Gigabit Content Security Router CS-5800
Presentation Outline Product Overview Product Feature Product Application Product Comparison Appendix 2 / 34
Overview What is the Content filter? Content filtering is the technique whereby content is blocked or allowed based on analysis of its content, rather than its source or other criteria. It is most widely used on the Internet to filter e- mail and web access. 3 / 34
Overview What is IPv6? IPv6 is the next-generation Internet Protocol version designated as the successor to IPv4, the first implementation used in the Internet that is still in dominant use currently. It is an Internet Layer protocol for packet-switched internetworks. The main driving force for the redesign of Internet Protocol was the foreseeable IPv4 address exhaustion. IPv6 has a vastly larger address space than IPv4. This results from the use of a 128-bit address, whereas IPv4 uses only 32 bits. Why IPv6? Nowadays, lots of electronic products or mobile devices can browse the Internet, which means the need of IP Address increases. However, the current IPv4 network infrastructure is not capable enough to provide IP Address to each single users / Clients. The situation forces the ISP to build up the IPv6 network infrastructure speedily. 4 / 34
Product Overview PLANET Security Product Classification Enterprise UTM /Content Security Gateway CS-1000 CS-2001 CS-5800 SMB Multi-Homing Security Gateway VPN Security Gateway MH-2001 MH-3400 SG-1000 SG-4800 SOHO VPN Security Wireless Router VRT-402N VRT-420N 5 / 34
Product Overview PLANET Security Product Difference Multi-WAN load balance VPN function QoS CS-5800 Content filter SPI / DoS Firewall Dual stack IPv6 Full Ports Gigabit Security SSL VPN SG-4800 3G/3.5G MH-3400 6 / 34
Product Overview Front Panel of CS-5800 8-LAN Port 10/100/1000Base-T RJ-45 Port 1 configurable with LAN 1(Mirror Port) 4-WAN Port 10/100/1000Base-T RJ-45 1-DMZ Port 10/100/1000Base-T RJ-45 Configurable with WAN 5 1-Reset Button Power Consumption 100~240 VAC, 50~60 Hz, max 0.8A 19 Rack-mountable 1 x 10/100/1000Base-T, RJ-45 Reset Button 8 x 10/100/1000Base-T RJ-45 4 x 10/100/1000Base-T, RJ-45 7 / 34
Product Benefits Multi-WAN Multi-WAN auto line backup (Fail Over) Realizing inbound / outbound load balancing with Multi- WAN Performance All Gigabit Ethernet port improve Network Efficiency Smart QoS Smart QoS control the P2P and video downloading easily Guaranteed bandwidth for QoS Schedule and Priority QoS 8 / 34
Product Benefits Strong Protection for Network Security 60 PPTP/200 IPSec VPN tunnel ensure security information transmission* The built-in SPI/policy-based firewall/dos prevent many known hacker attack Online Behavior management Flexible for Content filter include Web Filtering and Application Blocking Abundant IPv6 Support Meet the need for larger addressing and higher security IPv4 / IPv6 Dual Stack helps to connect to IPv6 network now and in the future 9 / 34
Product Key Features Content Filter Multi-WAN Load balance Full Ports Gigabit CS-5800 Smart QoS DOS prevent SPI Firewall 60 PPTP 200 IPSec VPN tunnel IPv6 / IPv4 Dual Stack 10 / 34
Product Features Multi WAN Hardware 8-LAN Port 10/100/1000Base-T RJ-45 Port 1 configurable with LAN 1(Mirror Port) 4-WAN Port 10/100/1000Base-T RJ-45 Inbound / outbound load balancing and auto line fail-over with Multi-WAN 1-DMZ Port 10/100/1000Base-T RJ-45 Configurable with WAN 5 Support HA (High Available) 11 / 34
Product Features 1/14 Multi-WAN Fail over When WAN1 Fail, the user can access Internet through the Multi-WAN WAN1 WAN2~4 DMZ Group LAN Group 12 / 34
100 120 90 100 80 70 80 60 50 60 40 30 40 20 20 10 0 Outbound Load Balancing WAN1 Loading 1 2 3 4 5 6 7 8 9 Multi Network WAN2~4 - Ports Traffic Network over Enable Traffic loading Load Balancing Traffic Product Features 2/14 WAN1 WAN2~4 WAN2~4 Loading 100 90 80 70 60 50 40 30 20 10 0 1 2 3 4 5 6 7 8 9 Traffic LAN Group DMZ Group 13 / 34
100 120 90 100 80 70 60 80 50 60 40 30 40 20 10 20 0 Inbound Load Balancing WAN1 Loading 1 2 3 4 5 6 7 8 9 Multi - WAN Ports Network WAN2~4 Traffic Traffic Load over Enable Balancing loading Traffic Traffic Product Features 3/14 WAN1 Clients 100 90 80 70 60 50 40 30 20 10 0 WAN2~4 WAN2~4 Loading 1 2 3 4 5 6 7 8 9 Traffic DMZ (WEB/ FTP sever) 14 / 34
HA (High Available) Product Features 4/14 High Availability is adopted in the network that requires fault tolerance and backup mechanism. Two similar devices are used to be the backup for each other. ISP1 Slave ISP2 Master 15 / 34
Product Features Security & QoS Bandwidth Management Guaranteed Bandwidth Max.Bandwidth Session Limit Port-Based QoS Security SPI (Stateful Packet Inspection) Firewall DoS (Denial of Service) prevention IP & Port filtering DMZ Host Prevents ARP Attack on LAN 16 / 34
Product Features 5/14 Bandwidth Management According to the IP and service (port) to ensure the important application. E-Mail:3Mbps Set different bandwidth VIP:5Mbps ERP:10Mbps Other:2Mbps 17 / 34
Smart QoS Product Features 6/14 When the bandwidth usage over the set percent, the smart QoS will enabled automatically to limit each users bandwidth. 20Mbps 10Mbps 20Mbps 10Mbps Over the preset usage!! 2Mbps 5Mbps Each user be limited 1Mbps 18 / 34
Product Features 7/14 SPI Firewall/DoS Prevent The SPI firewall have check and filter the abnormal packet,the DoS prevent will protect the user avoid the DoS / DDoS attack. Cracker Web / FTP server Internet User Group 19 / 34
Product Features VPN & VLAN VPN Feature* IPSec, PPTP and L2TP Pass through Supports IPSec IPSec Hardware acceleration IPSec Encryption DES / 3DES / AES128 / AES192 / AES256 IPSec Authentication MD5 / SHA1 VPN Hub Support VLAN IEEE 802.1Q Tagged VLAN on WAN port* Port VLAN 20 / 34
Product Feature 8/14 IPSec VPN (Site to Site) Headquarter Cause the data via the VPN tunnel will be encrypt, so even the hacker intercept this data still can t read this information. Hacker Branch Office!@#$%^&*())_????????? 21 / 34
VPN Hub Product Features 9/14 VPN Tunnel Firewall Gateway No need to create the new VPN tunnel Secured VPN Connection Firewall Gateway 22 / 34
Port VLAN Product Features 10/14 The manager can via the Port VLAN feature collocate with the multiple subnet to manage the network. VLAN1 VLAN2 VLAN3 23 / 34
Product Features - Management Full Management IPv4 / IPv6 Dual Stack Standard-based Management WEB-based SNMP v1 and v2c Remote management Content Filter Restrict Application Download/Upload blocking URLs/Scripts Filter Statistic Traffic Graphic statistic Monitoring, Logging, and Alarms of system activities 24 / 34
IPv6 / IPv4 Dual Stack Product Features 11/14 WEB Load Balance Remote Management Application Transport Layer IPv4 Stack IPv6 Stack Log DMZ ICMP DHCP IPv4 network IPv6 network IPv4 Host CS-5800 IPv6 Host 25 / 34
Content Filter* Product Features 12/14 The content filter feature can block the P2P, IM software and the specified file extension as.exe or.pdf. X 26 / 34
Traffic Statistic Product Features 13/14 Network manager can observe the user s traffic usage and the behavior, It help the manager to make the bandwidth of the network distribute easily. Inbound/ Outbound Statistic Physical port Statistic Service Statistic Client traffic Statistic 27 / 34
Product Features 14/14 Management The CS-5800 provide the SNMP and http web management, the manager can supervise this device easily. TCP/IP SNMP v1 / v2c Compliant with many web browser. TCP/IP HTTP Web Management (IPv4/IPv6) 28 / 34
Product Feature-summary Security VPN Tunnel connection Remote management via VPN Tunnel Multi-ISP improve the bandwidth Content Filter SPI Firewall/ DOS Prevent Fast access for full Gigabit port 29 / 34
Product Application Headquarter-Branch Office Remote Multi Service Solution A company locates in Taipei,Taiwan and its branch office is in New York, US. The two places needs many service like VoIP, Video conference, data transmission and IP surveillance to communicate with each other. The MIS manager needs some product to accord with those demand: Extend the bandwidth and make a cost-effective network Stable network connection( fail over) The reliable VPN connection Use the bandwidth management mechanism (QoS) to ensure the average bandwidth for each user 30 / 34
Multi Service Solution Branch Office Product Application Server IP Camera VoIP Phone ISP 2 Internet Multi-WAN connect with Multi-ISP improve the bandwidth and cost savings ISP 1 HTTP / video Traffic CMS/Data Via the VPN tunnel to established the secure and High efficiency network VoIP Traffic VoIP Phone Headquarter 31 / 34
External Comparison Product Comparison Model PLANET CS-5800 Draytek Vigor3300 Product Photo Hardware Processor Cavium CN3120-500MHz Unknow RAM 1G DDR2 MB Unknow Flash 32 MB Unknow Dimension Desktop/19 inch rack Desktop/19 inch rack Network port System Performance 5 x WAN(1 x configurable for DMZ) 8 x LAN (All Giga ports) 3 x WAN 10/100 Ethernet (1 x configurable for DMZ) 4 x LAN 10/100 Ethernet 1 x Console Port Firewall performance 1Gbps Unknow 3DES performance 154Mbps Unknow Concurrent Session 40,000 Unknow 32 / 34
External Comparison Product Comparison Model PLANET CS-5800 Draytek Vigor3300 Firewall Content Filtering Yes Yes Policy-based Firewall Yes Yes SPI Firewall Yes Yes VPN Feature VPN Tunnel IPSec : 200 PPTP : 60 IPSec : 200 PPTP : Unknow VPN Hub Yes - Management WAN Load balancing Outbound / Inbound Outbound High Availability Yes Yes Statistics Traffic statistic - SNMP SNMP v1, v2c Yes QoS Yes Yes Alert by email Yes Yes IPv6 Yes - VLAN Port VLAN,802.1Q VLAN tag Port VLAN,802.1Q VLAN tag Dynamic routing RIPv1/2, Strategic Route RIPv1/2, Static Routing 33 / 34
Appendix - Sales Target Target Markets SMB/ Enterprise Office Security Reseller Target Customers Who buy our Security Gateway SG-1000/SG-4800 Who buy our Multi-Homing Security Gateway MH-3400/MH-2001 VRT-420N Who buy our UTM Content Security Gateway CS-1000/CS-2001 34 / 34
35 / 34