Optimization

WiJungle proprietary operating system having separate data,control and management plane now supports :

1. FastPath packet optimization : it improves firewall throughput performance by automatically putting trusted and secure packets on the fast path where they don’t have to be processed by the firewall policy engine for identification and destination. Instead, the firewall forwards these packets directly to the security engine for scanning om the parallel pass architecture.

2. TLS 1.3 : native TLS 1.3 inspection and decryption capability in transparent & proxy mode with an option to restrict with downgrading to TLS 1.2. And the decrypted data can be send to multiple security engines like GAV, CFS, IPS, AVC etc. Also is enabled in default mode in Managment GUI dashboard, SSL VPN etc.

3. Dual Processor: Higher end models like  U2500, U3500, U5000, U5000HX, U7500, U7500V etc have dual processor having multiple cores on their motherboard where some NIC are connected with CPU 1 and other with CPU 2 enhancing the processing capability and increasing the throughput & can scale against dynamic latest security threats.

4. Multi Factor Authentication: With Admin & User authentication(AD,LDAP,Radius,Kerberos,Local DB,API Based Authentication etc), you can enable 2/3FA with email/sms/hw token/google/twilio etc authenticators for all the platforms like windows/Mac/Linux/Android/Ios etc for unlimited users.

5. Port Agnostic Inspection & App Control: appliances are now capable of automatically detecting & inspecting the different protocols over non-standard communication ports and apply protecting policies according to them. Application Control accuracy deeply increases due to this whose numerous signatures can be updated on manual or automated basis and works independent of web filter service. Along with predefined 7000+ predefined app signatures, custom app list can be made based on different attributes like category, desc,risk etc and cooresponding app group can be selected.

6. Deep Learning based Rule Inspection: access rules can now be inspected with our machine learning models to give proper suggestion for optimization. It has an ability to remove all the active content, macros, block the malicious contents while sending document to the end user as clean document and not to legitimate destination and prevent Cross-site scripting and session hijacking etc attacks. Also added quarantine option.

7. Tap Mode: It allows you to passively monitor traffic flows across a network.

8. Wire Mode / Virtual Wire: A Wire Mode interface does not take any IP address and it is typically configured as a bridge between a pair of interfaces

9. SD-WAN Support: This feature has been added. It has extensive support for SLA monitoring for metrics like delay/latency, jitter, packet loss and adaptive routing(BGP,OSPF,PBR ,Static etc) adjustments by doing routing path selection between different connections like MPLS, ILL, VDSL, DSL, LTE, USB Dongle or broadband etc. to intelligently control the traffic to maximize the quality of the user experience. Load balancing & Routing can be based on various parameters like source/Destination address/service, User/User group & applications. Also you can enable application specific steering along with QoS as well which can done on the same access rule or can be configured separately. Also for ipv6 we have enabled support for Multicast Routing, NAT46, NAT64, NAT66, DNS64 & DHCPv6

10. Terminal & Citrix Support: We have added terminal services and citrix support for authentication.

11. Trusted Platform Module & REST API: WiJungle has a specialized chip which secures its appliances with integrated cryptographic keys and also helps provide security against threats like firmware and ransomware attacksWe have also added rest api support for management which includes CRUD operation for configuration including user, application , ips, web, app filter, routes, vpn, interfaces, zones, gateway etc.

12. Certificate Management & Validation: You can add Certificate Authority, Generate CSR, Generate Self Signed Certificate or can upload custom certificates & CRL. Also you can block invalid certificates.

13. WiJungle Content Caching: Our Web Proxy can cache the content to speed up the connection and can also identify the user identity behind proxy.

14. Central Management: This feature has been added and can be integrated via our cloud console or hardware form factor management console. You can segment the rule base in a sub-policy structure in which only relevant traffic is being forwarded to relevant policy segment for an autonomous system and provides integrated Logging & Reporting with Automated Management and Event Correlation System including IoC intelligence, threat outbreaks. Communication is encrypted and authenticated with PKI Certificates It shows all devices with their respective configuration including sd-wan & physical link up/down, cpu, ram usage etc with SLA tracking and can setup overlay routing, dhcp/dns relay etc. It can create overlay tunnels between multiple locations using an optimal architecture like hub-spoke, dual hub, full mesh etc using our easy to use predefined templates for zero touch provisioning. Logs can reside upto 1 year in the appliance & reduces the storage space requirement between 30 to 40%. Though our appliances have the ability even if management server is unavailable and support over both IPv4 and IPv6 family.

15. Advanced Anti-Bot & Intelligence: It uses a multi-tiered detection engine, which includes the reputation of IPS, URLs, Domains and DNS addresses and detect patterns of bot communications and find C&C traffic patterns. Also with our passive endpoint intelligence, WiJungle shows different parameters like OS,TTL etc and with Machine Learning enabled IOC intelligence we can alert on infected/suspicious hosts in the network.

16. DNS Interceptor & Web Filtering: DNSI intercepts the dns traffic transparently and apply web filtering policies like url,domain block/exemption in custom & predefined categories(90+), score based keyword block/exempt etc, block dns tunneling, bot communications, command and control etc and can shot custom block page. Web Filtering module can also use SSL Certificate inspection for this purpose or ssl session can be decrypted with the help of DPI.

17. Compatible with SNORT Signature: IDPS engine is compatible with SNORT signatures.

18. Enhanced Reports & Analytics: Admin can now generate instant and periodic 1000+ drill-down reports & advanced analytics with the option to export in various formats like xls,csv,pdf,html,xml etc or can be scheduled for FTP/NAS Server or email and can create customize dashboards. Reports can be on per user, application, internet traffic, geo location specific, network flow, web content, malwares, workflow automation, incidents, soc visibility, appliance health, usages, custom query base,blocked/allow connections with rule id, perforamnce stats, risk indicators, user threat quotient & logging attribute etc basis. It can also display logical topology and can also security recommendation for access rules, ips rules etc.

19. Intrusion Prevention System: WiJungle IDPS have signature and anomaly base intrusion detection and prevention system with more than 35000+ signatures with OpenAppId, Severity & Reference Support for both inet family(IPv4/IPv6). It can detect, respond, analyze behavior & anomalies and alert any unauthorized activities well as detect incidents that originate from inside the network perimeter as well as from outside the network perimeter with its proxy-less & non-buffering deep packet inspection technology and shall be able to take action like Bypass,reject which send tcp reset,drop,alert,recommended on the basis of configured policies. Have DDos protection with threshold settings agains port scan, tcp/udp syn flood, icmp sweep, sctp flood and sesson flooding, also further checks on certificate states like san, invalid date, untrusted issuer, name mismatch etc, tls cipher, sni, protocols can be applied. Server category includes signatures for web server, specific apps, network server, database servers etc which can block malicious traffic in both direction. Signatures are automatically updated through our threat cloud or can be updated offline as well or through central management server. Configurable Fail-Open option is present for traffic failure because of IDPS and pending queue size can also be increased.  

20. Anti-Malware Service: It combines our antivirus service with our sandbox cloud service or on-premise sandbox appliance  which also includes anti bot, virus break protection etc, providing robust protection against today’s sophisticated attacks and threats. Also provide option to block or allow files based on size and configurable thresholds for various protocols. Also supports protection scope in proactive and stream mode, which enables it to scan file of any size, can block spywares, key loggers based on patterns. Also supports granular scanning of more then 60+ file types. With its subscription, you will also receive Content Disarm & Reconstruction(CDR) functionality to remove all active content.

21. Hardware Fail Open Cards: WiJungle now supports hardware fail open cards for critical interfaces and appliances level.

22. On-premise Anti APT Appliance & Cloud Sandbox: WiJungle now also supports hardware anti apt appliance. It is able to bidirectionally communicate with WIJungle other product line like NGFW, VPN, WAF etc and can have instant identification & verdict response. It can inspect 75+ file types including various executables, documents, archive file and can create VM in multiple OS.

23. Air Gapped Network: WiJungle now supports air gapped environment for all provided threat functions like IPS,Antivirus etc.

24. Advanced QoS Policy & VOIP Protection: Advanced QoS Policy is supported per rule,source ip, destination ip, services,users,web and by applications. Also it can inspect & analyze SIP,H323 etc voip protocols and mitigate threats.

25. Routing Features & Protocols: WiJungle supports Static Routes, Policy Based Routes, OSPFv2, OSPFv3, IS-IS, BGP, BGPv4+, MPLS, VPLS, MPLS-TE, FRR, RSVP, BFD & IPv4 tunneling protocols along with multicast features like IGMP v1/v2/v3, PIM-DM, PIM-SM, Source Specific Multicast (SSM).

26. SNMP: WiJungle supports SNMP v1, v2c as wells as v3 and can send mail or traps to NMS.

27. NTP: WiJungle supports both NTP Server mode as well as Client mode along with PTP.

28. SSL VPN: WiJungle supports DES, 3DES, AES 128/192/256 encryption MD5, SHA, YARA Rules and Pre shared keys & Digital certificate-based authentication connection tunnel along with its clientless mechanism and tunnel negotiation with TLS 1.3 is supported along with TLS 1.2 fallback. PKI authentication with PCKS#7 & PCKS#10 or higher standards are also supported. VPN portals are also supported which includes support for various protocols like RDP Securely, SSH, FTP etc and URL masking for IP/FQDN. It also supports hardware binding capability(MAC,SSD,CPU,OS ID) for authenticated client access.

29. Airtight/Internet Network Update: WiJungle supports online as well as offline daily signature/firmware/patch updates for anti-malware, geo location, ips engine & firmware. It also support offline firmware upgrade as well. Same can be pushed through central appliance/cloud as well.

30. Cloud Logging & Backup: This service can be subscribed.

31. Dual Stack(IPv4 and IPv6): WiJungle supports dual stack on the same gateway.

32. SIEM/SOAR Integration: WiJungle supports multiple SIEM/SOAR integrations by default and provides REST API for deeper integrations as well.

33. Client Authentication: WIJungle now supports client authentication agents across multiple desktop platforms like Windows, Mac OS, Linux etc along with certificate authentication for mobile platforms like android & ios. User authentication also supports LDAP, Active Directory, Radius, eDirectory, Kerberos & TACACS+  Integration with different modes like clientless,captive portal or client agents.

34. ZTNA: WiJungle now supports Zero Trust Network Access.

35. EPS: WiJungle now supports end point security module which comes prequipped with AV, HIDS, Firewall, App Control, Server Protection, Web Filtering & DLP(App File Access Protection, Clipboard, Screenshot, Printer, Device Control, Web DLP etc) with AMSI interface. Security Modules will prevent viruses, bot mitigation ,spyware, ransomware, keylogger, C&C communication & other malware and threats. App Control allows and block app categories(browsers, zip apps, adobe apps, av apps, video apps etc) & applications. Logger will assist in finding rca to improve the security posture and provide customized query support with predefined templates and schedule integration. Remote terminal assist feature has also been implemented. DLP will assist in blocking or restricting the confidential file access and device control will assist in blocking/allowing the peripheral devices.

36. IPSEC: IPSec supports IKEv1, IKEv2 keying mechanism as well as support for latest algorithms like ECDHE, AES 512, AES-GCM,AES-GMAC etc, DH Groups including Certificates, RSA & PSK for authentication.

37. Others: WiJungle supports ip-mac binding & spoof prevention, jumbo frames, fragmented packet supports & IP Helper for other than DHCP. Additional enhancement in CLI for user/usergroup,flushing privileges, packet capture and session tracking. The minimum wire-speed performance for all services running like Routing, FW, IPS, VPN, SSL, App Control, Reverse Proxy etc is at least 2Gbps in WiJungle from Model U150 onwards.

 

Please note WiJungle OS has not reported any vulnerability in last 3 years from 2018-2022. Signature updates may be provided within 10 minutes across millions of sensors globally. All appliances have multi-core CPU x86 based architecture. Throughput mentioned in the datasheet are based on 1024 Packet Size and appliance attributes file can be referred for further throughput requirement on different packet sizes. We also have enabled support for 10G SFP+, 40G QSFP, 100G Fiber ports and can be equipped with our own transceivers as well as generic transceivers such as Syrotech etc. WiJungle provides 24x7x365 telephone, email, chat, whatsapp, telegram and web-based technical support having TAC and R&D center in India.

Was this article helpful?