TMP Consultoria

Firewall

	Objective:
	Implement, connected to the CLIENT's network structure, a solution for safe, efficient and managed access. This solution agregates equipment, software, and services, which will be supplied by TMP Consultoria.
	Standard Facilities:
	Leased connection, or dial-up on demand, for the Local Company Network users, in a transparent way. In the case of leased connection, the avaiable methods are sinchronous leased lines, assinchronous leased lines("voice") or radio with the disked access operating as contingency in the case the leased goes down. Firewall: Does access protection, forbiding external agents from directly accessing any local network resource through the Internet connection. Optionally, may also support one or more "DMZ networks", or additional networks with Internet- visible servers. Firewall also features VPN resources IPSEC standard, being able to integrate many local networks through the Internet, with autencity and confidentiality; WWW, FTP, GOPHER and WAIS cache, allowing instant access to the documents most frequently consulted by t he users of the local network,that also writes a complete log of the efected accesses; Automatic Ip address administration to the Local Network station(DHCP e BOOTP protocols); May also interoperate with DHCP/BOOTP server already installed on the Company network; Integrated e-mail server storing Local Network users's postal boxes and redirectioning the mail from the company's mail domain to/from the INTERNET; all mail users management(creation/removal/password changes and so on) is done internally by the company. Also interoperates with any email system that the Company uses internally, as long as it has a STMP inteface(MS Exchange, Lotus Notes, Novell Groupwise, Pegasus Mail and others); Menu interface operation; Log of all events and accesses, available on ASCII files for an eventual analysis by the user; Safe access (IMAPS or POP3S protocols) to the e-mail residing on the Firewall(or on an internal company server) , by remote users through the Internet; On-line usage reports via WWW, beggining with the available access logs; on-line de utilização via WWW, a partir dos logs de acesso disponiveis;
	Optional Facilities:
	VPN Access: remote firewalls can establish an Internet connection, using the safest protocols available presently(RSA 1024bits and IDEA 128bits). This allows the integration of these netwoks on a WAN in a transparent way and minimal cost. Can operate on dial-up or leased connectiion (at least one of the edges must be leased). Contigency direct dial-up is also possible; DMZ Networks: one or more servers, visible through the Internet though protected(as much as possible) by the Firewall's facilities, and with possibility of controled access to limited resources on the internal Network;
	Prerequisites:
	Local Network: It is indispensable that the client has an Ethernet Local Network (10 or 100mbps), installed and operational; Telephone Line or LP: Dial-up access requires a good telephone line(preferably from a digital center), dedicated to this service. In last case a PABX branch line may be used, but it will certainly damage the service quality. In case a LP is used, the same could be sinchronous or assinchronous, with speeds of up to 2Mbps. A radio connection is also possible. If the client can use LP, the dial-up connection works as contingency in case the LP goes down. nbsp; Minimal station configuration: We recommend that stations which will have access to the Internet have at least enough memory and hard disk space to confortably support Netscape Navigator 3.0 or higher, and also the basic software for local network conection using the TCP/IP protocol. The product operates perfectly on Macintosh computers, UNIX stations and any other that has TCP/IP, but, for a PC-compatible station, we recommend: Windows 95/98 or Windows 3.1/3.11 Operational System Pentium 100Mhz or faster processor At least 16MB of RAM memory Local hard disk with at least 540MB of free space; Suitable network board. Other components(video, keyboard, mouse, and so on) are not critical for Internet access; Firewall runs on a dedicated equipment, supplied by TMP Consultoria; It is the client's responsability to provide this equipment with a no-break protected and stabilized energy network , and its operation on a refrigerated environment with limited physical acess(ex: server room).