Unified Threat Management Technology | GTA, Inc.
GB-OS® Technology

GB-OS® Overview

Global Technology Associates' primary corporate mission is to provide solid security solutions. In 1996 GTA introduced the GNAT Box Firewall which has continually evolved into its current product line of Firewall Unified Threat Management Appliances. The underlying technology for each Firewall UTM Appliance is GTA's proprietary operating system, GB-OS.

GB-OS is Global Technology Associates' dedicated, feature rich, firewall operating system - providing comprehensive network security and total perimeter threat management in a single system. GB-OS reduces the complexity of maintaining firewall security with innovative features and a wide array of powerful, customizable configuration options. The customizable options allow organizations to fine-tune GB-OS to meet their needs and with consistent features across GTA's entire product line, GB-OS is able to grow with an organization.



Intuitive, Flexible Configuration

Assisting users via a guided walk through for a variety of standard configuration tasks, GB-OS' wizard section supplies all levels of users with the tools needed to successfully configure a GTA firewall. The Basic Setup Wizard guides novice users through what can be a complex and intimidating task of standard firewall configuration while the VPN Setup Wizard supplements the guided directions with graphical reinforcement of completed tasks - providing the user with a better understanding of the VPN creation process. The IPS Setup Wizard also provides an intuitive interface to guide users through the initial setup of an intrusion prevention system.

Automatically generating basic policies for implementing many firewall or networking features, GB-OS reduces the complexity of utilizing these features on the GTA firewall. With the basic policies generated automatically, administrators can focus on customizing the default policies to match their network and security implementation. Automatic policy generation is available for many features on GTA firewalls including VPN, SNMP, DNS and NTP services.

Simple, flexible security policies allow network administrators to match the firewall's configuration to the network it protects. Administrators are able to create objects to predefine network addresses, VPN settings, service groups and time groups. With country blocking, administrators can allow or deny traffic based upon IP address country codes. And with object encapsulation, one-click access to new configuration screens, new objects can be created without exiting the configuration section.

Furthermore, GB-OS eliminates the worry about network stability when making configuration changes or version upgrades. With Live and Test modes, administrators can reduce downtime and errors when modifying a system's configuration. During version upgrades, GB-OS maintains an easily accessible copy of the previous runtime configuration in non-volatile static memory. These redundant runtimes provide a fail safe environment to edit configurations and upgrade. And with automatic updates, GB-OS is assured to always be running the latest version, protecting networks from the latest Internet-based attacks with up-to-the-minute features and enhancements.

GB-OS also includes automatic backup options, ensuring safe and reliable access to vital firewall configurations. By enabling automatic backup, a backup file is saved every time a change is made and saved during LIve mode. These backups can be emailed, saved to a USB device, or saved to a remotely secure cloud storage location. The backups can then be downloaded and imported back into the firewall from either the USB device or cloud storage.



Dynamic Gateway Architecture

GB-OS' unique Dynamic Gateway Architecture provides traffic shaping, load sharing, dynamic routing and gateway failover for flexible traffic management. Traffic shaping is essential for network administers to optimize network usage. Choose from a variety of routing protocols including RIP, BGP and OSPF as well as static routing and policy-based routing. The many customizable routing options provided by GB-OS ensure easy implementation into most network environments.

Gateway failover adds an extra layer of redundancy to a network setup by allowing for mulitple external gateways. GB-OS will seamlessly redirect all outbound traffic to an alternate gateway should the primary fail. GB-OS also supports several types of link aggregation (failover, LACP- Link Aggregation Control Protocol, Load Balance, and Round Robin), providing system administrators with the tools to increase bandwidth speed and network failover. Increased throughput and redundant connectivity ensure the reliability of network uptime.



Comprehensive Unified Threat Management Protection

With GB-OS' robust unified threat management features, administrators can effectively lock down their network while protecting resources from dynamic threats. Powerful unified threat management features include an Intrusion Prevention System (IPS), GTA's Mail Proxy with Anti-Spam and Anti-Virus options and Content Filtering with an additional Web Filtering option.

GB-OS includes an Intrusion Prevention System which carefully analyzes traffic and automatically blocks attacks before reaching the network. By comparing data packets against over 4000 signatures, GB-OS is able to protect networks from a variety of exploits including Web attacks, telnet, RPC, database, NetBIOS, multimedia, email, FTP, network services, DoS/DDos, peer to peer and backdoor attacks. Users will be able to selectively activate IPS rules on their system and updated signatures are automatically delivered to the firewall.

Optional mail and web content offerings further protect the network. The Mail Proxy Anti-Virus option provides real-time virus and malware scanning of email against a database of nearly 100,000 virus definitions. The Mail Proxy Anti-Spam subscription option, powered by MailShell’s multi-level anti-spam technology, offers customizable spam blocking and filtering for a system’s email proxy. Finally, the Web Filtering subscription option allows organizations to increase productivity and reduce liability by limiting access to unproductive or inappropriate web sites based on over 70 category ratings.



IPv6 Support

IPv6 is an internet protocol, the future of IP addresses that will replace the current IPv4 addresses. IPv6 addresses are 128-bit numbers, divided into eight, 16-bit hexadecimal blocks separated by colons. IPv4 addresses are 32-bit numbers with about 4.3 billion possible addresses. In contrast, IPv6 addresses are 128-bit numbers with approximately 340 undecillion (1036) possible addresses.

As scarcity of IPv4 address continues to increase, it is important to prepare for the future of IPv6 addresses. GB-OS allows organizations to prepare for and deploy IPv6 to ensure business continuity and growth, while still using IPv4. IPv6 configuration support includes statically assigned IP addresses for IPv6, DHCPv6, Stateless Address Auto configuration (SLAAC), Dual Stack (IPv4 and IPv6) addresses, IPv4 and IPv6 VLAN interfaces, IPv4 and IPv6 Link Aggregation, IPv4 HA Interfaces and IPv4 Bridge Mode. With each update and software release, GTA continues to expand IPv6 support for various features, services and configuration options.



VPN Features including Remote Access

Integrated industry standard IPSec virtual private networking for both site-to-site installations and remote mobile users means that secure remote access can be a reality for even the smallest organization. GB-OS contains comprehensive VPN features such as certificate support, NAT through VPN, VPN keep alives, and VPN failover along with several options for remote access.

VPN connections can be authenticated utilizing GBAuth, Single Sign-on, or certificates - providing an additional layer of authentication control. With VPN keep alives consistent, continuous connections are ensured even during periods of no activity. This establishes a stable VPN connection in case of Internet network disruption or periods of no data packet transmissions. GB-OS also provides business continuity with VPN failover. Continuous uptime is provided through automatic backup tunnels for every active tunnel. Should one tunnel fail, business activities will be able to proceed uninterrupted without compromising network security.

With GB-OS, several remote access options are available through the GTA Mobile IPSec VPN Client, PPTP, L2TP, SSL Browser and SSL Client. Easy to install and setup, these options allow remote workers to securely access protected networks. Users are seamlessly connected to the network, allowing access to files, applications and intranets. Via GB-OS' Unified Threat Management protection, user authentication and threat detection occur at the gateway, protecting against unauthorized access, data loss and malicious threats such as viruses, worms and spyware. GTA's remote access options are flexible and guarantee safe and secure network access from virtually any location and device.



GB-Ware on Virtual Machines

Installation of GB-Ware Software Firewall UTM system on a Virtual Machine (VM) host expands the customizable implementation options available for GTA systems. Customers operating a Virtual Machine server can now run both their GB-Ware Software Firewall UTM system and network services on the same hardware. GB-OS supports running GB-Ware Software Firewall UTM systems on a VMWare system or Citrix XenServer. ISPs and Managed Service providers will also be able to run multiple copies of GB-Ware on the same hardware, providing flexible firewall protection for each customer's specific environment.



Concise System Monitoring and Robust Reports

GB-OS summary screens are provided for each major menu section, allowing firewall administrators to quickly scan a snapshot of firewall activity. Collapsible table sections let the user select which items to view on screen, further enhancing the quick view functionality by keeping information readily available at your fingertips.

The reporting section of the GB-OS interface provides easily generated usage and status reports with detailed graphs and tables. Quickly access and share vital information on network and VPN traffic as well as other customizable options. Scheduling of reports is available in daily to monthly time frequencies with report data representing daily to yearly time frames.

Historical Statistics, included in the report data, are also available for instant viewing on the GB-OS interface. These graphs are customizable, allowing administrators to choose the color combinations used in graphing the data, making printing and sharing easy and accessible for every organization.



Clean Graphical User Interface

The GB-OS graphical user interface focuses on simple user interaction. From the consistent menu and icon placement to the multi-layered configuration screens, users will discover an interface designed for easy interaction. Monitoring and managing a GTA firewall using GB-OS is simple, with fine-tuning customizable choices and options maintained across various configuration sections.

Also featured are graphical configuration verification alerts - red, yellow and green lights - which indicate whether the firewall UTM system configuration contains potential errors that may result in the system not functioning as expected. Especially useful during initial configuration or configuration modifications, these verification alerts are active in both live and test modes, making possible configuration problems easily identifiable.



Automated System Software Updates

Automated updates reduce the time and complexity of keeping GB-OS up-to-date with patch releases and version upgrades. System administrators may elect to schedule the GTA firewall UTM system to check for updates on a regular basis or to utilize the update feature to retrieve activation codes for installing optional features such as additional Mobile VPN client licenses and Mail Proxy Anti-Virus or Anti-Spam subscriptions.



Graphical Configuration Verification Alerts

Graphical configuration verification alerts - red, yellow and green lights - which indicate whether the firewall UTM system configuration contains potential errors that may result in the system not functioning as expected. Especially useful during initial configuration or configuration modifications, these verification alerts are active in both live and test modes, so alerts for possible configuration problems are easily identified.



XML Configuration Export/Import

Exported XML configuration files can be edited offline for use on GTA Firewall UTM systems or for use with other third party version control, reporting and monitoring applications. Large configuration sections, such as authentication, can be uploaded to a GTA Firewall UTM system in XML format.



Intuitive Platform Independent GUI

The GB-OS graphical user interface focuses on today's user. From the consistent menu and icon placement to the multi-layered configuration screens, users will discover an interface designed for easy interaction. Monitoring and managing a GTA firewall using GB-OS is simple, yet maintains the fine-tuning customization choices our advanced power users have grown to expect.



Live and Test Configuration Modes

GB-OS eliminates the worry about network stability when making configuration changes or version upgrades. GB-OS offers Live and Test configuration modes unique on GTA firewalls. Use Test Mode as a virtual firewall scratch pad to change configurations without affecting the firewall's operational runtime. Once the desired changes have been verified they can be copied to become the live configuration. During version upgrades, GB-OS maintains an easily accessible copy of the previous runtime configuration in non-volatile static memory. These redundant runtimes provide a fail safe environment to edit configurations and upgrade.



Object Encapsulation

Ease of use is the driving force behind implementation of GB-OS' Object Encapsulation. Creating objects for use in security policies has been simplified through one-click access to new object creation screens. New objects can be easily created without exiting the configuration sections. Object encapsulation maintains the power of utilizing objects while eliminating the cumbersome multi-screen creation process.



Automatic Policies

Automatically generating basic policies for implementing many firewall or networking features, GB-OS reduces the complexity of utilizing these features on the GTA firewall. With the basic policies generated automatically, administrators may focus on customizing the default policies to match their network and security implementation. Automatic policy generation is available for many features on GTA firewalls including VPN, SNMP, DNS and NTP services.



Easy Monitoring

With new monitoring and summary screens, knowing what's happening on your GTA firewall is painless. Relevant data is displayed on a single screen. Summary screens are provided for each major menu section, allowing firewall administrators to quickly scan a snapshot of firewall activity. Collapsible table sections let the user select which items to view on screen, further enhancing the quick view functionality by keeping information readily available at your fingertips.



Wizard Section

The wizard section in GB-OS assists users via a guided walk through for a variety of standard configuration tasks. The Basic Setup Wizard guides novice users through what can be a complex and intimidating task of standard firewall configuration. The VPN Setup Wizard supplements the guided directions with graphical reinforcement of completed tasks, to provide the user with a better understanding of the VPN creation process. The IPS Setup Wizard provides an intuitive interface to guide users through the initial setup of an intrusion prevention system.



GB-OS as a Total Security Solution

GTA firewalls combine both standard and advanced features into one easy-to-use appliance. Whether you choose plug-and-play for basic perimeter security or more advanced options like Gateway Failover and IP Aliasing, you'll experience the ease of use of GTA's proprietary secure operating system



Optional Features for GB-OS

Adding optional features such as additional Mobile IPSec Client, PPTP, L2TP and SSL Client licenses, Mail Proxy Anti-Spam and Anti-Virus subscriptions, GTA's Web Filtering service or H2A High Availablity are easy to add with a simple activation code. There is no additional hardware or software installation required.

Mail Proxy Anti-Spam - The Anti-Spam option allows organizations to add spam control to the email proxy running on GB-OS based devices. (Subscription based option).

Mail Proxy Anti-Virus - The Anti-Virus feature allows organizations to add SMTP based virus control to the the email proxy running on GB-OS based devices. Included feature with a valid GTA support contract.

Web Content Filtering - GTA's Web Content Filtering service allows organizations to increase productivity while reducing liability of access to unproductive or inappropriate web sites. (Subscription based option).

GTA Mobile VPN Client - Add additional GTA Mobile VPN Clients. Available in single client or multi-user packs.

H2A (High Availability) - H2A provides your organization with firewall redundancy, assuring that firewall downtime does not mean network access downtime.



Support

Your purchase of a GTA Firewall UTM system includes 60 days of software updates and 30 days of up-and-running support available through GTA's technical support staff in North America, and internationally through an authorized GTA Channel Partner.

GTA support programs provide remote assistance with on-going maintenance of your GTA Firewall UTM products and software. GTA offers a variety of support options. Contact your local authorized GTA Channel Partner or ask GTA's helpful sales staff to match support offerings to your organization's needs. Remote or on-site technical support may also be available through your authorized GTA Channel Partner.



GTA GB-OS Announcement Mailing List

If you would like to receive email notification of future product release, send email to gta-announce-subscribe@gta.com, and we will add you to our announcement mail list.



Expanded Feature Set

  • VPN Failover
  • Link Aggregation - Failover, LACP, Load Balance, and Round Robin
  • LDAP, RADIUS, and Active Directory Single Sign-On authentication
  • Traffic shaping (BGP, OSPF, RIP v1, v2)
  • GB-Ware VM support
  • IPS, IDS
  • Automatic system updates
  • VLAN support
  • Group support for policies
  • DHCP based on MAC Address
  • Inbound load balancing supported
  • Dynamic DNS allows multiple dynamic DNS definitions
  • NAT through VPN connection
  • Switch between runtimes stored in non-volatile through web interface
  • 50 predefined service groups added to object editor for use in policy creation
  • Pre-configured default objects added
  • Configuration verification status via traffic light icons
  • Ability to disable objects without deleting
  • Service groups supported when configuring security policies and tunnels
  • Allow/block java script or ActiveX by policy
  • Allow/deny protocol on any interface
  • Time group objects supported
  • GTA's Web Content Filtering allows multiple local allow & deny lists via address objects
  • GTA's Web Content Filtering allows wildcards in domain names using regular expression for policies
  • GTA Web Content Filtering user group authentication based on policy
  • GTA's Mail Proxy Anti-Spam includes grey listing filtering
  • Utilize keep alives packets to retain active status of IKE VPN connections
  • Configuration export in xml format.
  • GSM Modem Support.

Learn more about the most current GB-OS release.


Copyright © 2014 Global Technology Associates, Inc. All rights reserved.

'GB-OS' and 'GB-Ware' are registered trademarks of Global Technology Associates, Incorporated.
'Global Technology Associates' and 'GTA' are service marks of Global Technology Associates, Incorporated.