Unlike "co-processing" products, the SG630 is an advanced, self-contained multi-tasking stateful firewall and VPN appliance. It includes a RISC processor, encryption accelerator for IPsec VPN traffic and two Ethernet interfaces for host and LAN communications. The SG630 packs the power of an SG firewall/VPN solution while eliminating the cabling, space and power requirements of an external firewall appliance.

While perimeter firewalls are effective in stopping incursions from an external network, they cannot prevent attacks that originate within the protected network. Since up to 90% of network attacks are made by disgruntled employees, an effective security policy must include a multi-layered “defense in depth strategy.” The SG630 makes this possible by complementing perimeter defenses with “embedded” firewalls that secure critical servers and host systems.

Multiple SG630 adapters can be deployed throughout a network to create a robust distributed firewall that continues to operate when host systems fail or become unresponsive. Like all SG firewalls, these can be configured and managed with the SG Central Management System (CMS).

Administrators can define and implement access rules that restrict desktop users to specific servers or network resources based on their user profiles or group affiliations. For example, a Human Resources Manager may be allowed to access employee records on the HR server, but prevented from changing payroll information stored in the Accounting System.

In addition, regulatory initiatives, such as the Gramm-Leach-Bliley Act in the United States, impose significant penalties on businesses that fail to address privacy concerns by permitting unauthorized access to personal information. A defense in depth strategy can mitigate this exposure by demonstrating that the organization has conformed to all regulatory requirements.

• Dynamic stateful firewall packaged on a PCI card to secure desktop and server systems
• Fully integrated IPsec VPN
• Full PPTP VPN client and server
• Unrestricted, unlimited user license
• Web console for configuration and management
• Fully interoperable with CyberGuard appliances and other standards-based security devices
• No third-party client software required

• Security-conscious businesses that wish to deploy a defense-in-depth security strategy
• Environments where the integrity of the host server operating environment cannot be controlled or trusted
• Data Centers with Web and Application Server Farms
• Co-location/Web Hosting Center
• Organizations seeking to demonstrate compliance with regulatory requirements concerning privacy and access to personal information
datasheet (pdf)