One, product introduction
Server load the enterprise informatization core business, and storage of the enterprise core secret data, server once accidents will lead to serious consequences, and even affect the enterprise core interests, therefore, the enterprise in the information construction should first solve the security problem of the server.
Host protective equipment using depth of application of filtration, point to the network VPN, intelligent flow control, virtual patch technology, for the enterprise internal server host provide professional safety protection, prevent the host of sensitive data is unauthorized access, prevent the internal communication data is illegal interception, blocking worm virus infected host, improve WEB, database, and other key service ability against the attack, the effective protection of the host data security and safety operation.
Two, the product features
(1) depth application filter
Break through the traditional firewall based on five yuan group filter way, network traffic analysis to identify the application layer information, according to the application layer content filtering, further improve the access control fine particle size, prevent unauthorized access, improving the core server data security.
(2) points to the network VPN
Through the point to network VPN technology, encryption terminal domain and server domain of communication between the data, to prevent data is illegal interception reduction, meet the state secrecy bureau "involving state secrets of the computer information system hierarchical protection technical requirements of the requirements of the network communication data encryption.
(3) intelligent flow control
Different application on bandwidth and delay requirements are different, the product through the intelligent flow control technology, the key to guarantee that the network applications (such as business procedures, database, remote maintenance, video conference system, etc.) bandwidth and delay, limit, blocking the low priority application flow.
(4) virtual patch protection
For server virtual patch, effectively resist use system vulnerability implement remote overflow attack, such as the use of MS08067 holes "shock wave" worms, ensure the safety operation of the server.
(5) platform change management
Product support access "unified security platform", through the platform to provide strategy management, correlation analysis, such as situation awareness of security mechanism, realize "platform is changed, intelligent" safety management, improve the efficiency of security management, improve the comprehensive protection ability.
(6) cloud protection mechanism
Product support access "cloud security center", the use of center provides real-time monitoring, intelligent security, dynamic strategy of security mechanism, realize "cloud protection" security goals, improve safety equipment protection efficiency and protection ability.
Three, typical deployment
As the chart shows, the product deployment in the enterprise internal server domain and other security domain between, for server set up a security defense line, to prevent internal user unauthorized access server sensitive data, to prevent illegal interception reduction network communication data, to ensure the host data security; Strengthening the server, WEB server, database block according to the service and so on key application of aggressive behavior, blocking worms use system vulnerability against server, guarantee the safe operation of the server.
