Time and time again the question is asked “How Does PacketViper compare to a <Insert Firewall Name Here>?
We explain what we do, compared to what they do. The very next sentence is “We can do that now with <Insert Firewall Name Here>“
Can you Really?
I’m going to explain the differences between <Insert Firewall Name Here> and PacketViper. What you have to keep in mind is PacketViper is designed to remove the traffic before entering the security environment. It quickly eliminates unwanted traffic to improve the performance throughout the entire security environment. PacketViper’s sits inline, fail-open bypass, transparent Geo IP layer has a significant positive impact to every gateway, spam filter, mail and web servers, VPN portals, and so on. It immediately hardens even the most exposed networks with a few clicks, and no complex configuration.
Although many want to compare us to <Insert Firewall Name Here>, we are in the security layer to to help them work more efficiently. Our layer can do many different things which they can not offer because of their Layer3+ inspections. if you activated every feature to its fullest on <Insert Firewall Name Here>, what would the latency cost be to your traffic? I would say pretty great, not to mention log and alert overload, false positives, troubleshooting connection issues, and customer complaints.
Technically we are a firewall, but <Insert Firewall Name Here> is not a PacketViper, a Layer2, bi-direction, per port, Country Network Filter, with detailed actionable geo location linking through-out the entire system. <Insert Firewall Name Here> would show significant performance impacts should they try to be a PacketViper.
CheckPoint IPS blade note from a commentator ” Please Note enabling the perform all IPS inspection on all traffic, can have a adverse effect on the performance of the firewall”
1. PacketViper is a inline appliance or software which operates at Layer 2, transparent, and adds no network hop to the packet.
Explanation: Although some firewalls could operate at Layer2, most are not used in this capacity because of the other features which are generally built in. L3 + is the method they prefer given the deep packet inspection they perform. Layer2 along with our Geo location database sets PacketViper far apart from the <Insert Firewall Name Here>. PacketViper operates at near wires speeds but provides more actionable IP, Network, Region, City, ISP, and Country information than any <Insert Firewall Name Here>.
Some of these complex firewalls are like a small child; they touch and get into everything, need constant handling, and coddling – Frank Trama
2. PacketViper looks “only” at the header information of the packet. This is how we keep near wire speeds, negligible latency, and yet provide better details.
Explanation: PacketViper keeps its high performance by only looking at the header information that is then matched to our Geo Location database. <Insert Firewall Name Here> runs the packet through a gambit of tests, checks, patterns, and anything else you can imagine. But PacketViper is not some dumb layer2 device by no means. Here is a comparison of just one aspect in our detail and practicality of PacketViper.
PacketViper Active Connections
SonicWall’s Active Connections
BrarracudNG Active/Live Connections (Extracted from BNIK video, see it here)
CheckPoint IPS Blade - (Extracted from video from Jafer Jabir video, which you can see in its entirety here)
4. PacketViper is very simple to filter out unwanted country traffic.
Explanation: PacketViper is one of the simplest devices to use, to filter unwanted traffic into the environment. Looking at the <Insert Firewall Name Here> configuration is a challenge. I understand the devil is in the details, but when you are being flooded with email, web requests, DDoS, dictionary attacks, probes, or NMAP’s on a daily basis, so to us the devil is the common sense. Do you really need someone from some country probing your VPN port? You see some firewall vendors show statements like;
<Insert Firewall Name Here> Next-generation firewalls protect you from denial of service (DoS) attacks using a policy-based approach that ensures accurate detection. You can deploy DoS protection policies based on a combination of elements including type of attack, or by volume (both aggregate and classified), with response options including allow, alert, activate, maximum threshold and drop.
Then you get into it, and its back to the same policy building, group attaching, priority placing, endless pop-up screens, to get awesome granularity. Let me show how a simple Layer2 geo ip network filter does the exact same thing.
PacketViper Triggers to prevent DDoS, By Country, Global Network List, or Global Network Lists
5. PacketViper blocks countries by ports.
Explanation: Even though blocking a country is not new, the way we do it is. We do not just filter the country but rather the country, its ports bi-directionally, and some. It is so simple with PacketViper you will wonder how this can be. I found one video from Fortinet that was tolerable. The others would just lose you in the details trying to block a country at a port.
If you take a look at everything these super firewall and IDS systems do, it would amaze and awe anyone, until you get into them. Like looking down from space at the earth its breathtaking. Until you get to the ground to find billions roadways, buildings, offices, rooms, closets, and alcoves. – Frank Trama
PacketViper combating network attacks by blocking countries
Foritnet Blocking a Country – As you can see with Fortinet, they are not really geared for quick country control.
6. PacketViper can quickly redirect traffic based on the source IP, network, country, or Global Network List.
Explanation: DNat is not a new thing, but with PacketViper you have a much more common sense method, and more details.
Aside from a constant labor intensive management, false positives, log overload, and long learning curve complex firewalls or IDS. They are an absolute must in the security environment. Which ever one you choose or have chosen, PacketViper will eliminate the pressure to and through them. PacketViper stops the traffic and the SYN request so the remainder of the packet will not traverse, thereby freeing up valuable bandwidth, and resources.
PacketViper improves the entire security layer by removing the unwanted traffic through them.