Next Generation UTM

Deploying a converged infrastructure in the cloud era is much different from the traditional way of network architecture. Traditional approaches have multi-tier design stacking various services such as servers, operating systems, network connectivity, and applications. The nature of traditional networking enables rapid Internet service innovations, but creates a barrier between networks and services.

More services and the accompanying data are being moved to the cloud. Therefore, requirements of large scale pcs, high speed switches, operating systems, and even a computer room are decreasing and motivating a change in foundational architectures. To protect organization’s internal resources and data from the external threats, there is no doubt that a service-friendly and highly-secured deployment is an effective method.

By providing firewall features and programmable deployment, ShareTech Next-Gen UTM is optimized for internal segmentation, perimeter, and cloud, providing responsive and flexible services to middle and large business.

Traditional Way of Network Deployment

In traditional networking, Layer 3 switches are used to logically segment a network into two or more Virtual LANs (VLANs) plus enhanced security controls to prevent unauthorized setup changes. The image of traditional network deployment is as follows:

Access rights available for guests and upper-level administrators are the same in network environments. Only by defining policies based on IP address and ports on L3 router, a computer network is not splitting into subnetworks for boosting performance and improving security. Normally, a sound security policy should entail segmenting the network into multiple zones. Should a cyber-criminal gains unauthorized access to a network, segmentation or zoning will provide effective controls to limit further movement across the network.

Overturn Business Network

In addition to carrying advanced protection across your network security deployments, ShareTech NG UTMs delivers a full range of Layer 2-7 switching which can be a great replacement for a Layer 3 router and Layer 3 core switch. Furthermore, ShareTech proposes a SDN solution to help change the Next-Gen network to be more intelligent, flexible, and open.

 

Zone Security

Zone-Based UTM changes the firewall configuration from the older interface-based model to a more flexible, more easily understood zone-based model. Interfaces are assigned to zones, and inspection policy is applied to traffic moving between the zones, controlling IP address, application, access, site and log. 

Administrators can create a zone by binding multiple interfaces. Members in a zone can access each other; members in different zones cannot access each other. Additionally, access between zone members is controlled by the default zone policy. Next-Gen UTM functionality allows businesses to create effective security policies and set up access control between storage devices or user groups based on application controls over DPI, IPS, and anomaly flow analysis.

 

Zone-Based Policy

Different security policies can be defined to zones, varying security requirements and rigorously enforcing the policies on what are allowed to move from zone to zone. To increase network security, members of the highest security zone can access to any other zones; members in lower security zone cannot access to a higher security zone. Similarly, to prevent data loss or corruption, no one—except a few whitelisted users—has access to specific resources such as laboratories or research centers.

 

Insight into network traffics thorough analysis of your SSL

ShareTech Next-Gen UTM decrypts secure socket layer (SSL) traffic and sends it to existing security appliances to transparently enable encrypted traffic inspection. The feature allows users to either block encrypted traffic without inspecting it, or inspect encrypted or decrypted traffic with access control. Additionally, ShareTech Next-Gen UTM provides intrusion prevention system (IPS) identifies risks normally hidden by SSL, such as regulatory compliance violations, viruses, malware, data loss, and intrusion attempts.



 

Modernize and simplify your network architecture!

To quickly adapt to the challenges created by new services on existing networks, today's network architecture must be transformed. In traditional deployments, host-based firewalls, IPS, URL filtering, and Layer 3 switch are implemented to support for dynamic routing, switching, and VPN connectivity. For a network that can support 200+ users, the architecture gets quite a lot more complex and contributes to higher maintenances costs. After a variety of business move their website operation, email and CRM to cloud services for its agility, internal network deployment can be modernized and simplified.


 

Integrated Ethernet switching into Next-Gen Security Appliances

ShareTech Next-Gen UTM carries advanced protection across your network security deployments: Deep Packet Inspection (DPI), In-Line IPS, SSL Inspection, Web Filtering, QoS, virus scanning, spam filtering and external authentication to avoid illegal invaders stealing network resources and data. Moreover, it can be taken as a switch that delivers Layer 7 application-aware security by enforcing secure policies.