GB -OS
Simple, Powerful and Affordable
A Firewall Operating System


Global Technology Associates designed and built it's first firewall in 1994 - the GFX-94. Two years later in 1996, the GNAT Box firewall was released running GTA's first purpose built firewall operating system. Today our firewalls run the GB-OS ® firewall operating system, the result of 20 years of development.

Overview

All GTA Firewalls, both appliances and software based are powered by GB-OS, "the original cost effective Internet firewall system". GB-OS is a totally self-contained solution that integrates an operating system with innovative hybrid UTM firewall technology into a single high performance, compact system.

GB-OS' numerous features and configuration settings are consistent across GTA's entire firewall product line and with automatic updates, GB-OS is assured to always be running the latest version. GTA firewalls are easily kept up-to-date, protecting networks from the latest Internet-based attacks with up-to-the-minute features and enhancements.

GB-OS prevents unauthorized access from un-trusted networks by completely hiding your internal network and providing transparent network access to end users. The system utilizes stateful packet inspection and advanced routing features with a powerful network address translation system. Unlike some firewall systems, GB-OS provides the user with complete transparent network access to external and private service networks for IP protocols (e.g., TCP, UDP and ICMP) based applications. In addition, GB-OS supports Dynamic Gateway Architecture with WAN failover, along with advanced routing protocols such as OSPF, BGP, and RIP. Remote access is also provided with the Mobile IPSec VPN Client, PPTP, L2TP and the GTA SSL Browser and SSL Client . Easy installation and setup provide users with reliable network access via laptop or mobile device, including iPhones and Android-powered devices.

Powerful unified threat management features include an Intrusion Prevention System (IPS) , Mail Proxy with anti-spam and anti-virus options and content filtering that can be expanded to filter based on website content with optional subscription based Web Content Filtering . Using GB-OS' robust unified threat management features, administrators can effectively lock down their network while protecting resources from dynamic threats.

GB-OS is managed from an easy-to-use, web based GUI interface and is supplied on all GTA firewall systems. GB-OS is the ideal solution for organizations of all sizes. Low cost and wide variety of standard features makes the GTA firewall family the price/performance market leader. GB-OS reduces the complexity of maintaining firewall security while continuing to provide a wide array of powerful, customizable configuration options.

GB-OS on Virtual Machines

GB-Ware, GTA's GB-OS software firewall is an ideal solution for installation on Virtual Machine (VM) platforms. Customers operating on virtual machine environment can now run both their GB-Ware Firewall system and network services on the same hardware. GB-OS supports running the GB-Ware Firewall system on virtual machine platforms that include VMWare, Citrix XenServer and Hyper-V in addition to many others including cloud hosting services. ISPs and managed service providers can also run multiple copies of GB-Ware on the same hardware, providing flexible firewall protection for each customer's specific environment.

Intuitive, Flexible Configuration

Assisting users via a guided walk through for a variety of standard configuration tasks, GB-OS' wizard section supplies all levels of users with the tools needed to successfully configure a GTA firewall. The Basic Setup Wizard guides novice users through what can be a complex and intimidating task of standard firewall configuration while the VPN Setup Wizard supplements the guided directions with graphical reinforcement of completed tasks - providing the user with a better understanding of the VPN creation process. The IPS Setup Wizard also provides an intuitive interface to guide users through the initial setup of an intrusion prevention system.

Automatically generating basic policies for implementing many firewall or networking features, GB-OS reduces the complexity of utilizing these features on the GTA firewall. With the basic policies generated automatically, administrators can focus on customizing the default policies to match their network and security implementation. Automatic policy generation is available for many features on GTA firewalls including VPN, SNMP, DNS and NTP services.

Simple, flexible security policies allow network administrators to match the firewall's configuration to the network it protects. Administrators are able to create objects to predefine network addresses, VPN settings, service groups and time groups. With country blocking, administrators can allow or deny traffic based upon IP address country codes. And with object encapsulation, one-click access to new configuration screens, new objects can be created without exiting the configuration section.

Furthermore, GB-OS eliminates the worry about network stability when making configuration changes or version upgrades. With Live and Test modes, administrators can reduce downtime and errors when modifying a system's configuration. During version upgrades, GB-OS maintains an easily accessible copy of the previous runtime configuration in non-volatile static memory. These redundant runtimes provide a fail safe environment to edit configurations and upgrade. And with automatic updates, GB-OS is assured to always be running the latest version, protecting networks from the latest Internet-based attacks with up-to-the-minute features and enhancements.

GB-OS also includes automatic backup options, ensuring safe and reliable access to vital firewall configurations. By enabling automatic backup, a backup file is saved every time a change is made and saved during Live mode. These backups can be emailed, saved to a USB device, or saved to a remotely secure cloud storage location. The backups can then be downloaded and imported back into the firewall from either the USB device or cloud storage.

Dynamic Gateway Architecture

GB-OS' unique Dynamic Gateway Architecture provides traffic shaping, load sharing, dynamic routing and gateway failover for flexible traffic management. Traffic shaping is essential for network administers to optimize network usage. Choose from a variety of routing protocols including RIP, BGP and OSPF as well as static routing and policy-based routing. The many customizable routing options provided by GB-OS ensure easy implementation into most network environments.

Gateway failover adds an extra layer of redundancy to a network setup by allowing for multiple external gateways. GB-OS will seamlessly redirect all outbound traffic to an alternate gateway should the primary fail. GB-OS also supports several types of link aggregation (failover, LACP- Link Aggregation Control Protocol, Load Balance, and Round Robin), providing system administrators with the tools to increase bandwidth s peed and network failover. Increased throughput and redundant connectivity ensure the reliability of network uptime.

Comprehensive Unified Threat Management Protection

With GB-OS' robust unified threat management features, administrators can effectively lock down their network while protecting resources from dynamic threats. Powerful unified threat management features include an Intrusion Prevention System (IPS), GTA's Mail Proxy with Anti-Spam and Anti-Virus options and Web Content Filtering with an additional Web Filtering option.

GB-OS includes an Intrusion Prevention System which carefully analyzes traffic and automatically blocks attacks before reaching the network. By comparing data packets against over 4000 signatures, GB-OS is able to protect networks from a variety of exploits including Web attacks, telnet, RPC, database, NetBIOS, multimedia, email, FTP, network services, DoS/DDos, peer to peer and backdoor attacks. Users will be able to selectively activate IPS rules on their system and updated signatures are automatically delivered to the firewall.

Optional mail and web content offerings further protect the network. The Mail Proxy Anti-Virus feature provides real-time virus and malware scanning of email against a database of nearly 100,000 virus definitions. The Mail Proxy Anti-Spam subscription option, using multi-level anti-spam technology, offers customizable spam blocking and filtering for a system’s email proxy. Finally, the Web Content Filtering subscription option allows organizations to increase productivity and reduce liability by limiting access to unproductive or inappropriate web sites based on over 70 category ratings.

IPv6 Support

IPv6 is an internet protocol, the future of IP addresses that will replace the current IPv4 addresses. IPv6 addresses are 128-bit numbers, divided into eight, 16-bit hexadecimal blocks separated by colons. IPv4 addresses are 32-bit numbers with about 4.3 billion possible addresses. In contrast, IPv6 addresses are 128-bit numbers with approximately 340 undecillion (1036) possible addresses.

As scarcity of IPv4 address continues to increase, it is important to prepare for the future of IPv6 addresses. GB-OS allows organizations to prepare for and deploy IPv6 to ensure business continuity and growth, while still using IPv4. IPv6 configuration support includes statically assigned IP addresses for IPv6, DHCPv6, Stateless Address Auto configuration (SLAAC), Dual Stack (IPv4 and IPv6) addresses, IPv4 and IPv6 VLAN interfaces, IPv4 and IPv6 Link Aggregation, IPv4 HA Interfaces and IPv4 Bridge Mode. With each update and software release, GTA continues to expand IPv6 support for various features, services and configuration options.

VPN Features including Remote Access

Integrated industry standard IPSec virtual private networking for both site-to-site installations and remote mobile users means that secure remote access can be a reality for even the smallest organization. GB-OS contains comprehensive VPN features such as certificate support, NAT through VPN, VPN keep alives, and VPN failover along with several options for remote access.

VPN connections can be authenticated utilizing GBAuth, Single Sign-on, or certificates - providing an additional layer of authentication control. With VPN keep alives consistent, continuous connections are ensured even during periods of no activity. This establishes a stable VPN connection in case of Internet network disruption or periods of no data packet transmissions. GB-OS also provides business continuity with VPN failover. Continuous uptime is provided through automatic backup tunnels for every active tunnel. Should one tunnel fail, business activities will be able to proceed uninterrupted without compromising network security.

With GB-OS, several remote access options are available through the GTA Mobile IPSec VPN Client, PPTP, L2TP, SSL Browser and SSL Client. Easy to install and setup, these options allow remote workers to securely access protected networks. Users are seamlessly connected to the network, allowing access to files, applications and intranets. Via GB-OS' Unified Threat Management protection, user authentication and threat detection occur at the gateway, protecting against unauthorized access, data loss and malicious threats such as viruses, worms and spyware. GTA's remote access options are flexible and guarantee safe and secure network access from virtually any location and device.

GB-OS summary screens are provided for each major menu section, allowing firewall administrators to quickly scan a snapshot of firewall activity. Collapsible table sections let the user select which items to view on screen, further enhancing the quick view functionality by keeping information readily available at your fingertips.

The reporting section of the GB-OS interface provides easily generated usage and status reports with detailed graphs and tables. Quickly access and share vital information on network and VPN traffic as well as other customizable options. Scheduling of reports is available in daily to monthly time frequencies with report data representing daily to yearly time frames.

Historical Statistics, included in the report data, are also available for instant viewing on the GB-OS interface. These graphs are customizable, allowing administrators to choose the color combinations used in graphing the data, making printing and sharing easy and accessible for every organization.

Clean Graphical User Interface

The GB-OS graphical user interface focuses on simple user interaction. From the consistent menu and icon placement to the multi-layered configuration screens, users will discover an interface designed for easy interaction. Monitoring and managing a GTA firewall using GB-OS is simple, with fine-tuning customizable choices and options maintained across various configuration sections.

Also featured are graphical configuration verification alerts - red, yellow and green lights - which indicate whether the firewall UTM system configuration contains potential errors that may result in the system not functioning as expected. Especially useful during initial configuration or configuration modifications, these verification alerts are active in both live and test modes, making possible configuration problems easily identifiable.

Automated System Software Updates

Automated updates reduce the time and complexity of keeping GB-OS up-to-date with patch releases and version upgrades. System administrators may elect to schedule the GTA firewall UTM system to check for updates on a regular basis or to utilize the update feature to retrieve activation codes for installing optional features such as additional Mobile VPN client licenses and Mail Proxy Anti-Virus or Anti-Spam subscriptions.

Graphical configuration verification alerts - red, yellow and green lights - which indicate whether the firewall UTM system configuration contains potential errors that may result in the system not functioning as expected. Especially useful during initial configuration or configuration modifications, these verification alerts are active in both live and test modes, so alerts for possible configuration problems are easily identified.

Exported XML configuration files can be edited offline for use on GTA Firewall UTM systems or for use with other third party version control, reporting and monitoring applications. Large configuration sections, such as authentication, can be uploaded to a GTA Firewall UTM system in XML format.

Intuitive Platform Independent GUI

The GB-OS graphical user interface focuses on today's user. From the consistent menu and icon placement to the multi-layered configuration screens, users will discover an interface designed for easy interaction. Monitoring and managing a GTA firewall using GB-OS is simple, yet maintains the fine-tuning customization choices our advanced power users have grown to expect.

GB-OS eliminates the worry about network stability when making configuration changes or version upgrades. GB-OS offers Live and Test configuration modes unique on GTA firewalls. Use Test Mode as a virtual firewall scratch pad to change configurations without affecting the firewall's operational runtime. Once the desired changes have been verified they can be copied to become the live configuration. During version upgrades, GB-OS maintains an easily accessible copy of the previous runtime configuration in non-volatile static memory. These redundant runtimes provide a fail safe environment to edit configurations and upgrade.

Object Encapsulation

Ease of use is the driving force behind implementation of GB-OS' Object Encapsulation. Creating objects for use in security policies has been simplified through one-click access to new object creation screens. New objects can be easily created without exiting the configuration sections. Object encapsulation maintains the power of utilizing objects while eliminating the cumbersome multi-screen creation process.

Automatic Policies

Automatically generating basic policies for implementing many firewall or networking features, GB-OS reduces the complexity of utilizing these features on the GTA firewall. With the basic policies generated automatically, administrators may focus on customizing the default policies to match their network and security implementation. Automatic policy generation is available for many features on GTA firewalls including VPN, SNMP, DNS and NTP services.

Easy Monitoring

With new monitoring and summary screens, knowing what's happening on your GTA firewall is painless. Relevant data is displayed on a single screen. Summary screens are provided for each major menu section, allowing firewall administrators to quickly scan a snapshot of firewall activity. Collapsible table sections let the user select which items to view on screen, further enhancing the quick view functionality by keeping information readily available at your fingertips.

Setup Wizard

The wizard section in GB-OS assists users via a guided walk through for a variety of standard configuration tasks. The Basic Setup Wizard guides novice users through what can be a complex and intimidating task of standard firewall configuration. The VPN Setup Wizard supplements the guided directions with graphical reinforcement of completed tasks, to provide the user with a better understanding of the VPN creation process. The IPS Setup Wizard provides an intuitive interface to guide users through the initial setup of an intrusion prevention system.

Feature Set


  • VPN Failover
  • Link Aggregation - Failover, LACP, Load Balance, and Round Robin
  • LDAP, RADIUS, and Active Directory Single Sign-On authentication
  • Traffic shaping
  • Routing Protocol Support - BGP, OSPF, RIPv1 & v2
  • Runs on VM platforms (VMware, XenServer, Hyper-V)
  • Intrusion Prevention System
  • Automatic system updates
  • VLAN support
  • Group support for policies
  • DHCP based on MAC Address
  • Inbound load balancing supported
  • Dynamic DNS allows multiple dynamic DNS definitions
  • NAT through VPN connection
  • Switch between runtimes stored in non-volatile through web interface
  • 50 predefined service groups added to object editor for use in policy creation


  • Pre-configured default objects
  • Configuration verification status via traffic light icons
  • Ability to disable objects without deleting
  • Service groups supported when configuring security policies and tunnels
  • Allow/block java script or ActiveX by policy
  • Allow/deny protocol on any interface
  • Time group objects supported
  • Web Content Filtering allows multiple local allow & deny lists via address objects
  • Web Content Filtering allows wildcards in domain names using regular expression for policies
  • Web Content Filtering user group authentication based on policy
  • GTA's Mail Proxy Anti-Spam includes grey listing filtering
  • Utilize keep alives packets to retain active status of IKE VPN connections
  • Configuration export in xml format.
  • GSM Modem Support.