Tel.: +49 7121 539 550|
B2B Shop

VT AIR 500 Business Firewall

In stock

Next Generation Business Firewall

Best for VPN Router - No Licence Costs

Now: 1 Support Ticket included

Available Now!

 899,00  764,00 ( 909,16 incl. VAT)

Plus 19% VAT
Delivery Time: Immediately
SKU: VTAIR-500 Categories: , Brand:


VT AIR 500 Business Firewall

The new VT AIR 500 NextGen Firewall has been specially developed for the demanding office. The innovative desktop model impresses with numerous connection options (8 x RJ 45), its outstanding performance (> 10 Gb / s firewall and> 1 Gb / s VPN) and the high-quality technology. It is ideal for SMEs that have high security requirements and want to take the next step in the digital world.

Thanks to the VT AIR Linux operating system, you enjoy a modern, fast and versatile user interface. Designed with a focus on performance, versatility and no licensing costs, the VT AIR system is perfect for companies of all sizes.

This Business Firewall can be used as LAN or WAN router, VPN router, DHCP server, DNS server and Intrusion Protection and Detection Server.

The VT AIR 500 firewall provides you a security platform, including very high performance and speed with an excellent price-performance ratio.
8x RJ45 (1000/100/10 Mbit/s)
12V Power

Key Facts


  • Business – Enterprise Open Source Firewall

  • No Licence Fees

  • VT AIR Software – Feature Rich Firewall

Best For

  • Small Sized Business Networks

  • Small to Medium Sized Branch Office

  • Managed Service Provider / Managed Security Service Provider (MSP/MSSP) On Premise Appliance

  • Companies that need Intrusion Detection

Business – Enterprise Open Source Firewall

No Licence Fees
High Quality
Top Service and Support
The smart VT AIR 500 is the Enterprise Open Source Firewall for business and the ideal VPN router. The VT AIR 500 combines professionalism and quality with transparency and security. Despite its exceptional properties, it stands for a quick ROI. The special feature: There are no license costs. With the VT AIR 500, companies rely on technology that is as smart as well as cost-effective.

VT AIR – Next Generation Firewall

VT AIR is the next gen firewall for the enterprise market. It belongs to the third generation of firewall technology. It combines proven technologies with the latest generation approaches.

The graphic shows the advantages of the VT AIR Next Gen Firewall at a glance. It offers effective protection and always focuses on prevention. VT AIR offers comprehensive network security because it prevents attacks in advance and does not offer hackers a gateway into your business. One thing is certain: In the digital world, comprehensive security is only possible with the latest technology. This means for your company: Using VT AIR, your data enjoy the highest level of protection.

VT AIR Next Generation Firewall (NGFW)
Advanced Threat Protection2020-10-27T12:05:40+01:00

VT AIR offers a variety of advanced threat protection mechanisms.

Blocking unwanted and unsafe websites via DNS sinkholing technology and advanced web filters with virus scanners and content filtering.

Various intrusion detection and protection rules are also available.

Application Control2020-11-28T12:24:44+01:00

Application Control allows you to create firewall rules on the application level.

Traditional firewalls, which only identify ports, protocols and IP addresses, cannot identify and control applications, but a next generation firewall can. VT AIR Next Generation Firewall allows you to create firewall rules based on applications.

Intrusion Detection and Protection2020-08-25T11:36:28+02:00

The Intrusion Detection and Prevention System (IDS / IPS) of the VT AIR Firewall significantly improves network security by providing complete and comprehensive real-time network protection against a wide range of network threats, vulnerabilities, exploits and threats in operating systems and applications.

VT AIR scans network traffic using powerful and comprehensive rules and signature language to detect complex threats with the Surricata program.

Suricata is an open source based intrusion detection system and intrusion prevention system

Automatic signature updates are provided regularly to ensure that the VT AIR Firewall is always up to date.

Network Flow Fastpath2020-08-25T11:39:23+02:00

VT AIR supports the acceleration of TCP and UDP connections using Network Flow Fastpath.

For this purpose, the NFTables flow table offload technology is used, which accelerates network traffic by a factor of 2-3, all with the usual network security.

With Flowtables you can accelerate packet forwarding in software with the help of a state that no longer runs through the entire network stack after a connection has been established.

Multi Factor Authentication2020-08-25T11:38:47+02:00

Multi-factor authentication (MFA) has become the standard to prevent unauthorized access to business-critical information.

VT AIR supports multi-factor authentication with the TOTP standard for the web interface and OpenVPN to protect your infrastructure in the best possible way.

Stateful Deep Package Inspection2020-08-25T11:37:59+02:00

VT AIR is a stateful firewall. A stateful firewall is a network firewall that tracks the operational status and characteristics of network connections that pass through them. The firewall is configured to distinguish between legitimate network packets for different connection types.

Packets are analyzed with NFTables (Deep Package Inspection) and allowed or blocked on the basis of firewall rules in order to ensure optimal protection of the network traffic.

Web Control/Web Protection2020-08-25T11:37:26+02:00

Advanced Web Protection combines advanced analysis functions, blacklists and ACLs to optimally protect your web traffic.

With the built-in virus scanner, you can optimally protect your web traffic.

VT AIR uses the Squid program, which is characterized by its diverse functions and security.

The web filter can be set up as a proxy, but also as a transparent HTTP / HTTPS proxy.


With XDP, network functions (eBPF) can be executed as soon as a packet reaches the network card and before it is moved up into the kernel’s network subsystem, which leads to a significant increase in packet processing speed. This technology allows us to achieve significantly faster firewall speeds.

In general, all of our VT AIR appliances are already prepared for XDP / eBPF.

This technology will be available in VT AIR in 2021.

Authenticator 802.1X2020-08-25T11:45:35+02:00

The IEEE 802.1X standard provides a general method for authentication and authorization in IEEE 802 networks. At the network access, a physical port in the LAN, a logical IEEE 802.1Q VLAN or a WLAN, a participant is authenticated by the authenticator, who uses an authentication server (RADIUS server) to check the authentication information transmitted by the participant (supplicant) and, if necessary, the Permits or denies access to the services offered by the authenticator (LAN, VLAN or WLAN).

VT AIR has both an 802.1X authenticator and an 802.1X supplicant.


A captive portal is a facility that is usually used in public, wireless networks in order to link the access of end devices such as laptops or smartphones to the underlying network or the Internet to the user’s consent to certain usage rules. In addition, the network provider can link access to a specific user account. VT AIR allows you to set up a captive portal for each interface with its own HTML page for authentication.


VT AIR comes with a built-in IPv4 and IPv6 Kea DHCP server.

Whether static or dynamic DHCP addresses and multiple networks, you can supply your clients with addresses without any problems.

The Kea DHCP server is also capable of high availability and can form an automatic failover with several VT AIRs.


VT AIR comes with the well-known Unbound DNS Server, which allows it to run as a stand-alone or as a forwarding DNS server. Unbound allows you to define any host overrides and domain forwarding. For security reasons, VT AIR uses different DNS block lists with categories. Encrypted DNS and DNSSEC are also not a problem.


Docker is a range of platform-as-a-service products that use virtualization at the operating system level to deliver software in packages. These are known as containers. Containers are isolated from each other and bundle their own software, libraries and configuration files. They can communicate with each other via precisely defined channels. VT AIR has support and management via the WebGUI for Docker.


HAProxy is free, open source software that provides a highly available load balancer and proxy server for TCP and HTTP-based applications that distribute requests across multiple servers. VT AIR has full support for setting up and operating a HAProxy via the web interface.


ntopng is a software for monitoring data traffic on a computer network. It was developed as a powerful and resource-effective replacement for ntop. With ntopng on VT AIR you can analyze and monitor your network traffic per interface, host or network segment.