Network cipher machine-100M V1.0
Network cipher machine-fast V1.0
Photoelectric Anchen network cipher is a new generation of network security access products. ...
Optoelectronics Anchen network cipher can provide branch offices, mobile office employees, business partners and customers with secure and convenient access to applications and resources they need. The product's L2TP / PPTP / SSL function does not need to install any client software, and does not need to invest too much manpower for configuration or long-term maintenance; the product's comprehensive IPSEC VPN function can easily build a LAN-TO-LAN interconnection with branches VPN network.
Its SSL VPN can provide multiple access methods such as web forwarding, web application, port forwarding, and full network access to meet different user needs. It also has powerful access control authority management, fine-grained auditing, and logging And other functions.
The photoelectric Anchen network cipher includes a complete industry-leading professional firewall function, as well as functions such as content filtering, intrusion prevention, and bandwidth management, which can provide users with a comprehensive network boundary security protection solution.
Organic integration of multiple VPN technologies ...
1) Organic integration of multiple VPN technologies
- Supports IPSEC VPN
- Support SSL VPN
- Support PPTP / L2TP VPN
2) Support the current SSLVPN access technology to achieve full application coverage
- WEB FORWARD
- Port Forwarding
- Network-wide access (NETWORK ACCESS or IP TUNNEL).
3) Perfect identity authentication technology
- "User name + password" authentication method
- "User name + password + graphic authentication code" Authentication method
- "Digital certificate" authentication method
- Two-factor authentication method of "digital certificate (USBKEY) + password"
4) The perfect PKI system improves the security level of the user network
- Support standard X509.V3 format digital certificate;
- Support multiple certificate encoding formats such as DER, PEM, PKCS12;
- Support for issuing standard digital certificates for users through the built-in CA module;
- Support the import of multiple CA root certificates and CRL lists at the same time, to authenticate certificates issued by different CAs;
- Support online certificate authentication to third-party CAs through standard protocols such as OCSP / LDAP;
- Support generating certificate requests in PKCS10 format, certificate requests can be generated and signed by a third-party CA;
- Support CRL list file import and automatic download via HTTP.
5) Hierarchical management and separation of powers
- Support 16-level administrator hierarchical management
- Support the separation of three powers for administrators, which can grant different permissions to different types of administrators.
Support X.509 V3 digital certificate ...
|Encryption rate||data encryption||100Mb / s|
|PKI||Certificate format|| ² Support X.509 V3 digital certificate |
² Support multiple certificate encodings such as DER / PEM / PKCS12
|Local CA|| ² Support built-in CA, issue certificates for other devices or mobile users |
² Support certificate abandonment and generate standard CRL list
² Support the generation of certificate requests, signed by a third-party CA
² Built-in CA supporting SM2 algorithm
|Third-party CA|| ² Support the simultaneous import of root certificates and CRL lists of multiple third-party CAs, authenticate users of different CA certificates, and regularly download CRL lists through the HTTP protocol |
² Support online authentication certificate through OCSP / LDAP and other protocols
|SSL VPN||Security algorithm|| ² Support AES, DES, 3DES, RC4, MD5, SHA1, RSA and other algorithms |
² Support SM1, SM2, SM3, SM4 algorithms dedicated to national trade secrets
|Data compression and acceleration|| ² Support efficient stream compression algorithm |
² Support intelligent compression
² Support WebCache acceleration
|User Authentication|| ² Support "user name + password", "user name + password + graphic authentication code" authentication |
² Support X.509 digital certificate authentication
² Support digital certificate (USBKEY) + password multi-factor authentication
² Support external server authentication based on LDAP / RADIUS / TACAS protocols
² Support SMS authentication, graphic code verification, hardware feature code verification
|User authorization|| ² Support role authorization, support independent user authorization |
² Support fine-grained authorization based on URL, access path, access file, access action
² Support local authorization, external group mapping authorization, certificate user authorization
² Support authorization based on the combination of field attributes in the certificate
|Application support|| ² Support WEB forwarding, port forwarding, network-wide access mode |
² Supports various web applications such as HTML, JAP, ASP, JAVA APPLET, ACTIVE, Cookies, etc.
² Support various C / S applications based on IP protocol, such as EMAIL, FTP, ERP, CRM, DB, etc.
² Support Windows / CIFS remote file sharing
² Support FTP web access
|IPSEC VPN||protocol|| ² Support standard IPSEC protocols such as ESP / AH / IKE / NATT |
² Support tunnel mode and transmission mode
|algorithm|| ² Supports standard encryption algorithms such as DES / 3DES / AES, and standard HASH algorithms such as MD5 / SHA1 |
² Support DH GROUP1 / 2/5, RSA 1024/2048 asymmetric algorithm
² Supports national trade secret SM1 / SM2 / SM3 / SM4 algorithms
| VPN |
² Support third-party standard IPSec client access |
² Support Apple terminal IPSEC VPN client access
² Support defining access rights for mobile users
² Support time-based mobile user access control policies
² Support separation of two networks
² Support multi-line automatic detection
² Support monitoring and auditing of mobile user access status
² Support Chinese / English interface and Chinese / English automatic switching
|L2TP||L2TP||² Support remote users access through L2TP, establish L2TP tunnel to access internal network|
|PPTP||PPTP||² Support remote users to access through PPTP, establish PPTP tunnel to access internal network|
|Safety management||User Authentication|| ² Support common security authentication methods such as one-time password authentication (OTP), local authentication, digital certificate (CA) authentication |
² Support unified user management, IPSEC and SSL use the same user authentication and management system
² Support password complexity setting, password recovery, password change function at first login
² Support the setting of the number of multi-point login locations, support the control of login time and login address range
² Support the use of third-party authentication, such as RADIUS, TACACS / TACACS +, LDAP, domain authentication and other security authentication methods
² Support SMS, dynamic token, hardware feature code authentication
² Support Session authentication, HTTP session authentication
² Support WEB authentication and fingerprint authentication
|Hierarchical management|| ² Can assign different permissions to user administrators to manage different user information |
² Support up to 16 levels of hierarchical management
² Support the separation of three powers of the administrator
Product parameter Spec
Product parameters ...