|
 |
| Products |
 |
Network Appliance |
 |
|
|
 |
AhnLab's TrusGuard UTM is an integrated security system which blocks viruses, worms, spyware, spam, and other malicious contents at various layers through the use of firewall, IPS kernel-based network intrusion prevention, and detection technology.
In particular, AhnLab’s TrusGuard is equipped with unique protection technologies against DDoS attacks, and provides an efficient and safe access to the networks through SSL VPN.
| Manual |
Brochure |
|
|
|
|
|
|
| Feature |
Feature Description |
Benefit |
| Firewall |
- • Deep Packet Inspection (DPI)type stateful packet Inspection
- • Performance independent of policies and sessions
- • Route & transparent mode support
- • Various NAT functions: Static/Dynamic NAT, Excluded NAT
- • IP/Port/Firewall policy-based QoS
- • Dynamic & multicast routing Protocol
- • Object-based intuitive setting and user-friendly functions
- • Schedule-based policy setting
|
Safe network free from external security threats and optimal network performance |
| IPS |
- • Packet-based network attack detection and blocking
- • Signature-based intrusion prevention
- • Behavior-based intrusion prevention
- • Detection of malicious codes such as worms, Trojan, spyware, phishing, and other network-based attacks
- • 3-stage malicious code detection
|
Detecting and blocking attacks including unknown ones |
| Anti-Virus |
- • File-based virus, malicious code detection and blocking
- • Virus, Trojan, Worm, Spyware, Adware, Phishing, Spam, Malicious site, etc.
- • HTTP, SMTP, POP3, FTP, Oracle, General TCP support for virus, Trojan, worms, spyware, adware, phishing, spam, and malicious sites
- • ASEC monitoring and analyzing threats 24/7
- • 24/7 update through the CDN
|
Prompt response provided by ASEC team with security experts in 24/7 basis. |
| Contents Filtering |
- • Spam mail blocking : Scan SMTP, POP3
- • P2P/Messenger control
- • Malicious site access control
- • User-defined keyword-based spam blocking
- • Malicious site blocking
|
Greater productivity and network efficiency through removal of unnecessary traffic |
| DDoS Protection |
- • Detecting and handling DoS attacks made by certain users
- • Attack detection based on traffic, distribution, and time
- • Socio-engineering attacks
- • Handling DDoS attacks made by IP spoofing
|
Efficient defending of the DDoS attack, which is emerging as one of the biggest network security issues |
| SSL VPN |
- • Gateway to client VPN
- • IPSec VPN client level service
- • Enhanced end-point security
|
Monitoring of traffic incoming through the VPN in order to prevent malicious codes from spreading through the network |
Traffic Management
(QoS) |
- • Traffic bandwidth guarantee by IP and port
- • Manual setting and filtering-based automatic setting
- • Policy-based QoS for traffic control
- • Policy/Schedule-based QoS
- • Traffic shaping and policing
|
Efficient traffic control and bandwidth management to keep the network in best state |
|
Features
1. Excellence in Creating, Maintaining, and Transmitting Security Threat-handling Contents
AhnLab has advanced technologies which can create and transmit security contents against malicious codes.
· 20-year know-how and experiences in handling worms, viruses and malicious codes
· 24x7 ASEC (AhnLab Security E-Response Center) operation with 100 personnel
· Stable signature distribution through CDN
AhnLab?s security signature continues to be updated-even at this moment!
· 6,000 IPS Signatures
· More than 200,000 V3 Signatures
· Regular Signature update three times per day and emergency update when needed
AhnLab offers efficient prediction and spread blocking functions through the malicious code prevention mechanism
· Step 1 : Prediction of the pattern and distribution of blocking policies
· Step 2 : Distribution of early blocking policies
· Step 3 : Distribution of network worm blocking policies
2. High Performance
Multi Core supports tight contents filtering function such as IPS/Anti-virus in addition to firewall.
· When firewall is used with the IPS, the throughput remains 80% of the firewall use alone.
3. Flexible and Safe Access Environment
SSL VPN with stronger end-point security.
· Keyboard stroke sensing and firewall functions upon initial PC access
· HTTP cache and cookie deletion after use
4. Strong UTM Sticking to Basics
TrusGuard UTM integrates multiple security functions from the design phase to the implementation phase.
· Interfaces among firewall, IPS, anti-virus, and QoS functions
|
|
|
|
|
| Item |
AhnLab TrusGuard UTM 100 |
AhnLab TrusGuard UTM 400 |
AhnLab TrusGuard UTM 500 |
AhnLab TrusGuard UTM 1000 |
| Operation Mode |
Route Mode / Transparent Mode |
Route Mode / Transparent Mode |
Route Mode / Transparent Mode |
Route Mode / Transparent Mode |
| CPU |
Dual |
Dual |
Dual |
Dual |
| Giga Port (Copper) |
6 |
4 |
4 |
4 |
| Giga Port (Fiber) |
- |
2 |
4 |
8 |
| Bypass |
Support Bypass(Copper) |
Support Bypass(Copper/ SFP) |
Support Bypass(Copper/ SFP) |
Support Bypass(Copper/ SFP) |
| Firewall Throughput |
400 Mbps |
800 Mbps |
1.2 Gbps |
2 Gbps |
| Max Session |
1,000,000 |
1,300,000 |
1,500,000 |
2,000,000 |
| Sessions / second |
10,000 |
15,000 |
20,000 |
27,000 |
| Size (WxDxH mm) |
431x44.4x361 |
424x88x530 |
426x88.8x584 |
426x88.8x584 |
| Environment |
Operating temperature : 0~60
Storage temperature : -20~70 |
Operating temperature : 0~40ºC
Storage temperature : -20~80ºC |
Operating temperature : 0~40
Storage temperature : -20~70 |
Operating temperature : 0~40
Storage temperature : -20~70 |
| Power |
1U ATX SPS / 180W |
Redundant 460W/each |
Redundant 600W/each |
Redundant 600W/each |
|
|
|
|
|
|
Category |
Features |
TU 100 |
TU 400 |
TU 500 |
TU 1000 |
| Network |
Operation Mode |
Route Mode (NAT) |
O |
O |
O |
O |
| Transparent Mode |
O |
O |
O |
O |
| Routing Protocol |
Static Routing |
O |
O |
O |
O |
| Dynamic Routing |
O |
O |
O |
O |
| Multicast Routing |
O |
O |
O |
O |
| Source Routing |
O |
O |
O |
O |
| IP Assignment |
Static, DSL |
O |
O |
O |
O |
| Secondary IP |
O |
O |
O |
O |
| 802.1Q VLAN |
O |
O |
O |
O |
| 802.3ad Link Aggregation |
O |
O |
O |
O |
| DHCP , DHCP Relay (Bridge Mode) |
O |
O |
O |
O |
| DNS, Split DNS |
O |
O |
O |
O |
| IPv6 |
To be supported |
| Availability |
Active-Active, Active-Standby HA (without L4) |
O |
O |
O |
O |
| Full Mesh Network Configuration (without L2) |
O |
O |
O |
O |
| Bypass |
O |
O |
O |
O |
| IPS |
Signature Based Prevention |
6000+ Attack Signature |
O |
O |
O |
O |
| Protocol Analyzing + Pattern Matching |
O |
O |
O |
O |
| Evasion Attack Detect/Prevention |
O |
O |
O |
O |
| Web Attack Prevention |
O |
O |
O |
O |
| User define Prevention |
O |
O |
O |
O |
| TCP Reassembly |
O |
O |
O |
O |
| IP Defragmentation |
O |
O |
O |
O |
| IP Stealth Mode Support |
O |
O |
O |
O |
| Firewall Interface |
O |
O |
O |
O |
| Auto/Manual Signature Update |
O |
O |
O |
O |
| Behavior-based Prevention |
Outbreak Based Prevention |
O |
O |
O |
O |
| D(D)oS Prevention |
O |
O |
O |
O |
| Anti-scan Prevention |
O |
O |
O |
O |
| Anomaly Based Prevention |
O |
O |
O |
O |
| Firewall |
Firewall |
Secure OS (ANOS) |
O |
O |
O |
O |
| Stateful Inspection |
O |
O |
O |
O |
| TCSEC B-1 Level Security Label-based Access Control |
O |
O |
O |
O |
| Performance Independent of Rules |
O |
O |
O |
O |
| Black/White List Based Filtering |
O |
O |
O |
O |
| Policy Based QoS |
O |
O |
O |
O |
| Schedule Based Policy |
O |
O |
O |
O |
| User Authentication |
O |
O |
O |
O |
| One Time Password |
O |
O |
O |
O |
| RADIUS Interface |
O |
O |
O |
O |
| NAT |
NAPT |
O |
O |
O |
O |
| Static(1:1) |
O |
O |
O |
O |
| Dynamic (N:1, M:N) |
O |
O |
O |
O |
| Exclude NAT |
O |
O |
O |
O |
| VVoIP (SIP) Support |
O |
O |
O |
O |
| Application Proxy |
HTTP, SMTP, POP3, FTP, Oracle, General TCP |
O |
O |
O |
O |
| IP/Port Redirection |
O |
O |
O |
O |
| VPN |
SSL VPN |
Gateway-Client |
O |
O |
O |
O |
| User Level Access Control |
O |
O |
O |
O |
| IPSec VPN Client Level Service |
O |
O |
O |
O |
| End-point Security (MyFirewall, MyKeyDefense) |
O |
O |
O |
O |
| Cookie, Cache Deletion |
O |
O |
O |
O |
| Interface with Customer's DNS and WINS |
O |
O |
O |
O |
| Customer's Notice |
O |
O |
O |
O |
| IPSec VPN |
Gateway-Gateway, Manual Key, IKE, 3DES, AES, SEED, SHA-1, HAS 160, NAT Traversal, Hub & Spoken, Deed Peer Detection To be supported. |
|
|
| Contents Filtering |
Contents Filtering |
Anti-Virus (AhnLab V3) |
O |
O |
O |
O |
| Anti-Spyware (AhnLab Spyware) |
O |
O |
O |
O |
| Anti-Spam |
O |
O |
O |
O |
| Anti-Phishing |
O |
O |
O |
O |
| Anti-Adware |
O |
O |
O |
O |
| Anti-Grayware |
O |
O |
O |
O |
| Anti-Malicious Site |
O |
O |
O |
O |
| User define Contents Filtering |
O |
O |
O |
O |
| Management |
Monitoring |
Network Monitoring |
O |
O |
O |
O |
| System Monitoring |
O |
O |
O |
O |
| Security Monitoring |
O |
O |
O |
O |
| IPS Monitoring |
O |
O |
O |
O |
| Worm Monitoring |
O |
O |
O |
O |
| Quarantine Monitoring |
O |
O |
O |
O |
| Virus Monitoring |
O |
O |
O |
O |
| Spam Mail Monitoring |
O |
O |
O |
O |
| SSL VPN Monitoring |
O |
O |
O |
O |
| Management |
User-friendly GUI |
O |
O |
O |
O |
| Web, SSH-based Setup |
O |
O |
O |
O |
| System Management |
O |
O |
O |
O |
| User Management |
O |
O |
O |
O |
| Alarm, Notifications |
O |
O |
O |
O |
| Intuitive Log Management |
O |
O |
O |
O |
| SNMP, Syslog, E-mail |
O |
O |
O |
O |
| ESM Interface |
To be supported |
| NMS Interface |
To be supported |
| Quarantine |
Quarantine |
V3 APC Interface (End-Point Client Security) |
To be supported |
| Internet Access Control |
To be supported |
| Blocking/Warning Message Page Redirect |
O |
O |
O |
O |
|
|
|
|
|
|
