balasys-triangle-leftbalasys-triangle-left

Type your search criteria

see-behind
explore zorp
the number one multi-purpose proxy gateway
use case

zorp gpl

Open source proxy firewall

Free license. Active community support. Zero compromises.
Zorp GPL is a unique, open source proxy firewall with deep protocol control capabilities. It makes network traffic comply with the protocol standards and enables specific measures on every level of the ISO/OSI model. Zorp GPL helps maximize control over the traffic passing through your network perimeter to achieve network security. Thanks to its unparalleled flexibility it can be extended by additional security modules and can be customized to solve specific security problems even in a heterogeneous network environment. It gives you all the power needed to implement complex security policy without sacrificing productivity.

Why do you need api securiy?

download
use case

features

contact sales
granular protocol control
Full interpretation and validaton of 20+ network protocols
Connection handling on application layer
Control of protocol channels ( e.g. file transfer, port forward)
comprehensive encryption support
control of SSL / TLS-encrypted protocols
TLS 1.3 cryptography support
SSL and IPSec VPN
use case

use cases

contact sales
API breach prevention

Unauthorized user or bot access, data leaks, (D)DOS attacks, misuses and human errors have become real threats for companies operating API infrastructures. Protecting your organization from API breaches is the ultimate goal of the Zorp API Gateway. You can authenticate API-requestors, control API calls and inspect the traffic in detail. By encrypting the traffic, you can increase the security of the API communication further. Enforce a custom API security policy without affecting the business operations.

traffic analysis

Zorp API Gateway supports detailed and flexible logging. You can extract customized data from the API-traffic, those you can analyze from different perspectives. You can forward security relevant logs to the SIEM or SOC to improve your API security monitoring posture. The Zorp API Gateway also supports big data tools and data lakes (for example, Kibana, Elasticsearch or Kafka) as potential log destinations. You can send pre-filtered, quality data to these destinations for in-depth business analysis.

Regulatory compliance

PSD2 requires banks to secure the financial data flow via their public-facing APIs. GDPR indirectly requires anonymization or pseudo anonymization of personal data in transit.  The PCI DSS requires financial providers to encrypt transmission of cardholder data via public networks… All these regulations have one key requirement in common: they require regulated companies to protect customers’ data at rest and in transit, as well. The Zorp API Gateway helps streamline your compliance efforts through its comprehensive access control, encryption and audit capabilities.

Protecting legacy systems

The Zorp API Gateway can ensure compatibility with your legacy systems by modifying certain elements of the API traffic. This enables the possibility of hiding information about security risks and treating the vulnerabilities of your legacy applications. For example, you can remove the error messages, banners, or other information specific to the applications to hide faulty configuration or sensitive information about your back-end infrastructure. It can even force upgrade of legacy encryption protocols to the recent TLS version.

Special network security projects

Thanks to its extremely flexible, scriptable configuration you can meet specific security requirements with Zorp Gateway. Just a few examples:

• Data manipulation - modifying sensitive or risky elements of the traffic. For example, masking credit card data or hiding vulnerable server configuration.
• Graceful degradation of services during peak times by preferring transaction-closing events
• Implement your own protocol by using the AnyPy proxy and the power of Python

use case

features

Documentation
GRANULAR ACCESS CONTROL
Because its configuration is based on network zones instead of hosts or IP ranges, Zorp GPL offers a wider access control than other application-level firewalls. Besides the usual ‘who’ and ‘what’, Zorp can also control the ‘how’. For example, clients arriving from one zone can only read a given FTP server, while others have ‘write’ privileges too.
Full interpretation and validation of the most widespread network protocols
Advanced protocol recognition (APR)
Connection handling on application layer
Control of network services use (e.g. file transfer, port forward)
wide protocol support
HTTP, FTP, SMTP, POP3, WHOIS, Finger, Telnet,
TLS-versions of the above protocols
COMPREHENSIVE ENCRYPTION SUPPORT
Control of SSL/TLS-encrypted protocols
TLS 1.3 cryptography support
SSL and IPSec VPN
TRAFFIC MANIPULATION
Traffic manipulation helps prevent data leakage by keeping sensitive information inside your network. For example, HTTP data flow could include internal IP addresses, the URL of a previously visited website (referrer), or browser and operating system information (agent). Zorp GPL can remove or change this information to prevent it from being accessed.
Data masking for compliance or privacy
Hiding security vulnerabilities of legacy systems
Easy solution for custom compatibility issues
DETAILED AUDITING
It is possible to audit all events, even protocol requests and responses, as proxies work at the application level. This can be used to prove not only what has happened, but what has not. For example, if an old version of a file was deleted but was never uploaded again. This can be a crucial capability in forensics investigations. 
Logging of encrypted network traffic
High log verbosity for better network debugging and forensics
Seamless integration with log analyzing and SIEM tools
INTEROPERABILITY
Interoperability helps in a world where not every protocol implementation is created equal. Zorp GPL can hide protocol features like HTTP compression, translate between different encryption standards and perform other changes to ensure clients and servers interoperate seamlessly.
LINUX SUPPORT
Administrators can compile and run Zorp GPL on several Linux-based operating systems. Moreover, pre-compiled binaries are readily available for various Linux distributions, which greatly simplifies the installation of Zorp GPL. Currently, binary repositories are available for the following distributions:

Debian: stable, testing
Ubuntu: current LTP versions

Benefits

Comprehensive traffic inspection

Encrypted channel control

Content filtering and modification (optional)

Modular, highly flexible configuration

Free license and active community support

Free solution to many unique network security problems

use case

iot security

IoT elements are exposed to be attacked permanently, so they need
solid security tools which can cut risks back to as little as possible.
In a world where everything joins networks, even networks too, you
need a tool to make these increased connections organized.
Button Text