GB-OS® Overview

GTA's GB-OS system software is a dedicated feature rich firewall operating system. The graphical user interface was designed with a focus on smooth user interaction. The clean, sleek presentation of information provides an intuitive basis for monitoring and configuring any GTA firewall. Utilizing innovative new features, GB-OS reduces the complexity of maintaining firewall security while continuing to provide a wide array of powerful, customizable configuration options.

VPN Failover

GTA Firewall UTM systems running GB-OS 5.2 can ensure business continuity with remote and office branches with VPN failover. Continuous uptime is provided through automatic backup tunnels for every active tunnel. For example, if the primary gateway fails or becomes unavailable, VPN failover will automatically failover to the established secondary gateway. Once the primary gateway is restored, the connection will automatically fail back for continuous connectivity at the best possible speed. Business activities will be able to proceed uninterrupted without compromising network security.

Link Aggregation

GB-OS 5.2 supports several types of link aggregation - Failover, LACP (Link Aggregation Control Protocol), Load Balance, and Round Robin. By using multiple network interfaces, administrators are able to increase bandwidth speed and network failover. With increased throughput on local area networks and redundant connectivity, administrators are able to ensure the reliability of network uptime. Link aggregation is an inexpensive solution for building a high speed network with the capability to transfer more data than a single device or port can alone.

Advanced Routing Options

The Dynamic Gateway Architecture of GTA Firewall UTM Systems includes BGP and OSPF routing protocols. IT managers can choose from a variety of routing protocols, including static routing and policy based routing by source destination, port or address, to optimize network usage. These additional routing protocols complement the existing features of GTA Firewall UTM Systems to provide customizable implementation into most network environments.

GB-Ware on Virtual Machines

Installation of GB-Ware Software Firewall UTM system on a Virtual Machine (VM) host expands the customizable implementation options available for GTA systems. Customers operating a Virtual Machine server can now run both their GB-Ware Software Firewall UTM system and network services on the same hardware. GB-OS 5.2 supports running GB-Ware Software Firewall UTM systems on a VMWare system or Citrix XenServer. ISPs and Managed Service providers will also be able to run multiple copies of GB-Ware on the same hardware, providing flexible firewall protection for each customer's specific environment.

Single Sign-On Authentication with Active Directory

Tracking users is simplified with support for Single Sign-On authentication through an Active Directory Domain Controller- no additional software to install for each end user client machine. Once authenticated, GTA Firewall UTM policies are automatically applied and activities are logged by the firewall according to user ID. Single Sign-On authentication can replace GBAuth as an authentication method in larger organizations that utilize Active Directory systems.

Surf Sentinel Enhancements

Surf Sentinel offers granular control of content filtering with over 100 million URLs categorized into over 70 categories. These enhancements allow for more customizable Internet content control for your GB-OS Firewall UTM system. Need to allow employees more lenient Internet access during their lunch break or after hours? Subscribers will now be able to apply time groups to Surf Sentinel policies. Time groups add one more layer of flexibility to the Surf Sentinel Content Filtering solution.

Intrusion Prevention System

GB-OS 5.2 includes an Intrusion Prevention System. By comparing data packets against over 4000 signatures, GTA firewall UTM systems will protect networks from a variety of exploits including Web attacks, telnet, RPC, database, NetBIOS, multimedia, email, FTP, network services, DoS/DDos, peer to peer and backdoor attacks. Users will be able to selectively activate IPS rules on their system, while updated signatures will be automatically delivered to firewalls with upgrades enabled through GTA support offerings.

VPN Enhancements

GB-OS 5.2 includes comprehensive VPN features including certificate support, NAT through VPN and VPN keep alives. In addition to GBAuth, VPN connections can be authenticated utilizing X.509 certificates for an additional layer of authentication control. VPN keep alives provide more stable VPN connections in case of Internet network disruption or periods of no data packet transmissions. Remote offices can maintain VPN connections even during periods of no activity with VPN keep alives, ensuring a continuous consistent connection.

Automated System Software Updates

Automated updates reduce the time and complexity of keeping GB-OS 5.2 up-to-date with patch releases and version upgrades. System administrators may elect to schedule the GTA firewall UTM system to check for updates on a regular basis or to utilize the update feature to retrieve activation codes for installing optional features such as additional Mobile VPN client licenses, Mail Sentinel Anti-Virus, or Mail Sentinel Anti-Spam subscriptions.

Graphical Configuration Verification Alerts

Graphical configuration verification alerts - red, yellow and green lights - which indicate whether the firewall UTM system configuration contains potential errors that may result in the system not functioning as expected. Especially useful during initial configuration or configuration modifications, these verification alerts are active in both live and test modes, so alerts for possible configuration problems are easily identified.

XML Configuration Export/Import

Exported XML configuration files can be edited offline for use on GTA Firewall UTM systems or for use with GB Commander 2.1 or other third party version control, reporting and monitoring applications. Large configuration sections, such as authentication, can be uploaded to a GTA Firewall UTM system in XML format.

Intuitive Platform Independent GUI

The GB-OS graphical user interface focuses on today's user. From the consistent menu and icon placement to the multi-layered configuration screens, users will discover an interface designed for easy interaction. Monitoring and managing a GTA firewall using GB-OS is simple, yet maintains the fine-tuning customization choices our advanced power users have grown to expect.

Live and Test Configuration Modes

GB-OS eliminates the worry about network stability when making configuration changes or version upgrades. GB-OS offers Live and Test configuration modes unique on GTA firewalls. Use Test Mode as a virtual firewall scratch pad to change configurations without affecting the firewall's operational runtime. Once the desired changes have been verified they can be copied to become the live configuration. During version upgrades, GB-OS maintains an easily accessible copy of the previous runtime configuration in non-volatile static memory. These redundant runtimes provide a fail safe environment to edit configurations and upgrade.

Object Encapsulation

Ease of use is the driving force behind implementation of GB-OS' Object Encapsulation. Creating objects for use in security policies has been simplified through one-click access to new object creation screens. New objects can be easily created without exiting the configuration sections. Object encapsulation maintains the power of utilizing objects while eliminating the cumbersome multi-screen creation process.

Automatic Policies

Automatically generating basic policies for implementing many firewall or networking features, GB-OS reduces the complexity of utilizing these features on the GTA firewall. With the basic policies generated automatically, administrators may focus on customizing the default policies to match their network and security implementation. Automatic policy generation is available for many features on GTA firewalls including VPN, SNMP, DNS and NTP services.

Easy Monitoring

With new monitoring and summary screens, knowing what's happening on your GTA firewall is painless. Relevant data is displayed on a single screen. Summary screens are provided for each major menu section, allowing firewall administrators to quickly scan a snapshot of firewall activity. Collapsible table sections let the user select which items to view on screen, further enhancing the quick view functionality by keeping information readily available at your fingertips.

Wizard Section

The wizard section in GB-OS assists users via a guided walk through for a variety of standard configuration tasks. The Basic Setup Wizard guides novice users through what can be a complex and intimidating task of standard firewall configuration. The VPN Setup Wizard supplements the guided directions with graphical reinforcement of completed tasks, to provide the user with a better understanding of the VPN creation process. The IPS Setup Wizard provides an intuitive interface to guide users through the initial setup of an intrusion prevention system.

GB-OS as a Total Security Solution

GTA firewalls combine both standard and advanced features into one easy-to-use appliance. Whether you choose plug-and-play for basic perimeter security or more advanced options like Gateway Failover and IP Aliasing, you'll experience the ease of use of GTA's proprietary secure operating system

Optional Features for GB-OS

Adding optional features such as additional mobile VPN clients, Mail Sentinel Anti-Virus, Mail Sentinel Anti-Spam subscriptions, Surf Sentinel content filtering or H2A High Availability is easy with a simple activation code. There is no additional hardware or software installation required.

Mail Sentinel Anti-Spam - Mail Sentinel Anti-Spam allows organizations to add spam control to the email proxy running on GB-OS based devices. Subscription based option.

Mail Sentinel Anti-Virus - Mail Sentinel Anti-Virus allows organizations to add SMTP based virus control to the email proxy running on GB-OS based devices. This feature is included with a valid GTA support contract.

Surf Sentinel Content Filtering - Surf Sentinel allows organizations to increase productivity while reducing liability of access to unproductive or inappropriate web sites. Subscription based option.

GTA Mobile VPN Client - Add additional GTA Box Mobile VPN Clients. Available in single client or multi-user packs.

H2A (High Availability) - H2A provides your organization with firewall redundancy, assuring that firewall downtime does not mean network access downtime.

GB Commander 2.1 - GB Commander 2.1 offers centralized management of GTA firewalls via one point access for all GTA firewalls on your distributed network.

GTA Reporting Suite 2.1 - Easy-to-use Windows-based tool generates on-demand, top-level summary reports and charts of information contained in GTA firewall logs.

Support

Your purchase of a GTA Firewall UTM system includes 60 days of software updates and 30 days of up-and-running support available through GTA's technical support staff in North America, and internationally through an authorized GTA Channel Partner.

GTA support programs provide remote assistance with on-going maintenance of your GTA Firewall UTM products and software. GTA offers a variety of support options. Contact your local authorized GTA Channel Partner or ask GTA's helpful sales staff to match support offerings to your organization's needs. Remote or on-site technical support may also be available through your authorized GTA Channel Partner.

Why ICSA 4.1 Corporate Certification?

Data security is important, and your firewall should provide the best protection available. GTA firewalls have maintained continuous ICSA Certification since 1996, providing independent verification that your data is secure. Today, all GTA firewall products are certified under the stringent ICSA 4.1 Corporate criteria, so no matter which GTA firewall suits you best, you can trust it to protect your network from unauthorized access.

GTA GB-OS Announcement Mailing List

If you would like to receive email notification of future product release, send email to gta-announce-subscribe@gta.com, and we will add you to our announcement mail list.

Expanded Feature Set

• VPN Failover
• Link Aggregation - Failover, LACP, Load Balance, and Round Robin
• LDAP, RADIUS, and Active Directory Single Sign-On authentication
• Traffic shaping (BGP, OSPF, RIP v1, v2)
• GB-Ware VM support
• IPS, IDS
• Automatic system updates
• VLAN support
• Group support for policies
• DHCP based on MAC Address
• Inbound load balancing supported
• Dynamic DNS allows multiple dynamic DNS definitions
• NAT through VPN connection
• Switch between runtimes stored in non-volatile through web interface
• 50 predefined service groups added to object editor for use in policy creation
• Pre-configured default objects added
• Configuration verification status via traffic light icons
• Ability to disable objects without deleting
• Service groups supported when configuring security policies and tunnels
• Allow/block java script or ActiveX by policy
• Allow/deny protocol on any interface
• Time group objects supported
• Surf Sentinel allows multiple local allow & deny lists via address objects
• Surf Sentinel allow wildcards in domain names using regular expression for policies
• Surf Sentinel user group authentication based on policy
• Mail Sentinel Anti-Spam includes grey listing filtering
• Utilize keep alives packets to retain active status of IKE VPN connections
• Configuration export in xml format.
• GSM Modem Support.