A fundamental rule true for all security devices is to keep complexity on a manageable level, since setup and maintenance tends to get more cumbersome and error-prone as the overall system complexity increases.
GateMARA considers this fundamental rule by incorporating Role Based Access Control (RBAC) into the administration of the firewall. RBAC allows to create administrative roles in an hierarchical tree. Responsibility of security zones can then be delegated to parts further down the tree which only have administrative power to the resources required for this security zone. Thus it is possible to have a very precise segmentation, enabling to manage even large and complicated networks. Tasks and results can be controlled by administrators knowing most about the specific segment.
The straightforward rule administration provides a better general view on the actual configuration which will help to create a correct rule set. Before committing changes to the rule set, each administrative role can test out and verify their own rules independently and in a sandbox without clashing with network traffic or other roles.
The role based administration based on RBAC makes it easy to provide each administrator with as much authority as is required without giving away too much power. This feature will not only increase security, but also productivity. The core network administrators can concentrate on issues beneficial to the whole organization and staff members of different departments who will be able to take care of their local problems. This reduces the amount of highly skilled expensive security experts, needed to maintain a high level of security. A well designed RBAC tree will make daily modifications possible without unpredictable risks.
A displacement with GateMARA will allow organizations which are already using traditional firewalls between different departments to achieve a much more fine grained supervision of their network and reduce the number of administration points.
When GateMARA is installed, the network can easily be divided into many logical levels where the points of inspection reflect security needs rather than physical wiring issues.
Thanks to its bridging and routing firewall technology, GateMARA is capable of controlling the communication between VLANs without the risk of spoofing. Isolation of different security zones can be kept intact even when the segmentation is done without changes to the IP addressing.
GateMARA incorporates dynamic user based firewall rules and integrates with Active Directory, LDAP, RADIUS and 802.1x. This ensures compatibility to well-known standards and allows to base your rules not only on machines, but also on users. The security policy will apply independently to the machine or part of your network to which your users log in.
These unique features make the transition to GateMARA quick and painless.