[+] What is PacketViper?

PacketViper is a point and click Geo IP (country) network filtering appliance.  In just a few clicks of a mouse, block entire countries' networks from accessing your critical network infrastructure. Or, specify which countries may access specific ports on your network, while blocking other countries completely. 

Other unique features include:

  • Real-time display of traffic accessing your network. Includes country of origin of traffic.
  • Clickable logs display detailed information about an IP address or host such as location, domain, “whois” information, number of times accessing your network, and administrator's tools such as ping, traceroute, RBL match, and the ability to instantly block the network.
  • Triggered traffic events send administrators email and text notifications, rate-limit an IP, or permanently ban an IP.
  • Many more important features are also included.

[+] What About Proxy Connections?

They could try but it would be much more difficult if you are utilizing PacketViper. There are zombie and open proxy systems all over the world and the network attackers very often use these systems to mask their true identify. When PacketViper is blocking countries, the attacker’s options are much more limited.


For instance: Let's say the attacker was in Brazil, but proxies through Italy and then UK to attack your your network.  If you are limiting traffic from Brazil, UK, and Italy,  their attack would fail.

The network attacker’s challenge is to find an open country and port in their target’s network. Because attackers cannot scan target networks from their home location, it would be unlikely that the attacker could identify a port  that is both open and vulnerable.

Even if the network attacker happened to identify those two pieces (country and open port), they now have to avoid being listed on our Global Network Lists.  Global Network Lists™ (GNL) are comprehensive lists that contain network addresses of popular Internet based businesses, malicious networks known for proxy, malware, spam, phish, CNC, and other nefarious activities that customers can block.  These lists are captured by our world-wide network of PacketViper honeypots, recorded in real-time, and distributed to PacketViper users on a daily basis.  With our patent-pending system, PacketViper users are always a step ahead of the hackers.

[+] How does it work?

PacketViper Geo IP Network Filter can be placed in many different locations within a network, but is most commonly installed inline, in front of existing gateway devices.  PacketViper quickly evaluates each IP address based on the customer’s GNL or global configuration. Using our patent pending process, customers can see which countries are accessing their networks in real time. Our advanced reporting features provide a clear view on global traffic trends and potential hazards entering your network. PacketViper gathers network data with unparalleled accuracy by collecting information from a variety of reliable sources. This network data is sorted by country, region, city, and ISP, and passed along to PacketViper customers all over the world.

[+] How about using our own hardware?

Yes.  You can install PacketViper on your own hardware.

[+] Is PacketViper hardware or software?

Yes.  PacketViper can be downloaded or purchased as a hardware model. We offer PV50, PV100, and PV300 form.  All are certified hardware platforms which can support small to large business infrastructures. Email us at sales@packetviper.com or call us at 855-758-4737 for more information.

[+] What about updated country IP lists?

A1. The customer can verify that they are using recent data by examining the "List Release" on the Home page or under Setup->System.  The release number corresponds to when the package was built (Eastern Time).  The format is yymmddHHMM.

A2. The user can configure how often they want to get updates.  We update the lists AT LEAST once a day, often many more times depending on the number of updates that we process.

A3. We compile the lists from many different sources and cross reference them to supply the most accurate information.  Some of the "official bodies" that we gather information from are the Regional Internet Registries (ARIN, RIPE, AFRINIC, APNIC, and LACNIC).  We also compile information from purchased lists, proprietary geo-location pinpointing processes, and manual location research.

Our Geo IP accuracy comes from our large IP sampling size from our global footprint of PacketVipers. We excel in our ability to gather all the network data collected from our global infrastructure and to process, verify, catalog, and update it on a daily, weekly, and monthly basis. When we developed our process, we decided to take a multi-tiered verification approach that presents IP data more accurately and more efficiently than traditional methods. 

[+] Will this work in a virtual infrastructure?

Absolutely!  Many customers have chosen this path due to the flexibility, scalability, and redundancy inherent with virtual machines.  Install via the OVF package or configure the virtual hardware to your liking and use the ISO image.

[+] How do I install PacketViper?

Installation unbelievably simple and can be completed in 15 minutes.  Don’t believe it?  Insert your CD, turn on the power, enter initial IP configurations, and you’re network just got a lot safer!

Alternatively, OVF files are available for installing PacketViper into a virtual environment.

PacketViper also comes as hardware, which you can purchase and install even faster. See More

[+] Can I block Bi-directionally?

Yes.  PacketViper can filter different ports in each direction to/from any country, or to/from any global network list

[+] Are there triggers to alert me on countries?

Yes.  You can set up triggers to provide alerts based on specific conditions including IP, Network range, country, country+protocol+port, GNL, or GNL+protocol+port.

Triggers can be set to alert log, rate limit/tarpit, auto block, email, or SMS.

PVTrigger_Country.jpg

[+] Can PacketViper Do VM Environment??

Yes.  PacketViper can be downloaded as an OVF file, which quickly installs into your environment.

[+] It’s just another firewall isn’t it??

No we're not just another firewall. The problem with firewalls is they are jack of all trades masters of none.  Some do certain things really well, and other things not so much.

NONE of todays firewalls do what we do or how we do it.  The reason is the level of detail we provide at the gateway on source and destination. We specialize in geo-ip filtering, firewalls do not.  Our layer is so precise because this is the main focus of our product.  But we've took geo-ip filtering and wrapped many other things around our core feature.

Todays firewall are by nature complex which in itself makes them cumbersome, bloated, an ineffective when trying to do things like we do. For instance if a firewall has a country “blocking:” mechanism, they are not providing the “who” part.  For instance, they will tell you the country, but not tell the Assigned networks, Company, ISP, Region, even latitude of the IP. Basically just the IP, and the country.  Thats no good.  You talk to most consumers which have the ability to block countries, and they will tell we use it in a limited fashion (maybe blocking 1 or two countries).  It’s this limited fashion which in itself is the flaw their exposed ports protruding out of their firewalls are still accessible for the remainder of the world.  PacketViper limits your port exposure with a few clicks of the mouse, no confusion, and with details which have never been seen before with speed and simplicity.

[+] We already have a Dell Sonicwall

 We already have a Dell Sonicwall, and can block countries now?

Actually true, but not accurate. 

Dell Sonicwall has the ability to block countries, and assign policies to them.  Unfortunately it's complex and ineffective because when Dell Sonicwall users start blocking countries, they will find a nightmare to follow shortly after.  PacketViper you can specify which ports inbound and outbound can been seen from those ports, this can achieve within seconds whereas Dell is the same old policy complex method firewall employ. Most do not use the Geo Filter because of the problem they have afterwards. You simply can not turn off a country, without having all the information, because todays makeup of business is global, and this is where Dell Sonicwalls fails.

Dell does not have Global network lists, nor provide detailed information of IP origins, assigned networks, business information, clickable real time logs, network, country or business based triggers, actionable connection and report filtering with NetCheck. This means if you are blocking a country, and wanted to insure Microsoft, Apple, or AT&T, which are global can access your network, or wish to restrict their networks.  You would not be able to do this with Dell Sonicwall.

If any Layer 7 inspecting firewall attempt our level of detail and filtering, their systems would strain because of the amount of detail and logging. This is why traditional firewalls rely on RBL based look-ups, and not have to be concerned with local processing.  The RBL method in itself strains the pipe performance because of the constant call backs for verifications.  PacketViper does none of this, we feel why add additional bandwidth for these lookups.

Dell Sonicwall is an excellent firewall, but its no PacketViper.  We make them all look and work better.

[+] Does this affect VOIP?

Actually the filtering helps VOIP, because the security layer see less traffic through their environment, With less traffic, equates to less bandwidth, and less resource requirements so this helps VOIP.

[+] I have to learn another firewall?

I don’t have enough time to manage the equipment I have now…… I have to learn another now?

We feel your pain!  Learning a new firewall is daunting, and this is why PacketViper is so important. We don't just clean up up bandwidth, resources, and loads, we also free up time! Our product is so stinking simple that customers will find they do all their work from PacketViper instead of the complex firewall systems.  Our product reduces the administration in the security environment because of its simplicity.

[+] I already have security devices on my network...

I already have security devices on my network, that can do this. Why do I need PacketViper?

 

Actually you can't

 

Current firewalls, which claim geo-ip filtering do nothing more than block, and in some cases capable of attaching some complex policy. Because this is not their focus, and have other L4-7 responsibilities, they can not provide the geo ip detail, or simple bi-directional per port geo-ip filtering granularity like PacketViper, makes others geo-ip feature more trouble than its worth. PacketViper provides in-depth IP details, like region, associated networks, geo location, and not just country. Askto block Microsoft networks for instance.

PacketViper can alert, auto block, redirect, intercept network traffic, based on the country, or company, its networks, their ports, 

[+] What does PacketViper Cost?

Request a quote for any PacketViper version or model, and it will answer the question.  PacketViper immediately hardens any customers security environments, thereby leveraging existing security infrastructures, and investments. Using traditional methods the customer would have to replacement security appliances, and retrain.

[+] DDoS? How does PacketViper Measure up?

There are many types of DDoS volumetric, which you bandwidth is overwhelmed from a larger sending sources.  In these cause short of unplugging your network, using some expensive reflection services.  Theres not much anyone can do.

The connection based attacks, such as 

  • HTTP Attacks : Floods (Basic)
  • HTTP Attacks : Floods (Recursive-get)
  • DNS Attacks: Non-existent hosts (NXDOMAIN):
  • DNS Attacks: Queries (NSQUERY)
  • HTTP Attacks : Low-bandwidth HTTP denial of service attacks

Where the attacks are more distributed globally, and difficult to point a finger at is where PacketViper shines.  Because of our surgical ability to remove focal ports from a specific country, the ability to eliminate the traffic at the SYN request, we are able to deal with larger volumes than Layer 4 - 7 firewalls, thereby reduces and eliminating the impact. 

[+] This is a Niche Product - I Can Proxy Around It.

A niche would be a service which auto builds ACL's into your router or firewall, adds some prebuilt country list to your web server. Geo IP filtering has been treated as a niche because of the lack of attention and detail firewall manufacturers have placed into the technology.

Firewall manufacturers claiming they geo ip filter effectively using a L4-L7 device is doing a dis-service to this technology. We believe its more of a marketing/gimmick than actually something of use. 

Let's do some simple math. First lets set aside the fact that no product on todays market can definitively, or effectively stop a proxy connections.  Let also consider APT, which leverages distributed, tailored, surgical, methodical, and stealth methods to penetrate networks. Something commonly used with Proxy. 

Just like all the other manufacturers, PacketViper also employ RBL to reduce the ability (slightly), although ours are local, its basically the same.

Ok lets get back to the math.....If an attacker now has 100,000 options to proxy from around the world to your exposed network ports on your firewall. To trickle access/probe attempts, and test for vulnerabilities to not raise the attention of detection systems. Attackers using this global footprint can slowly test passwords, ports, and vulnerabilities without your knowledge

Place a PacketViper inline, and the attacker 100,000 option is drastically reduced. Why you may ask?  Because when a good properly built geo ip filter is surgically filtering countries, and companies their options is shrunk because your network is not seen from every country, at different ports.  This forces them to focus the attacks through well know paths you have designated.

 

ProxyFIlter.jpg

[+] It's a small "and" large security problem.

Ask a small business to use a <insert firewall name here>.  They would most likely throw you out of the building. We believe security is not just for the Medium - Enterprise, clearly what many of the norm firewalls aim for. Smaller businesses are usually provided some smaller subset of security which in most cases the technology is not used correctly, or understandable from the smaller business staff  Security is a small and large problem, and because they are less equipped have become Achilles’ heel of Security/Enterprises. 

We (PacketViper) is for everyone, affordable, and simple to use.  We are trying to solve the problem at its roots by providing big budget technologies to small and large budget business. 

As we say a Low Cost Practical Solution, to a complex problem.


PacketViper Trials, Starters, Demo's

[+] How do can I evaluate PacketViper?

The best way to see if PacketViper is right for you is to put it on your network.  You can do that for free with:

  • Starter Edition – Fewer features than the full version, but no time limit or usage restrictions.  The only limitations are the number of blocks you are allowed to activate. 
  • 30-Day Free Trial - A full version of PacketViper without limitations.  Evaluate it free for 30 days!
  • Hardware Trial.  You can request an actual hardware trial from our sales group. 

[+] What happens at the end of the trial?

Traffic will not stop moving through PacketViper®. Once your trial expires, PacketViper merely reverts to “full open”, and traffic flows as it did prior to your PacketViper installation.  You can seamlessly remove our product during your next change cycle with no disruption of your normal business activity and no gaps in your security environment.

[+] I need more time for the free trial?

We understand each customer's network and timelines are unique. Should you require additional time to evaluate PacketViper, we can extend your license keys.

[+] I requested a free trial and never received anything.

Contact us immediately! PacketViper, LLC verifies all submitted information for accuracy. If we cannot verify your information, we will send an email requesting the correct information. We will not sell or publish any information submitted to PacketViper, LLC  We keep all information submitted strictly confidential.


PacketViper Resellers, Partners, Distributors, and Agents

[+] I'm a reseller, how do I offer PacketViper to my customers?

Partners play a critical role in helping us meet our customers' needs, and we are deeply committed to their success.  Among the many benefits of becoming a PacketViper, LLC Certified Partner are:

  • Generous sales margins
  • Not for Resale and Internal-Use Only licenses
  • Premier technical sales support
  • Register leads to protect sales investment
  • Open new sales opportunities
  • Regional lead referral
  • Co-branded sales and marketing opportunities
  • Bring new and exciting technologies to your customer base

Register now on the Partner Portal!


PacketViper Filtering Countries, and Global Network Lists

[+] What if I don't want to block the entire country?

With Per-Port Country Blocking, you don’t have to block whole countries.  Instead, specify the ports you would like to allow  on a country by country basis and use our unmatched precision to exclude the others.

For instance: 

If you are doing business with only a few companies in a specific country, you could enter their networks into the custom rules to permit access to those companies, while blocking the rest of the country.

Or, you could select specific ports from a certain country and quickly add those ports to the country exclusion lists. This eliminates clogging, unwanted, and malicious traffic from that country.

[+] What is a Global Network List (GNL)?

GNL’s are lists which Viper Network Systems publishes daily to our customers.  Our lists associate networks with online businesses. Many businesses operate with many dissimilar networks, which can make it difficult to know which networks are essential, which are unnecessary, and which are most likely to be associated with online threats.  To make things easier for our customers, we create and regularly update organized lists and distribute these lists each evening to PacketViper users.

PacketViper customers evaluate GNL’s based on their own unique traffic experience with our GNLs.  If a GNL is repeatedly associated with malicious traffic such as scans, attacks, or spam, those GNL’s will most likely find their networks quickly becoming limited as the news spreads.

[+] How do we get our networks off your GNL lists?

There is no mechanism to remove networks from our GNLs.  GNLs are always changing.  Customers choose to block or allow whatever they wish. GNLs are dossiers for business networks. They are used to organize business networks into a single list for administrators to quickly identify who is who.

[+] How would I exclude Countries by Port?.

Go to Traffic Control, Countries:

To

  • block everything from Argentina except for 80, and 443 - 80,443
  • block everything but 80,443, and VNC port ranges 5900 through 5904 from Bolivia – 80,443,5900:5904
  • Block ONLY ports 25 and 1433 from Brazil - !25,1433

BlockCountrtyPort.jpeg


Purchase PacketViper

[+] How do I buy PacketViper?

PacketViper is available as a basic, standard perpetual-use license, or via a monthly subscription.  Email sales@packetviper.com for more information, or complete this simple form.

[+] What happens after we purchase or request a free trial?

You will receive an email which will provide a link to our customer portal.  Once you log into your portal, you complete some additional customer information and you are done. If you chose the software version, you can download PacketVIper within the customer download area of the customer portal.

PacketViper comes in ISO or OVF for virtual environments, or can be installed using our hardware platforms.

PacketViper F.A.Q

PacketViper F.A.Q:  Our FAQ's are comprised of questions from our very own customers, and trade shows.  Hear from them what people are asking us.


MORE QUESTIONS?

Captcha Code

Click the image to see another captcha.