POP Firewalls

UNITY POP IS BASED ON MINIMUM TWO JUNIPER FIREWALLS THAT IS DIVIDING POP ENVIRONMENT INTO DIFFERENT SECURITY ZONES FOR PEERING INTERFACES, FOR RADIUS AND FOR SERVICES.

POP Firewall Functionalities

Unity satellite POP environment are able to act as a single POP across all satellite providers for Inmarsat GX, Thuraya, Inmarsat I4, Eurotelsat, Iridium and general 4G.

POP will on the networks that need Radius authentication be handling this in combination with POP Manager – assigning static, dynamic, private or public addresses.

Firewall environment are based on redundant Juniper SRX infrastructure using RETH across all the different implemented security zones – having example redundant fiber connections to Inmarsat and redundant fiber connections to Internet with associated BGP. Where needed will private IP addresses be applied that can be routed through dedicated VPN connections directly to end customers to ensure direct and secure connectivity.

 

Web Acceleration Integrated

POP are delivered with integrated Internet Acceleration Server (IAS) – that compress web pages, rerender images in size, remove unwanted advertisments to improve speed.

 

Firewall – Operator & Customer

POP Firewall functionality will be divided into operator functionality & customer functionality.

On the operator side will all general firewall functionality be implemented – where on customer side will self service firewall functionality be available.

Customers will be able to modify a set of firewall functionality across general port filtering, application filtering as well as content filtering. This is delivered in an easy to use setup where the initial firewall for each single terminal will be based on a firewall profile that can have many ruleset applied.

Customer self care take place through POP Manager integration – that offer general operator provisionig functionality + end customer firewall self-care + value added service access where needed.


POP Connectivity & Security

Connectivity to remote satellite networks like Inmarsat are done through direct peering in the main exchange points where all traffic is parsed through dedicated VPN connections to ensure that traffic are protected.

Connectivity to customers or Internet – are offered through redundant connections. If secure connectivity is needed can it be provided through dedicated VPN connectivity directly from the Firewalls.

UNIVERSAL SATELITTE DATA POP ENVIRONMENT THAT HANDLE INMARSAT BGAN, FBB, SBB, GSPS, LINK, M2M, GX, IRIDIUM CERTUS, THURAYA IP, INTELSAT, VIASAT VSAT, 4G AND LTE AUTHENTICATION, ROUTING AND SECURITY.