Network cipher machine-10 Gigabit V1.0-1
Network password machine-Wan trillion V1.0-1
Photoelectric Anchen Network Password Machine is a new generation of network security access products ...
Optoelectronics Anchen network cipher can provide branch offices, mobile office employees, business partners and customers with secure and convenient access to applications and resources they need. The product's L2TP / PPTP / SSL function does not need to install any client software, and does not need to invest too much manpower for configuration or long-term maintenance; the product's comprehensive IPSEC VPN function can easily build a LAN-TO-LAN interconnection with branches VPN network.
Its SSL VPN can provide multiple access methods such as web forwarding, web application, port forwarding, and full network access to meet different user needs. It also has powerful access control authority management, fine-grained auditing, and logging And other functions.
The photoelectric Anchen network cipher includes a complete industry-leading professional firewall function, as well as functions such as content filtering, intrusion prevention, and bandwidth management, which can provide users with a comprehensive network boundary security protection solution.
Supports IPSEC VPN ...
1) Organic integration of multiple VPN technologies
- Supports IPSEC VPN
- Support SSL VPN
- Support PPTP / L2TP VPN
2) Support the current SSLVPN access technology to achieve full application coverage
- WEB FORWARD
- Port Forwarding
- Network-wide access (NETWORK ACCESS or IP TUNNEL).
3) Perfect identity authentication technology
- "User name + password" authentication method
- "User name + password + graphic authentication code" Authentication method
- "Digital certificate" authentication method
- Two-factor authentication method of "digital certificate (USBKEY) + password"
4) The perfect PKI system improves the security level of the user network
- Support standard X509.V3 format digital certificate;
- Support multiple certificate encoding formats such as DER, PEM, PKCS12;
- Support for issuing standard digital certificates for users through the built-in CA module;
- Support the import of multiple CA root certificates and CRL lists at the same time, to authenticate certificates issued by different CAs;
- Support online certificate authentication to third-party CAs through standard protocols such as OCSP / LDAP;
- Support generating certificate requests in PKCS10 format, certificate requests can be generated and signed by a third-party CA;
- Support CRL list file import and automatic download via HTTP.
5) Hierarchical management and separation of powers
- Support 16-level administrator hierarchical management
- Support the separation of three powers for administrators, which can grant different permissions to different types of administrators.
Support X.509 V3 digital certificate ...
|Encryption rate||data encryption||10000Mb / s|
|PKI||Certificate format||Support X.509 V3 digital certificate Support DER / PEM / PKCS12 and other certificate encoding|
|Local CA||Support built-in CA, issue certificates for other devices or mobile users Support certificate abandonment, support generation of standard CRL list Support generation of certificate requests, signature by third-party CA Built-in CA that supports SM2 algorithm|
|Third-party CA||Supports simultaneous import of root certificates and CRL lists of multiple third-party CAs, identity authentication for different CA certificate users, and regular download of CRL lists through the HTTP protocol Supports online authentication certificates through protocols such as OCSP / LDAP|
|SSL VPN||Security algorithm||Supports AES, DES, 3DES, RC4, MD5, SHA1, RSA and other algorithms. Supports SM1, SM2, SM3, and SM4 algorithms dedicated to national trade secrets.|
|Data compression and acceleration||Support efficient stream compression algorithm Support intelligent compression Support WebCache acceleration|
|User Authentication||Support "user name + password", "user name + password + graphic authentication code" authentication Support X.509 digital certificate authentication Support digital certificate (USBKEY) + password multi-factor authentication Support external server authentication based on LDAP / RADIUS / TACAS and other protocols Support SMS authentication, graphic code verification, hardware feature code verification|
|User authorization||Support role authorization, independent user authorization Support fine-grained authorization based on URL, access path, access file, access action Support local authorization, support external group mapping authorization, support certificate user authorization Support based on field attribute combination authorization in certificate|
|Application support||Supports WEB forwarding, port forwarding, full network access mode Supports various web applications such as HTML, JAP, ASP, JAVA APPLET, ACTIVE, Cookies, etc. Supports various C / S applications based on IP protocol, such as EMAIL, FTP, ERP, CRM , DB, etc. Support Windows / CIFS remote file sharing Support FTP web access|
|IPSEC VPN||protocol||Supports standard IPSEC protocols such as ESP / AH / IKE / NATT Supports tunnel mode and transmission mode|
|algorithm||Supports standard encryption algorithms such as DES / 3DES / AES, and standard HASH algorithms such as MD5 / SHA1. Supports DH GROUP1 / 2/5, RSA 1024/2048 asymmetric algorithms. Supports national trade secret SM1 / SM2 / SM3 / SM4 algorithms.|
| VPN |
|Supports third-party standard IPSec client access. Supports Apple terminal IPSEC VPN client access. Supports defining access rights for mobile users. Supports time-based mobile user access control policies. Supports two network separations. Supports multi-line automatic detection. Supports mobile user access status. Monitoring and auditing support Chinese / English interface and Chinese / English automatic switching|
|L2TP||L2TP||Support remote users access through L2TP, establish L2TP tunnel to access internal network|
|PPTP||PPTP||Support remote users to access through PPTP, establish PPTP tunnel to access internal network|
|Safety management||User Authentication||Supports one-time password authentication (OTP), local authentication, digital certificate (CA) authentication and other commonly used security authentication methods. Supports unified user management. IPSEC and SSL use the same set of user authentication. The management system supports password complexity settings and password finding. The function of changing the password on the first and second login supports the setting of the number of multi-point login locations, the control of the login time and the login address range, and the use of third-party authentication such as RADIUS, TACACS / TACACS +, LDAP, and domain authentication. 、 Hardware feature code authentication supports Session authentication, HTTP session authentication supports WEB authentication and fingerprint authentication|
|Hierarchical management||User administrators can be assigned different permissions to manage different user information. Supports up to 16 levels of hierarchical management.|
Product parameter Spec
Product parameters ...