An introduction to Unified Threat Management (UTM), for Dummies
Unified Threat Management (UTM)...
Transcript of Unified Threat Management (UTM)...
Multi-Homing Gateway SeriesNusoft.Internet Security Fighter
Despite e-commerce's worldwide potential, it brings alongwith itself various nuisances and security risks such as spam,viruses, Trojans, hacker attacks, etc.
Accordingly, Nusoft presents you with UTM-5000, the ultimatesolution to spammers, viruses, network security and managementconcerns. Its multi-layered spam filtering and trainingmechanisms help enterprises filter out unwanted emails,merely keep the essential ones. As for malicious code such as
Product Features
Full IPv6 Compatibility
High Spam-Filtering Accuracy
Dual Virus-Scanning Engines
Proactive Intrusion Detection and Prevention (IDP)
Email Auditing and Archiving
Comprehensive Mail Reports
Internet-Based Application Blocking
Custom Network Interfaces and Groups
The device is completely compatible with the mainstream
The spam filtering can reach 99% accuracy using spam training and multiple filtering mechanisms such as Fingerprint, Bayesian, Global/Personal Rule, Grey-/Black-/Whitelist,etc. Without IT administrator's intervention, recipientsmay decide whether to retrieve quarantined mail through the Mail Notice generated by UTM-5000, greatly reducingthe network management load.
The inbuilt virus-scanning engines (ClamAV and Sophos) protect your network from over fifty thousand kinds of viruses, Trojans, spyware, phishing frauds, etc. In addition,the virus signatures are free of charge and have no user number limit, offering you the most up-to-date protectionat a minimum ownership cost.
Internet protocol of the future -- IPv6. There is no budgetrequired for implementing another IPv6-based gatewaysimply for IPv4-to-IPv6 address translation.
Up to twelve network interfaces are available for definingas LAN, WAN, DMZ or network groups (isolated from oneanother). Thus, UTM-5000 can serve as an internal firewallphysically separating each subnet with its grouping feature,which gives an extra layer of protection to your internal network and efficaciously prevents viruses or worms fromspreading over the network.
The IDP focuses on OSI layers 4 to 7 in inspecting for Internet attacks. In addition to blocking network-based security threats (updated every 30 minutes;self-definedsignatures supported), the IT administrator will beinstantly notified and presented with comprehensive reports for diagnosis upon occurrence of an attack.
To prevent the leakage of sensitive information assets,
IT administrators are provided with detailed logs andintuitively interpretable statistics for analyzing email handling, such as the results of spam filtering and virusscanning.
The use of instant messaging (both login and file transfer),peer-to-peer sharing, multimedia streaming, web-basedmail service, online gaming, VPN tunneling, remotecontrolling, etc. now can be effortlessly regulated by themeans of application blocking.
the IT administrator may set up audit rules for auditingemails prior to their delivery. Apart from that, enterpriseemails can be archived for legal investigation and accessedfrom anywhere at anytime.
Nusoft.Internet Security Fighter UTM Series
Unified Threat Management (UTM)
UTM-5000
1
Trojans, worms and viruses, all can be effectively kept out of the enterprise's network using its inbuilt dual anti-virus engines(ClamAV and Sophos) along with IDP system and Web application firewall (WAF), leaving hackers no chance and eliminatingsecurity threats once for all.
Moreover, it also has features like SPI firewall, Web filtering, load balancing, QoS, email auditing and archiving, applicationblocking, IM blocking and total VPN solution built into it, greatly facilitating network management. Better yet, all signaturesare free of charge and have no user number limit, which drastically lowers down your ownership cost.
In- / Outbound Load Balancing & PBR
Quality of Service (QoS) / Individual QoS
The device can load-balance outbound traffic evenly acrossWAN ports based on various load-balancing algorithms. It efficaciously makes the most of your bandwidth and ensuresyou with a reliable connection.
The QoS mechanisms allow IT administrators to base the bandwidth allocation on company's network policy,preventing bandwidth being exhausted by minorities.
Its policy-based routing (PBR) mechanism allows the IT administrator to assign specific WAN port for a specificpurpose (or traffic).
Besides outbound load balancing, it is also capable of inboundload balancing, which helps mitigate webpage requestsdirected at your Web server by distributing them acrossmultiple WAN connections, guaranteeing uninterrupted e-commerce.
Multi-Homing Gateway SeriesNusoft.Internet Security FighterNusoft.Internet Security Fighter
IM Recording
Web Application Firewall (WAF)
A Total VPN Solution
Conve rsations conducted in popular IM clients: MSN, Yahoo!,Skype, etc. can be faithfully recorded. Supervisors may effectively stop IM used for recreational purposes.
UTM- 5000 offers standards compliance such as PCI DSS and HIPAA by the support of Web 2.0 technologies, various server types (Apache, Java, IIS, etc. ) and multiple scripting languages(Perl, Python, TCL, PHP, etc.). It not only provides protection against Web applicat ion attacks, but also has detai led report ing for diagnosis.
Most third party firewall products lack advanced VPNconnection management and therefore result in security risks. In comparison, UTM-5000 secures highly confidential business informat ion carried over the VPN with IDP and virus detection and provides advanced management such as QoS and authentication.
Web Filtering Mechanism
The Web Filter employs a cloud-based URL database thathas eight categories namely Anti-Social and Illegal, Pornographic and Abusive, Gaming and Gambling, Societyand Commerce, Communication and Technology, Leisure,Information and Education, Other, and up to sixty-foursubcategories. Web access now can be easily managed by specifying simply the category instead of the URL,keyword, etc.
In addition to that, IT administrators are also allowed torestrict file transfers, MIME types and browser scripts,and provided with detailed logs and statistics for diagnosis.
UTM Series
2
Deployment
Multi-Homing Gateway
VPN Firewall
Bandwidth Manager
Anti-Spam Server
Viruswall
LAN Mail Server LAN Mail Server
Traditional Network Infrastructure All-in-One Integrated Network Infrastructure
ISP ISP ISP ISPISP ISP ISP ISP
UTM-5000
UTM -5000’s VPN trunking capability ensures failover andbandwi dth aggregation to IPSec and PPTP tunnels, greatlyincreasing the connection speed and stability. In addition,it adopt s hardwar e information (rather than logi n information)to authenticate an SSL VP N user. Re mo te users are nowoffered wi th fast and easy SSL VPN access wi thout the needfor compl ex configurations. Bes ides tha t, VN C connectivi ty,Wake-On-LAN capabi lity and more are made avai lablethroug h its SSL appl ication supp ort.
Multi-Homing Gateway SeriesNusoft.Internet Security FighterNusoft.Internet Security Fighter
3
UTM Series
VPNInternet
60
最高
限速
IPv6IPv4
LAN 2
18
Product HighlightsHighlights Benefits Third-Party Products
Full IPv6 compatibility
Mail notice
LAN security
QoS management
Total VPN solution
Application blocking
Email auditing / archiving
Web category filtering
Web application firewall(WAF)
SSL application andhardware authentication
Policy-based routing (PBR)
Custom network interfacesand groups
Saves the budget for the implementation ofan IPv4-to-IPv6 gateway.
Provides an effortless operation experiencethrough a single Web-based UI.
A basic firewall with a few security featuresadded on to provide a rough protection.
No protection against packet flooding.
Lacks flexibility and adaptability in individualbandwidth management.
Equips user only with PPTP and IPSec VPN, lacking security and manageability.
Requires login information and expertise toestablish an SSL VPN connection.
Only comes in outbound PBR capability and isnot configurable at all.
No protection against Web application threats.
Neither archiving nor auditing is provided.
Less effectively filters Website access bybasic criteria such as IP, domain, keyword, etc.
Less effectively blocks the use ofInternet-based applications by port number.
Leaves recipients unaware of quarantinedmessages and requires IT administrator'sintervention to retrieve them.
Adds flexibility to bandwidth management byQoS and P2P bandwidth limits.
Allows in- / outbound traffic to be load balancedbased on network polices.
Restrains the use of Internet-basedapplications such IM client, P2P software, etc.
Archives emails for long-term storage and haltthem for policy inspection prior to delivery.
Effortlessly regulates Website access by eightcategories and sixty-four subcategories.
Protects Web applications from attacks such asCross-Site Scripting (XSS), SQL Injection, etc.
Securely tunnels your private connectionsusing PPTP/IPSec/SSL VPN along withtrunking capability and policy-basedmanagement.
Establishes SSL VPN connections without theneed for login information due to its hardwareauthentication; VNC connectivity and Wake-On-LAN capability are made available throughits SSL application support.
Secures your LAN network with anomaly flow
detection and co-defensive switch system.
Notifies recipients of quarantined messagesand enables them to retrieve those emails bythemselves.
Enables you to define networks as needed andoffers a physical internal firewall due to itsgrouping feature.
Either incompatible or with limited support.
Either fixed to factory default or incapable ofload balancing.
IPv4/ IPv6Compatibility
Anti-Virus
WAF AAA Server QoS Co-Defense SystemAnomaly TrafficDetection
Application Blocking
Anti-Spam Email Auditing Email Archiving IM Recording Web Filtering
SPI Firewall Total VPN Solution Multi-WANLoad Balancing
IDPUser-DefinableNetworks
LIMITSPEED
1 Mbit/sec
Integrated policyconfiguration
Multi-Homing Gateway SeriesNusoft.Internet Security FighterNusoft.Internet Security Fighter
4
UTM Series
Hardware Specifications
Product Features
Performance Statistics
Model Name
Port DensityNetworking
User-Definable
Hard Disk Capacity
Power Redundancy
Form Factor
IPv6 Compatibility
EmailSecurity
Interface Grouping
SPI / Internal Firewall
Viruswall
IDP
Web Filtering
QoS / Individual QoS
Application Blocking
VLAN / VLAN Trunking
AAA Server
High Availability
IM Recording
Web App Firewall (WAF)
Daily Email Throughput (1KB/MSG)
CPU Consumption (The lower, the better.)
Max. Concurrent Sessions
VPN
Throughput
CPU Cores / Threads
IDP
Anti-Virus
Firewall
VPN Trunking
IPSec / PPTP VPN
SSL Web VPN
SSL Application
In- / Outbound Load Balancing
Anti-Spam
Anti-Virus
Email Archiving / Auditing
Mail Notice
UTM-950 UTM-1000 UTM-1500 UTM-2000 UTM-3000 UTM-5000
7 GbE (RJ45) 12 GbE(RJ45/Mini-GBIC)
12 GbE(RJ45/Mini-GBIC)6 GbE (RJ45)4 GbE (RJ45)4 GbE (RJ45)
1U Rack-Mountable
1U Rack-Mountable
1U Rack-Mountable
1U Rack-Mountable
2U Rack-Mountable
2U Rack-Mountable
Limited Unlimited Unlimited Unlimited Unlimited Unlimited
500GB 500GB 500GB 500GB 1TB 2TB x 2 (RAID-1 )
X X X X
Sophos / ClamAV Sophos / ClamAV Sophos / ClamAV Sophos / ClamAV Sophos / ClamAV Sophos / ClamAV
X
X
X
X X
X
XX
1 / 1 1 / 1 2 / 2 2 / 2 8 / 8 8 / 16
1.6 Gbps 1.6 Gbps 2.5 Gbps 3.3 Gbps 3.4 Gbps 5.0 Gbps
1.5 Gbps 1.5 Gbps 2.3 Gbps 2.9 Gbps 3.1 Gbps 4.5 Gbps
0.82 Gbps 0.82 Gbps 0.86 Gbps 1.15 Gbps 1.16 Gbps 1.34 Gbps
2,000,000 2,000,000 4,000,000 5,100,000 5,200,000 6,700,000
1,000,000 1,000,000 2,000,000 2,000,000 2,000,000 4,000,000
75% 75% 40% 37% 11% 3%
Model Comparison
Nusoft CorporationTel: +886-2-8226-6789 Fax: +886-2-8226-6488Address:
http://www.nusoft.com.twSales Department : [email protected] Support: [email protected]
3F.-1, No. 880, Zhongzheng Rd., Zhonghe Dist., New Taipei City 235-86, Taiwan (R.O.C.)
User Limit