|
|
|
Planet UTM Content Security Gateway/CS-2000
:: Detalle de Producto :: The innovation of the Internet has
created a tremendous worldwide opportunities for e-business and information
sharing, however, it also brings network security problems. The request of
security becomes the primary concern for the enterprises. To fulfill the demand,
PLANET introduces the UTM Content Security Gateway CS-2000, a special designed
security gateway to support the enterprises build up the network security
protection. The CS-2000 adopts Heuristics Analysis to filter spam and virus
mails, and its auto-training system can increase the identify rate of spam. The
built-in 80GB Hard Disk can store the spam mail in quarantine. The Anti-virus
application has dual virus scan engines - Clam and Sophos to detect viruses,
worms and other threats from E-mails and Internet. It also offers the mail
report by Daily, Weekly, Monthly and Yearly and helps the administrators monitor
the mail status easily.
Besides filtering spam and virus mail, the
CS-2000 features the IDP and firewall functions to defense hackers and blaster
attacks from Internet or Intranet. The complete functions in one device provide
enterprises security solutions and the secure environment better than
ever.
The CS-2000 supports fully security features including Content
Blocking to block specific URL, Scripts, IM/P2P program, Authentication, IPSec,
PPTP VPN server/Client, SSL VPN, QoS, High Availability, Inbound Load-Balancing
and etc. In addition, it provides higher performance with all Gigabit Ethernet
interfaces offering faster speeds for your network applications. The two
built-in WAN interfaces allow the CS-2000 to support Outbound/Inbound load
balance and WAN fail-over feature. Furthermore, the VPN Trunk provides VPN
fail-over and load balance features that offers a VPN redundant mechanism to
keep the VPN always be connected.
|
Application
|
|
|
|
UTM Content Security Gateway
PLANET UTM Content Security Gateway, CS-2000, is a specially designed
security gateway with virus and spam filtering features. As the gatekeeper of
corporate security network, CS-2000 prevents corporate intranet from being
infected by virus and its network resource occupied by useless spam mails.
Furthermore, IDP, User Authentication and Content Filter features of the
security gateway offer the corporate intranet highly secure protection. The
CS-2000 also provides the IPSec, SSL VPN, and PPTP VPN solutions for data to be
securely delivered via VPN tunnel.
|
|
Key Features
|
|
|
|
• All Gigabit Interface:
The CS-2000 supports all Gigabit Ethernet interfaces to provide higher
performance
for your network environment.
• Anti-Spam Filtering:
Multiple defense layers (Spam Fingerprint, Blacklist & Whitelist,
Bayesian
Filtering, Spam Signature, Graylist, Checking sender account and
IP address in RBL),
and Heuristics Analysis helps to block over 95% of spam
mails. Customizable
notification options and spam mail report are provided
for administrators. Varied
actions to spam mails include Delete, Deliver,
Forward and Store in the quarantine.
It also has built-in auto-training
system to improve the identify rate of spam mails
substantially.
•
Anti-Virus Protection:
Built-in dual virus scan engines can detect
viruses, worms and other threats from
email transfer and can scan
mission-critical content protocols, SMTP and POP3 in
real time to provide
maximum protection. It provides customizable notification
options and virus
mail report for administrators. Varied actions to virus mails
include
Delete, Deliver, Forward and Store in the quarantine.
• Anti-Virus for
HTTP, FTP, P2P, IM, NetBIOS:
The CS-2000 can also filter the virus from
various protocols. The virus pattern can
be updated automatically or
manually.
• VPN Connectivity:
The CS-2000 supports several VPN
features -- IPSec VPN, SSL VPN and PPTP
server/client. The VPN Tunnel with
DES / 3DES / AES encryption and SHA-1 / MD5
authentication to provide
secured network traffic over public Internet. VPN Wizard
helps
administrators to configure VPN settings easily.
• SSL VPN:
SSL
VPN does not need to install any software or hardware. It can use the web
browser to easily establish VPN connections for transferring the data by
SSL
encryption.
• VPN Trunk:
VPN trunk function provides
VPN load balance and VPN fail-over feature to keep the
VPN connection more
reliable.
• Content Filtering:
The CS-2000 can block network
connection based on URLs, Scripts (The Pop-up, Java
Applet, cookies and
Active X), P2P (eDonkey, Bit Torrent, WinMX and more), Instant
Messaging
(MSN, Yahoo Messenger, ICQ, QQ, Skype and Google Talk) and Download /
Upload. If there are update versions of P2P or IM software in client side,
the CS-
2000 will detect the difference and update the Content Filtering
pattern to renew
the filtering mechanism.
• IDP:
Built-in
IDP function can detect the intrusions and prevent the network from Hacker
attacks, Anomaly Flow and Signatures from the Internet. The CS-2000
provides three
kinds of the signatures to complete the intrusion detection
system, and users can
select to configure "Anomaly", "Pre-defined" and
"Custom" according to the current
environment request.
•
Policy-Based Firewall:
The built-in Policy-Based firewall prevents
many well-known hacker attacks including
SYN attack, ICMP flood, UDP flood,
Ping of Death, and etc. The access control
function specifies WAN or LAN
users to use allowed network services only on
specified time.
• QoS:
Network packets can be classified based on IP address, IP subnet and
TCP/UDP port
number and offer guarantee of maximum bandwidth with three
levels of priority.
• User Authentication:
Web-Based
authentication allows users to be thenticated by web browser. User
database
can be configured on CS-2000 and it also supports the authenticated
database through external RADIUS, POP3 and LDAP server.
• WAN Backup:
The CS-2000 can monitor each WAN link status and automatically activate
backup links
when a failure is detected. The detection is based on the
configurable target
Internet address.
• Outbound Load Balancing:
The network sessions are assigned based on the user configurable load
balancing
modes including "Auto", "Round-Robin", "By Traffic", "By Session"
and "By Packet".
Users can also configure IP or TCP/UDP type of traffic and
assign which one of the
two WAN ports for connection.
• Inbound Load
Balancing:
The CS-2000 provides the Inbound Load Balancing for
enterprises internal server. The
Inbound Load Balancing can reduce the
server loading and system crash risks in order
to improve the server
working efficiency.
• Multiple NAT:
Multiple NAT allows local
ports to set multiple subnet works and connect to the
Internet through
different WAN IP addresses.
• High Availability:
The CS-2000
provides the High Availability function and the redundant system helps
to
keep the network traffic active when the device crash down. |
| Model |
CS-2000 |
| Hardware |
| Ethernet |
LAN: 1 x 10/100/1000Based-T RJ-45, Auto-negotiation, Auto MDI /
MDI-X
WAN: 2 x 10/100/1000Based-T RJ-45, Auto-negotiation, Auto MDI /
MDI-X
DMZ: 1 x 10/100/1000Based-T RJ-45, Auto-negotiation, Auto MDI /
MDI-X |
| Console |
1 x RS-232 (9600, 8, N, 1) |
| Hard Disk |
80 GB |
| H/W Watch-Dog |
Auto reboot when detecting system fail |
| Software |
| Management |
Web (English, Traditional Chinese, Simplified Chinese) |
| Operation Mode |
DMZ_Transparent, DMZ_NAT, NAT |
| Routing Protocol |
Static Route, RIPv2 |
| Concurrent Sessions |
1,000,000 |
| Email Capacity Per Day |
1,800,000 |
| Firewall Performance |
300Mbps |
| VPN Performance |
46Mbps |
| VPN Performance (with 3DES) |
30Mbps |
| Firewall Security |
Policy-Based access control
Stateful Packet Inspection (SPI)
NAT /
NAPT
|
| VPN Tunnels |
200 / 1000 |
| VPN Function |
IPSec, SSL VPN, PPTP server and client
DES, 3DES and AES
encrypting
SHA-1 / MD5 authentication algorithm
Remote access VPN
(Client-to-Site) and Site to Site VPN
|
| Content Filtering |
URL Blocking
Script Blocking (Popup, Java Applet, cookies and Active
X)
IM blocking (MSN, Yahoo Messenger, ICQ, QQ, Skype, Google Talk and
more)
P2P blocking (eDonkey, Bit Torrent, WinMX and more)
Download and
Upload blocking
|
| IDP |
Anti-Virus for HTTP, FTP, P2P, IM, NetBIOS
Automatic or manual update for
virus and signature database
Anomaly: Syn Flood, UDP Flood, ICMP Flood and
more
Pre-defined: Backdoor, DDoS, DoS, Exploit, NetBIOS and
Spyware
Custom: User defined based on TCP, UDP, ICMP or IP
protocol
Yearly, Monthly, Weekly and Daily Reports support
|
| Anti-Virus |
Virus scan engine: Two scan engines - Sophos and Clam
Virus scanning of
E-mail attachment by SMTP, POP3
Inbound scanning for internal and external
Mail Server
Action of infected mail: Delete, Deliver to the recipient,
Forward to an account and Store in quarantine
Automatic or manual Virus
database update
|
| Anti-Spam |
Inbound scanning for external and internal Mail Server
Supports Spam
Fingerprint, Bayesian, Signature, RBL and Graylist filtering
Checking sender
account and IP to filter the spam mail
Auto training system support for
Black and white list
Action of spam mail: Delete, Deliver to the recipient,
Forward to an account and Store in quarantine
Yearly, Monthly, Weekly and
Daily Reports support
|
| QoS |
Policy-Based bandwidth management
Guarantee of maximum bandwidth with 3
priority levels
Classify traffics based on IP, IP subnet, and TCP/UDP
port
|
| User Authentication |
Built-in user database with up to 500 entries
Supports local database,
RADIUS, POP3 and LDAP authentication
|
| Logs |
Traffic Log, Event Log and Connection Log
Log can be saved from web and
backup by e-mail or syslog server
|
| Accounting Report |
Record of Inbound and Outbound traffic utilization by Source IP, Destination
IP and Service
Backup Accounting Report for Outbound and Inbound
traffic
|
| Statistics |
WAN ports traffic statistic and policies statistic with graph’s
display |
| Others |
Dynamic DNS
NTP support
Multiple server load balancing
Outbound /
Inbound load balancing
High availability
Multiple subnet
SNMP v1, v2,
v3 |
|
