Skip to content

Software & Features

Software Bundles

In this section, we provide an overview of the software bundles that are available for AXS Guard. See our software feature overview for a detailed explanation of all software options listed below or click on a specific option in the table for additional information.

Options Software Bundles
Basic Standard Enterprise
AXS Guard Cloud
Dashboard: Technical & Administrative
Central Appliance management
License and renewal management
Secure Appliance Login
Backup of Appliance configuration
Appliance Monitoring
DNS Security Dashboard
   * requires
Premium Threat Protection Pack
EDR Dashboard
   * requires
IBM Security® QRadar® EDR license
Networking and core network services
Caching DNS and DNS Orchestrator
VPN Services
Personal AXS Guard - Industrial AIO
Advanced networking
Internet redundancy and load balancing
Bandwidth management
Access protection
Strong and 2FA Authentication**
RADIUS server
LDAP Integration
Multiple LDAP Domains
Network protection
Next-Generation Firewall
Blacklist updates
Layer 7 Firewall
Intrusion Prevention System
Network Threat Pattern updates
Application Protection
Application Firewall
SSL Offloading
RDP - RDG Protection
User Authentication, including 2FA
Cloud integration
Microsoft Office 365 FAST Lane
Office 365 & Azure IP tracking
Office 365 automated WPAD wizard
Office 365 URL & IP address updates
Integrated PKI Management
Syslog & SIEM Integrations
Public DNS Services
High Availability *
Multiple Administrator levels
Strong and 2FA Authentication**
Configuration Wizards
Adaptive configuration tool
AXS Guard Security Extensions: Term License per User per Year
Basic Standard Enterprise
IBM Security® QRadar® EDR
Next-generation, AI-driven EDR suite
AXS Guard Remote Workspace
Clientless HTML5 browser-based VPN
Additional Protection Packs: Term License per User per Year
Essential Content Scanning Comfort Threat Protection Pack Premium Threat Protection Pack
Security Features
SecureDNS Agent (optional client license)
SSL Inspection
SSL Inspection exception list updates
Advanced Threat Protection for Web
Advanced Threat Protection for E-mail
URL Scanning (Safe Browsing verification)
DNS Filtering
GeoIP Filtering
Web Content Scanning with Trend Micro
Email Malware Scanning with Trend Micro
Web Caching Proxy
Basic Web Access Statistics
Content Statistics & (GDPR) Reporting
Web URL filtering
Web Content Scanning with Clamav
Email transfer orchestration
Email server & webmail
Email anti-Spam
Email Malware Scanning with Clamav
Remote mailbox retrieval
Malware pattern updates
User Authentication
OATH Mobile Server licenses
DIGIPASS Server licenses
DIGIPASS Hard and Mobile Clients


Included with your license and continuously updated as part of a yearly license renewal.

Requires a yearly service subscription.

* Requires an additional bare metal or virtual appliance.

** Requires hardware or software tokens.

Feature Overview

AXS Guard Cloud

The AXS Guard Cloud provides multiple dashboards allowing authorized partners and MSSPs to remotely and securely monitor AXS Guard deployments, view license and operational status information, register new appliances, manage customer contracts, troubleshoot systems and consult threat intelligence data from multiple data sources.

System Configuration

Configuration Wizards

The configuration wizards are a user-friendly way to configure your appliance step by step and allow you to carefully review and tweak system settings, for example:

  • Setup wizard: Create a new administrator, configure essential system settings and network devices.
  • License wizard: Enter your customer information, register online and upload your license to get your appliance to full operational, in-service status.
  • Group and user wizard: Allows you to easily create new users and groups and also to import and synchronize LDAP users and groups.
  • Office 365 FAST Lane: Automatically configures your bandwidth and firewall security for Office 365 applications and services.

Adaptive Web-based Configuration Tool

AXS Guard offers more than 30 different features. Because each customer has different needs, all security features have been organized into bundles.

Administrators can enable or disable any feature included in their bundle via the appliance's web-based configuration tool. Unused features will not be shown in the configuration menu, which makes the abundance of configuration options and pages more manageable, easier to configure and contributes to a better user experience.

Various administrator levels are available to define user access privileges for the AXS Guard web-based administration tool.

Basic Networking


Routing is the decision process by which packets are moved from one network to another. Entries in routing tables specify the interface or gateway through which a packet must leave a network to reach another.

Internal DNS

The AXS Guard appliance is an internal DNS server, which specifically serves the secure LAN and the DMZ. It also caches requests and can be configured to forward DNS and WINS requests to specific servers. The internal DNS automatically collects the following information:

  • Names given to network devices
  • Names assigned to computers in the LAN
  • SRV records

Built-in Time Server

The AXS Guard appliance has an internal NTP server which can be used by clients in your network. A correct system time is essential for time-sensitive processes such as two-factor and Kerberos authentication, but also for scheduled tasks and system logging.

DHCP Server

The Dynamic Host Configuration Protocol (DHCP) is an application protocol that enables your appliance to dynamically assign IP addresses to computers and other devices in its network. The AXS Guard appliance supports:

  • PXE
  • DHCP Relay Agents
  • Dynamic Address Allocation (Authoritative DHCP)
  • Static and dynamic leases

Network Tools

The AXS Guard appliance provides the following web-based tools for basic network troubleshooting:

  • Subnet calculator
  • Ping
  • Traceroute
  • Animated, real-time network flow analysis (netstat)
  • Internet speed test

Advanced Networking

Network Address Translation

Five NAT types can be configured on the AXS Guard appliance. The types are defined based on the altered header information:

  • Masquerading
  • SNAT (Source Network Address Translation)
  • (Authenticated) Port Forwarding
  • DNAT (Destination Network Address Translation)
  • Port Redirection

NAT helpers are available for the following protocols: FTP, PPTP, IRC, H.323, SIP, SNMP, TFTP, Amanda, DCCP, SCTP and UDP-lite.

Virtual Local Area Networks (VLAN)

VLANs are used to add one or more segments to your network without the need to add an additional physical network interface. Some benefits associated with the use of VLANs include:

  • Help with network efficiency by reducing extraneous traffic.
  • Enhance security by creating a virtual boundary around distinct business units.
  • Improve bandwidth performance by limiting node-to-node and broadcast traffic.
  • Eliminate the need to physically match up ports and switches in a network.

Channel Bonding

Channel bonding or Ethernet bonding is a computer networking arrangement in which two or more network interfaces on a host are combined for redundancy or increased throughput.

Bonding allows you to effectively combine the bandwidth into a single connection or to create multi-gigabit pipes to transport traffic through the highest traffic areas of your network. The following bonding types are supported:

  • Round Robin: Packets are transmitted in a round robin fashion over the available slave interfaces. This type provides both load balancing and fault tolerance.
  • Active Backup: One slave interface is active at any time. If one interface fails, another interface takes over the MAC address and becomes the active interface. Provides fault tolerance only. Does not require special switch support.
  • XOR Balancing: Tranmissions are balanced across the slave interfaces based on source MAC) XOR (dest MAC modula slave count. The same slave is selected for each destination MAC. Provides load balancing and fault tolerance.
  • Broadcast: Transmits everything on all slave interfaces. Provides fault tolerance.
  • 802.3ad: This is classic IEEE 802.3ad Dynamic link aggregation. This requires 802.3ad support in the switch and driver support for retrieving the speed and duplex of each slave.
  • Balance TLB: Adaptive Transmit Load Balancing. Incoming traffic is received on the active slave only, outgoing traffic is distributed according to the current load on each slave. Doesn2019t require special switch support.
  • Balance ALB: Adaptive Load Balancing provides both transmit load balancing (TLB) and receive load balancing for IPv4 via ARP negotiation. Does not require special switch support, but does require the ability to change the MAC address of a device while it is open.


Sometimes it is useful to divide a physical network (such as an Ethernet segment) into separate network segments. Network bridges do not require separate IP subnets and routers to connect the individual segments. If your appliance has two or more network interfaces, they can be configured as a bridge. There are various use cases:

  • Connecting Networks: Joining two or more network segments together. There are many reasons to use a host-based bridge over plain networking equipment such as cabling constraints, firewalling and routing. A bridge can also connect a wireless interface running in hostap mode to a wired network and act as an access point.
  • Filtering / Traffic Shaping Firewall: A common situation is where firewall functionality is needed without routing or network address translation (NAT).
  • Network Tap: A bridge can be used to inspect all Ethernet frames that pass between the connected network segments. This can be achieved with a traffic analyzer such as tcpdump or by sending a copy of all frames to an additional interface (span port).
  • Layer 2 Redundancy: A network can be connected together with multiple links and use the Spanning Tree Protocol to block redundant paths. For an Ethernet network to function properly, only one active path can exist between two devices. Spanning Tree will detect loops and put the redundant links into a blocked state. Should one of the active links fail then the protocol will calculate a different tree and reenable one of the blocked paths to restore connectivity to all points in the network.

IP Tunnels

IP tunnels are often used for connecting two disjoint IP networks which don't have a native routing path to each other, via an underlying routable protocol across an intermediate transport network. The AXS Guard appliance supports the following tunnel types:

  • IP in IP, sometimes called ipencap, is IP encapsulation within IP and is described in RFC 2003.
  • GRE in IP. GRE is a tunneling protocol that was originally developed by Cisco and can be used to transport multicast traffic through a GRE tunnel. GRE (defined in RFC 2784 and updated by RFC 2890) goes a step further than IP in IP, adding an additional header of its own between the inside and outside IP headers.

Public DNS

The Domain Name System (DNS) is a crucial component to the Internet. The AXS Guard appliance supports the following features:

  • DNS Zone Transfers
  • Forward and reverse lookup zones
  • Round Robin

Dynamic DNS

Dynamic DNS, also known as DDNS, solves the problem of ever changing residential IP addresses by associating your address with a consistent domain name without the need to buy a pricey static IP.

DNS Security

The DNS security feature consists of SecureDNS and DNS filtering. Both can be used independently.

  • SecureDNS protects users from inadvertently accessing malware, ransomware, malicious domains, botnet infrastructure and more. It is an essential component of cybersecurity.

    If the feature is enabled, all DNS requests originating from your network are forwarded to secure DNS servers, which will check the domain reputation of the requested URLs.

    Requests are checked against data collected from billions of DNS requests, WHOIS records and BGP routing information to identify suspicious domains with a high degree of accuracy.

  • With DNS filtering, system administrators have the flexibility to enhance the existing SecureDNS filters by incorporating additional ones according to their specific requirements. This feature can also be used independently, without relying on SecureDNS.

    The supplementary DNS filters are built upon web access filter categories, allowing administrators to exert greater control over the network's DNS resolution process.

SecureDNS Agent

In the ever-evolving landscape of cybersecurity threats, the SecureDNS agent plays a crucial role in safeguarding devices from inadvertent exposure to malware, ransomware, malicious domains and botnet infrastructures. The agent functions independently or can be combined with AXS Guard's integrated DNS security solution. API configuration is done through the AXS Guard Cloud.

Bandwidth Management

Bandwidth management is the process of measuring and controlling communications (traffic, packets) on a network link, to avoid filling the link to its full capacity or even overfilling the link, which would result in network congestion and poor performance.

The AXS Guard appliance allows administrators to easily classify traffic based on various properties. Bandwidth management policies are enforced through schedules and can also be configured for virtual network devices, such as VPN devices.

Internet Redundancy

The Internet Redundancy module is only available on appliances with two or more Internet interfaces and offers the following features:

  • Load Balancing: Distribute data across two or more Internet interfaces to ensure that a single Internet interface does not get overloaded with network traffic.
  • Internet Failover: The capability to switch over automatically to a redundant or standby Internet interface, upon the failure of the previously active interface.
  • Dedicated Routing: The capability to dedicate an Internet interface to a certain type of traffic, e.g. VoIP.


Dynamic Firewall Policies

Dynamic firewall policies are enforced at the user, group or computer level. User and group policies are enforced after successful authentication with the AXS Guard appliance. Computer policies are intended for servers which need specific access to the Internet, e.g. to download software updates, and to which physical access is ideally restricted.

Static Firewall Policies

Static firewall policies are always enforced and apply to all users and computers which are physically connected to the network. They must be used to allow access to a service, e.g. the L2TP service.

Advanced Firewall Rules and Policies

The internal firewall system is based on iptables. Advanced firewall rules require specific syntax and have priority over dynamic and static firewall rules configured via the AXS Guard web-based administration tool.

Block Lists

Block lists are lists of IP addresses or IP ranges that are blocked by the firewall. Predefined lists contain malicious IP addresses and are updated automatically. Custom lists can be added if necessary.

Office 365, Azure and Other Automated Lists

As IP addresses of various cloud applications and services - such as Office 365 apps - may change regularly and without prior notice, automated lists are available to keep your network environment secure and reliable.

GeoIP Filtering

GeoIP filtering is a technology that can block network traffic originating from or going to entire countries.

It is an effective way to stop automated cyberattacks and hackers from attacking your business network and prevents system logs from being overflooded with information.

As its name suggests, GeoIP filtering works by blocking network connections based on geographic location. This can then be used to filter and prevent both outgoing and incoming connections.

Other Features

The following features are also supported by the firewall:

  • Denial Of Service Checks
  • Unclean Packet Checks
  • Global Bad Packet Management

Application Control


The application control system monitors the application layer (layer 7 of the OSI model) of the network.

This is also known to as Deep Packet Inspection (DPI), a form of computer network packet filtering that examines the data part of a packet as it passes the AXS Guard appliance, searching for defined criteria, such as protocols or websites, to decide whether the packet may pass or needs to be blocked.

AXS Guard also collects and reports statistical information about all layer 7 traffic.

Application Types

The following applications can be blocked:

  • Social Media, e.g. Facebook
  • Remote Desktop, e.g. RDP and VNC
  • VPN, e.g. PPTP
  • P2P, e.g. Bittorrent
  • File Sharing, e.g. Dropbox
  • Messaging and VoIP, e.g. Skype, Viber
  • Multimedia, e.g. Spotify, YouTube, avi files
  • Others, e.g. Gmail, FTP

Web Access and Antivirus


The AXS Guard proxy server services requests on behalf of clients in the secure LAN by forwarding these requests to the Internet. Web access policies can be configured at the user, group, computer or the system level (a.k.a. a system-wide configuration).

Web Access Filters

Web access filters or Access Control Lists (ACL) define which sites users are allowed to visit and which ones are off limits. ACLs consist of categories which in turn are composed of site or word lists related to specific content.

Basic Content Scanning

  • URL filtering
  • ClamAV antivirus protection
  • Protection against other malware lists

Advanced Content Scanning

  • Filtering based on custom and predefined word lists.
  • Advanced URL filtering
  • Trend Micro antivirus engine.
  • ClamAV antivirus engine for additional protection against malware, trojans and other malicious software.
  • Protection against various other types of malware

Advanced Threat Protection AXS Guard Cloud (CTRS)

CTRS is an AXS Guard cloud service which inspects items with over 70 antivirus scanners and URL/domain blacklisting services, in addition to a myriad of tools to extract signals from the studied content. Malware signatures are updated frequently as they are distributed by antivirus companies, which ensures that CTRS uses the latest signature sets.

SSL Inspection a.k.a. HTTPS Inspection

Over the last few years many popular web sites including Google, Youtube, Reddit and Facebook have started enabling HTTPS encryption by default. This means that without configuring SSL inspection, proxies have limited filtering, monitoring and logging capabilities.

AXS Guard supports man-in-the-middle SSL filtering, which will allow you to more effectively monitor web traffic passing through the proxy server.

Transparent Proxy

The AXS Guard appliance can be used as a transparent proxy server. Transparent proxies are also commonly known as intercepting proxies.

Transparent or intercepting proxies are commonly used in businesses to prevent avoidance of implemented user policies (ACLs) and to ease administrative burden, since no browser configuration is required on the clients.

Additional Features

  • Customizable WPAD configuration
  • Automated WPAD configuration for Office 365
  • Support for parent proxy
  • Customizable user login page
  • Strong authentication and SSO
  • Advanced logging, reporting and statistics

Intrusion Prevention System


The Intrusion Prevention System (IPS) is a preemptive approach to network security. IPS identifies potential software exploits and takes immediate action against them. The actions to be taken are based on existing preprocessors and a set of dynamic rules divided in classes.


IPS rules are organized in categories. Each category describes the type of software or protocol used to perform an attack, e.g. pop3, backdoor, etc. Categories contain individual rules, each within their own classification. The AXS Guard appliance can be configured so rules are updated automatically.

Directory Services


The directory services module allows you to synchronize users and groups by establishing an LDAP connection with a directory server. The imported user accounts and groups remain updated if changes are made to the records on the directory server. The directory services module provides:

  • LDAP back-end authentication
  • Synchronization of users and groups in multiple domains
  • Support for LDAP over SSL
  • SSO for web access and firewall access (SSO tool in domain mode)
  • Support for Microsoft Active Directory and POSIX LDAP


Strong Authentication & 2FA

Two-factor authentication (2FA), often referred to as two-step verification, is a security process in which users provide two authentication factors to verify they are who they say they are. 2FA can be contrasted with single-factor authentication (SFA), a security process in which the user provides only one factor, typically a password.

Supported Technologies

  • OATH Microsoft and Google Authenticators
  • OneSpan DIGIPASS® Tokens
  • OneSpan Cronto App with Push Notifications


Kerberos is a time-sensitive network protocol that uses secret-key cryptography to authenticate client-server applications. The following back-ends are supported:

  • Microsoft Windows Servers
  • Servers running the MIT implementation
  • Servers running the Heimdal implementation


LDAP user authentication is the process of validating a username and password combination with a directory server such MS Active Directory or OpenLDAP. Also see the Directory Services feature.


The Remote Authentication Dial-In User Service (RADIUS) is a widely deployed protocol enabling centralized authentication, authorization, and accounting for network access. RADIUS authentication and authorization are defined in RFC 2865.

EAP-TLS, defined in RFC 2716, is an IETF open standard, and is well-supported among wireless vendors. It offers a good deal of security, since TLS is considered the successor of the SSL standard. It uses PKI to secure communications with the AXS Guard RADIUS server.

Basic Authentication

HTTP Basic authentication is the simplest technique for enforcing access controls to web resources because it doesn't require cookies, session identifiers, or login pages. Basic authentication uses standard fields in the HTTP header, removing the need for handshakes.


The Ident Protocol, defined in RFC 1413, is an Internet protocol that helps identify the user of a particular TCP connection. This simplifies management in that you do not have to match IP addresses to computers to regulate web traffic.

Brute-force Attack Protection

A brute-force attack is an attack method that relies on one's ability to guess passwords to illegally access a target system. Most typically, the attacker uses software that tries a vast number of username / password combinations until the target system is accessed or the intrusion attempt is detected and blocked.

The AXS Guard appliance can be configured to block brute-force attempts at the following levels:

  • The user level: consecutive failed logins from the same user are blocked, regardless of the source IP from which a suspected attack originates. Anonymizers are herewith rendered ineffective.
  • The host level: consecutive failed logins from the same source IP are blocked, regardless of the account that is used to launch a suspected attack.

Public Key Infrastructure

PKI Tool

The AXS Guard PKI tool allows you to create, manage, store, distribute, and revoke Public Key Certificates for VPN applications, such as IPsec Road Warriors, OpenVPN and L2TP clients. It is also used for secure e-mail relaying and secure web applications (reverse proxy). The following types and standards are supported:

  • PEM certificates, with or without separate key files
  • The PKCS #12 standard

Trusted Certificate Authorities

AXS Guard automatically maintains a root store that is used to determine if a certificate issued by a particular Certificate Authority (CA) is trusted. System administrators also have the possibility to disable certificates or import company-issued CA certificates. This feature was implemented to support SSL Inspection.

Reverse Proxy


The reverse proxy services Internet client requests by forwarding these requests to the correct server in the LAN, while providing strong authentication, request filtering and SSL offloading.

Supported Protocols

  • TCP/IP protocols: HTTP(S) and FTP
  • Application protocols: WebSocket, RPC over HTTP, MAPI over HTTP, EWS and RDP (via a remote desktop gateway)


  • Base URL Protection
  • RFC Compliance & Request Filtering
  • Predefined & Custom Applications
  • SSL Offloading & Two-factor Authentication
  • Ability to add custom login pages for your application servers

Virtual Private Networking


A virtual private network (VPN) is the extension of a private network that encompasses links across shared or public networks like the Internet. A VPN enables you to send data between two computers across a shared or public internetwork in a manner that emulates the properties of a point-to-point private link.

Personal AXS Guard

Personal AXS Guard (PAX) is an appliance based on the VPN security model, designed specifically for telecommuting and industrial applications, such as IoT device management. PAX units are configured and centrally managed on the corporate AXS Guard appliance which pushes the configuration to each individual unit.

OpenVPN Server

OpenVPN is an open source virtual private network (VPN) program for creating point-to-point or server-to-multiclient encrypted tunnels between hosts. It is capable of establishing direct links between computers across networks which use network address translation (NAT) and firewalls. OpenVPN is popular, easy to use, secure and widely supported on mobile devices. The AXS Guard implementation also offers the possibility to enforce two-factor authentication.


IPsec is an Internet Engineering Task Force (IETF) open standard suite of protocols (framework) providing data confidentiality, integrity, and authentication. The AXS Guard appliance only supports ESP in Tunnel Mode. This has to be taken into consideration when connecting other IPsec appliances or clients to the AXS Guard IPsec server, which offers the following features:

  • Support for IKEv1 and IKEv2 tunnels
  • IPsec Road Warrior setups
  • GRE over IPsec tunnels
  • DHCP over IPsec (IKEv1 only)
  • XAUTH (two-factor authentication for IPsec road warriors)


The Secure Socket Tunneling Protocol (SSTP) provides a mechanism to transport PPP traffic through an SSL/TLS channel. SSL/TLS provides transport-level security with key negotiation, encryption and traffic integrity checking. The SSTP server uses TCP port 443 by default, allowing SSTP clients to traverse virtually all firewalls and proxy servers, except for authenticated web proxies. The AXS Guard SSTP server can also be configured to enforce strong user authentication.


The Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used with Virtual Private Networks (VPNs) based on the IPsec framework. It enables roaming users to establish a secure connection to the private network of their company HQ using an L2TP client. The L2TP client software is available on any Windows version. The AXS Guard L2TP server also provides two-factor authentication.


The Point to Point Tunneling Protocol (PPTP) is an extension of the PPP protocol, defined per RFC 1171. The AXS Guard PPTP server also provides two-factor authentication.

AXS Guard Remote Workspace

AXS Guard Remote Workspace is a browser-based VPN solution that relies on HTML5. It allows users to remotely access corporate computers via a browser session over a secure connection (HTTPS). No dedicated software is required on the client side. Two-factor authentication is also supported.

E-mail Services

Security Features

  • RFC compliance checks
  • Anti-relay check
  • Policy-based Transport Layer Security (TLS)
  • Helo message check.
  • Preventing connections from MTAs with Dynamic IP addresses (potential spam vectors).
  • SPF protection.
  • Bad header checks.
  • Black listing, white listing and grey listing.
  • Anti-spoofing, i.e. validation of e-mail addresses.
  • Validity check of the sender and recipient e-mail address formats.
  • Verification of recipient addresses based on the origin.

Content Filtering

  • Policy-based filtering system.
  • Predefined and custom mail policies.
  • Specific policies can be assigned to users, groups or computers in addition to the system-wide mail policy or to overrule it.
  • Automated blocking of potentially dangerous e-mail attachments, such as executable files, office documents containing macros and encrypted archives.
  • Antivirus.
  • E-mail Quarantine.
  • Automated and manual spam learning.

AXS Guard Cloud Threat Protection (CTRS)

E-mails are scanned for potentially harmful links and automatically quarantined when a threat is detected (Google Safe Browsing technology).

Webmail Server

The AXS Guard webmail server allows users to securely access their e-mails from the Internet and provides the full functionality you expect from an e-mail client, including MIME support, an address book, folder manipulation, message searching and spell checking. 2FA is also supported.

POP3 Server

POP3 (Post Office Protocol 3) is the most recent version of a standard protocol for receiving e-mail. POP3 is a client/server protocol in which e-mail is downloaded to the client computer. The AXS Guard appliance also supports POPS.

IMAP Server

The Internet Message Access Protocol (IMAP) is an Internet standard protocol used by e-mail clients to retrieve e-mail messages from a mail server over a TCP/IP connection. The e-mail messages remain on the e-mail server. IMAP is defined in RFC 3501. The AXS Guard appliance also supports IMAP over SSL (IMAPS).

Remote Mailboxes

The AXS Guard MTA can be configured to distribute e-mails collected by a “catch-all” mailbox on the Internet. A “catch-all” mailbox refers to a mailbox in a domain that will "catch all" of the e-mails destined for that domain. A “catch-all” address provides a cheap method for companies to receive e-mail.

Syslog Management


Managing log files is a vital part of network administration. The AXS Guard syslog management engine offers you the ability to log system activities locally and remotely. This capability can be essential if you need to archive log files for a long period of time or simply want log files to be available on other systems in your network.

Supported Delivery Types

  • Local delivery: refers to logs that are generated by and stored on the AXS Guard appliance.
  • Network delivery: refers to logs that are forwarded by a dedicated log server to the AXS Guard appliance.
  • Relay delivery: refers to logs that have been delivered to the AXS Guard appliance (also see network delivery). Once the logs are received, the AXS Guard appliance relays them to another log server.
  • Mail delivery: the AXS Guard appliance sends logs by e-mail to the specified addresses.

Supported Log Types

The log type mainly influences the formatting of log messages.
The following log types are supported:

  • RFC 3164: This is the system default type and is the most human-readable format.
  • RFC 3339: This format contains the most details (e.g. timestaps)
  • Unix: Used by older servers and less detailed than RFC 3164 and 3339.

Statistics and Reporting


Network and data protection measures, such as a firewall, an anti-virus engine or an Intrusion Prevention System, are no longer sufficient in a​ GDPR​ world; organizations need to know what data they are collecting and how it's being used.

AXS Guard is equipped with a threat reporting feature, allowing organizations to get actionable insights from raw data in various system log files.

This reporting feature is also capable of delivering selected reports automatically to administrators and authorized personnel, allowing them to better identify potential cyber threats in a GDPR context.

Firewall and IPS

The reports show information related to traffic that was dropped by the firewall and IPS. Connection tracking allows administrators to view information about active connections, such as the source and destination IP addresses, port number pairs, etc.

Application Control

The reports show detailed information about traffic dropped by the application control system, e.g. blocked Facebook connection attempts. A graphical representation of all connection data is also available.

Web Access

Web access statistics consist of a database from which the following reports can be extracted:

  • Requests per client.
  • Hourly requests.
  • Most frequently accessed websites.
  • Blocked requests.
  • Blocked sites.


The reports contain information about queued, quarantined and blocked messages. The MTA statistics provide information about all e-mail activity including, but not limited to, the total percentage of blocked messages and the number of messages per recipient.

Bandwidth Management

Consists of a graph, showing the averages of outgoing traffic per (sub)class and the total average over an 8-hour period. This graph allows you to monitor and detect unusual traffic peaks and adjust your bandwidth management configuration if needed.

User Authentication

The authentication status report provides information about authenticated and blocked users. Users and hosts which have been blocked by the brute-force protection system are also visible and can be unblocked on the fly.

High Availability

High-Availability clusters (also known as failover clusters) are implemented primarily for the purpose of improving the availability of services that the cluster provides. They operate by having redundant nodes, which are then used to provide services when system components fail. The most common size for an HA cluster is two nodes, a master and a slave unit, which is the minimum requirement to provide redundancy.

Fax Server

The AXS Guard fax module is a heavy-duty telecommunication system supporting:

  • Up to 8 Fax Lines.
  • Sending facsimile, including batch jobs via a connected workstation in a Novell, Windows or Unix network.
  • Receiving facsimile via e-mail or a networked printer in a Novell, Windows or Unix network.
  • PCL 5 and PostScript printers.
  • Shared use of the available modem(s).
  • Multiples queues, e.g. organized per department.
  • Fax reporting via e-mail.
  • Advanced logging.

Note that the fax module is sold exclusively in the BENELUX.

Automated System Upgrades

AXS Guard is an independently developed security platform based on the Linux kernel and strives to provide the latest stable software to its customers by following a rolling-release model.

The main benefit of a rolling-release model is the ability for administrators to always have the newest version of the software automatically installed. Bugs can be corrected much faster and new features can be rolled out much more efficiently.

System Backup and Restore

Backup Download

This method allows you to manually download a backup of the current AXS Guard configuration via the web-based administrator tool.

Weekly Backup via E-mail

This method allows you to automatically send a backup of the AXS Guard configuration via e-mail to a dedicated user.

Backup on Network Share

A daily backup on a network share allows you to make a backup of the AXS Guard configuration and critical user data, such as e-mails and log files. System administrators receive a backup report via e-mail and are also automatically notified in case of errors. Backups can be restored with a few simple clicks.

Command Line Interface

The CLI is a Linux-based command line interface for advanced troubleshooting. It can be accessed directly by connecting a screen and keyboard to the appliance or remotely with a secure connection (SSH).