NET. Solutions

Your browser does not support inline frames or is currently configured not to display inline frames.

UTM Content Security Gateway
CS-2000

The innovation of the Internet has created a tremendous worldwide opportunities for e-business and information sharing, but network security problems also come out. So the request of security will be the primary concerned for the enterprises. The new model, PLANET UTM Content Security Gateway CS-2000, a special designed of security gateway, can adopt Heuristics Analysis to filter spam and virus mail, and the auto-training system can raise identify rate of spam. The built-in 80GB Hard Disk can store the spam mail in quarantine. The Anti-virus application has double virus scan engines - Clam and Sophos which can detect viruses, worms and other threats from transferring E-mail and Internet network. It also provides the mail report by Daily, Weekly, Monthly and Yearly and helps the administrators monitor the mail status easily.
The CS-2000 can filter spam and virus mail. Moreover, the IDP and firewall functions can defense hackers and blaster attacks from Internet or Intranet. The complete function in one device can provide security solutions and the secure environment better than ever.

The CS-2000 not only just provides the same features as previous product CS-1000, such as Content Blocking to block specific URL, Scripts, IM / P2P program, IPSec, PPTP VPN server / Client, QoS and Authentication etc. but also provides the higher performance than CS-1000. It has more advanced functions, such as SSL VPN, High Availability and Inbound Load-Balancing etc.. Built-in two WAN interfaces allow the CS-2000 to support Outbound / Inbound load balance and WAN fail-over feature. Furthermore, the VPN Trunk provides VPN fail-over and load balance features, that can offer a VPN redundant mechanism to keep the VPN connection being on line.

Product Application

UTM Content Security Gateway

PLANET UTM Content Security Gateway, CS-2000, is specially designed security gateway with virus and spam filtering features. As the gatekeeper of corporate security network, CS-2000 prevents corporate intranet from being infected by virus and its network resource occupied by useless spam mails. Furthermore, IDP, User Authentication and Content Filter features of the security gateway offer the corporate intranet highly secure protection. The CS-2000 also provides the IPSec, SSL VPN, and PPTP VPN solutions that the data can be securely delivered via VPN tunnel.

Key Features

	Anti-Spam Filtering: Multiple defense layers (Spam Fingerprint, Blacklist & Whitelist, Bayesian Filtering, Spam Signature, Graylist, Checking sender account and IP address in RBL), and Heuristics Analysis to block over 95% spam mail. Customizable notification options and spam mail report are provided for administrators. Varied actions toward spam mail include Delete, Deliver, Forward and Store in the quarantine. Built-in auto-training system rise identify rate of spam mail substantially.
	Anti-Virus Protection: Built-in double virus scan engines can detect viruses, worms and other threats from email transfer. Network Traffic in real time can scan mission-critical content protocols, SMTP and POP3, to provide maximum protection. Customizable notification options and virus mail report are provided for administrators. Varied actions toward spam mail include Delete, Deliver, Forward and Store in the quarantine.
	Anti-Virus for HTTP, FTP, P2P, IM, NetBIOS: The CS-2000 can not only provide Anti-virus feature for mail but also filter the virus from varied protocol. The virus pattern can be updated automatically or manually.
	VPN Connectivity: The CS-2000 supports several VPN features -- IPSec VPN, SSL VPN and PPTP server / client. The VPN Tunnel with DES / 3DES / AES encryption and SHA-1 / MD5 authentication that provide secured network traffic over public Internet. VPN Wizard can help administrators to have easy ways to configure VPN settings.
	SSL VPN: SSL VPN does not need to install any software or hardware. Only need to use the web browsers and easily establish VPN connections for transferring the data by SSL encryption.
	VPN Trunk: VPN trunk function provides VPN load balance and VPN fail-over feature to keep the VPN connection more reliable.
	Content Filtering: The CS-2000 can block network connection based on URLs, Scripts (The Pop-up, Java Applet, cookies and Active X), P2P (eDonkey, Bit Torrent, WinMX and more), Instant Messaging (MSN, Yahoo Messenger, ICQ, QQ, Skype and Google Talk) and Download / Upload. If there are updated versions of P2P or IM software in client side, the CS-2000 will detect the difference and update the Content Filtering pattern to renew the filtering mechanism.
	IDP: Built-in IDP function can detect and prevent from Hacker attacks, Anomaly Flow and Signatures from the Internet. The CS-2000 provides three kinds of the signatures to complete the intrusion detection system, and users can select to configure “Anomaly”, “Pre-defined” and “Custom” according to the current environment request.
	Policy-based Firewall: The built-in policy-based firewall prevents many well-known hacker attacks including SYN attack, ICMP flood, UDP flood, Ping of Death, etc. The access control function specified WAN or LAN users to use only allowed network services on specified time.
	QoS: Network packets can be classified based on IP address, IP subnet and TCP / UDP port number and give guarantee and maximum bandwidth with three levels of priority.
	User Authentication: Web-based authentication allows users to be authenticated by web browsers. User database can be configured on CS-2000 and it also supports the authenticated database through external RADIUS, POP3 and LDAP server.
	WAN Backup: The CS-2000 can monitor each WAN link status and automatically activate backup links when a failure is detected. The detection is based on the configurable target Internet address.
	Outbound Load Balancing: The network sessions are assigned based on the user configurable load balancing mode, including “Auto”, “Round-Robin”, “By Traffic”, “By Session” and “By Packet”. Users can also configure IP or TCP / UDP type of traffic use which WAN port to connect.
	Inbound Load Balancing: The CS-2000 provides the Inbound Load Balancing for enterprises internal server. The Inbound Load Balancing can reduce the server loading and system crash risks in order to improve the server working efficiency.
	Multiple NAT: Multiple NAT allows local ports to set multiple subnet works and connect to the Internet through different WAN IP address.
	High Availability: The CS-2000 provides the High Availability function, and the redundant system will avoid to influencing the network traffic because the device crash down.

Product		UTM Content Security Gateway
Model		CS-2000
Hardware
Ethernet	LAN	1 x 10/100 Based-TX RJ-45
	WAN	2 x 10/100 Based-TX RJ-45
	DMZ	1 x 10/100 Based-TX RJ-45
Console		1 x RS-232 (DB9)
Hard Disk		80 GB
H/W Watch-Dog		Auto reboot when detecting system fail
Software
Management		Web (English, Traditional Chinese, Simplified Chinese)
Operation Mode		DMZ_Transparent, DMZ_NAT, NAT
Routing Protocol		Static Route, RIPv2
Concurrent Sessions		582,000
New Session / Second		20,000
Email Capacity Per Day		600,000
Firewall Performance		100Mbps
VPN Performance		46Mbps
VPN Performance (with 3DES)		30Mbps
Firewall Security		Policy-based access control Stateful Packet Inspection (SPI) NAT / NAPT
VPN Tunnels (Connection / Configure)		200 / 1000
VPN Function		IPSec, SSL VPN, PPTP server and client DES, 3DES and AES encrypting SHA-1 / MD5 authentication algorithm Remote access VPN (Client-to-Site) and Site to Site VPN
Content Filtering		URL Blocking Script Blocking (Popup, Java Applet, cookies and Active X) IM blocking (MSN, Yahoo Messenger, ICQ, QQ, Skype and Google Talk) P2P blocking (eDonkey, Bit Torrent, WinMX and more) Download and Upload blocking
IDP		Anti-Virus for HTTP, FTP, P2P, IM, NetBIOS Automatic or manual update for virus and signature database Anomaly: Syn Flood, UDP Flood, ICMP Flood and more Pre-defined: Backdoor, DDoS, DoS, Exploit, NetBIOS and Spyware Custom: User defined based on TCP, UDP, ICMP or IP protocol Yearly, Monthly, Weekly and Daily Reports support
Anti-Virus		Virus scan engine: Two scan engines - Sophos and Clam Virus scanning of E-mail attachment by SMTP, POP3 Inbound scanning for internal and external Mail Server Action of infected mail: Delete, Deliver to the recipient, forward to an account and store in quarantine Automatic or manual Virus database update
Anti-Spam		Inbound scanning for external and internal Mail Server Support Spam Fingerprint, Bayesian, Signature, RBL and Graylist filtering Checking sender account and IP to filter the spam mail Black and white list support auto training system Action of spam mail: Delete, Deliver to the recipient, forward to an account and store in quarantine Yearly, Monthly, Weekly and Daily Reports support
QoS		Policy-based bandwidth management Guarantee maximum bandwidth with 3 priority levels Classify traffics based on IP, IP subnet, and TCP / UDP port
User Authentication		Built-in user database with up to 500 entries Support local database, RADIUS, POP3 and LDAP authentication
Logs		Traffic Log, Event Log and Connection Log Log can be saved from web and backup by e-mail or syslog server
Accounting Report		Record of Inbound and Outbound traffic utilization by Source IP, Destination IP and Service Backup Accounting Report for Outbound and Inbound traffic
Statistics		WAN ports traffic statistic and policies statistic with graph’s display
Others		Dynamic DNS NTP support Multiple server load balancing Outbound / Inbound load balancing High availability Multiple subnet SNMP v1

Top