NewNet is also available to give customers advice on firewall set-ups, based on years of industry experience.
NewNet
is able to offer a full range of firewall services through its own
devices. A dedicated NewNet firewall can help to protect against:
IP spoofing
icmp and DoS attacks
Known ports which are used for hacking
Windows file system ports
Port scanning
With up to 100% availability guarantees, NewNet IP Transit is the ideal
service of choice for any company demanding high availability with high
bandwidth and low latency.
NewNet is able to offer a range of services - from application of basic
rules to fully managed firewalls. Firewall rules can be applied to deny
or grant access to a specific IP or port address:
Allow udp/tcp
from {secure-range} to {server-range} Allow tcp from
{any-iprange} to {server-range} port {www-port} Allow tcp from
{ftp-admin} to {server-range} port {ftp-port} Deny udp/tcp
from {any-iprange} to {server-range} {window-fileshare}
Etc...
A range of rules can be applied to deny general access but to grant
access to specific ports and or from specific addresses - it can be
useful for example to allow ftp access to a server but only from a
nominated address. Firewall rules can be set up to deny general access
to Windows filing system ports. NewNet is also available to give
customers advice on firewall set-ups, based on years of industry
experience.
20
rule:
Designed around the customers requirements to provide
limited access to
their server running minimal standard services.
Suitable for one to a few hosts on a single IP subnet.
Firewall rule changes/updates extra charge beyond 1
month from initial
setup date.
Additional features:
Fully monitored/maintained hardware (shared)
100
rule:
Designed around the customers requirements to provide
more advanced filtering of traffic on specific ports and protocols.
Suitable for one-to-many hosts across several IP
subnets.
Firewall rule changes/updates extra charge beyond 1
month from initial
set-up date. Additional
features:
Fully monitored/maintained hardware (shared)
Dedicated:
Totally dedicated hardware customised to the customers
requirements
providing fully stateful inspection of packets, traffic shaping, IP,
port and protocol filtering, all on an entirely private LAN.
Suitable for one to unlimited hosts across unlimited
subnets with
refined rules. Additional
features:
Optional Network Address Translation to private range
(NAT)
Selective VPN access
Full firewall engineer support
Firewall rule updates/changes free of extra charge
Packet logging
Fully monitored/maintained hardware
Intrusion
Detection System (IDS)
Designed around industry standard software and
hardware, a system such
as this can provide warnings of potential Intrusion/hacking attempts to
Internet facing, and even non-Internet facing services. Immediate
notification of worm scans and unusual activity.
