Features

Exceptional Performance and Consolidated Security Features
ShareTech NU Series adopt best-on-class multi-core x86 CPU platform to deliver exceptional performance and intelligent network security features. ShareTech develops high-performance security modules, delivers high connection capacity connectivity, and supports USB instant recovery. 

IPv4 / v6 Dual Mode
Native dual-stack supported. To cope with IPv4 depletion, ShareTech provides a solution that covers both IPv4 and IPv6 network and can be configured for IPv4 only, IPv6 only, or to support both protocols simultaneously. Furthermore, all ShareTech appliances have been certificated with “IPv6 Ready” logo.

SSL Inspection
To protect your network from network threats, SSL inspection is the key used to unlock encrypted sessions, see into encrypted packets, find threats, and block them. Several security features that can be applied using SSL certificate inspection are ISP, gateway anti-virus, web filtering, application control, and QoS. 

Inbound/Outbound Load Balance
Outbound/inbound load balancing are provided for distributing incoming HTTP requests across multiple servers, improving server utilization and maximizing availability. When one of the links is down, the other link will take over the work and handle the traffic until troubled one returns to normal, in either manual or auto distribution mode. Built-in DNS server functionality that enables inbound Load Balancing distributes inbound data traffic over multiple WAN links to computers behind UTM for more reliable network connectivity.

Intrusion Prevention System (IPS)
Built-in IPS inspects the packets from OSI layer 4-7 (transport to application layer) and block concealed malicious code and worms delivered in TCP/IP protocols. As soon as an attack is suspected, IT administrators will be notified immediately and later an extensive range of reports will be available for analysis. ShareTech regularly updates the predefined attack-signature database and makes it available as IPS security package.

Advanced Threat Defense
In addition to firewall, Intrusion Prevention System (IPS), and virus scanning, NU-860C can monitor malware or threats within traffics based on analyzing flows, webpages, and email. By performing different security mechanisms, a business network is given more effective and profound protection against active cyberattacks, targeted attacks, and sophisticated malware.

Gateway
For companies that have deployed mail servers in their network environments but lacking advanced filtering, NU-860C can be placed at the gateway to secure your email and get simple and powerful protection from spam, virus, and malware.

Anti-Virus
NU-860C offers Clam AV for virus scanning which can detect over millions of viruses, worms, and Trojans. Once suspicious emails are detected, the administrator can decide to delete or block them. Moreover, websites will be scanned once the function of anti-virus is enabled in policy. By default, NU-860C contains 1-year Kaspersky license. Customers may renew Kaspersky protection for their security needs.

Anti-Spam and Shared Signatures
ShareTech NU Series employ multi-spam filters: ST-IP Network Rating, Bayesian Filtering, spam characteristics filtering, fingerprinting, auto learning, and personal B/W list. It also gives administrators the flexibility to enforce custom filtering. These help industries create their database by importing the latest spam update. Following actions like forward, delete, quarantine can be taken on the mail identified as the spam. Moreover, the shared signatures mechanism shares a signature of an early receiver with the rest of the group so that higher spam detection accuracy can be obtained.

ShareTech Sandstorm-Malicious Programs Filtering System
To detect unknown attached files, such as file in Word, Excel, PowerPoint, PDF, ZIP or RAR format, ShareTech Sandstorm system will compare the suspicious files with our database. Threatening emails will be quarantined and will not have the opportunity to affect the operation of the email system.

IP Traffic Streams Analysis
Outgoing/incoming concurrent sessions, upload/download flow, and time duration are flow parameters collected for packet-based traffic analysis. Using a combination of pattern matching can determine whether an activity is performing normally or abnormally. If employees are violating the rules and exceeding more downloading flow, IT administrators are allowed to define the trusted IP list and take appropriate actions to block network access, limit maximum bandwidth, blocking ports on switches (Co-Defense), or simply receive a notification. 

QoS
QoS offers more agile bandwidth management for industries and organizations. All the servers and users can be configured their minimum and maximum bandwidth; the remaining bandwidth will be allotted to the other users according to their configuration.

Content Filtering
IT administrators can configure Web filtering profiles that block URLs to inappropriate webpages like violence and pornography and hacking attacks like malware and virus. Moreover, UTM filters out ActiveX objects, Cookies or Java applets that may pose a security threat in certain situations. Both keywords and URLs of specified websites can be added to Blacklist and Whitelist.

Advanced URL Control and Database
Advanced URL database collects millions of URLs and updates every period. All these URLs and their contents were analyzed and classified into categories, including Pornography & Violence, Network & Cloud Service, Organizations & Education, Security Risks & Criminal, Life Information, and Others. IT administrators can block any category in the database with ease without entering keywords or desired URL addresses one by one. By default, NU-860C contains 1-year URL license. Customers may renew the license for an instantly updated database.

Advanced Application Control and Database
To prevent data leakage and ensure regulatory compliance, access to unrelated applications during working hours should be controlled. The advanced application database contains 1000+ modernized applications like P2P, VOIP, GoToMyPC, Webpages, Games, Media Player, Bit Torrent, Foxy (Gnutella), stock market, Instant Messaging, Xunlei, Gator, Yahoo Manager, Virus and Malware, filename extension, Kazaa, Facebook, Zalo, etc. By default, NU-860C contains 1-year application license. Customers may renew the license for an instantly updated database.

WEB and Email Records

    Record each user online behavior (computer name, IP address, MAC address, and traffics) timestamps, items and locations.

    Record incoming and outgoing mail (Webmail) and their attachments pass through the mail gateway

Email is saved in an .eml format that can easily be viewed and searched

Graphical Reports
ShareTech reporting allows administrators to custom how the chart types (bar, pie, line, and table) or texts will be displayed at the top of the report. NU-860C displays operation status for the time frame specified (day, week, or month), including CPU, RAM, modification times, security level and flow monitor reports.

VPN
Remote-access VPNs allow secure access to corporate resources by establishing an encrypted tunnel across the Internet. ShareTech offers IPSec, PPTP, L2TP, SSL VPN technologies on a single platform. Site-to-site IPsec VPN allows headquarters and their branch offices to be on the same network and sharing resources among offices. Point-to-point PPTP VPN, natively supported by Windows, is easy to set up and maintain and requires user-level authentication. L2TP which encrypts the authentication process and avoids your transmission being intercepted is a bit more powerful than PPTP. Moreover, SSL VPN provides remote-access connectivity from almost any Internet-enabled location using a Web browser and its native SSL encryption. It does not require any special-purpose client software to be pre-installed on the system.

 

Specification

Features	Description
Threats Defense (Anti-Virus/IPS/SSL Inspection)	Uses open-source Clam AV engine with huge database includes millions of signatures        Built-in 1-year Kaspersky license; optional Kaspersky module        Clam AV team has fast response time, updates signature regularly and requires no yearly subscription fees        Scheduled IPS signature database update        IPS risk management is divided into 3 levels (high, medium, and low)        Provides scalable SSL inspection
Firewall Security	Coordinated DoS/DDOS attacks and UDP Flood performed by hackers can be blocked automatically.        QoS provides bandwidth guarantees and a priority command can be given for min/max bandwidth guarantee.        Limit the bandwidth using source IP in both directions        Supports IPv4, IPv6, and Dual Stack        Supports load balancing and failover for both outbound and inbound traffics        Provides DNS service and Dynamic DNS services
Potential Risks Detection (Flow Analysis)	Flow/behavior-based anomaly detection allows both up and down sessions to be analyzed and see if a performance problem exists        Following actions can be taken when an anomaly occurs. An anomaly can be recorded, blocked, and notify subscribers.        Co-Defense can be applied to protect the internal network. The PoE schedule function helps administrators enable or disable PoE power feeding for each PoE port during specified time intervals.          Prevents ARP spoofing        Manages switch port mapping that gives an instant view into the operational status and speed of each port.
Mail Security (Anti-Spam, Mail Filtering)	Employs multiple spam mechanisms: ST-IP network rating, fingerprinting, Bayesian filtering, auto learning, auto-whitelist, system and personal Blacklist/Whitelist and spam characteristics filtering.        Offers Email content and spam filtering        Shared spam signatures        Offers Email auditing, advanced filtering and quarantine        Client-side spam mail search is available on the web-based interface        Additional actions such as quarantine, delete, blocking IP, and carbon copies can be performed to all mail.        Searching recorded email are available
Application Access Control	Multiple application categories e.g. P2P, IM, VOIP, Web, Webmail, game, video, spyware, stock, and others.        Administrators can use policies to prohibit their users from accessing applications        Built-in 1-year application license
URL Filtering	Provides URL filtering and database        URL filtering policies are allowed to be configured by administrators        IT administrator can add keywords or URLs to Black/White lists        Built-in 1-year URL license
User Identity (Radius)	The host computers are established to ensure user identity and supports the use of LDAP, Radius, AD or POP3 servers for authentication.        Desired user groups can be customized        Applies access control methods        Provides authentication record and connection status
Content Record	Logs all incoming/outgoing emails with delivering date and time        Archived email is exported in .eml format        Records browsing history        Records webpage virus detected history and query
Load Balance	Ensuring the network is never disconnected        Provides inbound & outbound load balancing        Users can assign load balancing automatically, manually, or by source-destination IP        Built-in Smart DNS Server
VPNs Connection	Supports VPN clients for Windows        Supports IPSec Tunnel for both server and client sides        Supports IPSec, PPTP, L2TP, and SSL for VPN connection and connection logs        Users can create, edit and control over VPN connections and auto VPN is supported as an alternative to direct access
QoS	Supports QoS        Supports bandwidth guarantee, max/min-limit, and priority commands        Bandwidth usage from the internal/external source IP can be limited        Efficient priority scheme is available
Operation Modes	NAT, Routing
Dashboard & Logging	ShareTech dashboard helps administrators track and diagnose. And reports can be directly exported in PDF or PNG format.        Multiple event logs can be centrally logged and monitored. And it includes configuration, networking and route, objects, services, advanced protection, mail security, VPN, etc.        Provides analysis of debugging, system performance, intrusion attempts, and tracking.
Virtual Server	IP Supports virtual server that data flows can be transmitted to any of the other ports without using any switch or router
High Availability	Building a cluster and hot standby of two or more ShareTech devices is available
CMS	Manages multiple UTMs and wireless access points        Supports both CMS server and client sides        Provides real-time monitoring and proactive management        Cloud-based integration can be led to ShareTech Eye Cloud service system
Bulletin Board	Announcements can be made to employees in a very effective and proper way
Diagnostic Tools	Standard net tools such as Ping, Traceroute, DNS lookup, and port scanner are available to help users identify and fix connection problems.
System Management	Integrated wizards for user-friendly setup        Supports hardware interrupts to the CPU        Offers HTTP and HTTPs web management        The web interface supports languages: English, Traditional Chinese, and Simplified Chinese        Offers system backup, auto backup, firmware update, and firmware download logs        Uninterruptible Power System (UPS)        Supports VLAN 802.1Q        Supports DDNS service, DNS service, and SNMP service        Supports remote log server        Supports DHCP for both client and server sides
Others	The area network can be defined as LANs, WANs, Bridge-paired interfaces, and HA ports.        Administrators can select authorized users and assign access conditions        Automatic disk check can be scheduled        LCM display        1 pair LAN Bypass        Automatic restart

Compatibility List

     Co-Defense Switch Compatibility List

SNMP 

。AG-2824T

。ML-9324

。ML-9308

。3Com-4210

。GS1920-48HP

。GS1920-48

。GS1920-24HP

。GS1920-24

。GS1900-24

。GS1900-8HP

。GS1900-8

。XS1930-10

。XS1930-28HP

 

 Switch

。Cisco3560e

。Cisco3750

。H3C-S5100

。H3C-S7506R

。SGI-2404

。Juniper-ex2200

。ML-9528

。GS2210-48

。GS2210-24HP

。GS2210-24

。XGS3700-48

。XGS3700-24

。DGS1510-28X

。Cisco-C2960L-24TS-LL

。GS2220-28

。GS2220-50

。XGS2210-52

 

AP Management Wireless Acess Points Compatibility List

。NWA5121-NI

。NWA5123-AC HD

。NWA1123-ACv2

。NWA1123-ACv3

。NWA1123-AC HD

。NWA1123-AC PRO

。NWA110AX

。NWA50AX

。NWA90AX

。WAX510D

。WAX610D

。Netgear WAC510

 

3G/4G USB Compatibility List

。DLINK DWM-222 A1

。HUAWEI E3372h

。HUAWEI E161 (3G only)

 

Uninterruptible Power Supply (UPS) Compatibility List

。APC Smart-UPS 3000

。APC Back-UPS Pro 700

。APC Back-UPS 1100

。Flight Technic FT-1000BS

。EATON 5E 650