SANGFOR INTERNET ACCESS MANAGEMENT - IACC Solution€¦ · • Endpoint Control: Management of...
Transcript of SANGFOR INTERNET ACCESS MANAGEMENT - IACC Solution€¦ · • Endpoint Control: Management of...
SANGFOR INTERNETACCESS MANAGEMENT
Total Control of Your Network
Enhanced Management
Value-Added Features
Simplify & Visualize User Management
Simplify & Visualize User Management
01
Internet has become a vital platform for most businesses as more
and more business-critical applications have been deployed over
the Internet. However with great opportunities come great
challenges. Improving user experience & work e�ciency, blocking
illegal endpoints, reducing bandwidth consumption, guarding
intellectual property rights, protecting against malware and
implementing internet access compliance have become the main
challenges for IT managers, who are only seen as a cost, rather
than an investment.
Moreover, with the rise of the BYOD (Bring Your Own Device) in
work environment, superior network management tools are needed
more urgently than ever for the overburdened IT department.
SANGFOR Internet Access Management (IAM) is the ideal solution
designed to tackle enterprise network challenges which o�er
simple and visualized user management.
Simplify & Visualize User Management
SangforInternet Access Management Solution
Bandwidth Management
Tra�c Quota Support
User Management
Unified management for LAN+WLAN
Multiple Authentication Methods
IPv6 Support
URL Filtering & APP Control
Internet Tra�c Reporting
User Authentication
Block & Detect illegal Wi-Fi
Value-Added Features
Built-in Firewall & IPSec VPN Modules
Simplify & Visualize User Management
02
With SANGFOR IAM, both wire and wireless environments are brought together to
ensure the uniformity of management policies & o�er an overview of all devices
connected to the network. Through continuous market research and constant
investment in R&D, Sangfor IAM also provides strong value-added features enabling you
to use the potential of your wireless network to its maximum. This not only allow you to
better understand your user behavior or facilitate user authentication, but also help you
generate more revenue.
- URL Filtering Engine- Applications Control- Dynamic Management- Endpoint Management- Tra�c Reports- Etc
SANGFORIAM
Internet Access Management
03
Simple & Intuitive Reporting
• Advanced Report Center: Accurate Tra�c Reporting and Graphs
• Content Visibility and Auditing: Instant Messaging, Emails and Social Media
“You can't manage what you can't see” describes the challenges and risks
of a modern enterprise network which makes Report Center a critical
component for IT department to analyze network tra�cs. SANGFOR IAM is
built with an Advanced Report Center which supports various customized
reports based on tra�c statistics, queries, ranking, times and behavior of
user & user groups, helping enterprises analyze the root causes of all
network issues.
At the same time, as information and data are becoming key assets,
enterprises are paying more attention to prevent potential information
leakage and disruptive network activities. SANGFOR IAM can realize refined
content auditing for common Instant Messaging programs (such as Yahoo
Messenger, Skype, Gtalk), Emails and Social Media (Facebook, Twitter, etc.).
• Advanced Report Center
IAM Advanced Report Center records, audits and counts every single
network behavior of intranet users in graphical reports. With reports, curves
and statistics, IT managers are provided with all the detailed information
they need to know about their network, including Internet access activities,
bandwidth consumption and viewed contents. Reports are self-generated
by the device and automatically & regularly sent to an appointed e-mail
address to e�ectively assist in the network design, secure it and optimize
the usage of the bandwidth.
Simplify & Visualize User Management
The above graphics are available in the Control Panel of IAM.
Application Tra�c Ranking URL Tra�c Ranking
Internet Access Management
04
BM & User Access Management
• Bandwidth Management: Guarantee Enough Bandwidth for Critical Applications
• User Access Management: Avoid Abuse by Restricting Their Access & Devices
• Application Control: Protect Enterprises Against Unauthorized Applications
• URL Filtering: Monitor & Control Evasive Activities
• Endpoint Control: Management of Mobiles Devices & Tablets
• Illegal Wi-Fi Hotspots Detection: Block Phishing Wi-Fi to Avoid Data Leakage
In order to solve these issues, SANGFOR IAM is built with an URL & application database, which can help IT administrators
to e�ectively control users online behavior by setting specific policies. At the moment, Sangfor IAM has more than 2900+
applications in its database, including 220+ Cloud applications, 700+ Mobile applications and 300+ Web applications, with a
dedicated R&D team updating it on a regular basis.
At the same time, as the BYOD trend is becoming more and more popular, mobile devices should be also included in the
enterprise network management policy. IAM can control mobile devices by identifying and applying specific access and
control policies, according to the device OS, group and location. It unifies the management for both LAN and WLAN.
SANGFOR IAM can also detect and block illegal Wi-Fi hotspots to avoid any information leakage from your laptop,
smartphones or tablets. A wireless endpoints list will display which endpoint is using an illegal Wi-Fi hotspot and the IT team
can decide whether to block it or not.
220+ Cloud Applications
300+ WEB Applications
700+ Mobile APP
Sangfor 350+ IAM R&D Sta�
Note: Data from February 2016
04
CRM &
ERP SYSTEM1
2900 Applications
Value-Added Features
• Authentication based on SMS, Portal, Social Media and QR Code• Push Advertising based on SMS, Portal & Social Media• Billing System to Generate Revenue for Internet Usage
• Authentication & Push Advertising based on SMS
One of the most fastest way and common way to collect customers information is by collecting
their phone number. When connecting to the Wi-Fi access point, the login page will ask the
customers to insert their phone number to access the internet. Thanks to that, you can now send
advertisements to your customers through SMS or by calling them.
• Authentication & Push Advertising based on Portal
Another common solution to collect customers information is to redirect them to a customized
portal page after they successfully connected to your Wi-Fi. This portal can be customized with any
kind of information such as today’s promotions, new products or services, etc.
• Authentication & Push Advertising based on Social Media
Facebook, Line, WeChat are the fastest growing social media platforms in Asia. They can now be
used as a way to authenticate to your Wi-Fi and at the same time, increase your number of
followers. More importantly, you can push information and reach a larger number of people.
Internet Access Management
05
Simplify & Visualize User Management
Internet Access Management
06
• Authentication via QR Code
For companies receiving dozens of visitors per day, sharing the Wi-Fi password can become headache for the
sta�. With Sangfor IAM, you can create a QR code to allow your visitors to connect to the Wi-Fi simply by
opening any QR code software and scan it. With this type of authentification, there is no need to change your
Wi-Fi password every time and you can generate the QR Code according to each visitor group.
• Sangfor Billing System for Internet Usage ( Optional )
The bandwidth is a precious and expensive resource in many developed countries. So why not charge your
users according to the internet data used or time spent on internet ? After the users connected to the network,
they will be redirected to a portal where they can register & recharge their account (through customer’s own
payment system or third-party payment system such as Paypal).
Sangfor IAM will record the internet usage and time spent on the network, ensuring an accurate calculation of
the cost to charge to the user. Sangfor Billing System can be installed on any commodity servers and
seamlessly integrated with Sangfor IAM. This solution is especially useful for organizations with thousands of
users, such as schools & universities, ISP and hotels. This can generate a new source of revenue used to
operate and maintain the network, and avoid bandwidth abuse.
Portal Page
Open your QRCode Software
Scan the QR CodeGenerated by the Sta�
Login Successful Redirection to yourWebsite page
Login with your FacebookAccount
Login Successful Redirection to yourFacebook page
QR CodeReader Application
SCAN
07
SANGFOR IAM Product Family
IAM Datasheet
Profile 1U 1U 2U 2U 2U
HD Capacity 128G SSD 128G SSD
Dual Power Supplies
Power[Watt] (Typical)
25W 25W
Temperature
Relative Humidity
System Dimensions (W x L x H in mm) System Weight 3.85Kg 15.3Kg 15.3Kg
Bypass (copper)
10/100/1000Base-T
4 4 6 6 4
1G SFP
10GbE SFP+
Serial Port
USB Port 2 2 2 2 2
Compliance
1U
500GB 500GB 500GB 500GB
180W
6.65Kg
3 pairs1 pair 1 pair
6
2
4.2Kg
430x300x44.5 430x300x44.5 430x390x44.5 430x500x89 430x500x89 440x600x89
Desktop
64G SSD
22W
0℃~40℃ 0℃~40℃ 0℃~40℃ 0℃~40℃ 0℃~40℃ 0℃~40℃ 0℃~40℃ 0℃~40℃
1.7Kg
RJ45x1
2
CE,FCC, IPv6 Ready
275x175x44.5
Compliance and Certificates
5%~95% non-condensing
3
RJ45x1 RJ45x1 RJ45x1 RJ45x1 RJ45x1 RJ45x1 RJ45x1 RJ45x1
180W 212W 212W
3 pairs 3 pairs 2 pairs
YES YES YES
Network Interfaces
• Products specifications described herein are subject to change without prior notification.
M5000-AC-I-S M5100-AC-I-S M5400-AC-I M5500-AC-I M5600-AC-I M6000-AC-IModel S5000-AC-I
RecommendedConcurrent Users
100 PCs~100 Mob
100~300 600~3000 3000~6000 6000~15000300~600
50 PCs~100 Mob
• All performance values are “up to” and vary depending on the system configuration.
FW ThroughputOptions¹
80 Mbps
¹: Represents the maximum bidirectional flow (max. inbound + outbound flow).
130 Mbps 210 Mbps 1 Gbps 1.4 Gbps 2.1 Gbps3.0 Gbps5.0 Gbps
Application Layer ThroughputOptions¹
40 Mbps 80 Mbps 160 Mbps 400 Mbps 600 Mbps 1 Gbps2 Gbps4 Gbps
2U
500GB+4G CF
20.0Kg20.0Kg
4
2
440x600x89
325W
2 pairs
15000~50000
20 Gbps
10 Gbps
440x600x89
M10000-AC-I
2U
500GB+4G CF
20.0Kg
4
442
2 2
4 4
2
325W
2 pairs
50000 ~100000
40 Gbps
20 Gbps
M9000-AC-I
N/A
N/AN/A
N/A
N/A
N/A N/A
N/A N/A N/A N/A N/A N/A
N/A N/A N/A N/A YES
Power and Physical Specifications
440x600x89
0℃~40℃
Simplify & Visualize User Management
Network Interfaces
08
SANGFOR Internet Access Management (IAM) Product Features
Identify and control applications through application DB or port.
IAM Product Features
User Authentication and Management
Access Control
Illegal Wi-Fi Detection and Blocking
Bandwidth Management (BM)
IP, MAC, IP/MAC binding, hostname, USB Key, SMS, QR-Code, Portal, WeChat.Mapping and Identifying Users
- Import user accounts information using CSV file, LDAP Server.- Synchronize user with LDAP, Database and H3C CAMS Server.
User Accounts Importing
Active Directory/POP3/Proxy/Web Server, Radius, Third-party authentication device, Database Server.Integration and SSO Option
- Automatically map new user to its privileged groups in local database based on its IP range, subnet or external authentication server group.- Automatically map new users to a pre-defined privileged group as temporary accounts.
New User Management
SMS/WeChat/QR-Code/ PortalWireless Auth. Methods
Application Control
Managed by source address, destination address, keywords in email, keywords in body/title, attachment, type/size/count based control.Enhanced Email Control
Comprehensive management to IM tools such as MSN, Yahoo!, as well as encrypted IM such as Skype, Enhanced IM Control
Control HTTP, FTP upload and download activity based on true file type.File Filter
Certificate, text content based control and filter.SSL Tra�c Control
Detect the endpoint information from every IP address.Illegal Wi-Fi Detection and Blocking
Tra�c guarantee/limit policy for uplink and/or downlink base on bandwidth percentage of the pipe, max bandwidth per user, user/application priority, exclusion policy. BM Policy
Application type, website type, file type, user, schedule, destination IP, etc. BM Objects
Manage and control to each physical line independently and e�ectively bridge mode.Virtual Line
Provide link load balancing in router mode. Multiplexing and
Intelligent Routing
Match the organizational structure to achieve finegrained bandwidth management.Multi-level SON Channel
- “Bandwidth Borrowing” among BM tunnel for full bandwidth utilization.Specify a network flow thresholds as e�ective points of BM policy. - BM based on public IP (oversea).- Average allocation/free competition among users in a single tra�c pipe.
Dynamic Bandwidth Management
Allocate bandwidth resource according to business type & guarantee bandwidth for core business applications and restrict irrelevant tra�c.
BandwidthGuarantee & Limitation
Managed by keywords.Search Engine Control
- Leverage on-the-cloud infrastructure, dynamically categorizes millions URLs into the predefine categories.- Support configurable in-box cache footprint.
Tra�c Identification and Categorization
Sangfor URL Database
- By extension name
- By file type (data pattern) File Type Identification
Application Database Independent Internet application signatures database.
Identify P2P/Proxy tools/VOIP/SSL tra�c intelligently through dynamic flow characteristics analysis. Intelligent Identification Rules
URL DB, keyword in web-page based control.URL Filter
Public (Share user login)/ Private (Single user login) account option.Account Attribution
09
Report Center
Control Tools for Manageability
Network & Deployment
Proxy
Real-time monitor of CPU/hard disk/tra�c/connection/session status, online user information, tra�c ranking, connection ranking, real-time utilization, visibility of bandwidth channels. Real-Time Report
Content Log
Employee turnover trend, disclosure, work e�ciency, security risks and other risk reports. Customizable Risk Report
CIO Report
Used for clear evaluation of the overall network quality. Users with poor web access quality can be listed down.
Web-Access ConnectionQuality Report
CSV, PDF. Report Format
Built-in internal report center and optional external report center. Report Center Storage
- Option to protect the report center by using external authentication key for additional security.- “Google Like” search engine GUI for external report center.- Email subscription.
External Reports Storage Security
Notification (Reminder)
Graphical Reports Counts, ranking, comparison, trends analysis with statistics, pie, bar, line chart, etc.
Content log including IM chat (Gtalk, Skype, QQ, MSN, Yahoo! Messenger, etc.), SMTP and Web mail content and attachment (Gmail, Yahoo, etc.), BBS posts (Facebook, Twitter), etc.
Application flow, user behavior counts, online duration per user & per application, virus and security, keywords, etc.
Report Objects
Notify end user for online time of specific application and the flow speed of specific application.
Centralized Management Unified the configuration and policy for multiple devices, remote control and monitor running status.
LAN+WLAN Management Set special control policy for mobile user based on user & location. Suitable for BYOD o�ce environment.
Proxy Functions Support explicit Proxy, including HTTP/HTTPS two-level Proxy, Sock4/Sock5 Proxy, Forwarding Proxy function and support ICAP protocol.
Stability Hardware bypass ,A/A,A/P
Integrity Support SNMP.
Proxy Service HTTP Proxy / SOCKS4 / SOCKS5 / PAC SCRIPT.
Policies Enables customers controller proxy data security.
ICAP Serve the customers in financial field to achieve data disclosure prevention purpose.
IPv6- Support deployment in IPv6 environment. - Support monitoring of IPv6 tra�c.
Security modules - Built-in Firewall & IPsec VPN.
Deployment Route, Bridge, Double Bridge, Bypass, Single-arm.
Endpoint security compliance
Operation system, process, registry, scheduled task, etc.
Audit-Free Key Prevents access audits and control for users that assigned with audit-free keys.
Hierarchical Administration Functionality of di�erent modules can be assigned to di�erent administrators as needed, via a hierarchical management paradigm. Administration of di�erent functions and modules can be delegated to di�erent administrative groups.
Flow/Duration Control Daily/Monthly flow quota per user. Daily online duration quota per user with exception case based on specific application. Concurrent session quota per user.
Tailored reports of overall network analysis and risk management for CIO.
IAM Product Features
Simplify & Visualize User Management
10Company Introduction
Awards & Achievements
Our Notable Clients
Sangfor Technologies is the leading and the most innovative vendor of
network solutions in Asia. It is specialized in Virtualization, Network Security
& Optimization with products including but not limited to: Virtual Desktop,
Next Generation Firewall, Web Application Firewall, Internet Access
Management, WAN Optimization, SSL & IPSec VPN and so on.
Through constant innovation, Sangfor always strives to create value for
our customers by helping them achieve sustainable growth. We take
customers’ business needs and user experience very seriously, placing
them at the heart of our corporate strategy.
Established in 2000, Sangfor now has more than 55 branch o�ces in China and overseas (US, UK, Hong Kong, Malaysia, Thailand,
Indonesia and Singapore). Sangfor currently has 2,800+ employees, with 40% of them dedicated to R&D. Furthermore, each year at least
20% of Sangfor’s revenue will be put into R&D to improve current products as well as develop new solutions for our customers.
Sangfor Technologies
- “Technology Fast 500 Asia Pacific Region” Award for 8 consecutive years from 2005 to 2012 by Deloitte.
- “Best Companies to Work for in China” Award from 2009 to 2011 by the Fortune Magazine.
- “Best Practice Award in Asia-Pacific Region” in 2010 by Frost & Sullivan.
- “Management Action Award” in 2012 by Harvard Business Review.
- Sangfor SSL VPN no. 1 in Network Security market in China, Hong Kong & Taiwan according to F&S.
- No. 1 for Secure Content Management Hardware and VPN Hardware segment in China according to IDC.
- Sangfor IAM listed for 5 consecutive years in the Gartner MQ for Secure Web Gateways (2011- 2015).
- Sangfor WANO listed for 3 consecutive years in the Gartner MQ for WAN Optimization (2013-2015).
- Sangfor NGAF listed in the Enterprise Network Firewalls MQ by Gartner (2015).
- Reviewed by NSS Labs with a “Recommended” rating in 2014 for SANGFOR NGAF (WAF test).
- ICSA Labs certification for SANGFOR Next Generation Firewall in April 2016.
SANGFOR INTERNET ACCESS MANAGEMENT
SANGFOR HEADQUARTERS
Block A1, Nanshan iPark, No.1001 Xueyuan Road,
Nanshan District, Shenzhen, Guangdong Province,
P. R. China
SANGFOR HONG KONG
Unit 1109, 11/F, Tower A, Mandarin Plaza, 14 Science
Museum Road, Tsim Sha Tsui East, Kowloon, Hong Kong
Tel: (+852) 3427 9160
Fax: (+852) 3427 9910
SANGFOR SINGAPORE
8 Burn Road # 04-09, Trivex,
Singapore (369977)
Tel: (+65) 6276 9133
SANGFOR INDONESIA
World Trade Centre, WTC 5, 6th Floor,
Jl.Jend .Sudirman Kav.29
Jakarta 12920, Indonesia.
Tel: (+62) 21 2933 2643
Fax: (+62) 21 2933 2643
SANGFOR MALAYSIA
No. 47-10 The Boulevard O�ces, Mid Valley City, Lingkaran
Syed Putra, 59200 Kuala Lumpur, Malaysia
Tel: (+60) 3 2201 0192
Fax: (+60) 3 2282 1206
SANGFOR THAILAND
6th Floor, 518/5 Maneeya Center Building, Ploenchit Road,
Lumpini, Patumwan, Bangkok, 10330 Thailand
Tel: (+66) 22517700
Fax: (+66) 22517700
SANGFOR USA
2901 Tasman Drive, Suite 107, Santa Clara, California, USA
Tel: (+1) 408 520 7898
Fax: (+1) 408 520 7898
SANGFOR EMEA
Unit 1, The Antler Complex, 1 Bruntcli�e Way, Morley,
Leeds LS27 0JG, United Kingdom
Tel: (+44) 0845 533 2371
Fax: (+44) 0845 533 2059
AVAILABLE SOLUTIONS
IAM Simplify & Visualize User Management
WANO Your Best Choice of WAN Optimization
NGAF Your Security Guard to the Future
HCI Hyper-Converged Infrastructure
Sales : [email protected]
Marketing : [email protected]
Global Service Center : +60 12711 7129 (or 7511)
Our Social Networks :
Copyright © 2016 Sangfor Technologies. All Rights Reserved.
IAM_BR_P_IAM-Brochure_20160920
www.sangfor.com
https://www.facebook.com/Sangfor
https://www.linkedin.com/company/sangfor-technologies
https://twitter.com/SANGFOR
https://plus.google.com/+SangforTechnologies
http://www.youtube.com/user/SangforTechnologies