SafeUTM security features
Application Control
Application Control module is designed to provide advanced control and monitoring capabilities for network applications.

It allows administrators with granular control and visibility over the applications used on their network, enabling them to enhance security, improve performance, and enforce appropriate usage policies.

DPI technology enables it to identify the applications being used on the network, regardless of the port or protocol being used.

There are more than 250 predefined applications in SafeUTM.

Improve network performance
Identify applications
The module can identify a wide range of applications, including those that use non-standard ports or protocols. It uses a combination of signatures, heuristics, behavioral analysis, and machine learning algorithms to accurately identify applications.
Control access
Administrators can define policies that dictate how applications are allowed to be used on the network. They can create rules to block or allow specific applications, or limit their usage based on factors such as time of day, user groups, or bandwidth consumption.
Monitor application usage
The module provides real-time visibility into the applications being used on the network. Administrators can view detailed reports and logs that show the applications being accessed by different users or groups, the amount of traffic generated by each application, and other relevant metrics.
Mitigate risks
By controlling and monitoring the usage of applications on the network, the Application Control module helps mitigate security risks. It can prevent the use of malicious or unauthorized applications and enforce compliance with organizational policies.
Content Filter
SafeUTM Сontent Filter module is a powerful tool for organizations to enforce web usage policies, prevent data breaches, and maintain a safe and productive network environment.

It filters and categorizes web content, blocking access to malicious or inappropriate websites, and ensuring a safe and secure online environment for users.

Our best on the market content filter feature uses AI and machine learning to make the results of the categorization more accurate.
146 categories
500 min URLs
URL based filtering
The module uses a comprehensive database to categorize websites into different groups (e.g., social media, gaming, adult content) and allows administrators to create rules to block or allow specific categories or individual websites.
Custom categories
You may create your own category and block for example a particular youtube channel, but not the whole youtube, or even a particular video on the youtube. You can do it by specifying the URL of the necessary web resource.
Blocking anonymizers
Also we know that there are a lot of situations when users try to bypass all existing policies and rules by using VPNs and other types of anonymizers. And with the help of the content filter you may avoid these scenarios in a few clicks. All you have to do is just create a blocking anonymizers rule
HTTPS inspection
The module can decrypt and inspect secure HTTPS traffic, scanning for malware and applying content filtering policies to encrypted connections, without compromising security.
Reporting and Monitoring
The content filter provides administrators with detailed reports and insights on user web activity, including the websites accessed, blocked requests, and bandwidth usage. This information can help identify patterns or potential threats within the network.
Granular Policy Management
Administrators can create specific content filtering policies based on user groups, IP addresses, or time of day, allowing different access levels for different users or departments.
SafeUTM IPS module acts as an additional layer of defense against network threats, providing real-time detection and prevention of potential attacks.

It continuously monitors incoming network traffic for malicious activity, analyzing packet headers and payloads to identify known patterns and signatures of known attacks. It can detect various types of threats, including malware, viruses, worms, denial-of-service (DoS) attacks, and intrusion attempts. When a threat is detected, the IPS module takes immediate action to prevent the attack from compromising the network.
Protection from malware, viruses, worms, denial-of-service (DoS) attacks, and intrusion attempts
Customizable IPS rules
IPS module offers a range of customizable features and policies to fit the specific security needs of an organization. Administrators can customize rule sets based on their network environment, defining which types of traffic should be allowed or blocked.
Detailed events description
Information about all security events is available in the UI. Each log includes event detailed information, such as threat level, security event name, protocol, IP, etc.
Regular Updates
SafeUTM IPS module utilizes regular updates from a threat intelligence database, ensuring that it has the latest information on emerging threats and vulnerabilities. This allows it to stay up-to-date with evolving attack techniques and provide effective protection against new and emerging threats.
Web antivirus and Mail protection

1. Build with ClamAV web antivirus and SafeUTM Mail Protection module.

This build incorporates the ClamAV antivirus software as its default antivirus solution. ClamAV is an open-source antivirus engine known for its efficiency and effectiveness in detecting and mitigating various malware threats. It provides real-time scanning capabilities, ensuring that files passing through the firewall are thoroughly analyzed for any malicious content. Regular updates of the virus signature database will keep you safe from up-to-date latest threats.

SafeUTM Mail Protection module includes anti-spam, anti-malware and email encryption features.
2. Build with Kaspersky web antivirus and Security Linux Mail Server (for additional fee)

This build utilizes the Kaspersky antivirus software, which is a commercial antivirus solution known for its advanced threat detection capabilities. Kaspersky offers a range of features, including real-time protection, behavioral analysis, and heuristic scanning to identify and block even the most sophisticated malware threats. It also provides regular updates to stay abreast of emerging threats.

Kaspersky Linux Mail Server Security Designed provides next-generation email protection from known and unknown threats, including spam, phishing and malicious attachments. This is accomplished by multiple layers of machine learning-powered security, including multi-factor heuristic, sandboxing and reputation system for emails and attachments, which also achieves an extremely low rate of false positives
SafeUTM can be provided with two possible builds.
Traffic shaping and Quotas

This service is designed to limit the external incoming traffic speed for network users.

Traffic shaping policies can be set for individual users or groups in SafeUTM. This allows administrators to control and prioritize network traffic based on specific criteria defined for users or groups. By setting traffic shaping policies, administrators can allocate bandwidth resources, control access to specific websites or applications, and ensure a fair distribution of network resources among users or groups.

SafeUTM Web Application Firewall (WAF) module is a security technology that monitors and filters HTTP traffic to and from a web application.

The SafeUTM WAF module uses various techniques and rules to analyze and filter incoming web traffic, allowing only legitimate requests to reach the web application and blocking any suspicious or malicious activities. It provides an additional layer of defense to protect web applications from attacks and helps ensure the integrity and availability of the application.

Please note that only the web applications pre-configured into SafeUTM Reverse Proxy can be protected with WAF, as without an externally accessible protected web resource, the WAF module won't have any traffic to analyze and filter, making it pointless to have it active.

It protects web applications from various types of attacks, such as:
SQL injection
Other cyber threats
Cross-site request forgery (CSRF)
Cross-site scripting