Search:
 
Bastion:
> Introduction

ACT NOW!
>> ENQUIRY FORM
>> FACTSHEET
>> REVIEWS & AWARDS
>> Bastion Resource Center

 

MEMBERS CENTER

Contact Clearswift

Legal Information

Feedback Form

Site Map

 

Clearswift Bastion™- Connecting the ‘unconnectable’

Clearswift Bastion is a messaging firewall that allows the exchange of e-mail between networks of differing security levels or with conflicting security policies. It is deployed where a security policy might otherwise preclude the direct connection of networks, as Bastion permits the controlled and accountable flow of messaging traffic.

Bastion operates as a stand-alone system providing a bi-directional messaging firewall for both X.400 and SMTP/MIME e-mail traffic.

Assured Protection
Bastion is aimed at organizations that require a CC EAL4 level of security and is based upon special evaluated software combined with Clearswift messaging products operating within the Trusted Solaris operating system (itself assured to CC EAL4), and is provided as a turnkey system utilizing Sun SPARC hardware.

Bastion is based upon the Trusted Solaris operating system (itself assured to CC EAL4) and is provided as a turnkey system utilizing Sun SPARC hardware.

Unlike many other firewall products Bastion does not only rely upon the assurance of its underlying operating system - but contains key assured functions implemented as trusted code. Bastion has been developed in association with the UK Defense Evaluation and Research Agency and QinetiQ.

In Operation
Messages that need to pass between networks connected by Bastion may only flow through the trusted processes of the application and labelled operating system. No other forms of communication are permitted between the networks thereby providing complete assurance of network separation.

Bastion also maintains separate channels for message flows between networks allowing different policies to be applied in each direction, to the extent that all message traffic may be restricted to one direction. A comprehensive audit trail of all message traffic is maintained.

Bastion offers a protected environment (or DMZ) into which modules are introduced to perform specific inspection and filtering of the e-mail traffic. Such modules may include virus scanning, content filtering, filtering based upon sensitivity labels or digital signature verification. The architecture of Bastion is such that these modules need not be subject to ITSEC evaluation.

Key Features:

  • Certified CC EAL4 security solution
  • Overcomes network isolation
  • Meets stringent security policy requirements
  • Allows messaging between networks of differing sensitivity
  • Flexible architecture allowing plug-in filter modules
  • Supports X.400 or SMTP/MIME messaging protocols
  • Turnkey package simplicity
  • Supports X.525 DISP for synchronisation of Directory servers
  • Supports SNMP protocol commands for use within remotely monitored environments
  • Allows isolated networks to be connected to DMZ compartments

For a Factsheet with further information, or to enquire about more details please click the links in the Act Now panel on the left.
Print iconLanguages: English | Deutsch | Japanese
Login
© 2008 Clearswift Limited. All rights reserved.
Contact | Legal Info | Support Website Terms | Privacy Policy | Site Map