SANGFOR INTERNETACCESS MANAGEMENT

Total Control of Your Network

Enhanced Management

Value-Added Features

Simplify & Visualize User Management

Simplify & Visualize User Management

01

Internet has become a vital platform for most businesses as more

and more business-critical applications have been deployed over

the Internet. However with great opportunities come great

challenges. Improving user experience & work e�ciency, blocking

illegal endpoints, reducing bandwidth consumption, guarding

intellectual property rights, protecting against malware and

implementing internet access compliance have become the main

challenges for IT managers, who are only seen as a cost, rather

than an investment.

Moreover, with the rise of the BYOD (Bring Your Own Device) in

work environment, superior network management tools are needed

more urgently than ever for the overburdened IT department.

SANGFOR Internet Access Management (IAM) is the ideal solution

designed to tackle enterprise network challenges which o�er

simple and visualized user management.

Simplify & Visualize User Management

SangforInternet Access Management Solution

Bandwidth Management

Tra�c Quota Support

User Management

Unified management for LAN+WLAN

Multiple Authentication Methods

IPv6 Support

URL Filtering & APP Control

Internet Tra�c Reporting

User Authentication

Block & Detect illegal Wi-Fi

Value-Added Features

Built-in Firewall & IPSec VPN Modules

Simplify & Visualize User Management

02

With SANGFOR IAM, both wire and wireless environments are brought together to

ensure the uniformity of management policies & o�er an overview of all devices

connected to the network. Through continuous market research and constant

investment in R&D, Sangfor IAM also provides strong value-added features enabling you

to use the potential of your wireless network to its maximum. This not only allow you to

better understand your user behavior or facilitate user authentication, but also help you

generate more revenue.

- URL Filtering Engine- Applications Control- Dynamic Management- Endpoint Management- Tra�c Reports- Etc

SANGFORIAM

Internet Access Management

03

Simple & Intuitive Reporting

• Advanced Report Center: Accurate Tra�c Reporting and Graphs

• Content Visibility and Auditing: Instant Messaging, Emails and Social Media

“You can't manage what you can't see” describes the challenges and risks

of a modern enterprise network which makes Report Center a critical

component for IT department to analyze network tra�cs. SANGFOR IAM is

built with an Advanced Report Center which supports various customized

reports based on tra�c statistics, queries, ranking, times and behavior of

user & user groups, helping enterprises analyze the root causes of all

network issues.

At the same time, as information and data are becoming key assets,

enterprises are paying more attention to prevent potential information

leakage and disruptive network activities. SANGFOR IAM can realize refined

content auditing for common Instant Messaging programs (such as Yahoo

Messenger, Skype, Gtalk), Emails and Social Media (Facebook, Twitter, etc.).

• Advanced Report Center

IAM Advanced Report Center records, audits and counts every single

network behavior of intranet users in graphical reports. With reports, curves

and statistics, IT managers are provided with all the detailed information

they need to know about their network, including Internet access activities,

bandwidth consumption and viewed contents. Reports are self-generated

by the device and automatically & regularly sent to an appointed e-mail

address to e�ectively assist in the network design, secure it and optimize

the usage of the bandwidth.

Simplify & Visualize User Management

The above graphics are available in the Control Panel of IAM.

Application Tra�c Ranking URL Tra�c Ranking

Internet Access Management

04

BM & User Access Management

• Bandwidth Management: Guarantee Enough Bandwidth for Critical Applications

• User Access Management: Avoid Abuse by Restricting Their Access & Devices

• Application Control: Protect Enterprises Against Unauthorized Applications

• URL Filtering: Monitor & Control Evasive Activities

• Endpoint Control: Management of Mobiles Devices & Tablets

• Illegal Wi-Fi Hotspots Detection: Block Phishing Wi-Fi to Avoid Data Leakage

In order to solve these issues, SANGFOR IAM is built with an URL & application database, which can help IT administrators

to e�ectively control users online behavior by setting specific policies. At the moment, Sangfor IAM has more than 2900+

applications in its database, including 220+ Cloud applications, 700+ Mobile applications and 300+ Web applications, with a

dedicated R&D team updating it on a regular basis.

At the same time, as the BYOD trend is becoming more and more popular, mobile devices should be also included in the

enterprise network management policy. IAM can control mobile devices by identifying and applying specific access and

control policies, according to the device OS, group and location. It unifies the management for both LAN and WLAN.

SANGFOR IAM can also detect and block illegal Wi-Fi hotspots to avoid any information leakage from your laptop,

smartphones or tablets. A wireless endpoints list will display which endpoint is using an illegal Wi-Fi hotspot and the IT team

can decide whether to block it or not.

220+ Cloud Applications

300+ WEB Applications

700+ Mobile APP

Sangfor 350+ IAM R&D Sta�

Note: Data from February 2016

04

CRM &

ERP SYSTEM1

2900 Applications

Value-Added Features

• Authentication based on SMS, Portal, Social Media and QR Code• Push Advertising based on SMS, Portal & Social Media• Billing System to Generate Revenue for Internet Usage

• Authentication & Push Advertising based on SMS

One of the most fastest way and common way to collect customers information is by collecting

their phone number. When connecting to the Wi-Fi access point, the login page will ask the

customers to insert their phone number to access the internet. Thanks to that, you can now send

advertisements to your customers through SMS or by calling them.

• Authentication & Push Advertising based on Portal

Another common solution to collect customers information is to redirect them to a customized

portal page after they successfully connected to your Wi-Fi. This portal can be customized with any

kind of information such as today’s promotions, new products or services, etc.

• Authentication & Push Advertising based on Social Media

Facebook, Line, WeChat are the fastest growing social media platforms in Asia. They can now be

used as a way to authenticate to your Wi-Fi and at the same time, increase your number of

followers. More importantly, you can push information and reach a larger number of people.

Internet Access Management

05

Simplify & Visualize User Management

Internet Access Management

06

• Authentication via QR Code

For companies receiving dozens of visitors per day, sharing the Wi-Fi password can become headache for the

sta�. With Sangfor IAM, you can create a QR code to allow your visitors to connect to the Wi-Fi simply by

opening any QR code software and scan it. With this type of authentification, there is no need to change your

Wi-Fi password every time and you can generate the QR Code according to each visitor group.

• Sangfor Billing System for Internet Usage ( Optional )

The bandwidth is a precious and expensive resource in many developed countries. So why not charge your

users according to the internet data used or time spent on internet ? After the users connected to the network,

they will be redirected to a portal where they can register & recharge their account (through customer’s own

payment system or third-party payment system such as Paypal).

Sangfor IAM will record the internet usage and time spent on the network, ensuring an accurate calculation of

the cost to charge to the user. Sangfor Billing System can be installed on any commodity servers and

seamlessly integrated with Sangfor IAM. This solution is especially useful for organizations with thousands of

users, such as schools & universities, ISP and hotels. This can generate a new source of revenue used to

operate and maintain the network, and avoid bandwidth abuse.

Portal Page

Open your QRCode Software

Scan the QR CodeGenerated by the Sta�

Login Successful Redirection to yourWebsite page

Login with your FacebookAccount

Login Successful Redirection to yourFacebook page

QR CodeReader Application

SCAN

07

SANGFOR IAM Product Family

IAM Datasheet

Profile 1U 1U 2U 2U 2U

HD Capacity 128G SSD 128G SSD

Dual Power Supplies

Power[Watt] (Typical)

25W 25W

Temperature

Relative Humidity

System Dimensions (W x L x H in mm) System Weight 3.85Kg 15.3Kg 15.3Kg

Bypass (copper)

10/100/1000Base-T

4 4 6 6 4

1G SFP

10GbE SFP+

Serial Port

USB Port 2 2 2 2 2

Compliance

1U

500GB 500GB 500GB 500GB

180W

6.65Kg

3 pairs1 pair 1 pair

6

2

4.2Kg

430x300x44.5 430x300x44.5 430x390x44.5 430x500x89 430x500x89 440x600x89

Desktop

64G SSD

22W

0℃~40℃ 0℃~40℃ 0℃~40℃ 0℃~40℃ 0℃~40℃ 0℃~40℃ 0℃~40℃ 0℃~40℃

1.7Kg

RJ45x1

2

CE,FCC, IPv6 Ready

275x175x44.5

Compliance and Certificates

5%~95% non-condensing

3

RJ45x1 RJ45x1 RJ45x1 RJ45x1 RJ45x1 RJ45x1 RJ45x1 RJ45x1

180W 212W 212W

3 pairs 3 pairs 2 pairs

YES YES YES

Network Interfaces

• Products specifications described herein are subject to change without prior notification.

M5000-AC-I-S M5100-AC-I-S M5400-AC-I M5500-AC-I M5600-AC-I M6000-AC-IModel S5000-AC-I

RecommendedConcurrent Users

100 PCs~100 Mob

100~300 600~3000 3000~6000 6000~15000300~600

50 PCs~100 Mob

• All performance values are “up to” and vary depending on the system configuration.

FW ThroughputOptions¹

80 Mbps

¹: Represents the maximum bidirectional flow (max. inbound + outbound flow).

130 Mbps 210 Mbps 1 Gbps 1.4 Gbps 2.1 Gbps3.0 Gbps5.0 Gbps

Application Layer ThroughputOptions¹

40 Mbps 80 Mbps 160 Mbps 400 Mbps 600 Mbps 1 Gbps2 Gbps4 Gbps

2U

500GB+4G CF

20.0Kg20.0Kg

4

2

440x600x89

325W

2 pairs

15000~50000

20 Gbps

10 Gbps

440x600x89

M10000-AC-I

2U

500GB+4G CF

20.0Kg

4

442

2 2

4 4

2

325W

2 pairs

50000 ~100000

40 Gbps

20 Gbps

M9000-AC-I

N/A

N/AN/A

N/A

N/A

N/A N/A

N/A N/A N/A N/A N/A N/A

N/A N/A N/A N/A YES

Power and Physical Specifications

440x600x89

0℃~40℃

Simplify & Visualize User Management

Network Interfaces

08

SANGFOR Internet Access Management (IAM) Product Features

Identify and control applications through application DB or port.

IAM Product Features

User Authentication and Management

Access Control

Illegal Wi-Fi Detection and Blocking

Bandwidth Management (BM)

IP, MAC, IP/MAC binding, hostname, USB Key, SMS, QR-Code, Portal, WeChat.Mapping and Identifying Users

- Import user accounts information using CSV file, LDAP Server.- Synchronize user with LDAP, Database and H3C CAMS Server.

User Accounts Importing

Active Directory/POP3/Proxy/Web Server, Radius, Third-party authentication device, Database Server.Integration and SSO Option

- Automatically map new user to its privileged groups in local database based on its IP range, subnet or external authentication server group.- Automatically map new users to a pre-defined privileged group as temporary accounts.

New User Management

SMS/WeChat/QR-Code/ PortalWireless Auth. Methods

Application Control

Managed by source address, destination address, keywords in email, keywords in body/title, attachment, type/size/count based control.Enhanced Email Control

Comprehensive management to IM tools such as MSN, Yahoo!, as well as encrypted IM such as Skype, Enhanced IM Control

Control HTTP, FTP upload and download activity based on true file type.File Filter

Certificate, text content based control and filter.SSL Tra�c Control

Detect the endpoint information from every IP address.Illegal Wi-Fi Detection and Blocking

Tra�c guarantee/limit policy for uplink and/or downlink base on bandwidth percentage of the pipe, max bandwidth per user, user/application priority, exclusion policy. BM Policy

Application type, website type, file type, user, schedule, destination IP, etc. BM Objects

Manage and control to each physical line independently and e�ectively bridge mode.Virtual Line

Provide link load balancing in router mode. Multiplexing and

Intelligent Routing

Match the organizational structure to achieve finegrained bandwidth management.Multi-level SON Channel

- “Bandwidth Borrowing” among BM tunnel for full bandwidth utilization.Specify a network flow thresholds as e�ective points of BM policy. - BM based on public IP (oversea).- Average allocation/free competition among users in a single tra�c pipe.

Dynamic Bandwidth Management

Allocate bandwidth resource according to business type & guarantee bandwidth for core business applications and restrict irrelevant tra�c.

BandwidthGuarantee & Limitation

Managed by keywords.Search Engine Control

- Leverage on-the-cloud infrastructure, dynamically categorizes millions URLs into the predefine categories.- Support configurable in-box cache footprint.

Tra�c Identification and Categorization

Sangfor URL Database

- By extension name

- By file type (data pattern) File Type Identification

Application Database Independent Internet application signatures database.

Identify P2P/Proxy tools/VOIP/SSL tra�c intelligently through dynamic flow characteristics analysis. Intelligent Identification Rules

URL DB, keyword in web-page based control.URL Filter

Public (Share user login)/ Private (Single user login) account option.Account Attribution

09

Report Center

Control Tools for Manageability

Network & Deployment

Proxy

Real-time monitor of CPU/hard disk/tra�c/connection/session status, online user information, tra�c ranking, connection ranking, real-time utilization, visibility of bandwidth channels. Real-Time Report

Content Log

Employee turnover trend, disclosure, work e�ciency, security risks and other risk reports. Customizable Risk Report

CIO Report

Used for clear evaluation of the overall network quality. Users with poor web access quality can be listed down.

Web-Access ConnectionQuality Report

CSV, PDF. Report Format

Built-in internal report center and optional external report center. Report Center Storage

- Option to protect the report center by using external authentication key for additional security.- “Google Like” search engine GUI for external report center.- Email subscription.

External Reports Storage Security

Notification (Reminder)

Graphical Reports Counts, ranking, comparison, trends analysis with statistics, pie, bar, line chart, etc.

Content log including IM chat (Gtalk, Skype, QQ, MSN, Yahoo! Messenger, etc.), SMTP and Web mail content and attachment (Gmail, Yahoo, etc.), BBS posts (Facebook, Twitter), etc.

Application flow, user behavior counts, online duration per user & per application, virus and security, keywords, etc.

Report Objects

Notify end user for online time of specific application and the flow speed of specific application.

Centralized Management Unified the configuration and policy for multiple devices, remote control and monitor running status.

LAN+WLAN Management Set special control policy for mobile user based on user & location. Suitable for BYOD o�ce environment.

Proxy Functions Support explicit Proxy, including HTTP/HTTPS two-level Proxy, Sock4/Sock5 Proxy, Forwarding Proxy function and support ICAP protocol.

Stability Hardware bypass ,A/A,A/P

Integrity Support SNMP.

Proxy Service HTTP Proxy / SOCKS4 / SOCKS5 / PAC SCRIPT.

Policies Enables customers controller proxy data security.

ICAP Serve the customers in financial field to achieve data disclosure prevention purpose.

IPv6- Support deployment in IPv6 environment. - Support monitoring of IPv6 tra�c.

Security modules - Built-in Firewall & IPsec VPN.

Deployment Route, Bridge, Double Bridge, Bypass, Single-arm.

Endpoint security compliance

Operation system, process, registry, scheduled task, etc.

Audit-Free Key Prevents access audits and control for users that assigned with audit-free keys.

Hierarchical Administration Functionality of di�erent modules can be assigned to di�erent administrators as needed, via a hierarchical management paradigm. Administration of di�erent functions and modules can be delegated to di�erent administrative groups.

Flow/Duration Control Daily/Monthly flow quota per user. Daily online duration quota per user with exception case based on specific application. Concurrent session quota per user.

Tailored reports of overall network analysis and risk management for CIO.

IAM Product Features

Simplify & Visualize User Management

10Company Introduction

Awards & Achievements

Our Notable Clients

Sangfor Technologies is the leading and the most innovative vendor of

network solutions in Asia. It is specialized in Virtualization, Network Security

& Optimization with products including but not limited to: Virtual Desktop,

Next Generation Firewall, Web Application Firewall, Internet Access

Management, WAN Optimization, SSL & IPSec VPN and so on.

Through constant innovation, Sangfor always strives to create value for

our customers by helping them achieve sustainable growth. We take

customers’ business needs and user experience very seriously, placing

them at the heart of our corporate strategy.

Established in 2000, Sangfor now has more than 55 branch o�ces in China and overseas (US, UK, Hong Kong, Malaysia, Thailand,

Indonesia and Singapore). Sangfor currently has 2,800+ employees, with 40% of them dedicated to R&D. Furthermore, each year at least

20% of Sangfor’s revenue will be put into R&D to improve current products as well as develop new solutions for our customers.

Sangfor Technologies

- “Technology Fast 500 Asia Pacific Region” Award for 8 consecutive years from 2005 to 2012 by Deloitte.

- “Best Companies to Work for in China” Award from 2009 to 2011 by the Fortune Magazine.

- “Best Practice Award in Asia-Pacific Region” in 2010 by Frost & Sullivan.

- “Management Action Award” in 2012 by Harvard Business Review.

- Sangfor SSL VPN no. 1 in Network Security market in China, Hong Kong & Taiwan according to F&S.

- No. 1 for Secure Content Management Hardware and VPN Hardware segment in China according to IDC.

- Sangfor IAM listed for 5 consecutive years in the Gartner MQ for Secure Web Gateways (2011- 2015).

- Sangfor WANO listed for 3 consecutive years in the Gartner MQ for WAN Optimization (2013-2015).

- Sangfor NGAF listed in the Enterprise Network Firewalls MQ by Gartner (2015).

- Reviewed by NSS Labs with a “Recommended” rating in 2014 for SANGFOR NGAF (WAF test).

- ICSA Labs certification for SANGFOR Next Generation Firewall in April 2016.

SANGFOR INTERNET ACCESS MANAGEMENT

SANGFOR HEADQUARTERS

Block A1, Nanshan iPark, No.1001 Xueyuan Road,

Nanshan District, Shenzhen, Guangdong Province,

P. R. China

SANGFOR HONG KONG

Unit 1109, 11/F, Tower A, Mandarin Plaza, 14 Science

Museum Road, Tsim Sha Tsui East, Kowloon, Hong Kong

Tel: (+852) 3427 9160

Fax: (+852) 3427 9910

SANGFOR SINGAPORE

8 Burn Road # 04-09, Trivex,

Singapore (369977)

Tel: (+65) 6276 9133

SANGFOR INDONESIA

World Trade Centre, WTC 5, 6th Floor,

Jl.Jend .Sudirman Kav.29

Jakarta 12920, Indonesia.

Tel: (+62) 21 2933 2643

Fax: (+62) 21 2933 2643

SANGFOR MALAYSIA

No. 47-10 The Boulevard O�ces, Mid Valley City, Lingkaran

Syed Putra, 59200 Kuala Lumpur, Malaysia

Tel: (+60) 3 2201 0192

Fax: (+60) 3 2282 1206

SANGFOR THAILAND

6th Floor, 518/5 Maneeya Center Building, Ploenchit Road,

Lumpini, Patumwan, Bangkok, 10330 Thailand

Tel: (+66) 22517700

Fax: (+66) 22517700

SANGFOR USA

2901 Tasman Drive, Suite 107, Santa Clara, California, USA

Tel: (+1) 408 520 7898

Fax: (+1) 408 520 7898

SANGFOR EMEA

Unit 1, The Antler Complex, 1 Bruntcli�e Way, Morley,

Leeds LS27 0JG, United Kingdom

Tel: (+44) 0845 533 2371

Fax: (+44) 0845 533 2059

AVAILABLE SOLUTIONS

IAM Simplify & Visualize User Management

WANO Your Best Choice of WAN Optimization

NGAF Your Security Guard to the Future

HCI Hyper-Converged Infrastructure

Sales : sales@sangfor.com

Marketing : marketing@sangfor.com

Global Service Center : +60 12711 7129 (or 7511)

Our Social Networks :

Copyright © 2016 Sangfor Technologies. All Rights Reserved.

IAM_BR_P_IAM-Brochure_20160920

www.sangfor.com

https://www.facebook.com/Sangfor

https://www.linkedin.com/company/sangfor-technologies

https://twitter.com/SANGFOR

https://plus.google.com/+SangforTechnologies

http://www.youtube.com/user/SangforTechnologies