BNS Shielded Firewall

Keeps the firewall secures from malicious attacks. The BNS F.W. Shielding enhancement creates a hidden shielding to secure from: backdoor bypass, known vulnerabilities misuse, trojan horses, internal malware and more.

What is a firewall?

According to the Wikipedia:

Firewall is a network security system that monitors  and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted network and an untrusted network, such as the Internet.

Who and how configures these predetermined security rules?

According to the Wikipedia:

A firewall is a network device that acts as a protective shield to your network by applying conditions given by the IT department. These conditions define what each rule will do, as well as what traffic is allowed or denied. This is why admins need to be cautious while working on firewall configurations, ensuring there are no errors while specifying these rules.

Faulty rules can create doorways through which malicious actors can carry out attacks. For instance, if an admin erroneously applies a rule that allows unwanted traffic, it can lead to unauthorized data transmission or a major network breach.

Is firewall like a hedgehog?

Very protected from outside,
                                                      fully opened from inside

Malware from internal network tries to map a firewall by sending series of messages (both by broadcasting and sending to known/discovered addresses). After the firewall replies to the “legal” request from authorized computer malware gets enough information to access the firewall management and to change the rules, e.g., to open the backdoors.

The firewalls indeed are  hedgehogs!

How BNS F.W. Shield protects this “soft underbelly” of hedgehog (firewall)

BNS F.W. Shield is fully transparent in the network (has neither IP nor MAC addresses; adds just a few nanoseconds latency)

BNS F.W. Shield avoids access to the management ports of firewall for everyone every time unless a predefined set of conditions has happened. Such conditions are defined by the authorized management and may include time of day when the management session occurs, duration of the session, special command sent from the mobile application and/or other device, HW address of the device which is trying to establish the management session, even one-shot address of the firewall that is provided by BNS F.W Shield for one management session.

In other words, there is no way to map the firewall from inside, even to define it’s type and it’s HW/SW versions.

BNS F.W. Shield serves as a transparent shield for the firewall.

Shielded firewall features

  • Access control
  • Isolation of internal network
  • Alerts on unauthorized access
  • Outline security and authentication rules
  • Automate tasks associated with testing or monitoring
  • Antivirus, whitelists, content filtering, web filtering
  • Load balancing
  • Virtual Private Network (VPN), URL filtering
  • White Box Cryptography for key-less / password-less secure tunneling
  • Hides the firewall from attempts of mapping and sabotage from outside
  • Hides the firewall from attempts of mapping and sabotage from inside (internal network)
  • Bi-directional secured SCADA

  • Ability to identify the traffic by any combination of data patterns
  • Selective Traffic Redirection
  • Layer 2 IDS (Intrusion Detection System)
  • Layer 2 DLP (Data Leakage Prevention)
  • Reports & analytics, dashboard, policy management, logging and reporting, concurrent sessions
  • Independence of high-level protocols (Protocol Agnostic)
  • Zero-day protection
  • Smart filtering between OT and IT environments
  • Data DIODE
  • Invisible shielding for the firewall

Additional features for advanced users

  • Redirection to sandbox/honeypot
  • SMS alerts in the event of a cybersecurity incident
  • Enabling access to the firewall management to authorized admins by MFA (Multi-Function Authentication)

  • Block selected communication channels
  • Hidden and Invisible firewall shielding
  • Supports WBC (white Box Cryptography) secured tunneling