Unified Threat Management (UTM) UTM-1000

Nusoft．Internet Security Fighter
Multi-Homing
Gateway Series
UTM Series
Unified Threat Management (UTM)
UTM-1000
Despite e-commerce's worldwide potential, it brings along
with itself various nuisances and security risks such as spam,
viruses, Trojans, hacker attacks, etc.
Accordingly, Nusoft presents you with UTM-1000, the ultimate
solution to spammers, viruses, network security and management
concerns. Its multi-layered spam filtering and training
mechanisms help enterprises filter out unwanted emails, merely
keep the essential ones. As for malicious code such as Trojans,
worms and viruses, all can be effectively kept out of the enterprise's network using its inbuilt dual anti-virus engines (ClamAV
and Sophos) along with IDP system, leaving hackers no chance and eliminating security threats once for all.
Moreover, it also has features like SPI firewall, Web filtering, load balancing, QoS, application blocking and total VPN
solution built into it, greatly facilitating network management. Better yet, all signatures are free of charge and have no
user number limit, which drastically lowers down your ownership cost.
Product Features
Proactive Intrusion Detection and Prevention (IDP)
The IDP focuses on OSI layers 4 to 7 in inspecting for
Internet attacks. In addition to blocking network-based
security threats (updated every 30 minutes;self-defined
signatures supported), the IT administrator will be
instantly notified and presented with comprehensive
reports for diagnosis upon occurrence of an attack.
Full IPv6 Compatibility
The device is completely compatible with the mainstream
Internet protocol of the future -- IPv6. There is no budget
required for implementing another IPv6-based gateway
simply for IPv4-to-IPv6 address translation.
High Spam-Filtering Accuracy
Custom Network Interfaces and Groups
The spam filtering can reach 99% accuracy using spam training
and multiple filtering mechanisms such as Fingerprint,
Bayesian, Global/Personal Rule, Grey-/Black-/Whitelist,
etc. Without IT administrator's intervention, recipients may
decide whether to retrieve quarantined mail through the
Mail Notice generated by UTM-1000, greatly reducing
the network management load.
Up to four network interfaces are available for defining as
LAN, WAN, DMZ or network groups (isolated from one
another). Thus, UTM-1000 can serve as an internal firewall
physically separating each subnet with its grouping feature,
which gives an extra layer of protection to your internal
network and efficaciously prevents viruses or worms from
spreading over the network.
Web Filtering Mechanism
Dual Virus-Scanning Engines
The Web Filter employs a cloud-based URL database that
has eight categories namely Anti-Social and Illegal,
Pornographic and Abusive, Gaming and Gambling, Society
and Commerce, Communication and Technology, Leisure,
Information and Education, Other, and up to sixty-four
subcategories. Web access now can be easily managed by
specifying simply the category instead of the URL,
keyword, etc.
The inbuilt virus-scanning engines (ClamAV and Sophos)
protect your network from over fifty thousand kinds of
viruses, Trojans, spyware, phishing frauds, etc. In addition,
the virus signatures are free of charge and have no user
number limit, offering you the most up-to-date protection
at a minimum ownership cost.
Comprehensive Mail Reports
In addition to that, IT administrators are also allowed to
restrict file transfers, MIME types and browser scripts,
and provided with detailed logs and statistics for diagnosis.
IT administrators are provided with detailed logs and
intuitively interpretable statistics for analyzing email
handling, such as the results of spam filtering and virus
scanning.
1
Nusoft．Internet Security Fighter
Multi-Homing
Gateway Series
UTM Series
In- / Outbound Load Balancing & PBR
Internet-Based Application Blocking
The device can load-balance outbound traffic evenly across
WAN ports based on various load-balancing algorithms.
It efficaciously makes the most of your bandwidth and
ensures you with a reliable connection.
The use of instant messaging (both login and file transfer),
peer-to-peer sharing, multimedia streaming, web-based
mail service, online gaming, VPN tunneling, remote
controlling, etc. now can be effortlessly regulated by the
means of application blocking.
Besides outbound load balancing, it is also capable of inbound
load balancing, which helps mitigate webpage requests
directed at your Web server by distributing them across
multiple WAN connections, guaranteeing uninterrupted
e-commerce.
A Total VPN Solution
UT M-1000’s VP N trunking capability ensures failover and
bandwi dth aggregation to IPSec and PPTP tunnels, greatly
increasing the connection speed and stability. In addition,
it adopts hardwar e information (rather than login information)
to authenticate an SSL VP N user. Remo te users are now
offered wi th fast and easy SSL VPN access wi thout the need
for compl ex configurations.
Its policy-based routing (PBR) mechanism allows the IT
administrator to assign specific WAN port for a specific
purpose (or traffic).
Quality of Service (QoS) / Individual QoS
Most third party firewall products lack advanced VPN
connection management and therefore result in security
risks. In comparison, UTM-1000 secures highly confidential
business informat ion carried over the VPN with IDP and virus
detection and provides advanced management such as QoS
and authentication.
The QoS mechanisms allow IT administrators to base the
bandwidth allocation on company's network policy,
preventing bandwidth being exhausted by minorities.
Deployment
ISP
ISP
ISP
ISP
Multi-Homing Gateway
VPN Firewall
Bandwidth Manager
UTM-1000
Anti-Spam Server
Viruswall
LAN
Mail Server
LAN
Traditional Network Infrastructure
Mail Server
All-in-One Integrated Network Infrastructure
2
Multi-Homing
Gateway Series
UTM Series
Nusoft．Internet Security Fighter
Product Highlights
Highlights
Benefits
Third-Party Products
Full IPv6 compatibility
Saves the budget for the implementation of an
IPv4-to-IPv6 gateway.
Either incompatible or with limited support.
Custom network interfaces
and groups
Enables you to define networks as needed and
offers a physical internal firewall due to its
grouping feature.
Either fixed to factory default or incapable of
load balancing.
Integrated policy
configuration
Provides an effortless operation experience
through a single Web-based UI.
A basic firewall with a few security features
added on to provide a rough protection.
Mail notice
Notifies recipients of quarantined messages
and enables them to retrieve those emails by
themselves.
Leaves recipients unaware of quarantined
messages and requires IT administrator's
intervention to retrieve them.
LAN security
Secures your LAN network with anomaly flow
detection and co-defensive switch system.
No protection against packet flooding.
QoS management
Adds flexibility to bandwidth management by
QoS and P2P bandwidth limits.
Lacks flexibility and adaptability in individual
bandwidth management.
Total VPN solution
Securely tunnels your private connections
using PPTP/IPSec/SSL VPN along with
trunking capability and policy-based
management.
Equips user only with PPTP and IPSec VPN,
lacking security and manageability.
SSL hardware authentication
Uses hardware information such as the details
of CPU and hard disk size to authenticate an
SSL VPN user without the risk of password
compromise.
Requires login information to establish an
SSL VPN connection.
Policy-based routing (PBR)
Allows in- / outbound traffic to be load balanced
based on network polices.
Only comes in outbound PBR capability and
is not configurable at all.
Application blocking
Restrains the use of Internet-based
applications such IM client, P2P software, etc.
Less effectively blocks the use of Internetbased applications by port number.
Bi-directional load balancing
Ensures access stability to both the LAN users
(outbound traffic) and website visitors (inbound
traffic).
Fails to meet the needs of all sizes of
businesses with just outbound load balancing.
IP-oriented connection
solution (i.e., online banking
/ gaming )
Avoids service disruption during an IP-oriented
connection such as online banking and gaming
due to IP change.
No solution available for service disruption
during online banking and gaming sessions .
Web category filtering
Effortlessly regulates Website access by eight
categories and sixty-four subcategories.
Less effectively filters Website access by
basic criteria such as IP, domain, keyword, etc.
IPv6
IPv4
IPv4/IPv6
Compatibility
Internet
LAN 2
User-Definable
Networks
VPN
SPI Firewall
Total VPN Solution
Multi-WAN
Load Balancing
IDP
18
Anti-Virus
Anti-Spam
Link Failover
Up- / Download
Blocking
IM Recording
Web Filtering
Anomaly Traffic
Detection
Co-Defense System
SPEED
60
LIMIT
最高限速
1 Mbit/sec
PBR
AAA Server
Application Blocking
QoS
3
Multi-Homing
Gateway Series
UTM Series
Nusoft．Internet Security Fighter
Model Comparison
Model Name
UTM-950
UTM-1000
UTM-1500
UTM-2000
UTM-3000
UTM-5000
500GB
500GB
500GB
500GB
1TB
2TB x 2 (RAID-1)
4 GbE (RJ45)
4 GbE (RJ45)
6 GbE (RJ45)
7 GbE (RJ45)
12 GbE
12 GbE
Hardware Specifications
Hard Disk Capacity
Port Density
Networking
(RJ45/Mini-GBIC) (RJ45/Mini-GBIC)
User-Definable
Power Redundancy
X
X
X
X
Form Factor
1U RackMountable
1U RackMountable
1U RackMountable
1U RackMountable
2U RackMountable
2U RackMountable
Max. Concurrent Users
Limited
Unlimited
Unlimited
Unlimited
Unlimited
Unlimited
X
X
Sophos / ClamAV
Sophos / ClamAV
X
X
Product Features
IPv6 Compatibility
Interface Grouping
SPI / Internal Firewall
Anti-Spam
Anti-Virus
Email
Security
Mail Notice
Email Archiving / Auditing
Viruswall
Sophos / ClamAV
Sophos / ClamAV Sophos / ClamAV
Sophos / ClamAV
IDP
Web Filtering
In- / Outbound Load Balancing
QoS / Individual QoS
Application Blocking
IPSec / PPTP VPN
VPN Trunking
VPN
SSL Web VPN
SSL Application
VLAN / VLAN Trunking
AAA Server
High Availability
X
IM Recording
X
X
X
1/1
1/1
2/2
2/2
8/8
8 / 16
Firewall
1.6 Gbps
1.6 Gbps
2.5 Gbps
3.3 Gbps
3.4 Gbps
5.0 Gbps
IDP
1.5 Gbps
1.5 Gbps
2.3 Gbps
2.9 Gbps
3.1 Gbps
4.5 Gbps
Anti-Virus
0.82 Gbps
0.82 Gbps
0.86 Gbps
1.15 Gbps
1.16 Gbps
1.34 Gbps
Daily Email Throughput (1KB/MSG)
2,000,000
2,000,000
4,000,000
5,100,000
5,200,000
6,700,000
CPU Consumption (The lower, the better.)
75%
75%
40%
37%
11%
3%
Max. Concurrent Sessions
1,000,000
1,000,000
2,000,000
2,000,000
2,000,000
4,000,000
Web App Firewall (WAF)
Performance Statistics
CPU Cores / Threads
Throughput
PLANET JOINT STOCK COMPANY
31 Ly Tu Trong Street, Ben Nghe Ward, District 1, HCMC, Vietnam
Tel: (+84-8) 38295105 Fax: (+84-8) 38295105
http://www.planet.vn
Email: [email protected] Hotline: +84908449646
4