Search By Category
Search By Keyword
High-order functional
Product Name
1U 14P IDP UTM
Model
NTS 5572FR
Introduction
Maximum number of connections: 4,000,000 | Maximum processing speed: 8Gbps | VPN performance: 1,600Mbps | Antivirus performance: 800Mbps | Email scans / day: 5,000,000
 
IDS / IPS / UTM / FW  
14 PORT | 1 WAN / 1 LAN / 12 Definable PORT | 10 All Giga Port (10/100/1,000M) / 4 Port GBIC slot (1G or 10G GBIC sold separately)
Supports IPV4 / IPV6 | Support 3G / 4G / LTE USB mobile wireless network card
SPI firewall / load balancing / intrusion detection defense / mail filtering / (IPSEC PPTP L2TP VPN) (SSL VPN supports Android 4.0 and above systems) BotNet / Collaborative Defense / Periodically generate various types of report modules / CMS Central Management System
SATA HDD: 500GB | LCD usage status module
Kaspersky anti-virus engine (optional)
 
Product Specification

NTS 5572FR Features
NTS 5572FR multifunction Unified Threat Control equipment, in addition to the general market firewall (Firewall) function, plus IDP Intrusion Detection and Prevention, bandwidth management, load balancing, content filtering, virtual private channel (IPSec, L2TP, PPTP VPN), (WEB / SSL VPN) and many other features. Even the content of instant messaging, FTP, MAIL, web pages transmitted, can complete all skimming, NTS 5572FR for different sizes of small and medium enterprises, SMEs can meet a demand for network security defenses to help SMEs in the first line of the web immediate threats to intercept the same time, allow the web to maintain stunning excellent performance.
   
Built complete SPI firewall mechanism to protect corporate network security
NTS 5572FR built-in SPI technology, proactively block, blocking hackers, whether DOS, DDOS, UDP Flood and other attacks can be blocked even can withstand winds viruses, ensure that the internal users secure.
   
Stateful inspection packet filtering technology
NTS 5572FR main filtering technology is state detection (Stateful Inspection), in addition to its traditional third layer firewall (using the source / destination IP address or Port) and out of control packets, but also increase the packet was state control, for example, the packet is in the initial set-up phase or data transfer phase, the operating mode is similar to the state of the packet filter firewall, but using a more sophisticated access control packet calculation.
   
Object Management Technology
For added convenience NTS management, HERHSIANG extensive use of the concept of object, any TCP / IP on the control project can be defined as an object in advance, after the definition of each object, with the operating regulations, so in line with the object allows network packets or refusal by NTS 5572FR, reduce the complexity of managing the NTS.
   
Bridge, NAT mixed mode
Build network infrastructure has been in progress to change, if the customer's network environment because of lack of the original building, for example, had only a simple IP router provides Internet access, after a period of time, resulting in safety concerns or because on the net road application content changes, need to make up the missing features, NTS 5572FR can take DMZ interface bridge (bridge) mode, with rich functionality provided NTS 5572FR, the web world meet changing security requirements, the bridge (bridge) mode ensures that the user's environment, not because you want to improve the level of security and undermine the integrity of the existing networks.
   
Inbound / Outbound Load Balancing line
For users with more than two lines, NTS 5572FR can provide load balancing mechanism outside the line, after which a line break, all network packets are automatically turned to another normal line to ensure the smooth flow of the internal user network , when the line returns, will automatically assign packets.
   
Custom web interface
Managers may need to define themselves in accordance with the internal interface address outside the company, which WAN2 / WAN3 / WAN4 choose LAN2 LAN3 LAN4 NAT modes and WAN, DMZ interface can even choose NAT / pass-through bridge (Transparent Bridging), through the passage (TransparentRouting) / WAN5 four models, even if the network interface is defined NTS still supports Out / In Bound load balancing when multiple WAN Port.
   
IP V4 / V6 dual technology
IP V4 address shortage, IP V6 era coming sooner or later, so HERHSIANG when developing the next generation of NTS has been this trend will integrate with a network interface regardless of whether it is defined as WAN or LAN, can bind simultaneously V4 or V6 IP address, so whether it is in a pure environment V4, V4 / V6 hybrid, pure V6 environment, NTS same combination.
   
IDP Intrusion Detection and Prevention
IDP it checks correspond to the first 4-7 layers of the OSI model content, whether malicious attack program, virus, hidden in the communication protocol of TCP / IP, and after using the detailed content inspection, the signature will be eligible marked, but found a way to instantly stop the packet, so that these malicious packets through the firewall undetected.
   
Cooperative defense mechanism

Cooperative defense belongs NTS advanced protection through IP anomaly analysis, switches (Switch), real-time status monitoring division inside the machine when the internal network to issue a large number of abnormal packets, blocking the transmission of these packets, and assist network management personnel as soon as possible to remove the unusual state, can know in the first time the event occurred which computer on which a switch PORT, avoid corporate network paralyzed. HERHSIANG NTS co-defense mechanism, without changing the network architecture does not require the more expensive dedicated Switch (with Layer 2 network switch), without adding any additional detection device, without changing the habits of each user's network, make network management easier operation and intuitive.

 

BotNet synergistic defense mechanisms
HERHSIANG NTS 5572FR combines BotNet function, both because of their own NAT function, when users use the internal mail server to send spam mail or directly outside, NTS with BotNet detection devices can be clear that what Taiwan is the real source of the attack, but also have a way to network packets directly hazardous blockade. In case, NTS's BotNet barrier after the incident, specific computer continued external attacks, to ensure NTS's CPU resources are not wasted on the same thing, the manager can enable collaborative BotNet defense mechanism, there will be problems of computer switch Port directly off (with co-defensive switch SGI-2404), NTS not only save resources, but also ensure that the internal network can not be sustained harm the zombie virus.
   
IP / MAC / Port interlock
In some relatively high sensitivity of the network environment, such as the military, government agencies, research institutions, etc., do not want users to replace any physical location Switch to the following user A (IP: 192.168.168.168, MAC: 00: 11: 22: AA: BB: CC) as an example, it can be targeted by NTS in Switch 3Port first hole, if he changed to any Switch of different holes, the device will not work.

   
CMS Central Management System
Want to manage dispersed around the firewall or NTS device, network managers rely on (MIS) mind, or purchase expensive computer memory network management software, NTS 5572FR you need remote device management software built-in, You only need to use one of the company or HSecurity + NTS device without additional software and DDNS, familiar management interface that lets you get more than one.

  
Powerful NAT, PAT
IPV4 address in the foreseeable few years will be all exhausted, so NAT function in the current network environment, everywhere, NTS provides a wealth of NAT function, whether it is 1: 1 address mapping, 1: N bits address translation, or inside out PAT, to apply the regulations to take effect immediately after.
   
A variety of Multi-Subnet
Traditionally, the bigger the network architecture will configure Layer 3 switches, then you can network packet great responsibility to handle the switch, but sort of network architecture, you can use Multi-Subnet to help. The NTS 5572FR's LAN or DMZ network interface can be thought of as bound to different subnetwork L3 switches, and all network packets are exchanged via NTS 5572FR route, so that regardless of how the growth of the enterprise network , and when necessary, add a sub-network, to meet the growing demand of the time.
   
DNS server
NTS built-in DNS server, the annoying A RECORD, MX and other settings, all to the internal DNS servers, DNS can not only name resolution support IPV4, IPV6 also be part of even a good job, more advanced part can do the same domain name and different IP addresses respond InBound load balancing.
   
Content Filtering
Provides Web Filter (Web filtering) function can block access to inappropriate web working end (such as pornography, violence) and offensive pages (such as hackers, viruses), built-in classification database, and can set up filters to block inappropriate website.
   
Connection and control of SSL VPN (support Android 4.0 above systems)
SSL VPN with a Regulatory functions for remote users, the controls have two directions, one is to enter the internal network, and the other is through the VPN Server Internet (you can choose to enable or turn off this feature), which 2 control can control the direction of the distal end user bandwidth, communication services and time.
To connect to a destination within the network to obtain the encrypted information to be available on Google Play 2.1.8 support the Company's website or download SSLVPN APP program, installed in smart phones or tablet after setting.

  
IPSec / L2TP / PPTP VPN connection and control (V2.2.0 IPSEC support recovery function)
IPSec / L2TP software NTS 5572FR used, in full compliance with IPSec standard definition, ensure equipment interoperability with other IPSec support agreements. PPTP VPN RFC follow the relevant standards, support MS-CHAP and MS-CHAP V2 identity authentication and MPPE encryption algorithm. For all access to the interior or from the interior through the distal end of the VPN tunnel to the VPN all packets, using the unique mechanism of regulations, management packets in and out of time, bandwidth, communication services, this mechanism will not ensure that the internal remote VPN connection, network virus infection or occupy all of the bandwidth.



  
Anti-virus mechanisms HTTP, FTP, MAIL's
Built-in firewall free ClamAV antivirus engine, automatic daily virus updates from the Internet, available to different network services you use, so as to improve network performance and security.
   
App Control
NTS 5572FR using packet technology characteristic values, the kind of recognition software and put it appropriate classification, including [P2P] software, instant messaging software [], [] WEB applications, entertainment software [], [] other five major categories may be required for the project to make regulatory control objectives, apply the regulations, you can open or structured control specific apps.
   
Spam filtering
The proliferation of spam, so that all people are suffering, NTS 5572FR provide excellent protection mechanism to ensure that the user's mail clean, in addition to traditional spam eigenvalues, Bayesian filtering method, and more on the type of diagram for spam special judge mechanisms to increase the accuracy of the determination, the audit function for all incoming and outgoing letters do audits, perform quarantine / delete / IP block / copy to the other activities.
   
Smart QoS, bandwidth management than you can imagine
Bandwidth is for those who need to use, based on this principle, start [after] Smart QoS, NTS 5572FR will automatically check the remaining bandwidth, and assign it to those who are currently being used.
   
Mail gateway function (Gateway)
After NTS 5572FR can be as mail filtering gateway that lets mail server virus and spam filtering End, just a clean mail to your existing mail server.
   
Detailed records WEB, FTP, SKYPE, MSN, Mail Content
NTS 5572FR built-in recorder function, skimming WEB, FTP file transfer, SKYPE and QQ conversations, MSN conversations and file transfer, IM (Yahoo, ICQ, IRC, Gadu, Jabber) and delivery of incoming mail, etc. recorded with the regulations of use, automatic backup of all user-specific data to and from.
   
Traffic Analysis
Whether internal user computer switch status, real-time display of network traffic, protocol distribution and flow charts, all the traditional NTS does not.
   
Internet authentication system
Built-in Internet authentication system may require the user through the required certification before being online. In addition to the machine account password provided in POP3 integrated enterprise, WINDOWS AD authentication server unified management account.
    
HA stateful redundancy mechanism
NTS 5572FR in Duplex redundancy mode, take the host (Master) and backup machine (Standby) backup with each other, that would normally host-priority gateway device, but a problem with the host Master, Standby backup host automatically adjusting the internal configuration of the host and replace functions, to maintain internal / external networks continue to operate the line, to avoid missing opportunities.
Network management personnel can also get instant messaging new host, to do repair and maintenance work on the original failed host to enable it to resume operations as soon as possible to protect the network sustainable open. The device can also double to extend the life of the machine via recycling.
   
With remote management capabilities, easy installation simple operation
Use the Web to set and update the firmware, the operation screen can always switch to Traditional Chinese / Simplified Chinese / English.
Built on a regular basis to generate various types of reports module
Safety factor
NTS 5572FR reporting system for "Top management" to provide assessment standard safety factor, to each NTS message notification settings weighted scores, all the scores are added up, is the safety factor.
Because everyone finds a safety factor is not the same, some people think HA handover is a serious event, when the HA can switch the weight increase, the reaction

Each person will only look at the report concerned responsible for their own projects, so NTS 5572FR in the design, this concept to the extreme.
In the design concept, the manager made a common model to everyone, and you can customize your own unique template for each recipient.
Available in 12 reporting structure, managers can give specific report to view a specific person.

Numbers on the safety factor will be larger. The safety factor is a relative value, not an absolute value.


Definition of UTM

IDC's definition of UTM security hardware devices is: It includes multiple security functions integrated into a single hardware device, which must include network firewalls, network intrusion detection and defense, and gateway antivirus. It is not necessary to use all the functions on this device, but it must be built in, and individual components cannot be cut.

In order to test these devices, NSS Group more clearly defines UTM devices as a single device combination of firewall, VPN, IDS / IPS, anti-virus, anti-spam, URL filtering, content filtering and other functions. The detailed definitions are as follows:

* Firewall: Deployed at the network boundary, a strong stateful NAT firewall is required.

* VPN: It is often deployed in corporate WAN as a branch network solution, and basically needs to be able to establish a small number of secure VPN tunnels.

* IDS / IPS: The firewall can only enforce policies. If the policy allows inbound HTTP traffic to the web server in the DMZ zone, the firewall cannot prevent hackers from damaging the target web server from the HTTP protocol. The IPS function will detect and block intrusions that attempt to use network boundaries to prevent malicious network traffic from reaching the server. The IDS function can detect intrusions and issue alerts, but it cannot block malicious traffic.

* Anti-virus: Gateway anti-virus filtering can prevent inbound virus traffic at the network boundary, strengthen computer desktop security, and block them before they reach the desktop. The solution can also prevent internal computers from being infected by viruses from outside the corporate network. .

* Anti-Spam: Gateway Anti-Spam can mark incoming emails and allow further processing by computer-filtered solutions. The solution prevents internal hosts from sending spam to outside the enterprise.

* URL filtering: Using a constantly updated database of URL classifications, a gateway URL filtering solution prevents employees from accessing unpleasant or inappropriate websites from the corporate network.

 

* Content filtering: Scans specific content of web pages and email traffic. Gateway content filtering solutions can prevent unpleasant or inappropriate content from passing through or being sent out by corporate networks.


File Download

HERHSIANG Information Co., Ltd.
TEL: 886-7-3494097 FAX: 886-7-3596785
EMAIL: 
service@herhsiang.com

             service@herhsiang.com.tw

3F, No.5, Dinghe St., Sanmin District, Kaohsiung City Taiwan

Hours Monday~Friday 8:30 AM ~ 6:00 PM
Copyright © 2002~2020