C-CS-2001v2 s

C-CS-2001v2 s
CS-2001
UTM Content Security Gateway
The innovation of the Internet has created a tremendous worldwide
opportunities for e-business and information sharing; however, it also brings
network security issues. The request of information security becomes the
primary concern for the enterprises. To fulfill the demand, PLANET introduces
the UTM Content Security Gateway CS-2001, the next generation of the CS2000, to support the enterprises build up the secure network protection. For
further IP compatibility, it supports IPv6 as well.
The CS-2001 adopts Heuristics Analysis to filter spam emails and virus, and its auto-training system can increase the spam emails identification. The CS-2001
has built-in 500GB Hard Disk to store the spam email in quarantine. The Anti-Virus application has dual virus scan engines - Clam and Sophos to effectively
detect viruses, worms and other threats from emails and Internet. Moreover, it helps the administrators to monitor the email status easily via email reports by
Daily, Weekly, Monthly and Yearly.
Besides filtering spam and virus emails, the CS-2001 presents the IDP (Intrusion Detection and Prevention) and firewall functions to defense hackers and blaster
attacks from Internet or Intranet. The comprehensive functions in one device provide enterprises security solutions for better secure environment than ever.
The CS-2001 supports most of popular security features including Content Blocking to block specific URL, Scripts, IM/P2P program, Authentication, IPSec, PPTP
VPN server/Client, SSL VPN, QoS, High Availability, Inbound Load-Balancing and etc. Furthermore, it provides higher performance with all Gigabit Ethernet
interfaces which offer faster speeds for your network applications. The Gigabit user defined interfaces flexibly fulfill the network requirement nowadays, and
the multiple WAN interfaces enable the CS-2001 to support Outbound / Inbound load balance and WAN fail-over features. As the result, the VPN not only can
configure Trunk mode but also provide VPN fail-over and load balance features which is a VPN redundant mechanism to keep the VPN always alive.
Applications
UTM Content Security Gateway
PLANET UTM Content Security Gateway, CS-2001, is a specially designed security gateway with virus and spam filtering features. As the gatekeeper of
corporate security network, the CS-2001 prevents corporate intranet from being infected by virus and its network resource being occupied by useless spam
emails. Furthermore, IDP, User Authentication and Content Filter features of the security gateway offer the corporate intranet highly secure protection. The CS2001 also provides the IPSec, SSL VPN, and PPTP VPN solutions for secure data delivery via VPN tunnel.
Branch Office
Vendor
Firewall Gateway
Firewall Gateway
PC
001101010
ADSL
Modem
Modem
Internet
IPSec VPN Tunnel
IPSec VPN Tunnel
PC
001101010
b/g
Access Point
Laptop
ADSL
001101010
Modem
Attack Virus
Access Point
Spam
SSL VPN Tunnel
Firewall CS-2001
Firewall
PC
DMZ
b/g
Laptop
Finance-Server
PC
Web-Server
Mail-Server
Home
Headquarters
100Base-TX UTP
1000Base-T UTP
Data Sheet
1
ADSL 2/2+
ADSL
b/g
2.4GHz 802.11b/g
CS-2001
Key Features
All Gigabit user defined Interface
IDP (Intrusion Detection and Prevention)
•• The CS-2001 not only supports all Gigabit Ethernet interfaces
to provide higher performance but is also able to be defined
the interface role for your network environment.
•• Built-in IDP function can detect the intrusions and prevent the
network from Hacker attacks, Anomaly Flow and Signatures
from the Internet. The CS-2001 provides three kinds of
the signatures to complete the intrusion detection system.
Users can select to configure “Anomaly”, “Pre-defined” and
“Custom” according to the current environment request.
IPv6
•• IPv6 is designed to success the IPv4 version. The CS-2001
implements the new IP version for further compatibility of
network environment.
Anti-Spam Filtering
•• Multiple defense layers (Spam Fingerprint, Blacklist & Whitelist,
Bayesian Filtering, Spam Signature, Graylist, Checking sender
account and IP address in RBL), and Heuristics Analysis
help to block over 95% of spam mails. Customizable
notification options and spam mail report are provided for the
administrators. Varied actions to spam mails include Delete,
Deliver, Forward and Store in the quarantine. It also has built-in
auto-training system to improve the spam emails identification
substantially.
Anti-Virus Protection
•• Built-in dual virus scan engines can detect viruses, worms and
other threats from email transfer and can scan mission-critical
content protocols, SMTP and POP3 in real time to provide
maximum protection. It provides customizable notification
options and virus mail report for the administrators. Varied
actions to virus mails include Delete, Deliver, Forward and Store
in the quarantine.
Anti-Virus for HTTP, FTP, P2P, IM, NetBIOS
•• The CS-2001 can filter the virus from various protocols. The
virus pattern can be updated automatically or manually.
VPN Connectivity
•• The CS-2001 supports several VPN features -- IPSec VPN, SSL
VPN and PPTP server/client. The VPN Tunnel with DES / 3DES
/ AES encryption and SHA-1 / MD5 authentication provides
secure network traffic over public Internet. VPN Wizard helps
the administrators to configure VPN settings easily.
SSL VPN
•• SSL VPN allows users to easily establish VPN connections
for transferring the data by SSL encryption via web browser
without the need of any software or hardware installation.
VPN Trunk
•• VPN trunk function provides VPN load balance and VPN
failover feature to keep the VPN connection more reliable.
Policy-Based Firewall
•• The built-in Policy-Based firewall prevents many well-known
hacker attacks including SYN attack, ICMP flood, UDP flood,
Ping of Death, and etc. The access control function specifies
WAN or LAN users to use authenticated network services only
on specified time.
QoS
•• Network packets can be classified based on IP address, IP
subnet and TCP/UDP port number and offer guarantee of
maximum bandwidth with three levels of priority.
User Authentication
•• Web-Based authentication allows users to be authenticated
via web browser. User database can be configured on the CS2001 and it also supports the authenticated database through
external RADIUS, POP3 and LDAP server.
WAN Backup
•• The CS-2001 can monitor each WAN link status and
automatically activate backup links when a failure is detected.
The detection is based on the configurable target Internet
address.
Outbound Load Balancing
•• The network sessions are assigned based on the user
configurable load balancing modes including “Auto”, “RoundRobin”, “By Traffic”, “By Session” and “By Packet”. Users can
also configure IP or TCP/UDP type of traffic and assign which
one of the two WAN ports for connection.
Inbound Load Balancing
•• The Inbound Load Balancing is provided for enterprises internal
server to reduce the server loading and system crash risks in
order to improve the server working efficiency.
Multiple NAT
•• Multiple NAT allows local ports to be set in multiple subnets
and connect to the Internet through different WAN IP
addresses.
VLAN
Content Filtering
•• The CS-2001 can block network connection based on URLs,
Scripts (The Pop-up, Java Applet, cookies and Active X), P2P
(eDonkey, Bit Torrent, WinMX and more), Instant Messaging
(MSN, Yahoo Messenger, ICQ, QQ, Skype and Google Talk) and
Download / Upload. If there are update versions of P2P or IM
software in client side, the CS-2001 will detect the difference
and update the Content Filtering pattern to renew the filtering
mechanism.
•• The CS-2001 provides IEEE 802.1Q Tagged VLAN and the VLAN
groups which allow the administrator to install the network
flexibly.
High Availability
•• The CS-2001 provides the High Availability function and the
redundant system to keep the network traffic active when the
device crash down.
IM Recording
•• Built-in IM Recoding function can help you record and
monitor the use of MSN and QQ messenger. This can prevent
productivity losses from personal use and confidentiality
breaches from information leaks.
Data Sheet
2
PLANET Technology Corporation
11F, No. 96, Min Chuan Road, Hsin Tien, Taipei, Taiwan, R.O.C.
Tel: 886-2-2219-9518 Fax: 886-2-2219-9528
Email: [email protected] www.planet.com.tw
VoIP Gateway: vip.planet.com.tw
PLANET reserves the right to change specifications without prior notice. All brand names and trademarks are property of
their respective owners. Copyright © 2008 PLANET Technology Corp. All rights reserved.
CS-2001
Specification
Product
UTM Content Security Gateway
Model
Hardware
Ethernet
Console
Hard Disk
Hardware Watch-Dog
Software
Management
Operation Mode
Routing Protocol
Concurrent Sessions
New session per second
Email Capacity per Day
(mail size 1098 bytes)
Firewall Performance
SSL VPN Performance
IPSec VPN Performance
(With 3DES)
CS-2001
Multiple subnet
VPN Tunnels
(Connection/Configure)
IM Recording
Content Filtering
IDP
Anti-Spam
QoS
User Authentication
Logs
Accounting Report
Data Sheet
3
Web (English, Traditional Chinese, Simplified Chinese)
DMZ_Transparent, DMZ_NAT, NAT
Static Route, RIPv2, OSPF, BGP
1,000,000
10,000
2,000,000
1.6Gbps incoming and outgoing
80Mbps
100Mbps
■
■
■
■
■
■
Firewall Security
VPN Function
4 x Undefined Ethernet port 10/100/1000Base-T RJ-45, Auto-Negotiation, Auto MDI / MDI-X
1 x RS-232 (9600, 8, N, 1)
500 GB
Auto reboot when detecting system fail
Policy-Based access control
Stateful Packet Inspection (SPI)
NAT / NAPT
Supports max. 64 multiple subnets
VLAN id feature to assign multiple subnets
VLAN trunk support
200 / 1000
■
■
■
■
■
■
■
■
■
■
■
■
IPSec, SSL VPN, PPTP server and client
DES, 3DES and AES encrypting
SHA-1 / MD5 authentication algorithm
Remote access VPN (Client-to-Site) and Site to Site VPN
QQ / MSN Account Manager
Periodic Report Scheduling / Send report to e-mail
IM Conversation logs and statistics chart
URL Blocking
Script Blocking (Popup, Java Applet, cookies and Active X)
IM blocking (MSN, Yahoo Messenger, ICQ, QQ, Skype, Google Talk and more)
P2P blocking (eDonkey, Bit Torrent, WinMX and more)
Download and Upload blocking
■
■
■
■
■
■
Anti-Virus for HTTP, FTP, P2P, IM, NetBIOS
Automatic or manual update virus and signature database
Anomaly: Syn Flood, UDP Flood, ICMP Flood and more
Pre-defined: Backdoor, DDoS, DoS, Exploit, NetBIOS and Spyware
Custom: User defined based on TCP, UDP, ICMP or IP protocol
Yearly, Monthly, Weekly and Daily Report support
■ Inbound scanning for external and internal Mail Server
■ Support Spam Fingerprint, Bayesian, Signature, RBL and Graylist filtering, checking sender account and IP
to filter the spam mail
■ Black list and white list support auto training system
■ Action of spam mail: Delete, Deliver to the recipient, forward to an account and store in quarantine
■ Yearly, Monthly, Weekly and Daily Report support
■ Policy-Based bandwidth management
■ Guarantee and maximum bandwidth with 3 priority levels
■ Classify traffics based on IP, IP subnet, TCP / UDP port
■ Built-in user database with up to 500 entries
■ Supports local database, RADIUS, POP3 and LDAP authentication
■ Traffic Log, Event Log and Connection Log
■ Log can be saved from web, backup by e-mail or syslog server
■ Record Inbound and Outbound traffic’s utilization by Source IP, Destination IP and Service
■ Backup Accounting Report for Outbound and Inbound traffic
PLANET Technology Corporation
11F, No. 96, Min Chuan Road, Hsin Tien, Taipei, Taiwan, R.O.C.
Tel: 886-2-2219-9518 Fax: 886-2-2219-9528
Email: [email protected] www.planet.com.tw
VoIP Gateway: vip.planet.com.tw
01-08
C-POE-100SK
PLANET reserves the right to change specifications without prior notice. All brand names and trademarks are property of
their respective owners. Copyright © 2008 PLANET Technology Corp. All rights reserved.
CS-2001
Statistics
WAN Ports traffic statistic and policies statistic with graph display
Others
■
■
■
■
■
■
Dynamic DNS
NTP support
Multiple Server load balancing
Outbound / Inbound load balancing
High Availability
SNMP v1, v2, v3
Ordering Information
CS-2001
UTM Content Security Gateway ( Multiple WAN, LAN, DMZ )
RELATED Products
CS-1000
Multi-Homing Content Security Gateway
SG-4800
MH-3400
VRT-402N
VRT-420N
Gigabit SSL VPN Security Router
Gigabit Multi-Homing VPN Security Router
802.11n Wireless VPN/Firewall Router
802.11n Multi-Homing Broadband Router
Data Sheet
4
04-12
PLANET Technology Corporation
11F., No.96, Minquan Rd., Xindian Dist., New Taipei City 231,
Taiwan (R.O.C.)
Tel: 886-2-2219-9518 Fax: 886-2-2219-9528
Email: [email protected] www.planet.com.tw
C-CS-2001v2
PLANET reserves the right to change specifications without prior notice. All brand names and trademarks are property of
their respective owners. Copyright © 2012 PLANET Technology Corp. All rights reserved.
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement