vantronix (en) (The details

By: Vantronix  09-12-2011
Keywords: Security, Hardware Support, Security Appliances,

.vantronix (en) (The details)

Criteria and preferences
High secure high-end firewalls developed for critical operation with high requirements for security, availability, comprehensive support and reliable, trusted systems.

Available documents, white papers, and additional information:

The .vantronix software platform is based on

, the world's most secure operating system. Two remote holes in the default install, in more than 10 years.

.vantronix clear pricing offers a low TCO and leverages existing systems to deliver proven ROI fitted for the needs of our customers:

  • The license allows an unlimited number of users and connected systems per appliance; it is therefore only limited by the performance of the used hardware model.
  • The .vantronix Security Appliances provide the same features for the whole product series. All ports, the number of users and features like VPN, loadbalancing, routing and .vantronix | preinspection are included without any extra fees our licenses.

The support for high-grade redundancy allows operation as a fail-safe, highly available system.

  • All .vantronix Security Appliances support HA (High Availability).
  • Stateful Failover allows an uninterruptible operation in the case of a failover.
  • Active/passive and active/active HA-setups are supported.

We advise the use of 3-way redundant systems to guarantee uninterrupted and redundant operation even in the case of maintenance or service upgrades.

The .vantronix principle is different from conventional UTM and IDS/IPS solutions:




is an early detection of anomalies and avoids problematic signature-based inspections, with a positive impact on false-negative and false-positives, an increased security and a better overall performance.

Conventional signature-based "Deep Inspection" systems can cause considerable security problems. A tiny bug in the numerous and heavily complex protocol inspectors may lead to a security hole in the entire system. Security's worst enemy is complexity.

In contrast,




detects protocol anomalies instead of data anomalies for ealry countermeasures against possible attacks. And IDS/IPS systems can additionally be used behind the proactive protection of the .vantronix Security Appliance.

The integrated application-level filter are used for protocol-specific analysis and defence against abnormal and malicious intrusion attempts.

  • Use of .vantronix | preinspection technologies as a protection against DoS-attacks, mail "SPAM" and malicious intrusion attempts.
  • Integrated optional HTTP proxy with white- and black-lists, to be used as an URL filter or "Wallet Garden".
  • Numerous NAT-helpers to handle problematic internet protocols.

The .vantronix Security Appliances have been designed for professional network administrators, by supporting network management systems (NMS) and an unique CLI.

The modular




provides a comfort of an industry-standard CLI and sets the benchmark with trendsetting features and innovations.

  • Professional and industry-standard command line interface.
  • Seamless integration into an OpenBSD-based operating system.
  • Integrated configuration change management and rollback support.
  • Multi-user capable with multiple manager and operator user levels.
  • Simple, text-based imports and exports of the system configuration.
  • Optional configuration export as XML.
  • Easy to learn with a scalable concept.
  • Integrated and context-sensitive help function.
  • Easy change from other systems like Cisco PIX.
  • Accessed with the secure shell, SSH version 2 (powered by OpenSSH).
  • Optional browser-based administration with the WebCLI.

The proven multi-vendor operation gets Trusted Proactive Security in existing firewall setups. No matter if the firewall of another vendor is protected by an upstream .vantronix Security Appliance or the .vantronix Security Appliance is slightly relieved from activity, multiple reasons may speak for multi-vendor scenarios.

"First and second Line of Defense"

  • The German Information Security Agency (BSI/GISA) suggests multi-vendor firewall solutions.

A new stable software release will be released every six month. This provides an optimal and unique planning reliability. There will be security and errata-fixes between releases and up to three release versions are guaranteed to be maintaned.

.vantronix offers a high-grade, fast and activ

in cooperation with the .vantronix partners. Companies protected by .vantronix Security Appliances can take advantage from the comprehensive support program and appropriate and professional response times.

.vantronix Security Appliances are optimized for the operation with HP ProCurve Networking. Indeed, firewalls are network components and the outcome of an optimal interaction between firewalls, switches, and routers is a reliable, stable, available and consistent network concept. And HP ProCurve focuses on open standards and secure access just as .vantronix.

  • Reliable, highly available, and high-performance network integration
  • Optimized interaction between firewalls and switches
  • High-speed Gigabit and 10 Gigabit Ethernet
  • Network redundancy with Switch-Meshing and Layer 2 Trunking
  • Multi-protocol interoperability with HP ProCurve products
  • Link layer discovery and keep-alive-checks with LLDP (IEEE 802.1ab)
  • HP ProCurve lifetime warranty
  • Best possible pricing
  • Highest quality and reliability
  • One-stop service, support and conception of complete network infrastructures

For the high-end 64bit appliances, .vantronix counts on the high-grade

servers by Hewlett-Packard. The servers and the .vantronix software platform is highly integrated and optimized.

The unique HP Care hardware support by Hewlett Packard offers an unbeatable service and support for the reliable hardware platform. The .vantronix Security Appliances include the HP Care Packs, like the 3Y/24x7x4 hardware support for the .vtFW


and the .vtFW


product models. And as a matter of course, this is an international support.

The .vtFW


, .vtFW


and .vtFW


support 10 Gigabit Ethernet. And this ideally fits to the 10 Gigabit Ethernet switches by


Numerous world-wide references approve the security and the quality of the

Security Appliances the contained

operating system.

Many companies and security-aware users count on the unbeatable security vantages- financial business, military, public authorities, ISPs and all kinds of medium-size up to enterprise companies.

Tempest is optionally available for all models as a protection against physical wiretapping. Tempest is an acronym for "TEMPorary Emanation and Spurius Transmission" and "Transient ElectroMagnetic PulsESTandard". Tempest means the origin and transmission of compromising radiation, the wiretapping of the signals and the electronic protection measures to disable the radiowave propagation.

Made in Germany

is a term for first-class quality, reliability and security. The .vantronix Security Appliances are developed in Germany with international benefit from the Open Source community of the OpenBSD project.

Customer-specific modifications and a professional support is provided by .vantronix developers and consultants. .vantronix offers a fast response to customer requirements as optional extensions or integrated features of future releases.

Keywords: Hardware Support, Security, Security Appliances,

Other products and services from Vantronix


vantronix (en) (Firewall Module for ProCurve 5300xl

The modules are sharing the powerful switch backplane, and you can extend the solution with additional Gigabit Ethernet, fiber, or even access and radio modules into complete network solution in a switch. You can use the firewall module in any empty slot of the HP ProCurve 5300xl switch series, even with multiple firewall modules in a single switch.


vantronix (en) (IPv6 supported

Most current firewall products, routers, and IPv6-enabled network appliances offer a fairly limited IPv6 support and they have implementation problems in their IPv6 stack. The .vantronix firewall, loadbalancer, and VPN gateway support full IPv6 operation with stateful firewalling , and Trusted Proactive Security. Much of the network design over the last 15 years has assumed that we are running in an IPv4 world.


vantronix (en) (High-secure products based on OpenBSD

The .vantronix security appliances, or routing firewalls, are premium systems based on a high secure and reliable platform and powerful qualitative hardware. The advanced firewall module for HP Networking E5400/E8200 zl Series. The stable high-level firewall for a high load. The optimal Branch Office Firewall.


vantronix (en) (The functions

The .vantronix routing firewalls will optimize your network with the benefit of trusted proactive security. Vantronix provides sophisticated products with a higly optimized functionality. Overlapping or identical IP subnets in multiple independent Routing Domains. Policy-based Routing using the packet filter classification engine. Transparent operation as bridging VPN gateway. Stateful firewall failover for HA.