Security Testing and Evaluation Labs

Stonesoft: Stonesoft StoneGate Firewall V2.0.5

The StoneGate Firewall engine is based on Multi-Layer Inspection technology that combines both stateful and application-level inspection technology to control connectivity and information flow between internal and external networks. It provides Network Address Translation (NAT) to keep internal network addresses private. The VPN security services are based on the IPSec standard and allow users multiple cryptographic support options. As part of a firewall cluster, the StoneGate Firewall engine provides a high availability feature, so that component firewall failures degrade the cluster to a fully functional and secure state.

Other StoneGate components support the Firewall engine. The StoneGate Firewall engine runs on a hardened Linux operating system that is integrated with the engine. StoneGate includes a distributed management system comprising a management server, a log server and a graphical management client for administering the engine via the two servers. These additional StoneGate components were not within the scope of the Firewall engine evaluation.

The evaluated security features of the StoneGate Firewall engine include:

• Information flow control
• Stateful information flow control for IP packets
• Filtering on network level through application level information
• Connection redirection for FTP, HTTP, and SMTP traffic
• VPN
• Confidentiality and integrity of information exchanged with security gateways
• IPSec-based authentication of security gateways
• FIPS 140-2 certified cryptographic functions
• Static NAT to protect internal network addresses from disclosure
• High Availability for engine security services through support of firewall clustering
• Auditing
• Management and protection of engine security functions