other standout information
- Save copy of existing config
- Document existing firewall configuration / existing firewall access
- Identify list of users needing access
Implementation
- AIS MFW Generic Configuration
- Initial configuration of AIS Firewall
- AIS MFW Client Specific Configuration
- Confirm existing configuration (physical and data) from firewall and document special configuration needs for the AIS firewall
- Establish reference method for existing firewall / save existing firewall config
- Confirm any items that may impact configuration of new AIS firewall
- Modify standard config per existing firewall config reference
- Review downstream / upstream devices
- AIS MFW On site Installation
- Visit client site, review existing firewall connections
- Verify proper AIS equipment is present for cutover
- Stage firewalls for implementation
- Perform cutover at requested time
- Perform any upstream / downstream device changes
- Setup Site to Site VPN
- Configure firewall vpn server settings
- Create a static a record in aisclients if using softether
Last modified
February 13, 2023