WinRoute architecture

WinRoute Architecture

For advanced Internetworking, it's helpful to understand how WinRoute works. From the explanation and examples listed below, WinRoute proves to be an excellent solution for almost any network configuration.

Firewalls are typically built on hardened platforms and the software itself is typically difficult to circumvent. However, a major weakness in many network security devices is during the brief window of time between when the hardware is actively capable of routing traffic and when the software takes over control of the network interfaces. Within this critical juncture, security can be completely compromised.

WinRoute’s driver, or Engine, activates as the core files of the Windows operating system (the kernel) load themselves into memory; specifically, the engine loads before the NDIS (Network Device Interface Specification) modules are loaded, so that no network connectivity is supported before WinRoute is active. Thus, protection of all interfaces is active before malicious traffic or other attacks can be mounted on the system. This compares favorably to standalone intrusion-detection-type products that run as a service and are not active until after the system has booted.

WinRoute "wraps" NDIS in a proprietary fashion such that all TCP/IP traffic is shunted from the network interface card (NIC) driver to the Engine before it proceeds up the network communications stack to the operating system itself.

This low-level insertion into the operating system allows the WinRoute Engine a unique perspective on all network traffic arriving on any interface (whether inbound or out). As with many enterprise-class firewall products such as Check Point’s Firewall-1, WinRoute is allowed to make the first decision about whether to allow or deny a given packet. Once again, this prevents malicious attacks against other aspects of the operating system or other software that could bypass the security offered by a firewall. This is certainly desirable for externally facing Internet gateways, but can also provide great benefits to standalone hosts with high security or anonymity requirements, such as an intrusion detection system. Intrusion detection software such as Real Secure from Internet Security Systems (ISS) would be practically invisible on a host protected by WinRoute.

Lastly, the WinRoute Engine takes over all communications routing functionality from the underlying Windows operating system (whether it be Windows 9x, NT, or 2000). This ensures that if for some reason the WinRoute Engine were to fail, no traffic would be routed between networks. This "fail-closed" stance has been the traditional default for firewall configurations for many years, and serves to protect private networks in the case of common system failures.

1. Total Security
WinRoute works below the TCP/IP stack. In another words - it captures both outgoing and incoming packets BEFORE they have the chance to enter your computer.

This advanced design makes WinRoute's security almost unbreakable

2. Total Protocol Support
WinRoute is a software ROUTER. As such, WinRoute can allow almost any Internet protocol to pass through. At the same time, WinRoute checks each packet utilizing the advanced security and firewall features inherent in the software design. On systems running Windows 95 and 98, WinRoute handles the routing of packets. On systems running Windows NT, the NT operating system performs the routing and WinRoute manages the NAT functionality and other data.

3. Total Flexibility
WinRoute performs NAT (Network Address Translation) on the interfaces of your choice. WinRoute also performs any preset security rules on the specific interfaces. This gives the user a wide range of freedom when designing and configuring security options.