¨¾¤õÀð (Firewall)
?
Policy numbers: 2000
?
Performance: 300 Mbps
?
Stateful inspection
?
NAT mode: one-to-one/one-to-many/many-to-many
?
Policy-based NAT
?
Popular NAT ALGs
?
DDoS/DoS and Port scan prevention
?
IP/MAC binding
µêÀÀ¨p¦³ºô¸ô (VPN)
?
VPN tunnels:200
?
168-bit 3DES performance:140 Mbps
?
Tunneling protocols: PPTP, L2TP, IPSec
?
Tunneling server: PPTP, L2TP
?
Hardware-based Encryption methods: DES, 3DES, AES
?
SHA-1 / MD5 authentication
?
PPTP and L2TP pass-through and IPsec NAT traversal
?
Hub and Spoke VPN support
?
IKE certificate: x.509 v3, PKCS#10
?
IKE authentication: RSA signature, DSA signature,
Xauth
?
Dead peer and tunnel detection
¤J«I°»´ú (IPS)
?
Performance:100 Mbps
?
New session/sec: 4000
?
Maximum sessions:512000
?
Support user-defined IPS rule
?
IPS rules: 2000+
?
Operation mode: Inline, Monitor, Bypass
?
Layer 3/Layer 4 integrity check
?
Protocol decoders: HTTP, FTP, telnet and others
?
Segment reassembly from the network layer to
application layer
À³¥Îµ{¦¡ºÞ²z
?
Support 50+ IM, P2P, Web access, FTP, Mail, and
Multi-media applications
?
3-level Application control:
Category/Application/Behavior
?
Control on login, chatting, file transfer,
conferencing for IM, including MSN, Skype, Yahoo
Messenger, QQ, ICQ and others
¬y¶qºÞ²z
?
Traffic shaping and quota limit on 50+ IM, P2P, Web
access, FTP, Mail, and Multi-media applications
?
Policy-based traffic shaping and quota limit by
application categories
?
Control on bandwidth for P2P, including BT, eDonkey,
Thunder, Share, Winny, and others
¨¾¬r¥\¯à
?
The streaming detection method
?
Performance:30 Mbps
?
Detect over 2000+ popular viruses
?
The ClamAV solution selected and fine-tuned by BSST
?
Scan HTTP, FTP, SMTP, POP3, IMAP and VPN Tunnels
?
Check compressed files with passwords
?
Destroy the infected file segment
?
White list for IP and mail addresses
¤º®e¹LÂo
?
Highly scalble SurfControl CPA solution
?
Support user-defined URL exempt list
?
Support user-defined URL block list
?
Blocks Java applet, Cookies, Active X (by file
extension)
?
Anti-SPAM by RBL approach by 2007 Q3
°ª³Æ´©»Pt¸ü¥¿Å
?
Built-in Dual-WAN Failover and redundancy in
Active-Passive mode
?
Load balancing on WAN links
?
HA in Active-Passive mode with configuration, VPN
tunnel,
and
session state synchronization by 2007 Q3
§Y®ÉºÊ´ú»P¤é»x
?
Graphical real-time monitoring in WebUI
?
Top-N application statistics
?
Firewall/IPS/AV statistics and network statistics
?
VPN tunnel monitor
?
System CPU, memory and FLASH utilization
?
Syslog to remote BroadWeb Security Event Reporter
(SER) or 3rd party NMS
ĵ§i»P³qª¾
?
Real-time events in WebUI
?
SNMP
?
Email
?
Windows popup message
?
Alarm filtering
¨t²ÎºÞ²z
?
Web UI (HTTPS), Command Line Interface (CLI), and
Secure Command Shell (SSH)
?
Setup wizard
?
SNMP management
?
Multi-language support
ºÞ²z»PºûÅ@
?
Export and import the IPS, firewall, anti-virus,
application management policies and system
configuration
?
Upgrade the policies and kernel image from BroadWeb
Data Update Center (DUC) automatically or via UI
manually
¨Ï¥ÎªÌ»{ÃÒ
?
Xauth over RADIUS support for IPsec VPN
?
Support Local database
by 2007 Q3
?
Support RADIUS database
by 2007 Q3
ºô¸ô¥\¯à
?
VLAN Tagging (IEEE 802.1q)
?
PPPoE, static IP, DHCP client on WAN interfaces
?
DHCP server, static IP for LAN nodes
?
DHCP relay
?
DNS query proxy and dynamic DNS support
?
Static routing and dynamic routing (RIP)
ºô¸ô¤¶±
?
LAN port (GbE): 1
?
WAN ports (GbE): 2
?
Configurable port (GbE): 1 (DMZ/HA/Mirror)
?
USB ports: 2
?
Serial port: 1 (console)
µwÅé
?
Dimensions: 1U Rack-mount, 426 x 358 x 44 mm, 4.2
kg
?
Compliance: FCC Class A Part 15, UL/CUL, C Tick,
CE, VCCI
?
Operating Temperature: 0 to 40¢J (32 to 104¢K)
(depends on CPU)
?
Storage Temperature: -20 to 70¢J (-4 to 158¢K)
?
Humidity: 0% to 90%RH, non-condensing
?
AC power: 90 to 264 V full range @ 47 to 63 Hz
¸ê¦w»{ÃÒ
?
ICSA: Firewall, IPSec, IPS
?
NSS: IPS