Multi-Homing Security Gateway
CS-1000
 

The innovation of the Internet has created a tremendous worldwide venue for e-business and information sharing, but it also creates network security problems, so the security request will be the primary concerned for the enterprise. New model of Planet's Security Gateway CS-1000, a special designed of security gateway, adopts Heuristics Analysis to filter spam and virus mail, auto-training system can raise identify rate of spam, and built-in Clam virus scan engine can detect viruses, worms and other threats from email transfer.

The CS-1000 does not just provide the same feature as the previous generation product CS-500, such as Content Blocking to block specific URL, Scripts, IM/P2P program, IPSec and PPTP VPN server, QoS, Authentication etc. Besides those function described above, built-in two WAN interfaces allow CS-1000 to support outbound load balance and wan fail-over feature. Furthermore, the VPN Trunk provides VPN fail-over and load balance features, that can offer a VPN redundant mechanism to keep your VPN connection being on line.

What PLANET guarantee, the CS-1000 not only can filter spam and virus mail, but also is a high performance VPN firewall. Moreover, built-in IDP and firewall function can defense hacker and blaster attack from Internet or Intranet. The completely function in one device can provide you an excellent security solution and the secure environment than ever..
 
   Product Application

Small business, branch offices


The CS-1000 can filter the mail from incoming or outgoing traffic, so no matter the mail server locates in LAN, DMZ or Internet, the mail recipient always can be protected under CS-1000 mail security system. User can install it as the network structure designed, and worry free that CS-1000 can not be compatible to the current network environment.
 

 
   Key Features
Anti-Spam Filtering: Multiple defense layers (Head Analysis, Text Analysis, Blacklist & Whitelist, Bayesian Filtering, Spam Fingerprint, Checking sender account and IP address), and Heuristics Analysis to block over 95% spam mail. Customizable notification options and spam mail report are provided for administrator. Varied actions toward spam mail include: Delete, Deliver, and Forward. Built-in auto-training system to rise identify rate of spam mail substantially.
Anti-Virus Protection: Built-in Clam virus scan engine can detect viruses, worms, and other threats from email transfer. Scan mission-critical content protocols-SMTP, POP3 in real time as traffic enters the network to provide maximum protection. Customizable notification options and virus mail report are provided for administrator. Varied actions toward spam mail include: Delete, Deliver, and Forward.
VPN Connectivity: The security gateway support PPTP server/client and IPSec VPN. With DES, 3DES and AES encryption and SHA-1 / MD5 authentication, the network traffic over public Internet is secured.
VPN Trunk: VPN trunk function provides VPN load balance and VPN fail-over feature to keep the VPN connection more reliable.
Content Filtering: The security gateway can block network connection based on URLs, Scripts (The Pop-up, Java Applet, cookies and Active X), P2P (eDonkey, Bit Torrent and WinMX), Instant Messaging (MSN, Yahoo Messenger, ICQ, QQ and Skype) and Download. If there are new updated version of P2P or IM software in client side, CS-1000 will detect the difference and update the Content Filtering pattern to renew the filtering mechanism.
IDP: CS-1000 provides three kinds of the Signature to complete the intrusion detection system, user can select to configure "Anomaly", "Pre-defined" and "Custom" according to the current environment's request.
Anti-Virus for HTTP, FTP, P2P, IM, NetBIOS: The CS-1000 not only can provide Anti-virus feature for mail, it also can filter the virus from varied protocol. The virus pattern can be updated automatically or manually.
Policy-based Firewall: The built-in policy-based firewall prevent many known hacker attack including SYN attack, ICMP flood, UDP flood, Ping of Death, etc. The access control function allowed only specified WAN or LAN users to use only allowed network services on specified time.
QoS: Network packets can be classified based on IP address, IP subnet and TCP/UDP port number and give guarantee and maximum bandwidth with three levels of priority.
Authentication: Web-based authentication allows users to be authenticated by web browser. User database can be configured on the devices or through external RADIUS server.
WAN Backup: The CS-1000 can monitor each WAN link status and automatically activate backup links when a failure is detected. The detection is based on the configurable target Internet addresses.
Outbound Load Balancing: The network sessions are assigned based on the user configurable load balancing mode, including "Auto", "Round-Robin", "By Traffic", "By Session" and "By Packet". User can also configure which IP or TCP/UDP type of traffic use which WAN port to connect.
Multiple NAT: Multiple NAT allows local port to set multiple subnet works and connect to the Internet through different WAN IP addresses.

 

Product
 		 Multi-Homing Security Gateway
Model CS-1000
Hardware
Ethernet LAN 1 x 10/100 Based-TX RJ-45
WAN
 		 2 x 10/100 Based-TX RJ-45
DMZ 1 x 10/100 Based-TX RJ-45
Power
 		 100~250 VAC, 50~60 Hz, 0.6A
Operating Environment Temperature: 0 ~ 60 degree C
Relative Humidity: 10% ~ 90%
Dimension 237 x 440 x 43 mm
Regulatory FCC, CE Mark
Software
Management Web
Network Connection
 		 Transparent, NAT, Multi-NAT
Routing Mode
 		 Static Route, RIPv2
Concurrent Sessions
 		 110,000
New session / second
 		 10,000
Email Capacity per Day
 		 120,000
Firewall Throughput
 		 100Mbps
3DES Throughput
 		 17Mbps
Firewall
 		 Policy-based Firewall rule with schedule, NAT/ NAPT, SPI Firewall
VPN Tunnels
 		 100/200
VPN Function
 		 PPTP server and client, IPSec
DES, 3DES and AES encrypting
SHA-1 / MD5 authentication algorithm
Remote access VPN (Client-to-Site) and Site to Site VPN
VPN Trunk
Content Filtering
 		 URL Blocking
Blocks Popup, Java Applet, cookies and Active X
P2P Application Blocking
Instant Message Blocking
Download Blocking
IDP Anti-Virus for HTTP, FTP, P2P, IM, NetBIOS
Automatic or manual update virus and signature database
Anomaly: Syn Flood, UDP Flood, ICMP Flood and more.
Pre-defined: Backdoor, DDoS, DoS, Exploit, NetBIOS and Spyware.
Custom: User defined based on TCP, UDP, ICMP or IP protocol.
Scanned Mail Settings The allowed size of scanned mail : 10 ~ 512KBytes
Anti-Virus
 		 Email attachment virus scanning by SMTP, POP3
Inbound scanning for internal and external Mail Server
Action of infected mail: Delete, Deliver to the recipient, forward to an account
Automatic or manual update virus database
QoS Policy-based bandwidth management
Guarantee and maximum bandwidth with 3 priority levels
Classify traffics based on IP, IP subnet, TCP/UDP port
User Authentication Built-in user database with up to 200 entries
Support local database, RADIUS and POP3 authentication
Logs Log and alarm for event and traffic
Log can be saved from web, sent by e-mail or sent to syslog server
Accounting Report Record inbound and outbound traffic's utilization by Source IP, Destination IP and Service
Statistics Traffic statistic for WAN interface and policies, Graphic display
Others Dynamic DNS, NTP support, DHCP server, Virtual server
 

Top