Criteria and preferences
High secure high-end firewalls developed for critical operation with high requirements for security, availability, comprehensive support and reliable, trusted systems.

The .vantronix software platform is based on OpenBSD, the world's most secure operating system. Two remote holes in the default install, in more than 10 years.

.vantronix clear pricing offers a low TCO and leverages existing systems to deliver proven ROI fitted for the needs of our customers:
  • The license allows an unlimited number of users and connected systems per appliance; it is therefore only limited by the performance of the used hardware model.
  • The .vantronix Security Appliances provide the same features for the whole product series. All ports, the number of users and features like VPN, loadbalancing, routing and .vantronix | preinspection are included without any extra fees our licenses.

The support for high-grade redundancy allows operation as a fail-safe, highly available system.
  • All .vantronix Security Appliances support HA (High Availability).
  • Stateful Failover allows an uninterruptible operation in the case of a failover.
  • Active/passive and active/active HA-setups are supported.
We advise the use of 3-way redundant systems to guarantee uninterrupted and redundant operation even in the case of maintenance or service upgrades.

The .vantronix principle is different from conventional UTM and IDS/IPS solutions: .vantronix | preinspection is an early detection of anomalies and avoids problematic signature-based inspections, with a positive impact on false-negative and false-positives, an increased security and a better overall performance.

Conventional signature-based "Deep Inspection" systems can cause considerable security problems. A tiny bug in the numerous and heavily complex protocol inspectors may lead to a security hole in the entire system. Security's worst enemy is complexity.

In contrast, .vantronix | preinspection detects protocol anomalies instead of data anomalies for early countermeasures against possible attacks. And IDS/IPS systems can additionally be used behind the proactive protection of the .vantronix Security Appliance.

The integrated application-level filter are used for protocol-specific analysis and defence against abnormal and malicious intrusion attempts.
  • Use of .vantronix | preinspection technologies as a protection against DoS-attacks, mail "SPAM" and malicious intrusion attempts.
  • Integrated optional HTTP proxy with white- and black-lists, to be used as an URL filter or "Wallet Garden".
  • Numerous NAT-helpers to handle problematic internet protocols.

The .vantronix Security Appliances have been designed for professional network administrators, by supporting network management systems (NMS) and an unique CLI.

The modular .vantronix | amcli provides a comfort of an industry-standard CLI and sets the benchmark with trendsetting features and innovations.

  • Professional and industry-standard command line interface.
  • Seamless integration into an OpenBSD-based operating system.
  • Integrated configuration change management and rollback support.
  • Multi-user capable with multiple manager and operator user levels.
  • Simple, text-based imports and exports of the system configuration.
  • Optional configuration export as XML.
  • Easy to learn with a scalable concept.
  • Integrated and context-sensitive help function.
  • Easy change from other systems like Cisco PIX.
  • Accessed with the secure shell, SSH version 2 (powered by OpenSSH).
  • Optional browser-based administration with the WebCLI.

The proven multi-vendor operation gets Trusted Proactive Security in existing firewall setups. No matter if the firewall of another vendor is protected by an upstream .vantronix Security Appliance or the .vantronix Security Appliance is slightly relieved from activity, multiple reasons may speak for multi-vendor scenarios.

"First and second Line of Defense"

  • The German Information Security Agency (BSI/GISA) suggests multi-vendor firewall solutions.

A new stable software release will be released every year. This provides an optimal and unique planning reliability. There will be security and errata-fixes between releases and up to two release versions are guaranteed to be maintaned.

.vantronix offers a high-grade, fast and activ Support in cooperation with the .vantronix partners. Companies protected by .vantronix Security Appliances can take advantage from the comprehensive support program and appropriate and professional response times.

.vantronix Security Appliances are optimized for the operation with HP ProCurve Networking. Indeed, firewalls are network components and the outcome of an optimal interaction between firewalls, switches, and routers is a reliable, stable, available and consistent network concept. And HP ProCurve focuses on open standards and secure access just as .vantronix.
  • Reliable, highly available, and high-performance network integration
  • Integrated into the ProCurve Manager (PCM+)
  • Optimized interaction between firewalls and switches
  • High-speed Gigabit and 10 Gigabit Ethernet
  • Network redundancy with Switch-Meshing and Layer 2 Trunking
  • Multi-protocol interoperability with HP ProCurve products
  • Link layer discovery and keep-alive-checks with LLDP (IEEE 802.1ab)
  • HP ProCurve lifetime warranty
  • Best possible pricing
  • Highest quality and reliability
  • One-stop service, support and conception of complete network infrastructures

For the high-end 64bit appliances, .vantronix counts on the high-grade HP ProLiant servers by Hewlett-Packard. The servers and the .vantronix software platform is highly integrated and optimized.

The unique HP Care hardware support by Hewlett Packard offers an unbeatable service and support for the reliable hardware platform. The .vantronix Security Appliances include the HP Care Packs, like the 3Y/24x7x4 hardware support for the .vtFW C2 and the .vtFW HA1 product models. And as a matter of course, this is an international support.

The .vtFW ZL2, .vtFW C2 and .vtFW HA1 support 10 Gigabit Ethernet. And this ideally fits to the 10 Gigabit Ethernet switches by HP Networking.

Numerous world-wide references approve the security and the quality of the .vantronix Security Appliances the contained OpenBSD operating system.

Many companies and security-aware users count on the unbeatable security vantages- financial business, military, public authorities, ISPs and all kinds of medium-size up to enterprise companies.

Tempest is optionally available for all models as a protection against physical wiretapping. Tempest is an acronym for "TEMPorary Emanation and Spurius Transmission" and "Transient ElectroMagnetic PulsE STandard". Tempest means the origin and transmission of compromising radiation, the wiretapping of the signals and the electronic protection measures to disable the radiowave propagation.

Made in Germany is a term for first-class quality, reliability and security. The .vantronix Security Appliances are developed in Germany with international benefit from the Open Source community of the OpenBSD project.

Customer-specific modifications and a professional support is provided by .vantronix developers and consultants. .vantronix offers a fast response to customer requirements as optional extensions or integrated features of future releases.