News

< NEWS

Mako Networks Technology Update

Continuing to Innovate

 

 

Mako Networks continues to innovate through its own research and development team. These technological improvements have been created in just the past 12 months. This commitment to “future-proofing” our services for all of our customers remains the hallmark of our business philosophy.

› VPN Cloud

VPN Cloud is a replacement/alternate for the IPSec technology already available on the Mako system. Enhancements include rapid VPN failover between Primary and Secondary WAN interfaces, multi-network support within a single VPN connection, and support for dynamic mesh network topologies.

It also supports geographical diversity for datacentre connectivity when used in supporting environments.

As part of this system, Mako head-end concentrators now support BGP routing for exchanging route information with internal routers/firewalls.

› OpenVPN

OpenVPN is a replacement technology for PPTP. OpenVPN meets modern cryptographic requirements and supports two-factor authentication. Additionally, OpenVPN supports the ability to provide connectivity to multiple network segments in a single connection.

› SNMP

Simple Network Management Protocol is now supported on Mako appliances. This allows customers with existing management applications to poll Mako appliances for information relating to the devices state.

› Remote Syslog

Mako appliances now have the ability to send their log information – both general logs and firewall logs – to internal customer log management systems/SIEMs.

› Performance Reports

The Mako CMS now includes a performance section under reporting. These reports allow you to see how much bandwidth is going through your appliance and can be drilled into to provide information about throughput/WAN link utilization at specific times. The system shows both average throughput and max throughput and reports on both inbound and outbound usage.

› Copy Function

The Mako CMS now allows you to duplicate a CMS device profile, allows for rapid deployments of sites with a very similar configuration. This also provides the ability for users to create profile copies prior to making significant changes to their device configuration – effectively creating a backup tool.

› Virtual AWS/Virtual Mako

Mako now supports Amazon Web Service based virtual clouds. These can be used as head-end concentrators for customers that wish to use Mako’s VPN Cloud technology but are unable to install Mako hardware into their environments.

Customers can use VPN Cloud for their Mako deployments and construct a single IPSec based VPN from their existing infrastructure into the AWS Virtual Mako, thus providing a secure WAN that takes advantage of the VPN Cloud technology while minimising their own infrastructure change requirements.

› DNS

Mako appliances now support new enhancements to the DNS services provided from the Mako appliance, these are; Split Tunnel – the ability to send DNS queries for specific domains to a specific DNS server and Local DNS, and Override – the ability to send specific responses to queries for a specific domain, i.e send facebook.com queries to 127.0.0.1, or send unifi.localdomain to your Ubiquity management system.

› Network Report

The CMS now has an estate wide report that can be generated on demand, the report shows the relative uptime and downtime for each device, including the WAN and LAN uptimes as well as other useful device information.

› Selection Screens

The selection screens now show additional information for each appliance, this allows customers to quickly and easily see more information about each device they use without having to load the device and view individual reports for that appliance. The selection screens show expanded information about the appliance including WAN information, PCI Status, VPN Counts and which interface it is currently using for its Internet connection.

› Transparent SSL

Mako appliances can now transparently intercept HTTPS connections from LAN devices as well as HTTP connections. This means there is no longer a requirement to modify LAN devices proxy configurations in order to use HTTPS level filtering.

› Two Factor Authentication (2FA)

The Mako CMS now supports the TOTP protocol for time-based one time passwords. This allows users to setup Two-Factor authentication when logging into the Mako management system and significantly enhances the security level being used when interacting with the Mako management application.

Two-factor Authentication is also supported when using the OpenVPN technology mentioned above, this means users can now implement 2FA for remote access which further increases customer remote access security.

› Per LAN Quality of Service (QoS)

Each LAN port on the Mako can now have its own QoS strategy. This provides more flexibility for users with high-demand applications allowing for more fine-grained network QoS control.

Additionally, the per LAN QoS functionality has been extended to provide bandwidth controls around LAN segments. For example, a Guest WiFi network can now be restricted to a specific bandwidth or a percentage of the Makos available WAN bandwidth.

› Per LAN MAC restrictions

Mako customers using our PCI Template have long been able to restrict which devices are allowed to connect to the LAN. This functionality is now available to all users on a per-LAN basis.

This means that networks can be locked down to specific devices regardless of if the Mako PCI templates are being used.

› Enterprise Templates

We have added the ability to create a template for specific configurations. Using the Enterprise Templates, customers are able to model the firewall requirements for their sites and apply configurations easily using a global template across their organisation. This further enhances the rapid deployment functions of the Mako system.

When using Enterprise Templates, the devices you enroll with the template can be actively updated should you wish to make a rule change. This means you can quickly and easily update router configurations to all your appliances in one place.

› Extended Alerts

The CMS now lets you receive alerts for connectivity problems that haven’t been resolved yet. For example, it can send an alert when the Mako’s Primary or Secondary WAN is still offline after a specific length of time. This gives improved, proactive visibility over WAN issues that potentially require ISP escalation.