The Celestix MSA Security Appliance provides a cost-effective solution for perimeter defense for organizations of all sizes.

The MSA appliance is powered by a hardened Windows Server 2003 and is equipped with Microsoft Internet Security and Acceleration (ISA) Server 2004.

The end result is a fully integrated and out-of-box next-generation enterprise firewall, virtual private network (VPN), and Web cache solution.
 
With Celestix MSA appliance, you can easily control and apply Internet access policies for your user populations, as well as help protect users from malicious Internet traffic.

Flexible firewall policies allow for Web site blocking as well as content filtering, both to improve user productivity and to block inappropriate content. Celestix MSA appliance also features built-in integration with Active Directory, enabling you to build custom access controls for different organizational roles and job levels.

In addition, application filtering in Celestix MSA appliance enables you to improve the reliability of your environment by protecting your desktops and servers from advanced attacks.
For example, advanced HTTP filtering in Celestix MSA appliance blocks the use of embedded applications, such as common peer-to-peer and instant messaging applications. Traffic filtering in Celestix MSA appliance also thwarts many common forms of attack by preventing access to internal clients from the outside, checking inbound reply traffic for validity, and verifying that third-party add-ons contain no worms or viruses.

Enable Branch Offices to Communicate Securely With the Main Office Over the Internet

An Celestix MSA appliance VPN gateway enables an administrator to join entire networks together through VPN site-to-site links-for example, connecting an organization's main and branch offices to each other.

The Internet Protocol security (IPSec) tunnel mode VPN router feature in Celestix MSA appliance enables the firewall administrator to set strong access controls, including user, group, site, computer, protocol, and application-layer-specific controls over traffic moving through the site-to-site link.

Celestix MSA appliance provides unique levels of protection for OWA Web sites. With the easy-to-use interface of Celestix MSA appliance, organizations can quickly set up a Web publishing rule that enforces secure forms-based authentication. Celestix MSA appliance also stops attacks against e-mail servers, both through Secure Sockets Layer (SSL) decryption, which enables SSL traffic to be inspected for malicious code, and through HTTP filtering, which provides deep inspection of application content.

Celestix MSA appliance leverages existing multifactor authentication, providing authentication whether the remote mail scenarios use Remote Authentication Dial-In User Service (RADIUS) or RSA SecurID. In this way, Celestix MSA appliance helps you prevent potentially dangerous anonymous requests from reaching Microsoft Exchange Server.

MSA2020 - Entry level appliance 1U rack-optimized, half-depth form factor Two auto-sensing 10/100/1000 and two 10/100 Ethernet ports 220 mbps firewall/54 mbps VPN throughput Meant to support DSL/ISDN/shared T1 connection types Ideal for small business or institutions with up to 100 users

MSA3000 1U rack-optimized, half-depth form factor (for datacenters) Midrange appliance with best price/performance ratio Two auto-sensing 10/100/1000 and two 10/100 Ethernet ports 600 mbps firewall/89 mbps VPN throughput Meant to support T1 or T3 connection types Ideal for mid-sized businesses with up to 250 users

MSA4000 1U rack-optimized, half-depth form factor High-end appliance with optimized performance Two auto-sensing 10/100/1000 and six 10/100 Ethernet ports 600 mbps firewall/122 mbps VPN throughput Cryptographic hardware accelerator included for SSL Meant to support T1, T3 or OC3 connection types Ideal for large businesses with greater than 250 users

Celestix ISA Appliance Features

SIMPLIFIED SETUP AND MANAGEMENT

Jog Dial Control and LCD Panel for Easy Network Configuration
• Initial installation and network configuration can be performed via the (40x2) LCD panel on the front of the appliance with the jog dial control.

Intuitive User Interface
• Focus on the task, not the tool: administer ISA Server with Microsoft Management Console (MMC) based user interface, graphical task pads, and wizards that simplify security and cache management.

OUTSTANDING VALUE

Minimal Deployment Time
• Fully functional security appliance can be configured in as little as 30 minutes. Preinstalled and hardened operating system eliminates many time-consuming setup and installation procedures.

Full-featured Security Appliance at a Great Price
• Featuring Microsoft Internet Security and Acceleration (ISA) Server 2004, the MS0 appliance is truly an all-in-one solution offered at a great price.

Detailed Logging and Reporting
• Record all firewall and cache activity in standard data formats such as World Wide Web Consortium (W3C) and ODBC. Create graphical summary reports showing application usage, security events, and network activity.

SIMPLIFIED AND ROBUST MANAGEMENT

Intuitive User Interface
• Web GUI for easy setup and configuration. Advanced configuration via Terminal Services (RDP)

Policy-Based Access Control
• Enforce Internet usage policy by controlling access by user, group, application, destination, schedule, and content type.

Integration with Microsoft Backend Infrastructure
• Authenticate network users with Active Directory/NT domain/RADIUS, or even third party mechanisms such as RSA SecurID. Utilize your existing Microsoft network services such as DNS and DHCP.

Monitoring and Alerting
• Track real-time session and performance monitoring data. Define alerts to notify an administrator, stop a service, or execute a script in response to important system events.