Threat Defense Gateway

Threat Defense Gateway

Horizon Networks SuperTP Series

Horizon Networks intrusion detection system will first construct a virtual execution environment that can execute various SQL statements. It can analyze the input content by semantic analysis, no matter how complex and special attack content the attacker's pseudo structure is. As long as the content entered by the user contains the content of the attac,attack can be found.

Product Advantages

SQL injection detection based on semantics

Flexible security policy management

User identification

More refined application layer security control

Intelligent association analysis

High performance multi service parallel architecture

SQL injection detection based on semantics

The system will construct a virtual execution environment that can execute various SQL statements. Through semantic analysis of the input content, no matter how complex and special the attacker's pseudo structure is. As long as the content input by the user contains the content of the attack,the attack can be found.

Flexible security policy management

The policy based protection method is adopted, and a variety of default security policy sets are built in. Users can choose the most suitable policy according to their needs to achieve the best protection effect. Users can choose different event sets according to different types of protection, which can improve the performance of the system and reduce the probability of false positives.

User identification

With the continuous development of the network and the rise of BYOD, IP based management can not meet the requirements of network management. Based on the user's identity identification, the invisible IP is connected with the real people.Provide a variety of user identification means to facilitate administrators to better detect threats and attacks.

More refined application layer security control

Using flow detection technology to analyze all kinds of applications in-depth, build application protocol identification framework, accurately identify most of the mainstream application protocols, can carry out fine-grained management of applications based on application identification, and can well detect and defend these application security vulnerabilities and attacks using these vulnerabilities.

Intelligent association analysis

Because IDS can monitor the communication within the network, whether it is a direct threat from the internal host or from the outside to the inside, it can alert the network administrator to deal with the existing threats. In the case of large-scale worm outbreak, it is IDS warning that enables administrators to take action in time, thus greatly avoiding the harm caused by network crash.

High performance multi service parallel architecture

It adopts the latest and most advanced multi-core hardware architecture, runs security OS with independent intellectual property rights on the hardware architecture, efficient parallel scheduling algorithm and memory management mechanism to improve the performance of traffic forwarding packets.In the aspect of application layer security, the performance of the product has been greatly improved through several key core technologies such as "Zero-copy", multi-core parallel control, multi-threaded application agent and so on.

Product Value

Advance warning, timely detect the occurrence of intrusion attack and give an alarm

Defense in the event, and timely block the dynamic defense of CP killer and other attack methods

Provide detailed attack information for forensic analysis

Functional Features

  • Safety Protection
  • Routing Management
Safety Protection
Intrusion detection: Intrusion Detection based on the set of rules, intrusion protection.

Anti virus: support HTTP, FTP, POP3, SMTP, IMAP protocol virus killing.

Network security - anti ARP attack: support ARP Spoofing protection function based on interface.

IPv4 security support: ping of death; land-base; tear-drop; tcp flag; winnuke; smurf; IP option; IP spoof; joit2

IPv6 Security Protection Support: WinNuke; land-base; tcp flag; fraggle; IP spoof

Routing Management
Routing table: displays device routing information.

Advanced routing properties: supports asymmetric routing, and supports forced source in and source out under the command line.

Static routing: add, delete, modify and query, support multi link load balancing based on routing weight, support routing priority, and support VRF configuration.

Policy Routing: add, delete, modify, query, move, 5-tuple policy route + time, user based policy routing, application based policy routing, support multi link load balancing based on routing weight.