UTM3: Security Gateway
Multi-Layer Firewalls from the UTMx series serve to harden networks and protect internal assets.
The concept is highly available (AEC-3) and consists of various security components:
OSI Layer 3 Stateful Packetfilter
HA: VRRP, TCP/IP Session Migration + MPR
Zeek/Bro Network Security Monitoring + NIDS
Caching Proxy Server w/ HTTP Virus Scanning
VPN Gateway: IPsec, OpenVPN, WireGuard
Mandatory Access Control (MAC)
Protection against Bruteforce + DoS Attacks
Maintenance including NSM and DFIR
A comparable security solution can also be implemented using OPNsense (FreeBSD)