- Filtering rules based on protocol, port, IP addresses, packet length, and bit field match.
- Fast propagation of rule changes in less than a minute.
- Single dashboard to manage firewall and network configuration.
- Programmable API for automated deployment and management — compatible with infrastructure-as-code platforms like .
- Traffic analytics per rule in the dashboard and using the .
- Integration with .
- Included DDoS protection with .
All standard features are included with the purchase of the advanced features below.
- Customizable IP lists.
- Managed threat intelligence IP lists (Malware, Botnet, Anonymizer).
- Geoblocking based on user location by country.
- Block or allow packets based on Autonomous System Number (ASN).
- Packet captures on demand for network troubleshooting.
- Protocol validation rules to inspect traffic validity and enforce a positive security model.
- Optional upgrade to full stateful Secure Web Gateway using for outbound Internet traffic. The Secure Web Gateway upgrade supports all TCP and UDP ports, traffic sourced from RFC, and BYOIP.
- Intrusion Detection System (IDS).