internet - computex taipei · pdf fileaudit online behavior of internal users ... - spi...
TRANSCRIPT
ShareTech Wi-Fi
SSID1 Sales
Internet
SSID2 EnginesSSID3 Guests
Switch
ERPFTP Server
ThailandNetinforTech Co.,Ltd.39/78 Soi sukhapiban 5 Soi 82,samwatawantok, Klongsamwa,Bangkok 10510 THAILANDT: + 66 02-974-5619F: + 66 02-998-1527
MalaysiaSoftmy Technology Sdn. Bhd.A-01-01, Ixora Apartment,75450 Bukit Beruang,Melaka.Sales Inquiry: Lester LauT: + 6 06-231-5568Web: http://www.softmy.com/
BangladeshRichman Informatics20/2 North Dhanmondi, WestPanthopath Dhaka-1205, BangladeshT: + 880 (2) 914-0339, 914-3683M: [email protected]: http://www.richman.com.bd/
VietnamKTD Trading & Services Co.,Ltd.51 Nguyen Trai Str., Ngo Quyen Dist.,HaiPhong, VietnamT: + 84 31-3630888F: + 84 31-3630889Mail: [email protected]: http://www.ktd.vn/
www.sharetech.com.tw
WF Series Overview
Gigabit Ethernet
Multi UTM Wireless Protection
(Firewall, IDP, Anti-Virus, Anti- Spam, App Control, WEB Filter)
Multiple SSID (6 set) with multiple VLAN
Connectivity system between branches and spots
(Web surfing, Email, servers)
Encrypted VPN and SSL VPN secure remote user access
Wireless AP Management
Central Management System
A controller which handles all internal wireless traffic
Sharp Multi-layers authorized controls
Audit online behavior of internal users
Energy-efficient online scheduling
WF Series DescriptionGrowing businesses and rapidly expanding wireless network horizons have led to an increased demand for advanced security, higher performance, and converged management for wired and wireless network.
WF Series for SME and the branch joins ShareTech product family for UTM appliance Wifi security at the start of 2014. With business experiencing newer trends like increasing use of BYOD, business ought to separate wireless access for both internal users and visitors to improve wireless network security from emerging security risks.
Integrated with ShareTech wireless access points, WF Series can rapidly setup an overall system architecture for seamless wired-to-wireless integration. The series provide perimeter security such as firewall, anti-virus, anti-spam, app access control, URL filter, bulletin board, authentication, QoS, VPN, and SSL VPN.
With ShareTech WF Series, business can lower wireless deployment and operational cost across their entire network distribution.
WF SeriesWifi Network Security
ShareTech
Models WF-200 WF-300 WF-500Hardware
Recommended user no. Under 50 50-100 50-100Memory 1G 1G 2GNetwork Speed Gigabit Gigabit GigabitWAN/LAN/DMZ 2/1/1 2/1/1 2/1/1Wireless Antenna 3bdi*3 3bdi*3 3bdi*3Wireless Standards 802.11 b/g/n 802.11 b/g/n 802.11 b/g/nPerformance
Connection 150,000 150,000 160,000Firewall Throughput 500 Mbps 560 Mbps 600 MbpsVPN Throughput 70 Mbps 78 Mbps 85 MbpsAnti-Virus Throughput x 55 Mbps 65 MbpsWireless Network
Encryption Mode AES/TKIP/AES+TKIP AES/TKIP/AES+TKIP AES/TKIP/AES+TKIPMAC Address Filter 0 0 0SSID 6 6 6SSID VLAN 6 6 6Software
Firewall O O OAnti-Virus x O OAnti-Spam x O OIDP x x OBotNet x x OptionQoS O O OLoad Balance O O OApplication Control O O OURL Filter O O OVPN O O OSSL VPN x O OFlow Analysis x O OAuthentication O O OBulletin Board O O OAP Management O O OCMS Client Client/Server Client/ServerHA O O OReports x O OAnomaly Flow Analysis x x OCo-Defense x x ORecord x x OMail Audit x x OptionSignatures Update x x O
SpecificationBuilt-In Wireless Network- Standard Compliance: IEEE 802.11a/b/g/n (AES/TKIP/AES+TKIP)- Antenna: 3T3R 3dbi Portable- SSID: 6 set with isolated SSID VLAN- Frequency Range: 2.412 GHz - 2.472 GHz 5.200 GHz - 5.825 GHz- Operating Channels: USA (FCC)/EU (ETSI): 11 channels- Data Transmission Rates: 802.11n: up to 450Mbps 802.11b: 11Mbps 802.11g: 54Mbps
Stateful Inspection UTM- SPI supported- User authentication- Multiple user identification (by IP address, MAC,
source, and group)- UTM policies: web filtering, application filtering,
bulletin board, anti-virus, anti-spam, Qos, load balance
- Access scheduling- 802.1q VLAN supported- ARP Spoofing protection- DoS, DDoS, and anomaly flow attack prevention- Route and transparent bridge mode- Dynamic packet filtering- NAT and PAT- H.323, SIP NAT Traversal
Administration & System Management- Role-based Access control- Firmware Upgrades via Web UI- Web 2.0 compliant UI (HTTP&HTTPS)- SNMP (v1, v2c, v3)- Multi-lingual support: Simplified Chinese, Traditional Chinese, English- Bulletin board- System backup & recovery- Auto firmware update- Management: sub-administrator- High Availability
Gateway Anti-spam1
- Email filtering based on content, message header, size, sender and recipient
- ST-IP Network Rating- Bayesian Filtering- Auto Learning- Signature-based spam filter- Fingerprint recognition- System/Personal Black and White List- Grey listing- Reverse IP- Flow protection system
Gateway Anti-Virus1 & Anti-Spyware- Virus, Worm, Trojan Detection & Removal,
Malware protection- Automatic virus signature database update- Scan HTTP, FTP, POP3, IMAP Tunnels- ARP Spoofing Protection- Detect forged IP and MAC address- Anomaly Flow Detection *Clam AV (free anti-virus engine) It can detect over 1,300,000 kinds of viruses, worms and Trojans. Virus scanning for websites and all packages through FTP.
User Authentication- In-built database- AD Integration- POP3 and RADIUS Integration- Group authentication supported
- User-bind IP/MAC Address- Authentication Log- User Authentication in Transparent Mode- Trace, track and locate IP/MAC address
VPN (Virtual Private Network)- IPSec, PPTP supported- Encryption: 3DES, DES, AES- Hash Algorithms: MD5, SHA-1- Authentication: Preshared key- Dead peer detection and PFS support- Diffie Hellman Groups: 1,2,5- VPN policies supported
Intrusion Detection and Prevention2
- Signatures: Default (2243+), Custom- IDP Policies: Multiple, Custom- Protocol Anomaly Detection- DDoS attack prevention- IDP Log
BotNet3
- Signatures: Default (2243+), Custom- Mode: Sniffer, Inline
Co-Defense4
- Anomaly IP analysis (block/notify) 5
- Switch Display- Network Status- Mac Ports bind- Internal Protection: ARP, MAC and IP conflict
Web Filtering- URL, keyword, File type block- Protocols supported: HTTP- Data leakage control via HTTP upload- Webpage blocking- Schedule-based access control- Web page block record- Remove Black and White List- java applet, Cookies, and active X blocking- Blue Coat Web Filter supported- Wireless User Authentication supported- Custom block notification and change URL
Direction
Bandwidth Management- Guaranteed & Burstable bandwidth- Bandwidth Scheduling configuration (by
policies,internal source IP, and external source IP)- Bandwidth Priority- Smart QoS- Session Control by bandwidth policies
Application Filtering- Inbuilt Application Category Database- Application Categories e.g. P2P, IM, VOIP, Web
Mail, Game, and others- Schedule: base access control- Block P2P application: e.g. Foxy- VOIP Application: e.g. SIP- Game: e.g. PPStream- Reports
Reports6
- 12 types of reports- 2 report modes: Default/Custom- Automated Report Scheduling- Multiple reports: CPU/RAM system load, network
flow, Outgoing ranking, and Incoming ranking- Mixed format reports: tabular and graphical- Exportable formats: csv- PDF report (based on different time range)
SSL VPN7
- TCP & UDP Tunneling- Remote access for SSL VPN client users- Authentication: Active Directory, LDAP, RADIUS- Multi-layered Client Authentication: Certificate,
Username, and Password- User & Group policy enforcement- SSL VPN Policies
IM (Instant Messaging) Management- Yahoo and Windows Live Messenger- ICQ/AIM/Google Talk/QQ/SKYPE- WebIM/LINE- Allow/Block: Login, File Transfer
HA (High Availability)- Active-Standby- Active-Passive with state synchronization- Failover event detection- Detect HA connection- Mail alerts on appliance status change
Log & Detection- Complex partial schedule log- Alarm notification email- Real-time Detection- Built-in daily report- CMS- Centralized wireless AP management
Networking- IP Address Assignment: Static IP, PPPoE, PPTP & DDNS, Client, Proxy ARP- Dynamic Routing: RIP v1& RIPv2 supported- SSID DHCP- SSID VLAN- Virtual Server- DNS Load Balance- DHCP Client/Server- Dynamic DNS- WEB and FTP Service- SNMP Agent- Remote Access
Record8
- WEB/FTP/IM/Mail/MSN- Remote Backup: Flow Analysis/WEB/FTP/Mail- Encrypted IM: Skype/QQ
Mail Audit9
- Email Notification- Audit rule setting: sender, recipient, attachments,
etc.- Action: quarantine, delay, and block.
Certification- IPv6 Ready Gold Logo
Compliance- CE- FCC
1 available in WF-300/5002 available in WF-500 only3 optional purchase in WF-500 only4 available in WF-500 only5 available in WF-500 only6 available in WF-300/5007 available in WF-300/5008 available in WF-500 only9 optional purchase in WF-500 only
Product ComparisonWF SeriesWF Series
2014.04