One hundred million Gitzo firewall

One hundred million Gitzo application firewall introduced? Product Overview one hundred million Gitzo application firewall (Aplication Firewall, referred to one hundred million Gitzo AF system) is designed for the application layer, can accurately identify users, applications and content, with complete security protection, it can fully replace the traditional The new network security device firewall, and application layer with strong processing capabilities. Million Gitzo application firewall security devices to solve the traditional application control, application of visual, huge lack of content protection and other aspects of the application, but will not open all the functional performance dropped significantly. It can not only provide basic network security functions such as stateful inspection, VPN, anti-DDoS, NAT, etc; also achieve a uniform application of security that can be integrated detection and prevention, such as the application for an intrusion in a variety of technical means scanning, exploit, Web intrusion, unauthorized access, worms, abuse of bandwidth, and other malicious code. It can provide a more sophisticated, more comprehensive, more high-performance application content protection solutions for all sizes of industrial users of data center, WAN boundary, border Internet and other scenes. ? Product features more sophisticated application-layer security control current network environment, the application has become the main carrier of the network, and network security threats more from the application layer, which also allows users for network access control and higher requirements. How accurately identify the users and applications, blocking a security risk application, to ensure the normal use of legitimate applications, to prevent port theft and other issues, it has become the focus at this stage users on the network security concerns. But IP is not equal to the user, the application is not equal to the port, the traditional five-based firewall IP / port group access control policy is not effectively deal with great changes at this stage of the network environment. Gitzo Application Firewall million unique application of visual technology, can identify and control application behavior and characteristics depending on the application, rather than rely on the port or protocol, from the traditional equipment can only be controlled by IP address embarrassment, Even encrypted data stream can cope easily. Currently, one hundred million Gitzo application firewall can identify more than 700 kinds of applications and more than 1000 kinds of application actions, but also with a variety of authentication systems (AD, LDAP, Radius, etc.), applications (POP3, SMTP, etc.) seamless, automatic recognizes that the user information among network IP address corresponding and establish user packet structure of the organization; not only meet the general Internet boundary behavior management and control requirements, while meeting including Data Center and WAN boundary deployment requirements, the rich can identify and control intranet applications, such as Lotus Notes, RTX, Citrix, Oracle EBS, Kingdee EAS, SAP, LDAP, etc., update service for the user application demands, million Gitzo Application Firewall also can fine identify Microsoft, 360, Symantec, Sogou, Kaspersky, McAfee, Kingsoft, Jiangmin antivirus software updates to ensure strict control in a safe environment, the system software update service unimpeded. Thus, L3-L7 access integrated applications developed through the application of visualization technology control strategy, can provide users with a more refined and intuitive control interface, complete sets of equipment operation and maintenance work under a single interface, improve work efficiency. The development of more comprehensive content-level security network security and hacking technology allows users face the threat of a virus is no longer just a Trojan horse, a DOS attack such a simple attack. Hackers can use a wealth of tools, the use of numerous loopholes, combined with a variety of blended attacks of devastating attacks, such as a representative of the Slammer, Blaster and the like. The access to information and attack code often hidden in the normal application access, this appears blended security threats to network security has made new demands: the need for a more comprehensive means of protection to prevent security short board to be used; required deep into the security application content to identify and prevent potential threats. One hundred million Gitzo application firewall combines vulnerability protection, web security, virus protection and other security technology, with 2000+ bar vulnerability signatures, hundreds of thousands of viruses, Trojans and other malicious content signatures, 1000 + Web application threats signatures , can fully identify the various application-layer and content-level security threats. Through the gray Threat Correlation analysis techniques to restore the contents of the packet comprehensive threat detection and correlation analysis can be performed for different attack methods hackers process used to precisely locate a hacker attacks, effectively blocking the threat risk It occurred. Gray threat identification technology has changed the traditional IPS devices such as the threat of a single type of defense, threat detection frequent omission, false questions can help you minimize the risk of short-board, to ensure stable operation of business systems. In addition, Hui Sen technology accumulated in the field by virtue of the application layer more than a decade, the establishment of a professional security offensive and defensive team that can provide users with the latest threat signature updates on a regular basis to ensure timely defense. Higher performance application-layer processing capacity of performance and security is often the traditional security device is unable to weigh the issues. Especially in the application layer security protection feature is turned on, the problem is particularly evident. Under the bandwidth rising, increasing the threat of network environments, users have to make tough choices in both. In order to achieve a strong application-layer processing capacity, million Gitzo application firewall abandoned the traditional firewall NP, ASIC and other network layer adapted to perform repeated computing hardware design, using a more suitable application layer flexible computing power of multi-core parallel processing technology; in the system Architecturally, million Gitzo application firewalls also abandoned UTM multi-engine, multiple analytical framework, and using a more advanced integration of a single analytical engine, the vulnerabilities, viruses, Web attacks, malicious code / script, URL library and many other application-layer threat detection reunification match, so as to enhance the work efficiency, achieve a 10 Gigabit application security protection. A more complete security protection program is only based application layer security protection program, not a complete security solution. For the user, but also need to purchase security equipment (FW, VPN) basic network layer, not only increasing the cost, but also increase the network complexity, improved operation and maintenance difficult. From a technical point of view, the invasion of a hacker attack involves complete the network layer and application layer content level and other levels ways, if these threats in isolation from lack of intelligence between processing protection, various protective equipment Linkage , it is prone to "limbo" gray areas emerge protection vacuum. Gitzo application firewall million to cover the traditional firewall, the main function of IPS and internal kernel level to achieve linkage is an "L2-L7 complete security protection products." Premise "extra firewall intelligence" This is Gartner defined to achieve, achieve true kernel-level interaction, in order to provide a security of "impregnable fortress" as the user's business system. ? Product Function of network applications, fine control strategy, to avoid the application security risks FUNCTIONAL Value visualization application control rule has the largest application recognition library, you can identify hundreds of Internet applications, thousands apply the rules in the policy recognizes the rich network applications such as: Lotus Notes, RTX, Citrix, Oracle EBS, Kingdee EAS, SAP, LADP and other precise identification Microsoft, 360, Symantec, Sogou, kaspersky, Kingsoft, Jiangmin antivirus and other security software updates under strict control system software updates unimpeded provide unimpeded access control list for application development based on the type of application identification, user name, interface, security domains, IP address, port, time-rich log reports, centralized management, optimal operation and maintenance costs Value data center technology features built-in data provided centers and independent data center detailed report provides statistical reports, various reports Trend reports, summary reports, summary reports contrast, comparative statement specified risk behaviors reports, flow trend reports provide detailed statistical analysis of IPS / server protection statistics, statistical analysis Virus Information Intelligent Risk Report provides automatic mining and export restrictions unrelated to risk behaviors intelligence reporting application based on characteristics defined by administrator-risk behavior, to protect the core business, optimize bandwidth utilization technology function Value-based visual flow management applications, websites, files, time, target a variety of flow control and the user's IP multi-line technology, virtual multi-line technology, intelligent routing technology for multi-line respectively, to achieve flow control support core business, restrict legitimate business, blocking illegal business to adapt to complex scenarios against network attacks, rational planning Technical features secure domain Value Pack provides filtering and stateful inspection packet filtering of static and dynamic packet filtering function can defend against attacks DOS / DDOS, land, smurf, synflood, icmpflood and other network-level attacks NAT provides one to one, many to one, etc.-many address translation; VPN module built VPN module enables VPN connectivity