RE: GNAT Box

[Randy Johnson <RandyJ () metainfo com>]

it costs $1000.00 for an 'unlimited' version. While the demo works well
for a small network, I found the '100 concurrent connections'
restriction unworkable for my set up.

However, it is a VERY well designed poduct (IMHO)

-----Original Message-----
From: Logan Hansen [mailto:llhansen () adams edu]
Sent: Friday, December 04, 1998 1:30 PM
To: firewall-wizards () nfr net
Subject: GNAT Box


What do you have to say about the GNAT Box?  It almost looks like a
Linux box with IP masc enabled with something like IPFWADM or FWTK setup
on it.  On the plus side, it's designed to run off a single floppy
(Linux Router Project?)! 

Here's the HYPE (Selected from www.gnatbox.com/pages/faq.html):

GNAT Box is the technological outgrowth of GTA's ICSA (formerly the
NCSA)
Certified GFX Internet Firewall System. Although the GNAT Box doesn't
have all the
features and functionality of its parent, it still retains the stateful
transparent packet
inspection technology of the GFX system. In its default configuration
the GNAT Box
does not accept unsolicited connections from the external network. The
GNAT Box is
an "in band proxing firewall", which means that TCP and UDP based
applications can
pass packets transparently through the GNAT Box system without needing
modified
(special) clients or servers. We use the term "proxy" because the GNAT
Box monitors
all communications levels including the application level.

The GNAT Box system supports three types of filters: Remote
Access Filters, Outbound Filters, and IP Pass Through Filters. The
built-in implicit rule
for the GNAT Box system is, "That which is not expressly permitted is
denied."
Therefore, if no filters of any type were defined, packets would not be
allowed to flow
to or through (inbound and outbound) the GNAT Box system. 

The GNAT Box system provides transparent operation of many VPN
implementations. Two of the most common VPNs: Microsoft Corporation's
PPTP and
Data Fellows SSH are supported transparently. Other VPN solutions, such
as
hardware based systems typically operate transparently with the GNAT Box
system

GNAT Box is transparent to standard TCP and UDP applications. GNAT Box
also
supports difficult applications that require both inbound and outbound
connections
like:

                        FTP (normal and PASV) 
                        RealAudio/RealVideo 
                        Vxtreme 
                        Vosaic 
                        CU-SeeMe 
                        StreamWorks 
                        VDOLive 
                        VIVOActive 
                        True Speech 
                        NTT AudioLink 
                        NTT SoftwareVision 
                        RSTP Applications 
                        Yamaha MIDPlug 
                        Microsoft PPTP 
                        Microsoft NetShow 
                        ICQ 
                        Quake II 
                        Net2Phone