GateMAN 4012 firewall is a high performance plug and play core switch to be installed in the heart of corporate networks with advanced security features. It drops all IP packets with wrong checksums. All TCP connections will be checked, from the checksum to the state transition and sequence numbers of TCP sessions. If configured, the logs about all fetched URLs, Email senders/recipients, FTP users and commands, besides hundreds of statistical information will be sent to the log collector system. Logs of 4012 are sent by a special purpose protocol which will not be saturated by SPAM and/or junk Sync floods. GateMAN 4012 is a 12-ports, layers 2-7 switch with many advanced features¹ including²:

1. Twelve 10/100/1000 TX Ethernet ports.
2. Serial port console with full setup capabilities.
3. Traffic shaping features including:
   1. Frames per second limit on in/out frames per port
   2. Frame drops per port statistics
   3. Bytes dropped per port statistics
   4. IP, ARP, Reverse ARP, IPX, PUP, Loop back, and RAW frame type filtering (e.g. “allow NO IPX frames to come in from port 6” or “allow frames with type 0x805 to go out from port 4³”, etc).
   5. Current/Max so far Frames/Bytes per second in/out statistics per port with capability to reset the statistics.
   6. Per port queue with statistics on queues (e.g.: “Max number of frames queued on port number 5 so far”) with capability to reset the values
   7. Per port queue length adjustment capability
    
4. Full layer three, packet filtering with automatic IP checksum control
5. Tight TCP stateful inspection including:
   1. TCP sequence number checking and tracing
   2. Syn/Ack/Fin state transition and violation control
   3. TCP checksum checking
   4. Out of sequence TCP packet alignment
   5. Per TCP connection bandwidth limitation
   6. DDoS attack per destination control and protection
   7. Port scan reporting and limitation
    
6. Application layer protocol monitoring and violation control for Telnet, SMTP, FTP, and HTTP (e.g.: invalid HTTP requests cause TCP connection termination).
7. URL filtering with user defined URL databases to filter domains, sub-domains, directories in sites.
8. White list URL databases.
9. Per entry URL database classification to let administrator classify sites in more than 64000 classes.
10. Regular expression matching with space for 100 regular expressions to match with HTTP requests.
11. SMTP session filtering based on entries defined in databases of username, domain name, user@domain.
12. Plug and play installation as any industry standard Ethernet switch.
13. LAN user authentication to allow/disallow users to pass the switch to see/filter the classified site in periods of time, with periodic and total quotas on send, receive, login count, connection duration.
14. GUI based setup programs for Windows™ and Linux™.
15. Ultra fast log protocol with additional free software to manage the logs for months and make reports (requires a computer to collect the logs – not supplied).
16. IPSec support.
17. NAT/PAT/MAT (MAC Address translation) support.
18. IP/MAC database as source and/or destination in rules.
19. MAC address dump feature for debugging the network.
20. Operation Temperature: 0 ~ 50
21. Color: Black
22. 19 inches rack mountable chassis with 4U height.