Medium / Large Enterprises Next-Generation UTM NU-850C

Similar documents
Medium / Large Enterprises Next-Generation UTM NU-850C

Multi-Function Firewall

Future-ready security for small and mid-size enterprises

Gigabit SSL VPN Security Router

Venusense UTM Introduction

UTM Content Security Gateway

AccessEnforcer Version 4.0 Features List

Systrome Next Gen Firewalls

Mail Archive MA-100. Internet. Internet. I. Supports 2 Architectures: Bridge Mode & POP3 Proxy. 1. Bridge Mode. 2. POP3 Proxy

Fireware-Essentials. Number: Fireware Essentials Passing Score: 800 Time Limit: 120 min File Version: 7.

DrayTek Vigor Technical Specifications. PPPoE, PPTP, DHCP client, static IP, L2TP*, Ipv6. Redundancy. By WAN interfaces traffic volume

All-in one security for large and medium-sized businesses.

Gigabit Content Security Router CS-5800

USG2110 Unified Security Gateways

Security Quick Sales Guide

NSG50/100/200 Nebula Cloud Managed Security Gateway

Security Assessment Checklist

Training UNIFIED SECURITY. Signature based packet analysis

NSG100 Nebula Cloud Managed Security Gateway

SteelGate Overview. Manage perimeter security and network traffic to ensure operational efficiency, and optimal Quality of Service (QoS)

Security with Passion. Endian UTM Virtual Appliance

Secure and Always Online Networking for Small- to Medium-sized Businesses

Next-Generation Firewall Series Datasheet

NetDefend Firewall UTM Services

2 ZyWALL UTM Application Note

Quick Sales Guide. Security

Surat Smart City Development Ltd. Surat Municipal Corporation 1

ISG-600 Cloud Gateway

ZyWALL VPN2S VPN Firewall

Cisco s Appliance-based Content Security: IronPort and Web Security

NetDefend UTM Firewall Series

NSG50/100/200 Nebula Cloud Managed Security Gateway

Cisco RV180 VPN Router

Hardening the Education. with NGFW. Narongveth Yutithammanurak Business Development Manager 23 Feb 2012

Distributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013

Addendum to RFP SSL/IT/RFP-004/ dated 28-March-2017

Network Security. Thierry Sans

EN6200 Series Feature Sheet

NIP6000 Next-Generation Intrusion Prevention System

Evaluation criteria for Next-Generation Firewalls

Corrigendum 3. Tender Number: 10/ dated

Content Security Gateway

Chapter 9. Firewalls

PineApp Mail Secure SOLUTION OVERVIEW. David Feldman, CEO

AC750GW 750Mbps. Dual band Gigabit Wireless Router. Overview DATA SHEET. Highlights

Unified Threat Management Systems

USG310/210/110. Benefits. Always online. Protection and optimization. Next Generation Firewall (NGFW) for small and medium-sized businesses

Firewalls, Tunnels, and Network Intrusion Detection

VPN Routers DSR-150/250/500/1000AC. Product Highlights. Features. Overview. Comprehensive Management Capabilities. Web Authentication Capabilities

Draytek Vigor 2925 Dual-WAN Router Firewall

Pass4sure q. Cisco Securing Cisco Networks with Sourcefire IPS

Firefly Perimeter ( vsrx ) Technical information 12.1 X47 D10.2. Tuncay Seyran

Request for Proposal (RFP) for Supply and Implementation of Firewall for Internet Access (RFP Ref )

Hillstone E-Series Next-Generation Firewall

Certified SonicWALL Security Administrator (CSSA) Instructor-led Training

Business Strategy Theatre

Security Architect Northeast US Enterprise CISSP, GCIA, GCFA Cisco Systems. BRKSEC-2052_c Cisco Systems, Inc. All rights reserved.

Unified Services Routers

Kerio Control. Unified Threat Management without Complexity. Presenters name. Presented by

UTM Firewall Registration & Activation Manual DFL-260/ 860. Ver 1.00 Network Security Solution

Draytek Vigor 2925n Dual-WAN Router Firewall

Huawei Cloud Fabric Data Center Security and Application Optimization Solution

JURUMANI MERAKI CLOUD MANAGED SECURITY & SD-WAN

DPtech IPS2000 Series Intrusion Prevention System User Configuration Guide v1.0

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

CompTIA E2C Security+ (2008 Edition) Exam Exam.

The SonicWALL SSL-VPN Series

ZyWALL USG100-PLUS Unified Security Gateway. Security on a New Level. Benefits. - The Future Is Ahead. Stay Ahead with ZyXEL USG100-PLUS

McAfee Network Security Platform

Barracuda Link Balancer

Activating Intrusion Prevention Service

Distributed Systems. 29. Firewalls. Paul Krzyzanowski. Rutgers University. Fall 2015

Check Point 1100 Appliances Frequently Asked Questions

Angelo Gentili Head of Business Development, EMEA Region, PartnerNET

Next-Generation Firewall Series Datasheet

ACS-3921/ Computer Security And Privacy. Chapter 9 Firewalls and Intrusion Prevention Systems

Network Security Platform 8.1

Meraki MX Family Cloud Managed Security Appliances

DATA SHEET MODEL AXC1000 HIGHLIGHTS OVERVIEW. Redefining Enterprise Wireless Management

DPX8000 Series Deep Service Switching Gateway User Configuration Guide Firewall Service Board Module v1.0

Cisco Intrusion Prevention Solutions

KERIO TECHNOLOGIES KERIO WINROUTE FIREWALL 6.3 REVIEWER S GUIDE

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

AC3000 Tri-Band Wireless Gigabit Dual-WAN VPN SMB Router TEW-829DRU (v1.0r)

WatchGuard System Manager Fireware Configuration Guide. WatchGuard Fireware Pro v8.1

Barracuda Firewall Release Notes 6.6.X

Cyberoam. Unified Threat Management. Comprehensive Network Security

Q-Balancer Range FAQ The Q-Balance LB Series General Sales FAQ

DATASHEET. Advanced 6-Port Gigabit VPN Network Router. Model: ER-6. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

AlliedWare Plus UTM FIREWALL OVERVIEW

COMPUTER NETWORK SECURITY


The SonicWALL PRO Series

Monitoring the Device

Meraki MX Family Cloud Managed Security Appliances

Simple and Powerful Security for PCI DSS

Managing SonicWall Gateway Anti Virus Service

Exam : Title : Security Solutions for Systems Engineers. Version : Demo

UR version firmware update

n Learn about the Security+ exam n Learn basic terminology and the basic approaches n Implement security configuration parameters on network

Transcription:

Medium / Large Enterprises Next-Generation UTM NU-850C Comprehensive Protection UR-980 Overall Integration Cloud-based Management ShareTech NU-850C is the next phase of technology change which will help service provider to launch the services in single click, delivering exceptional performance, superior multi-layered threat protection, and role-based administration to medium and large businesses. NU-850C carries advanced protection across your network security deployments: Deep Packet Inspection (DPI), In-Line IPS, SSL Inspection, Web Filtering, QoS, virus scanning, spam filtering and external authentication to prevent potential attack launched by hackers and legitimate authorized users from accessing network. Moreover, High Availability (HA) is supported to ensure smooth network operation. As with NG-UTMs offering future-ready security, NU-850C delivers a full range of Layer 2-7 switching which can be a great replacement for a L3 core switch. Furthermore, it unifies and deploys consistent security policies across both wired and wireless networks, centrally manage and monitor internal wireless APs and switches. ShareTech also introduces a cloud-based service system providing a new way to deploy, operate, and manage distributed networking appliances. When anomalies occur in network traffic, the system sends notification to IT administrators and help them to resolve issues quickly. Security Anti-Hacker / Malware Virus (Web / FTP / Mail) Spam IPS Defection Co-Defense Encrypted Https/ SSL Control App Access Control Content Filter Bandwidth IM Flow Control VPN / SSL VPN Authentication Record Mail IM WEB FTP log Report Firewall log Flow Analysis ARP Spoofing Detection Event log

Layer 2 Guardian of Gateway Security NU-850C fully integrates firewall, Deep Packet Inspection (DPI), virus scanning, ISP, SSL Inspection and blocking, moreover, extended APT prevention and Botnet intrusion detection are provided to stay one step ahead for improved compliance and security. Stateful packet inspection (SPI) firewall technology exams the packet header and destination port for authentication and checks the entire packet s content before determining whether to allow its passage into the network. SPI firewalls can drop any packet that identified as potentially dangerous and automatically blocks DoS, DDOS, and UDP Flood attacks. Web filtering to block HTTP/HTTPS access Intrusion Prevention System (IPS) Application control Virus scanning and spam filtering Network traffic monitoring and Co-Defense Integrated NG UTM & Layer 3-7 Switching into One Single Appliance NU-850C is an integrated appliance that combines the security features of NG-UTM and layer 3 core switch, upgrading management from Layer 3 routing capability to the higher application layer. It is a real-world firewall based on 4 Core Xeon-branded Processor, with 14 gigabit Ethernet ports, firewall throughput up to 6 Gbps, and improved VPN throughput of 800 Mbps. ShareTech NG-UTM differs from other competitors in multiple physical Gigabit Ethernet interfaces, allowing IT administrators to bind ports into port groups. Going beyond the traditional Layer 3 routing mechanism among port groups, DPI is embedded as an advanced method to filter packets functioning at the application layer and allows business to be much more precise in their control of what enters or exits the network. Supports SDN Controller SDN controller is designed to be in charge of translating the requirements from the SDN application layer down to the SDN data paths and provides the SDN applications with an abstract view of the network. While the traffic is sent from the underlying systems to the selected destination, application-layer (Layer 7) management can be applied for higher-level functionality. Transferring traditional UTM to SDN structure delivers a seamless, hassle free experience to medium and large businesses. Data Loss Prevention (DLP) & Application Control DLP detects potential data breaches / data ex-filtration transmissions and prevents them by monitoring, detecting and blocking sensitive data. Having application layer firewall technology, NU-850C is able to inspect both HTTP and HTTPS packets and prevents losing sensitive information or subsequently acquired by unauthorized party. Unique DPI performs traffic signature analysis by inspecting all packets for new application signatures, score up the signatures, and append them to the relevant database. More importantly, having recorded these collected data will be available for future audits. Supports for protocols and applications, including video streaming, peer-to-peer communication, social networking, and instant messaging Detailed control over file sharing, remote control, VoIP, online games, browsers, etc. SSL/HTTPS Inspection Cloud database updates

Single-Pane-of-Glass Dashboard NU-850C dynamic dashboard in the web user interface (web UI) presents a graphic view of the system status including concurrent connections, application classification, network resource usage, HTTP or HTTPS traffics and intrusion defense to help in tracking and diagnosis. IT administrators are given visibility into the network users, their devices, and their applications. SSL 192.168.189.27 13.5% 25.9% 25.2% Skype HTTP DNS Unknown Kerberos HTTP Proxy SSL No Certificate SSH ICMP Other 5.1% 10.8% 57.2% 192.168.186.80 192.168.188.92 192.168.186.50 Syncs 192.168.189.30 Kail 192.168.189.31 192.168.186.82 192.168.189.19 Other Complete VPN Solutions Using IPsec, L2TP, SSL VPN connections, NU-850C provides data confidentiality, data integrity, and data authentication. At the same time, popular protocols such as web, SMTP, and POP3 that contains packets transmitting within tunnels are able to be controlled. Supports IPSec, PPTP, SSL, and GRE Tunnel Supports DES, 3DES, and AES encryption and SHA-1/MD5 authentication algorithms SSL VPN mobility client for Android and Apple ios Controls connectivity of remote sites from the central site Cloud-based Management Eye Cloud is a next-gen cloud service platform providing user friendly interface to support instant equipment maintenance and management. It is an all-inclusive solution to monitor various networking appliances deployed in either external or internal networks such as UTM, wireless APs, or switches. When anomaly occurs, administrators will be notified of the problem. Central management system designed for multi-site network security appliances deployments.

I. FUNCTIONS DESCRIPTION Exceptional Performance & Consolidated Security Features NU-850C adopts best-on-class multi-core X86 CPU platform to deliver exceptional performance and intelligent network security features. ShareTech develops high-performance security modules and delivers enterprise-class security modules, high connection capacity connectivity, and supports USB instant recovery. Supports SDN Controller Being the core of an SDN network, SDN controller is designed to manage flow control to enable intelligent networking. Based on protocols, the controller configures network devices and chooses the optimal network path for application traffic. IEEE 802.1Q VLAN is supported to provide a degree of isolation by dividing the network into isolated islands as if provided by separate physical networks. Intrusion Prevention System (IPS) Built-in IPS inspects the packets from OSI layer 4-7 (transport to application layer) and block concealed malicious code and worms delivered in TCP/IP protocols. As soon as an attack is suspected, IT administrator will be notified immediately and later an extensive range of reports will be available for analysis. ShareTech regularly updates the predefined attack-signature database and makes it available as IDP security package. Botnet Vulnerabilities Malware Worms Skype Session Application SSL Inspection To protect your network from network threats, SSL inspection is the key used to unlock encrypted sessions, see into encrypted packets, find threats, and block them. Several security features that can be applied using SSL certificate inspection are ISP, gateway anti-virus, web filtering, application control, and QoS. SDN Website Security IPS Anti- Virus Flow Detection Mail Security Firewall Anti-Spam NU-850C employs multi-spam filters: ST-IP Network Rating, Bayesian Filtering, spam characteristics filtering, fingerprinting, auto learning, and personal B/W list. It also gives administrators the flexibility to enforce custom filtering. These help industries create their own database by importing the latest spam update. Following actions like forward, delete, quarantine can be taken on the mail identified as the spam. Email accessed by users from LAN to DMZ can be especially filtered and logged. Gateway For companies that have deployed mail servers in their network environments but lacking of advanced filtering, NU-850C can be placed at gateway to secure your email and get simple and powerful protection from spam, virus and malware. IP Traffic Streams Analysis Outgoing/incoming concurrent sessions, upload/download flow, and time duration are flow parameters collected for packet-based traffic analysis. Using a combination of pattern matching can determine whether an activity is performing normally or abnormally. If employee are violating the rules and exceeding more downloading flow, IT administrators are allowed to define the trusted IP list and take appropriate actions to block network access, limit maximum bandwidth, blocking ports on switches (Co-Defense), or simply receive notification.

Anti-Virus NU-850C for large enterprises offer Clam AV for virus scanning which can detect over 800,000 kinds of viruses, worms, and Trojans. Once suspicious emails are detected, the administrator can decide to delete or block them. Moreover, websites and FTP will be scanned once the function of anti-virus is enabled in policy. Customers may choose to purchase a Kaspersky module for their security needs. (NU-850C contains 1-year Kaspersky license.) Outgoing Mail Filtering & QuarantineMail AuditMail Record Mail Audit/Filtering Anti- Virus Anti- Spam Quarantine/Delete/ IP Block/Carbon Copy Business Mail Policy Record Archive Incoming Mail Filtering & QuarantineMail AuditMail Record Advanced Threat Defense In addition to firewall, Intrusion Prevention System (IPS), and virus scanning, NU-870C can monitor malware or threats within traffics based on analyzing flows, webpages, and email. By performing different security mechanisms, business network is given more effective and profound protection against active cyberattacks, targeted attacks, and sophisticated malware. Content Filtering IT administrators can configure Web filtering profiles that block URLs to inappropriate webpages like violence and pornography and hacking attacks like malware and virus. Moreover, UTM filters out ActiveX objects, Cookies or Java applets that may pose a security threat in certain situations. Both keywords and URLs of specified websites can be added to Blacklist and Whitelist. URL Database Built-in URL database collects almost 1,000,000 URLs and updates every period of time without additional charge. All these URLs and their contents were analyzed and classified into 12 categories, including Aggressive, Audio-Video, Drugs, Gambling, Hacking, Porn, Proxy, Redirector, Spyware, Suspect, Violence, and Warez. IT administrator is able to block any category in the database with ease without entering keywords or desired URL addresses one by one. SSL VPN SSL-based VPNs provide remote-access connectivity from almost any Internet-enabled location using a Web browser and its native SSL encryption. It does not require any special-purpose client software to be pre-installed on the system. For remote clients, there are two different types of access. One is access to the internal network and the other is access to the Internet over VPN server. Administrators can control over bandwidth usage, VPN service and time from both accesses. Remote-Access VPN Remote-access VPNs allow secure access to corporate resources by establishing an encrypted tunnel across the Internet. The ubiquity of the Internet, combined with VPN technologies, allows organizations to cost-effectively and securely extend the reach of their networks to anyone, anyplace, anytime. ShareTech offers both IPSec VPN and PPTP VPN technologies on a single platform with unified management. IPsec VPN securing the site-to-site connections allows headquarters and their branch offices to be on the same network and sharing resources among offices. Moreover, PPTP VPN offers point to point connection for employees working at home. Employees can get access to industry s network securely and easily. Remote Users/Sites Application Control In order to prevent data leakage and ensure regulatory compliance, the access to applications which unrelated to work should be controlled during working hours. NU-850C can enforce policy for applications like P2P, VOIP, GoTo- MyPc, Webpages, Games, Media Player, Bit Torrent, Foxy (Gnutrlla), stock market, Instant Messaging, Xunlei, Gator, Yahoo Manager, Virus and Malware, filename extension, Kazaa, Facebook, etc. Internal Users Internal Server Branch Internal Servers Branch Internal Users

II. KEY FEATURES Threats Defense (Anti-Virus/IPS/SSL Inspection) Malicious URL Filtering (URL & Databases) Firewall Security Potential Risks Detection (Flow Analysis) Mail Security (Anti-Spam, Mail Filtering) Application Access Control User Identity (Radius) Features Description 1. Uses open source Clam AV engine with huge database includes more than 200,000 unique signatures 2. Kaspersky module (Optional); built-in 1 your for NU-850C 3. Clam AV team has fast response time, updates signature regularly and requires no yearly subscription fees 4. Provides IDP and Botnet attack-signature database 5. IDP risk management is divided into 3 levels (high, medium, and low) 6. Provides scalable SSL inspection 1. Provides URL filtering and database 2. URL filtering policies are allowed to be configured by administrators 3. IT administrator can add keywords or URLs to Black/White lists 1. Coordinated DoS/DDOS attacks and UDP Flood performed by hackers can be blocked automatically. 2. QoS provides bandwidth guarantees and a priority command can be given for min/man bandwidth guarantee. 3. Limit the bandwidth using source IP in both directions 4. Supports IPv4, IPv6, and Dual Stack 5. Supports load balancing and failover for both outbound and inbound traffics 6. Provides DNS service and Dynamic DNS services 1. Flow/behavior-based anomaly detection allows both up and down sessions to be analyzed and see if a performance problem exists 2. Following actions can be taken when an anomaly occurs. An anomaly can be recorded, blocked, and notify subscribers. 3. Integrated with advanced switching technology, Co-Defense can be applied to protect the internal network. 4. Prevents ARP spoofing 5. Manages switch port mapping that gives an instant view into the operational status and speed of each port. 1. Employs multiple spam mechanisms: ST-IP network rating, fingerprinting, Bayesian filtering, auto learning, auto-whitelist, system and personal Blacklist/Whitelist and spam characteris tics filtering. 2. Offers Email virus scanning 3. Offers Email auditing, advanced filtering and quarantine 4. Client-side spam mail search is available on web-based interface 5. Additional actions such as quarantine, delete, blocking IP, and carbon copies can be performed to all mail. 6. Searching recorded email are available 1. Multiple application categories e.g. P2P, IM, VOIP, Web, WebMail, game, video, spyware, stock and others. 2. Administrators can use policies to prohibit their users from accessing to applications 1. The host computers are established to ensure user identity and also supports the use of LDAP, Radius, AD or POP3 servers for authentication. 2. Desired user groups can be customized 3. Applies access control methods 4. Provides authentication record and connection status

Features Content Record Load Balance VPNs Connection QoS Operation Modes Logging & Reports Virtual Server High Availability Eye Cloud Bulletin Board Diagnostic Tools Others 1. Logs all incoming/outgoing emails with delivering date and time 2. Archived email is exported in. eml format 3. Records browsing history 1. Ensuring the network is never disconnected 2. Provides inbound & outbound load balancing 3. Users can assign load balancing automatically, manually, or by source-destination IP 4. Built-in Smart DNS Server 1. IPSec and Site-to-Site PPTP VPN 2. Reliable SSL VPN connection 3. Users can create, edit, and control over VPN connections 4. Supports IP Tunneling and definable policy control 1. Supports QoS 2. Supports bandwidth guarantee, max/min-limit, and priority commands 3. Bandwidth usage from the internal/external source IP can be limited 4. Efficient priority scheme is available NAT, Routing Description 1. Multiple event logs can be centrally logged and monitored. And it includes configuration, networking and route, objects, services, advanced protection, mail security, VPN, etc. 2. A report includes a statistic table, ranking grid, bar/line graphs, and pie charts. 3. Provides analysis of debug, system performance, intrusion attempts, and tracking. IP Supports virtual server that data flows can be transmitted to any of the other ports without using any switch or router Building a cluster and hot standby of two or more ShareTech devices is available 1. Manages multiple UTMs and wireless access points 2. Provides real-time monitoring and proactive management 3. Cloud-based integration can be led to ShareTech Eye Cloud service system Announcement can be made to employees in a very effective and proper way Standard net tools such as Ping, Traceroute, DNS lookup, and port scanner are available to help users identify and fix connection problems. 1. The network is divided in zones and a zone can by managed by SDN 2. Administrators can select authorized users and assign access conditions 3. Automatic disk check can be scheduled 4. Supports SNMP 5. Supports VLAN 802.1Q 6. LCM display 7. Data backup and mount

III. SPECIFICATION Dimensions W*H*D(mm) Platform Size Recommended Users numbers LAN Bypass Reset Button USB Ethernet Interfaces UTM Throughput VPN Throughput Anti-Virus Throughput Max. Concurrent Sessions Mail Scan/Day IPSec VPN Tunnels PPTP Tunnels SSL VPN Tunnels IP Tunnel Tunnels Security Gateway Kaspersky HTTPS Filtering Spam Filtering IPS IPS Signature Database APP Access Control URL Database Dashboard Reports Mail Audit Behavior Management Anomaly IP Analysis Co-Defense (Switch) Load Balance (Outbound/Inbound) QoS Bulletin Board Authentication AP Management CMS High Availability IPS Signatures IPSec VPN PPTP VPN SSL VPN Encrypted IP Tunnel Mode NU-850C NU-870H NU-870C Hardware 430*250*44 438*292*44 1U 1U Under 200 Under 400 2.0 3.0 Capacity 14xGigabit 10xGigabit 6 Gbps 800 Mbps 700 Mbps 3,000,000 4,800,000 3,000 1,200 1,200 600 8 Gbps 2,000 Mbps 900 Mbps 4,000,000 5,000,000 VPN Tunnels 6,000 2,000 2,000 1,000 Network Protection 1-year 1-year 438*292*44 1U Under 400 3.0 18xGigabit 9.6 Gbps 2,000 Mbps 900 Mbps 5,000,000 5,500,000 8,000 3,000 3,000 1,500 1-year NU-880H 430*550*88 2U 1,000-2,000 3.0 18xGigabit 16.5 Gbps 2,500 Mbps 1,400 Mbps 6,000,000 6,000,000 12,000 4,000 4,000 2,000 1-year Add network configuration, video, file transfer, remote control, browser, software update APP, Mail, IPS, Web, Defense, Dynamic Sessions Analysis (100pcs) (300pcs) (300pcs) (Unrestricted) 4,020 4,020 4,020 4,020

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback