Sandtrap by EntPack

See the Features below to find out how a Sandtrap can protect your systems from Hackers and today's threats like Ransomware and Phishing scams.



Sandtrap Features

Simple Integration

A Sandtrap device can be either configured as a standalone primary firewall or as an IPS/IDS device to give existing firewalls enhanced DNS packet filtering capabilities.


DNS Filtering Made Easy

Using a Sandtrap in your network allows you to easily create different levels of filtering based on the type of systems you have.

From legacy and critical systems to end user systems, with Sandtrap you can easily create and manage many whitelist/blacklist sets to fit your needs.

From Scratch

The Sandtrap has been built from scratch and gives you features even the most expensive of firewalls can't match and at an affordable price.

The User Interface has been designed to make whitelists and blacklists easy to setup and maintain over time.

Whitelist By Domain, not just IP

Wildcard That Website

A basic and powerful building block of the Sandtrap is it's ability to use a wildcard with a website hostname. Matching all sub-domains for a hostname automatically in one rule.

For example: * will match,,, and so on. 


Wildcard Rule Sets

Building on the basic wildcard functionality, Sandtrap allows you to upload up to 250,000 wildcard hostnames per chain set.

Use the Sandtrap Monitoring feature to build a profile of the web sites your systems communicate with and then upload them back into one or more rule sets.

These Go To 11

Our desktop model Sandtrap can handle filtering as many as 3 million DNS hostnames. Our enterprise versions can actively filter up to 10 million DNS hosts.

3 million active wildcard rules is not a typo! Can your expensive brand name firewall let you manage a few thousand DNS hostname rules, let alone millions?

Prebuilt Hostname Rule Sets


Its a Big Internet

We provide prebuilt hostname rule sets as a part of our service package. These prebuilt rule sets range from the Top Global Web Sites to distinct categories like Financial Web Sites or Medical Web Sites.

You can leverage our prebuilt hostname sets so your systems can access a large number of quality sites without waiting for authorization.





Global Connections?

Hackers are located everywhere these days. Do all your systems need to talk to other systems halfway around the globe? Sandtrap has geo-fencing rules that will restrict your system's egress traffic to specific Countries or Continents.

This is the simplest thing you can do to prevent your systems from communicating with Hackers.



Traffic Monitoring


Profile Your Network

With a Sandtrap you can monitor your system's egress traffic, allowing you to build a profile of the websites and IP addresses to which your systems communicate.

Using this profile data you can upload it back into the Sandtrap as a wildcard rule set. This allows you to whitelist the Internet traffic your systems really need.

Combine your hostname rule sets with our Prebuilt Rule Sets and you can whitelist end user systems without disrupting your business.



Central Management

The Primary Sandtrap

Sandtraps support Central Management, a Sandtrap can be configured as the Primary system with as many Replica Sandtraps as you need. This is great for Banks, Retail Stores and Utilities that have many physical locations communicating back to a central office.


Primary Backups

Any number of Sandtraps can be configured as a Primary Backup. Primary Backups replicate the full rule datasets from the Primary Sandtrap. Any Primary Backup system can be promoted to be the new Primary.

Replica w/Load Balancing

Replica Sandtraps only replicate the rule data that applies to the Replica, minimizing replication traffic.

Replica randomly choose a Primary Backup (if there are any configured) and synchronise with it. In large installations with hundreds of Sandtraps, this allows Load Balancing with no pre-setup.

High Availability


Hardware Clustering

You can put two Sandtraps into a hardware redundant configuration, where if one Sandtrap fails the other takes over and keeps traffic flowing.

Clustered Sandtraps can also be centrally managed.



Unauthorized Traffic and Malware Reporting


Unauthorized Traffic Events

Sandtraps can continuously check traffic against known malware sites and give administrators alerts. If properly configured the Sandtrap would have already blocked the connection attempt, but it is nice to know if there is malware running in your network.

Sandtraps can also alert administrators to blocked connection attempts regardless if the connection matches known malware sites or not.



API (Application Programming Interface)


Identity Services Integration

Sandtrap also features a REST API to allow adjusting or creating rules programmatically. This allows automation possibilities and the ability to integrate with your Identity Services so rules can follow users as they login to different systems.


  •  Address:
       1412 S Legend Hills Drive
       Suite 331
       Clearfield, Utah 84015
  •  Phone:
       +1 866-224-5744
  •  Fax:
       +1 866-728-3021
  •  Email: [email protected]