Chapter 1: Overview

[Note] Note: This document is also available in other formats

A PDF version of this document along with all current and older documentation in PDF format can be found at https://my.clavister.com.

It is also available as a single HTML page.

1.1. Features

A Clavister NetShield Firewall running cOS Stream provides vital network security functions while providing high throughput performance by fully utilizing the parallel processing advantages of multi-core hardware platforms.

The firewall also provides seamless integration of all its subsystems, in-depth administrative control of functionality, as well as exposing a minimal attack surface which helps negate the risk from security attacks.

Configuration Objects

From the administrator's perspective the conceptual approach is to visualize operations through a set of logical building blocks or configuration objects. Combining different objects allows configuration in an almost limitless number of different ways. This granular control allows the administrator to meet the requirements of the most demanding network security scenarios.

Key Features

The list below presents the key features of cOS Stream's extensive feature set:

IP Routing
cOS Stream provides a variety of options for IP routing including static routing.
Firewalling Policies
cOS Stream provides stateful inspection-based firewalling for a wide range of protocols such as TCP, UDP and ICMP. The administrator can define detailed firewalling policies based on source/destination network/interface, protocol and ports.
VPN
cOS Stream supports IPsec based VPNs and can provide individual security policies for each VPN tunnel.
High Availability

High Availability (HA) is supported through automatic fault-tolerant failover to a secondary Clavister NetShield Firewall should a failure be detected. Two firewalls operate together in an HA cluster, with one being active while the other is passive and constantly mirroring the state of the active unit.

This feature is described in more detail in Chapter 22, High Availability.

System Documentation

Reading through the available documentation carefully will ensure that you get the most out the product. In addition to this document, the reader should also be aware of the companion reference guides:
  • The CLI Reference Guide details all CLI commands.

  • The Log Reference Guide details all log event messages.

  • The Statistics Reference Guide details all system statistics parameters.

  • The SNMP Traps Reference Guide details all system statistics parameters.

  • The Getting Started Guide documents describe how to set up a new installation for different platforms. This includes guides for Clavister hardware products, as well as for virtual environments.

  • The Use Case Guide describes how to set up the product for some specific scenarios.

Together, these documents form the essential reference material for product operation.

Product Education and Certification

For details about classroom and online education as well as certification, visit the Clavister company website at http://www.clavister.com or contact your local sales representative.