Products built-in SPI firewall UR-918 technology, proactively block, block hacker attacks, SYN, ICMP, UDP attack can stop. The public to information is to apply the concept of reasonable traffic that each source will not produce too many packets at the same time, in case more than set a reasonable number of packets, the firewall will require extra packet blocking. IP V4 of / V6 Dual Band firewall technology IP V4 address the shortage of IP V6 era sooner or later come in developing the next generation UTM ShareTech this trend together with a network interface, it is defined as WAN or LAN, can simultaneously bind the IP address of the V4 or V6, so whether it is in the environment of the pure V4, the V4/V6 mixing pure V6 environment, UR-918 are the same combination. Clam AV antivirus engine protection system virus mail filtering Clam AV antivirus engine, can detect more than 800,000 kinds of viruses, worms, Trojan horses, regardless of the e-mail, WEB, FTP altogether will automatically scan for viruses, automatic daily via the Internet update the virus database and the virus messages Ranking Report. Web, FTP anti-virus filtering service when the user opens a browser to access a web page, UR-918 according to the system set discriminant site security, and can do the filtering and file blocking rules for file upload and download. Based on past experience, the use of FTP download information most likely to let the computer poisoning. So take advantage of the network to do the download and upload files to pay special attention, because there may be accidentally let their information be destroyed. UR-918 OfficeScan to help companies do a good job the FTP upload scan and download scanning services, and can prevent the employees to use FTP to download files, good security services for enterprise network security. The spam filter internal mail or external mail can be filtered, and ST-IP network Ratings rapid ST-PIC multi-dimensional pattern recognition techniques, Bayesian filtering method, Bayesian filtering method automatically learning mechanism, greylisting, automatic whitelist mechanism , the characteristics of the spam filter and fingerprint identification method and black and white list comparison and intelligent recognition learning databases (Auto-Learning), even set personal rule, the flexibility to develop filtering rules, dealing with spam, and correct sentence to ensure comprehensive protection, more than 95% accuracy. Mail filtering, and able to comply with the letter of the managers to set the filter conditions, perform forwarding, delete, block such action. IDP Intrusion Prevention IDP checks corresponding to layers 4-7 of the OSI model, whether malicious exploits, viruses, hidden in the TCP / IP protocol, through detailed content inspection, qualifying characteristics The code will be marked, but found instant to prevent the packet, so that these malicious packets through the firewall to escape detection. The complete e-mail records for all incoming and outgoing e-mail server or mail gateway mail, together with the attachments, all recorded, the most important is that the storage format of the message is eml, under any operating system can be easily read or search. Detailed records of the record of the content of the WEB, FTP, MSN Mail content skimming WEB, FTP file transfer, MSN conversations and file transfer, IM (Yahoo, ICQ, IRC, Gadu, Jabber) and mail delivery reception, with regulations the use, automatic backup of all incoming and outgoing data for specific users. Internal network protection (ARP security) in terms of the UTM, the most difficult to detect the type of attack is broadcast-packets, such as ARP spoofing, private planes DHCP server, etc., lead to this type of attack because of a congenital defect of the protocol, behavior is difficult to be detected, the congregation the ARP detection mechanisms to the UR-918, can be found the first time 'indiscriminate release' ARP information. In addition, it can be used with the equipment cooperative defense switches can be marked out of the physical location of the IP, allowing him to escape detection with. Abnormal IP analysis of the behavior of any network, regardless of the user to perform what kind of software, from the point of view of network packets, roughly divided into upload, download a number of connections (Connect Seesion), flow (Flow) with duration (Time), by surveillance The combination of measurement of these quantities and estimate the user is normal to use the network or abnormal behavior. Found abnormal behavior of internal users, managers can adopt a variety of strategies, for example, to block the Internet, limit his maximum bandwidth immediately notice the switch he blocked or notify managers like enable collaborative defense mechanism. The collaborative defense (with SNMP switches) collaborative defense belongs to the UTM advanced protection through abnormalities IP analysis switch (Switch), real-time monitoring of the internal machine segment situation, when the internal network to send a large number of abnormal packets, blocking the transmission of these packets. and to assist the management staff as soon as possible to rule out the abnormal state, which a computer can know the first time of the incident in which a switch PORT, to avoid the paralysis of the enterprise network. Collaborative defense mechanism of the public to the UR-918, do not need to change the network architecture, does not require expensive specialized Switch (Layer 2 can have), do not need to add any additional detection equipment, without changing the habits of every user of the network, so that the action of the network management simple and intuitive. BotNet collaborative defense the ShareTech the UTM both BotNet function, because both NAT functionality itself, internal users use e-mail server to send spam or direct external UTM with BotNet detection equipment can be clearly pointed out, which one is the real source of the attack, but also to measure the hazards of network packets directly blockade. Computer in case, UTM BotNet of blocking events, specific computer continued foreign attacks, in order to ensure that the UTM CPU resources will not be wasted on the same thing, the administrator can enable collaboration BotNet defense mechanism, will have problems Switch Port directly off the UTM can not only save resources, but also to ensure that the internal network can not be this zombie virus continued to endanger the IP / MAC / Port interlock in some of the sensitivity of the network environment, such as the military, government agencies, research institutions, etc., do not want the user to arbitrarily replace the physical location of the Switch, the following user A (IP: 192.168.100.5, MAC: 05:51:62:53:02:03) for example, through the UR-918 can be positioned Switch hole 3Port of different holes, he changed to any Switch, the device will unreasonable. Content Filtering Web Filter (web filtering) can stop working end access to inappropriate web pages (such as pornography, violence) and offensive Web (such as hackers, viruses), and can set up a filter condition, block inappropriate websites. URL database management UR-918 built-cloud URL database, automatic Web page classification, managers as long as the blockades, harmful URLs network can easily control, do not need to enter the website IP address, keywords one by one ... Come blocked. Arbitrary Click the URL harmful is the origin of evil, the best way of attempts to prevent the prohibit the use of the network, if not a total ban on use of the URL database updated from time to time is the best protection mechanisms. Certification Authentication provides local user / AD/POP3 authentication and authorization mechanisms, to help network administrators monitor internal user account, confirm the user ID of a valid license to allow it to use the network, so that enterprises can effectively manage network use of resources. Application control UR-918 the use packet eigenvalue technology, identify the type of software used, and properly classified, contains [P2P software] [instant messaging software], [WEB applications], [Entertainment Software】 【other】 5 categories can be made for the need to control project control objectives, to apply methodical control Control Ordinance, or open a specific application. Hardware Specifications network interface 2WAN / 1LAN / 1DMZ of network rate 10/100/1000 Mbps system management using a browser to manage settings (HTTP & HTTPS) Safety Approvals CE FCC Environmental Operating ambient temperature: 0 ℃ ~ 60 ℃ operating ambient humidity: 5% to 90% of RH Product Size 44mm (H) x 432mm for both (width) x 270mm (D) Power AC (100-240V) / 60W models 1U Rackmount software specifications product performance ◎ processing speed: 600 the maximum number of connections Mbps (bi-directional) ◎ of: 170,000 ◎ VPN authentication + AES: 85 Mbps (bi-directional) ◎ the the VPN Authentication + DES: 78 Mbps (bi-directional) anti-drug and mail filtering ◎ Scan Engine: Clam the AV ◎ Mail Gateway ( Mail Gateway) ◎ antidrug function: MAIL (within external mail (POP3, SMTP), outside the internal mail ◎ Mail antidrug: Do not scan the file extension to set the virus the letters in quarantine, poisoning mail handling ◎ spam filtering ● valid account settings ● spam handling: Send ● Client spam search Web interface ● personal black list, the system black list ● recognition engine: ST-IP networks letter rating, ST-PIC multi-dimensional pattern recognition, Bayesian filtering filtration method, Bayesian learning mechanism, automatic whitelist mechanism, spam filtering, fingerprint method, greylisting filter ● the spam automatically learning: learning mechanism set spam, spam learning database import / export ● traffic blockade defensive set, SMTP Tolian record query records ◎ WEB ◎ the FTP ◎ MSN / Yahoo / ICQ / IIRC / Gadu / Jabber ◎ mail Send a recipient (within the foreign is outside domestic Sent) IDP Intrusion Detection / Botnet defense ◎ IDP settings the ◎ BotNet setting ◎ IDP record ◎ BotNet record ◎ IDP characteristic number: 2243 ◎ BotNet characteristics: 4917 management ◎ Web operation interface: complex, simple Chinese, English ◎ Web Management: HTTP, HTTPS ◎ firmware upgrade way: the WEB interface ◎ times administrator: most several administrators: 16 ● maximum number of administrators: 16 ● View, Read, Write, ALL ◎ remote management ● Remote management ● management IP address restrictions the ● remote web management port number Variable ● management interface TimeOut Logout the ◎ interface (LAN, WAN, DMZ) the traffic statistics ◎ time setting ● time zone and time ● the Network Time Proofing ◎ systems set ● update itself LOGO ● set their own Home title ● set their own login title ● set the browser title ● restore the factory settings (keep the network interface settings) ● restart the system ● information notice ◎ network services ● routing table ● DNS server ● DDNS service ● System Restore ◎ DHCP ● DHCP Client / Server ● DHCP server assign a static IP default gateway ◎ ● Custom ● Ping, DNS, Query, Traceroute Server Link Interface Information the Wake Up firewall features ◎ deployment: NAT mode, Bridging (transparent bridge mode) ◎ connection test firewall protection ● SYN attacks, UDP attacks, ICMP attacks, Port Scan Attack Protection records ◎ address table ● internal IP address table (Max entry): 300 ● the Demilitarized Zone Network Group (Max entry): 32 ● internal network group group (Max entry): 32 ● external IP address table (Max entry): 300 ● demilitarized zone IP address table (Max entry): 300 ● external network group (Max entry): 32 ◎ internal network groups and demilitarized District Group to establish ways ● Select members from the address table ● select members from a range ● ● select members from a DHCP user from the IP / Mask select members ● user-defined ◎ service table ● basic services ● Custom Service Group (Max entry) : 32 ● custom service group (up to 16 port) ◎ QoS ● All interface can control bandwidth ● guarantee the bandwidth ● priority ● maximum bandwidth ● the SMART QOS ● the bandwidth table (Max entry): 32 ◎ timetable ● custom start and end of the the time ● timetable (Max entry): 32-◎ application management ● P2P management ● entertainment management ● Instant Messaging Management ● Other ● WEB management ● Application Management (Max entry): 32