UTM Content Security Gateway
PLANET CS-2001 is a specially designed security gateway with virus and spam filtering features. As the gatekeeper of corporate security network, the CS-2001 prevents corporate intranet from being infected by virus and its network resource being occupied by useless spam emails. Furthermore, IDP, User Authentication and Content Filter features of the security gateway offer the corporate intranet highly secure protection. The CS-2001 also provides the IPSec, SSL VPN, and PPTP VPN solutions for secure data delivery via VPN tunnel.
• All Gigabit user defined Interface:
The CS-2001 not only supports all Gigabit Ethernet interfaces to provide higher performance but is also able to be defined the interface role for your network environment.
IPv6 is designed to success the IPv4 version. The CS-2001 implements the new IP version for further compatibility of network environment.
• Anti-Spam Filtering:
Multiple defense layers (Spam Fingerprint, Blacklist & Whitelist,Bayesian Filtering, Spam Signature, Graylist, Checking sender account and IP address in RBL), and Heuristics Analysis help to block over 95% of spam mails. Customizable notificationoptions and spam mail report are provided for the administrators. Varied actions to spam mails include Delete, Deliver, Forward and Store in the quarantine. It also has built-in auto-training system to improve the spam emails identification substantially.
• Anti-Virus Protection:
Built-in dual virus scan engines can detect viruses, worms and other threats from email transfer and can scan mission-critical content protocols, SMTP and POP3 in real time to provide maximum protection. It provides customizable notification options and virus mail report for the administrators. Varied actions to virus mails include Delete, Deliver, Forward and Store in the quarantine.
• Anti-Virus for HTTP, FTP, P2P, IM, NetBIOS:
The CS-2001 can filter the virus from various protocols. The virus pattern can be updated automatically or manually.
• VPN Connectivity:
The CS-2001 supports several VPN features -- IPSec VPN, SSL VPN and PPTP server/client. The VPN Tunnel with DES / 3DES / AES encryption and SHA-1 / MD5 authentication provides secure network traffic over public Internet. VPN Wizard helps the administrators to configure VPN settings easily.
• SSL VPN:
SSL VPN allows users to easily establish VPN connections for transferring the data by SSL encryption via web browser without the need of any software or hardware installation.
• VPN Trunk:
VPN trunk function provides VPN load balance and VPN fail-over feature to keep the VPN connection more reliable.
• Content Filtering:
The CS-2001 can block network connection based on URLs, Scripts (The Pop-up, Java Applet, cookies and Active X), P2P (eDonkey, Bit Torrent, WinMX and more), Instant Messaging (MSN, Yahoo Messenger, ICQ, QQ, Skype and Google Talk) and Download / Upload. If there are update versions of P2P or IM software in client side, the CS-2001 will detect the difference and update the Content Filtering pattern to renew the filtering mechanism.
• IM Recording:
Built-in IM Recoding function can help you record and monitor the use of MSN and QQ messenger. This can prevent productivity losses from personal use and confidentiality breaches from information leaks.
• IDP(Intrusion Detection and Prevention):
Built-in IDP function can detect the intrusions and prevent the network from Hacker attacks, Anomaly Flow and Signatures from the Internet. The CS-2001 provides three kinds of the signatures to complete the intrusion detection system. Users can select to configure "Anomaly","Pre-defined" and "Custom" according to the current environment request.
• Policy-Based Firewall:
The built-in Policy-Based firewall prevents many well-known hacker attacks including SYN attack, ICMP flood, UDP flood, Ping of Death, and etc. The access control function specifies WAN or LAN users to use authenticated network services only on specified time.
Network packets can be classified based on IP address, IP subnet and TCP / UDP port number and offer guarantee of maximum bandwidth with three levels of priority.
• User Authentication:
Web-Based authentication allows users to be authenticated via web browser. User database can be configured on the CS-2001 and it also supports the authenticated database through external RADIUS, POP3 and LDAP server.
• WAN Backup:
The CS-2001 can monitor each WAN link status and automatically activate backup links when a failure is detected. The detection is based on the configurable target Internet address.
• Outbound Load Balancing:
The network sessions are assigned based on the user configurable load balancing modes including "Auto", "Round-Robin", "By Traffic", "By Session" and "By Packet". Users can also configure IP or TCP / UDP type of traffic and assign which one of the two WAN ports for connection.
• Inbound Load Balancing:
The CS-2001 provides the Inbound Load Balancing is provided for enterprises internal server to reduce the server loading and system crash risks in order to improve the server working efficiency.
• Multiple NAT:
Multiple NAT allow local ports to be set in multiple subnets and connect to the Internet through different WAN IP addresses.
The CS-2001 provides IEEE 802.1Q Tagged VLAN and the VLAN groups which allows the administrator to install the network flexibly.
• High Availability:
The CS-2001 provides the High Availability function and the redundant system to keep the network traffic active when the device crash down.