Security Gateway

Horizon Networks SuperSG Series

Horizon Networks SuperSG products adopt advanced high-performance multi-core architecture, run an independent and controllable operating system, carry a rich interface hardware platform, combined with intelligent routing and other comprehensive network layer support as well as HA hot standby, to ensure efficient and reliable business processing and flexible and comprehensive scene support;It is equipped with WAF level intrusion prevention function and virus protection function of unique real-time virus interception technology. Through the security detection engine and application identification of single path parallel processing, it realizes in-depth analysis of users, applications and contents, and provides users with a safe and intelligent integrated protection system.

Product Advantages

Network wide Threat Intelligence, unknown risk can be protected

Flexible, efficient and comprehensive, with richer scene support

Professional intelligent engine, three-dimensional protection and safety

Deep data recognition and more detailed behavior control

Optimized bandwidth management and faster user experience

Centralized and unified control makes network operation and maintenance more convenient

“Network wide Threat Intelligence, unknown risk can be protected”

Network wide Threat Intelligence, unknown risk can be protected Use the independently developed Threat Intelligence Platform to eliminate this inequality by predicting the risk as much as possible, so that the security of the enterprise can be more effectively guaranteed.

Threat intelligence data includes IP reputation, domain reputation, URL reputation, file reputation (MD5 / SHA), latest attack events, attack trends and preventive measures. Implement the threat detection and intelligence processing capabilities and reduce the Mean Threat Time Detection (MTTD) and Mean Threat Time Response (MTTR).

“Flexible, efficient and comprehensive, with richer scene support”

Equipped with an independent and controllable firewall system, it integrates rich network features, has the ability to connect with third-party systems, share data, and enhance business value.

The leading multi-core architecture and distributed search and detection engine, with high-performance processors and multi-service parallel processing, have fast and efficient business processing and protection capabilities.

It integrates firewall, load balancing, intrusion prevention, virus filtering, application identification, behavior control, VPN access, business visibility, security authentication and other functions to provide a comprehensive network solution.

“Professional intelligent engine, three-dimensional protection and safety”

The WAF level intrusion prevention function with more than 4000 predefined attack features, the unique real-time virus interception technology with massive virus features and the virus protection function of the high-efficiency engine can analyze the traffic in real time, effectively block the attacks and virus behaviors in the network from the data link layer to the application layer, comprehensively and stereoscopically protect the key data of users, and avoid the leakage of confidential files and economic losses.

“Deep data recognition and more detailed behavior control”

By DPI / DFI technology, through comprehensive analysis of user traffic, it can deeply identify the built-in actions of applications, help enterprises to intercept bad comments in time, and make the network more orderly through application fine management.

“Optimized bandwidth management and faster user experience”

Thoroughly understand the current and historical utilization of bandwidth resources, and formulate bandwidth management strategies accordingly to verify the effectiveness of the strategies. Ensure the bandwidth required by core users and core services, limit the occupation of resources by unrelated services, and improve the user's experience of using the network. Traffic limit and time limit distinguish user rights, realize differential service and help marketing.

“Centralized and unified control makes network operation and maintenance more convenient”

With the integrated security strategy, the administrator can control the application, website address, intrusion prevention, virus killing and other contents through one policy, which is convenient to use and easy to maintain, which greatly reduces the difficulty of network replacement and simplifies the task of operation and maintenance.

Product Value

Ensure the security of user network and business

Flexible policy and VPN one key deployment function, easy to use

Complete functions and security visualization support to improve the manageability of the network

Functional Features

System Composition
Networking deployment
Security capability
Intrusion Prevention
Threat Intelligence
Virus protection
Web protection
Risk scanning
VPN

System Composition

Architecture design: support Cavium multi-core architecture design;X86 high performance architecture.

System components: support the architecture of separation of centralized management center (SG manager) and equipment (SG). A management center can manage single or multiple equipment.

Networking deployment

Routing mode: support routing mode access to the network, mainly covering gateway forwarding and gateway outbound scenarios.

Transparent mode: support transparent bridge mode access to the network, mainly covering serial access network, without affecting customer network access.

Bypass mode: support bypass mode, no need to change the network configuration, realize online behavior audit, cover core exchange traffic mirror, and receive audit information.Support multi-channel monitoring.

Mixed mode: it supports transparent, mixed, multi-channel bridge function, and multiple interfaces can be supported in one-way bridge. The above three access modes can be mixed access.

Security capability

Intrusion prevention: Statistics IPS attack type distribution, support pie chart display, click chart switch to table display.

Threat Intelligence: real time statistics of threat intelligence type distribution, support pie chart display, click chart switch to table display.

Attack trend: integrate the attacks in the network, support the trend chart to display IPS, threat intelligence, web application attack, DDoS, AV, etc., and automatically refresh the attack trend chart.

It also supports the integration of attack log and threat log.

Intrusion Prevention

It supports predefined intrusion attack characteristic classes, including maximum event set, general event set, application event set and attack event set.

It supports 4500 + predetermined intrusion attack features, including web server protection, web page anti crawler, webpage tamper prevention, HTTPS protection, DDoS attack protection, Web attack filtering, vulnerability protection, etc.

It supports user-defined intrusion attack feature classes, and can select protection level (low, medium, high), detailed intrusion attack features, processing actions (allow, reject, discard, discard session, block source address), etc.

It supports the display of intrusion attack features, and click to jump to the attack feature description page. The content of the page includes: attack name, attack harm, system involved, attack details, treatment suggestions and other information.

Support keyword based search for intrusion attack features.

Threat Intelligence

Threat Intelligence basic configuration: support configuration function on and off, support configuration whether to join intelligence improvement plan, i.e. return intelligence matching data

Support configuration of two Threat Intelligence cloud platforms

Support to test cloud platform connectivity

Threat Intelligence base upgrade:

Support manual upgrade of Threat Intelligence feature library，support automatic upgrade of Threat Intelligence feature library，and support regular upgrade record of Threat Intelligence feature library upgrade history information

Virus protection

Anti virus setting: it supports 200000 virus feature library by default, and expands the support of high-end models to 8 million feature library .The default is to load the whole library. If the high-end model needs, the whole library can be provided separately.

Support HTTP, FTP, POP3, SMTP, IMAP protocol virus killing.

Support scanning predefined file types, including exe, oc, wps, ppt, xl, com, bat, dll, hta, tar, scr, pif, cpl, vb, etc; Support custom add file type, can be enabled or disabled.

It supports checking and killing virus contained in email body / attachment, web page and download file.

Support ZIP / RAR and other compressed files virus killing, maximum decompression layer settings.The default value is 5; Range: 5-20.

Web protection

Protection policies: support the addition, deletion, modification, query, enable, disable and priority adjustment of protection policies; Rule protection supports enabling; Disable; Log on and off; Protection level setting: high, medium and low; Protection type settings: http protocol check, general attack, SQL injection attack, XSS attack, directory traversal, malicious scanning and crawling, Trojan horse attack, session hijacking, sensitive information disclosure, server protection, CMS vulnerability protection.

Rule base: support: http protocol check, general attack, SQL injection attack, XSS attack, directory traversal, malicious scanning and crawling, Trojan horse attack, session hijacking, sensitive information disclosure, server protection, CMS vulnerability protection and other 11 types.

Tamper proof Web caching: supports caching and cleaning.

Risk scanning

Port scan: port scan task create new task support: name; Scan address range; Scanning port range;Task type; Task description port scanning only supports TCP scanning, and the result supports display

Weak password scanning: support new scanning task support: task name; Scan address range; Services; Scanning mode;Password type check; Scanning type; The task description supports the display of scanning results and the import of password dictionary

VPN

IPSec VPN：supports fast configuration mode, and can connect with the same brand products quickly; It supports the third-party standard IPSec docking, and can connect with other manufacturers' standard IPSec VPN. The VPN peer address support is set to static IP, dynamic IP or domain name. It supports star network structure, that is, one central node, multiple branch nodes support IPSec VPN client remote access, and can be configured to access user group, DNS and WINS

SSL VPN: supports the selection of two SSL VPN dial in interfaces, supports the configuration of SSL VPN port, global DNS, address pool, default routing, supports multiple login of users, and supports anti brute force cracking function