SpectrumWall ?? ??? - PowerPoint PPT Presentation

1 / 34
About This Presentation
Title:

SpectrumWall ?? ???

Description:

Title: Spectrum UPS Author: Pico Last modified by: eNetRexNote Created Date: 9/21/2005 6:55:39 PM Document presentation format: – PowerPoint PPT presentation

Number of Views:105
Avg rating:3.0/5.0
Slides: 35
Provided by: Pic140
Category:

less

Transcript and Presenter's Notes

Title: SpectrumWall ?? ???


1
SpectrumWall ?? ???
  • eNetRex Inc
  • 2005. 10

2
? ?
  • I. UTM ???? ?? ??
  • II. ??? ??
  • III. ??? ??
  • IV. ?? ??? ??
  • V. Reference Site

3
I. UTM? ???? ?? ??
  • UTM ???? ?? ??
  • 1. Network Security? Challenge(1)
  • Network Security? Challenge(2)
  • 2. UTM ???? ?? ?? ? ?? ???? ??
  • 3. ?? ??? ??? ?? ? ?? ??
  • 4. ?? ??? ??? ?? ??? ? ??
  • 5. UTM? ??
  • 6. UTM? ????
  • 7. UTM? Challenge

4
I. UTM ???? ?? ??
1. Network Security? Challenge(1)
  • FireWall? ??
  • ??? ??? ?? ?? ?? ??
  • ??? ???? ??
  • ??? ???? ??? ?? ? ???? ??
  • IPS? ??
  • ??? Virus? ?? ??
  • ??? Dos/Ddos? ??? ?? ??
  • Contents ?? ?? ??
  • ???? ?? ?? ??

5
I. UTM ???? ?? ??
1-1 Network Security? Challenge(2)
  • Contents ??? ??
  • Virus? ?? ???? ??? ??
  • SPAM mail? ?? ???? ??? ??
  • Deep packet Inspection? ?? ?? ??? ??

6
I. UTM ???? ?? ??
2. UTM ???? ?? ?? ? ?? ???? ??
Trend
??
UTM
?? ??
Firewall VPN IPS Antivirus Antispam
Anti-Virus/ IDPS
?? ??
Firewall VPN AV IPS
IDS
VPN
?? ??
Firewall
Firewall VPN
1997
1998
1999
2000
2001
2002
2003
2004
2005
7
I. UTM ???? ?? ??
3. ?? ??? ??? ?? ? ?? ??
? ? ? ? ?? ??
??? ???? ?? ??? ??? ?? ???? ???? ??/?? ??. ?? ?? ?? ??? ?? ?? ??? ???? ?? ?? ?? ???? ?? ?? ?? ?? ?? ?? ??(UTM) - ??? ??? ?????? ???/??? ??
??? ?? ??? ?? ?? ? ?? ??? ?? ?? ?? ?? 24?? ??? ?? ? ?? ?? ?? ??? ?? ??? ?? ???? ?? ?? ??(??/??/??) FW VPN ?? IPS IDS ?? AV Spam ?? Contents URL Filter ?? ???? ?? ?? ?? ?? ???? ?? ?? ??
??? -------? ?? ??? ??? ?? ?? ??? ??? ???? ?? ?? ???? ?? ? ??? ?? ??? ? ?????? ??? ?? ?? ?? ?? ?? ?? ?? ?? -gt ??? ?? ???? -gt ?? ??
8
I. UTM ???? ?? ??
4. ?? ??? ??? ?? ??? ? ??
??? ? ? ? ? ? ? ?
??? 1? ?? ?? ?? ???? ?? ?????? ?? UTM ???? ???? ???? ??? IPS ??? ???? ??? ??? ??? ??? ???? ?? ?.
VPN ??? ??? ??? ?? ?? ??? ??? ??? UTM ???? ???? ???? ??? IPS ??? ???? ??? ??? ??? ??? ???? ?? ?.
IDS ?? ?? ????? ??? ??? UTM ???? ???? ???? ??? IPS ??? ???? ??? ??? ??? ??? ???? ?? ?.
IPS ?? ?? ???? ??? ?? UTM ???? ???? ???? ??? IPS ??? ???? ??? ??? ??? ??? ???? ?? ?.
AV ?? ??? ?? Web ??? ?? ???? ??? ?? ?? ? UTM ??? ??? ?? ??
Anti-Spam ?? ?? ?? ?? 2 byte Code ??? ??? ?? ???? ??? ?? ?? ??? ??? ?????? Anti-Spam ???? ??? ?? ???? ???/??? ??
9
I. UTM ???? ?? ??
5. UTM? ??
  • FireWall, VPN, IPS, VirusWall ,Contents
    Filtering, Spam Block, Qos? ?? ???
  • ???, ??? ??? ?? ?? ??? ??
  • ??? ?? ???? ??? ???? ?????? ?????
  • ??? ??? ?? ?? ??? ??? ??
  • Disk On Module( DOM ) ??? ??? Upgrade? ?? ?? ??
  • ?? ????? ?? ??? ?? ?? ?? ??? ??? ?? ??
  • ?? ?? ???? ?? ?? ??

10
I. UTM ???? ?? ??
6. UTM? ?? ??
  • ?? ???/VPN ??? ??? ???? ???/VPN, IDS/IPS, ??
    ????, ? ??? ?? ?? ??? ???? ?? ?? ??(UTM) ???????
    ??? ???? ??? ??? ????.
  • IDC? 2004? 3????? ??? ???? ??? 2004? ?? ?? ??????
    ??? ???/VPN? 637???? 55.2, UTM? 305???? 26.4?,
    IDSIPS? 212???? 18.4? ????.
  • ?? UTM? 2003??? 2008??? 5?? ??? 40.8?
  • ?? ???? ??? 2008??? ???/VPN? ??? ??
  • ? ????? ??? ??? ???? ????.

  • - IDC ??? ?? -

11
I. UTM ???? ?? ??
7. UTM? Challenge
  • F/W, VPN, IPS, VirusWall? ?? ??
  • ??? ?? ????? ??
  • ?? F/W, IPS, VirusWall ????? ??
  • ????, ? ???? ??
  • ???? ???? ??
  • ???? ???? ?? ?? ? ?? ?? ??
  • ???? ??? ??

12
II. ??? ??
II.??? ?? 1. Spectrumwall ?? ?? 2.
Spectrumwall ?? ???? 3. Spectrumwall ??? ??
???? 4. ???? ??? ?? ????? 5. ?? - ???/VPN
6. ?? - IDPS 7. ?? - Mail Server Anti-Virus
?? 8. ?? ? ???? 9.??? ???? 10.??? ????
13
II. ??? ??
1. Spectrumwall ?? ??
Active Intrusion Prevention
Forensic Analysis/Correlation
Block
Alert
Reporting/Notification
Corporate Network and Resources
Limit
Security History/Baselines
Pass
Active Network Response
???
???
14
II. ??? ??
2. Spectrumwall ?? ????
15
II. ??? ??
3. Spectrumwall ??? ?? ????
??? ??? ??? ??? ?? ??? ? ? ??, ???? ?? ?? ?????
???.
16
II. ??? ??
4. ???? ??? ?? ?????
  • GUI Windows Application
  • 3?? Key Management 1. Device Manager
    Configuration 2. Syslog Log ?? 3. Device
    Monitoring Device Health Check
  • MSDE ???? ?? Application ?? ??? ??
  • Setup Wizard ??
  • ??? ??? ?? ??? ?? Global Manager ??
  • Global Manager ?? ??????? ?? ?? ?? ?? (?? ?? ??
    ? ?? ??)
  • ?? ??? ??/ ?? ??/
  • ??? ??

17
II. ??? ??
5. ??- ??? / VPN
  • H.D.I.E ????- High Deep Packet Inspection
  • NAT/Route/TP Mode ??
  • ??? ??? ?? N/W Mode(L2 L3 NAT)
  • ??? ??? ?? ??? ??
  • ??? ??? ??? IDS ?? ? IPS ?? ?? ( ??/ ??)
  • - ??? ???? IPS ?? ON/OFF -
    Port ? / ??? ??? / P2P ?? ??? ??
  • 6. Host/ Network/ Range/ Mac ? ?? ??? ? ?? ?? ??
  • 7. Schedule ??
  • 8. ???? ?? ??
  • 9. ??? Session ????
  • 10. Global/Intra/Inter ? ????
  • ?? ??? IPS ? ??? ?? 2? ?? ??

18
II. ??? ??
6. ??- IDPS
  • 3 core Detection Engine - Anomaly Detection
    Engine - Signature Detection Engine - State
    Tracking Engine
  • 3000 ? ??? Signature ??
  • N/W , Port, Host ? Signature ? ???? ??
  • ?? ??? ? ?? ??Alert / Block
  • Signature Live Update
  • All Network Direction Detection
  • P2P ??
  • Signature ? ??? ? ??? ????(On/Off) ?? ??
  • Signature ? ??? ?? ?? (?? ??? ??)
  • ??? ??( ??/???/??) ? IDPS Signature ?? ??? ??
  • Signature ?? ??
  • ?? ??? ?? ? Customization

19
II. ??? ??
7. ??- Mail Server Anti-Virus ??
  • Mail Domain ? Security
  • SMTP, POP 3 ??
  • - Mail Domain ? - Filtering ( Block ,
    Alert/ Quarantine)
  • - White List ?? ??
  • Anti-Virus ?? Live Update
  • F-secure ?? ??
  • ( ?? ???? ??? / ??? ??)
  • 5. ???? ??
  • 6. IDPS Mail Signature ??
  • ?? Mail Server ? ?? ??Anti-Virus ?? ?? ???
    IDPS ? ??? Server Farm ?? ?? ?? ??

20
II. ??? ??
8. ?? ? ????
  • Log ?? ??
  • Syslog Syslog --? Global Manager
    Buffer --? ?? HDD
  • ?? Log ?? ?? ??? ???? ??? ? Src / Dst
    IP ?? ??
  • Log ?? configuration Event Traffic
    Security
  • 4. MS_SQL DB ?? Log ?? ? ??? ??

21
II. ??? ??
9. ??? ????
  • ??? ??? ?? ??
  • Session CPU Memory ??? ??? ???
    ??? ???? ?? ?? ??
  • Resource ? Session ???? ???? ???? Session
    ???? ?? ???? ??? ??? ??

22
II. ??? ??
10. ??? ????
Virus Wall
DMZ (Web, Email, etc.)
Internet
Global Manager / ????
F/W IDPS
Corporate Resources
Corporate
IPS
F/W
Users
23
III. ??? ??
III.??? ?? 1. ?? ?? ?? ?? 2. ?? ?
ISP/Telco 3. SpectrumWall ?? ? ?? 4.
SpectrumWall?? ??
24
III. ??? ??
1. ?? ?? ?? ??
(For Mid Enterprise)
Performance ??
(For Small Enterprise)
(For SOHO)
Scalability ???
25
Our Suite of Products
III. ??? ??
2. ?? ? ISP / Telco
(For Large Enterprise or Carrier Provider)
Performance
(For Large Enterprise)
Scalability
26
III. ??? ??
3. Spectrum ?? ? ??
Model Number CRODO CRODO CRODO CRODO
Model Number Spectrum-25 Spectrum-50 Spectrum-104/108 Spectrum-600/1000
Operating System Proprietary Proprietary Proprietary Proprietary
Number of User License Unlimited Unlimited Unlimited Unlimited
Machine Type 1U 1U 1U 2U
Processor VIA C3 800 MHz VIA C3 800 MHZ Intel P3 1GHz Pentium Xeon 2.4GHz / 2.8GHz
Mother Board EBC536R VIA 8601 A/ VT82c686B Intel 815E (B step) Intel E701
Cache 128M SDRAM 128M SDRAM 256M / 512M SDRAM 512M / 1G SDRAM
Storage Flash Disk (64M) Flash Disk (64M) Flash Disk (64M) Flash Disk (64M)
LCD Display NO NO NO YES
Built-in IDPS Mirroring Port YES YES YES YES
Console Port DB9 DB9 DB9 DB9
Interfaces 10/100 BaseT x 3 10/100 BaseT x 3 10/100 BaseT x 4 / 8 10/100 and 1000BaseT x 2 / 2
High Availability YES(Hot - Stand by Failover) YES(Hot - Stand by Failover) YES(Hot - Stand by Failover) YES(Hot - Stand by Failover)
Max. Number of Policies 1024 2048 5000 / 5000 20000 / 20000
Max, No, of Concurrent Connections 50000 80000 180000 / 250000 400000 / 900000
New Sessions /second 5000 6000 9000 / 9000 19000 / 19000
Firewall Performance (cleartest) 150Mbps 200Mbps 500 / 500Mbps 2000 / 2500Mbps
Firewall Performance (168 Bit 3DES) 60Mbps 80Mbps 200 / 200Mbps 800 / 1000Mbps
Max. No. of Simultaneous IPSec (VPN) Tunnels 2000 2500 3000 / 3000 10000 / 10000
27
III. ??? ??
4. SpectrumWall ?? ??
Tunnel Technologies IPSec, LT2P, PPTP
Max. No. of Simultaneous IPSec (VPN) Tunnels 2000
Encryption Scheme DES, 3DES, AES
IPSec Peer Authentication Method (MD5 / SHA-1) YES ( MD5, SHA-1)
Tunnel Types Yes (G2G / G2C)
IPSec Key Management Schemes, IKE (Assign IPSec SAs) Manual / Pre-Shared / Digital Cert
Packet Filtering YES
Stateful Inspection (TCP / UDP) Port Numbers, Flags, Session Table, UDP Timeout
Application Level Inspection YES (HTTP, FTP, SMTP, POP3, TELNET, H323, MMS)
Attack Prevention YES (DoS, DDos)
User -Based Authentication , Supported Protocols Local, RADIUS, RSA SecurID, LDAP , (HTTP, FTP, TELNET)
Time-Based Security Policy Settings YES
Content-Level Filtering URL, Mail, JAVA, ActiveX
URL Filtering/Blocking (Outgoing Connections) Internal DB
SMTP/POP3 Filtering (sender / receiver address and file size) Supported
Built-In IDS ( No. of signtatures) YES (250) Network Upper Layers
Transparent Bridging Mode (Layer-2 Mode) YES
Routing Mode (Layer-3) Static / Default Route, RIP v2, OSPF
Network Address Translation Modes (NAT Modes) Dynamic Pool 11 Static, One-to-Many (PAT), Policy NAT
Port ReDirection (For Incoming Connections) YES
VLAN Suport / (No. of VLANs) YES (15)
Remote Access Services (DHCP/PPPoE) DHCP Server / Client / Relay PPPoE
Server Load Balancing (Round-Robin) / No. of Servers YES / 8
Traffic Management (Packet Shaping) Guaranteed, Maximum
Management Interface Console, GUI(SSL), SSH
WebGUI Language Multiple-language support
Logging Console, SysLog, WebTrends, Email Notification
Multi-Level Administrator Priviledge Levels YES
Multi-Level Logging (Emergency, debug etc) YES
SNMP Support YES
Email Notification (Alerts Traffic Staistics) YES
28
IV. ?? ??? ??
IV.?? ??? ?? 1. ?? ?? ? ??? ?? ?? 2. ???
??? ?? 3. ??? ??? ??
29
IV. ?? ??? ??
1. ?? ?? ? ??? ?? ??
??? ?? ??? ??? ?? ? ?? ??
??? F/W ? VPN ? ??????( Check Point) ??? ?? ?? ?? ?? Virus , Signature Vaccine ? ?? ?? (?? ??) Mail- Anti virus ? ???? ???? ?? Hardware ??? ???? ?? ?? Device Software Vaccine Signature ? Global Manager ? ?? ???? Virus Wall ??? Server ? ??? Anti-Virus Software ??? ?? Virus wall? ?? ??? Hardware ??
?? IPS IDS ??? In-Line Mode ? ????? ?? ??? ?? ??? ?? ?? ???, ?? ???? ?? ??? ?? ? IDPS ?? ?? Route / In Line /NAT Mode ?? IDPS ??? ?? Port ? ???? ??? ???? ???? IDPS ? ?? ??? ??
ASIC vs Software ?? ?? Asic ??? ??? ??? ??? ??? ?? (???? ?? ??? Upgrade ?? ? ?? ??) Software ??? Customization ? ?? ?? ??? ??? Hardware ?? ASIC ? ??? Non-Programmable ? ?? ?? ??? ??? ?? Customization ?? Upgrade ? Hardware ? ???
30
IV. ?? ??? ??
2. ??? ??? ??
Vendor ??? ??? / ???? ??
N ? F/W VPN IDPS (????) AV (?? ??) Contents Filter (????) F/W VPN IPS / IDS Contents Filter (Mail) A/V F/W VPN IPS AV ?? ???? ??? ?? ?? ?? ?? Management Live Update ( Signature Vaccine) ??
F ? F/W VPN AV Contents Filter AV ?? ?? Contents Filter (????) F/W VPN IPS / IDS Contents Filter (Mail) A/V F/W VPN IPS AV ?? ???? ??? ?? ?? ?? ?? Management Live Update ( Signature Vaccine) ??
T / WS Only IPS ONLY In-Line Mode ??? Live Update F/W (????) VPN (????) AV (?? ??) Contents Filter (????) ??? Live Update F/W VPN IPS / IDS Contents Filter (Mail) A/V F/W VPN IPS AV ?? ???? ??? ?? ?? ?? ?? Management Live Update ( Signature Vaccine) ??
CH F/W VPN AV (?? ??) Contents Filter (????) ??? ?? ?? F/W VPN IPS / IDS Contents Filter (Mail) A/V F/W VPN IPS AV ?? ???? ??? ?? ?? ?? ?? Management Live Update ( Signature Vaccine) ??
CH F/W VPN AV (?? ??) Contents Filter (????) ??? ?? ?? ?? ?? ??
C ? F/W VPN AV (?? ??) Contents Filter (????) ?? ???? ( 2005 Q4) SSL VPN (2006 Q2) Contents Acceleration ( 2005 Q4) HTTP Anti- virus Filtering (2005 Q4) ??? ( 2005 Q2)
R ? IPS ( ????) F/W (????) VPN (????) AV (?? ??) Contents Filter (????) ?? ???? ( 2005 Q4) SSL VPN (2006 Q2) Contents Acceleration ( 2005 Q4) HTTP Anti- virus Filtering (2005 Q4) ??? ( 2005 Q2)
AS ? F/W VPN AV Contents Filter AV Contents ?? ?? ?? ???? ( 2005 Q4) SSL VPN (2006 Q2) Contents Acceleration ( 2005 Q4) HTTP Anti- virus Filtering (2005 Q4) ??? ( 2005 Q2)
????
???
31
IV. ?? ??? ??
3. ??? ??? ??
32
IV. ?? ??? ??
4. ??? ?? ? ??

Firewall Type NetScreen-500 Astro gateway Crodo Crodo
Model Number NS-500ES-FE2-AC 420 SpectrumWall-600 Spectrum-1000
Number of User License Unlimited Unlimited Unlimited Unlimited
10/100BaseT Interfaces 4 (max8) 2 on board (max6, total6) 2 on board (max6, total6)
?? GigE Support Supported 8 (Only 1000 Base TX) 2 on board (max6, total6) 2 on board (max6, total6)
High Availability/Hot-Standby Failover Supported Option Supported Supported
Operating System Proprietary Proprietary Proprietary Proprietary
Standard Warranty Period 1 year 1 year 1 year 1 year

?? Max. Number of Policies (Rules) 20,000 20,000 20,000
Max. No. of Concurrent Connections 250,000 400,000 900,000
New Sessions/second 17,000 19,000 19,000
Firewall Performance (Cleartext) 700 Mbps 1.0 GB 2.0 Gbps 2.5 Gbps
Firewall Performance (168Bit 3DES) 250 Mbps 265 Mbps 800 Mbps 1 Gbps
Firewall Performance (128Bit AES) ? 1.8 Gbps 2.25 Gbps
33
V. Reference Site
V. Reference Site
34
?????
  • eNetRex Inc
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "SpectrumWall ?? ???" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!