Overview
ShareTech HiGuard Series offers an all-around security appliance best suited to deployments in retail stores, branch offices, and smaller business environments. The desktop solution provides substantial benefits that allow businesses to reduce IT costs, deploy faster, and save physical space. A rich set of security services can deliver protection to the smallest unit of an organization, which is not less critical than headquarters. HiGuard VI has high-reliability storage and memory space to maximize its performance, supports USB 3.2 ports, and provides 3G/4G LTE USB as a WAN fail-over backup. Based on the zero trust principles, the software system is designed to prevent data breaches. In addition to basic firewall features, it also offers an extraordinary range of security features such as VPN connections (IPSec and SSL), gateway security protection (IPS, Sandstorm IP, SYN Flood protection), 2FA (user accounts, authentication, and SSL VPN), collaborative controls (switches and wireless APs), intuitive management (URL/APP control and database, bandwidth control, user online behavior, and load balancing), etc.
HiGuard Series provides an on-premises CRM platform (Client-Side) allowing admins to monitor operating status via UTM. Moreover, Eye Cloud, a cloud-based platform, provides centralized management of ShareTech-branded devices. The system administrator can maintain appliances efficiently, expand a view to multi-region edge switches and wireless APs, and receive an alert when an anomaly is detected.
Security |
Management |
Performance |
Gateway Security VPN Secure Tunnels |
2FA & Behavior Analysis Dashboard Panel |
X86 Dual-Core Memory-Optimized Storage |
w IPSec/SSL site-to-site and remote access VPN w Sandstorm IP w SYN Flood Protection |
w 2FA w QoS/Flow/APP Control w Co-Defense & AP Mgmt. w Client-Side CRM w Eye Cloud Mgmt. |
w 4 Gigabit Ethernet Ports w 4G RAM & 32G Storage w Intel Dual-Core CPU w NAT reaches 1.9 Gbps w Offline Signature Update USB Recovery |
Features
HiGuard VI Security Solutions
Best-suited Firewall for SOHO/SMB
HiGuard VI is a powerful desktop security solution designed for SMBs. With the idea of automation, it combines deployment, structure, management, and monitoring into one single unit. It is fast to deploy and easy to use. Its fanless design can ensure silent operation in quiet office environments. 4 Gigabit ports provide Gigabit Ethernet connectivity for users under 50. HiGuard VI has a fully integrated security layer that adds two-factor authentication and a wireless solution. Because of the perfect balance between price and performance, it become the best choice for small businesses.
Firewall
Built-in SPI (Stateful Packet Inspection) provides DoS detection and prevention against denial-of-service (DoS) attacks such as SYN flood, ICMP flood, and UDP flood. When unusually high rates of the new connection are detected, the system will issue an alert notification or block an anomalous session. In addition, HiGuard VI SPI protects against packet-injection attacks by checking several components of TCP and UDP sessions. ShareTech applies the concepts of reasonable traffic packets and connections. Typically, each source will not generate too many data packets simultaneously per second. If the number of data packets exceeds the threshold, the firewall will selectively block data packets to avoid influencing user service experience.
Improved Performance and Memory and Storage Capacity
Internet service providers (ISPs) are offering higher-speed internet lines to businesses. To satisfy existing customers, the HiGuard Series provides better support for the explosive growth in data traffic, offering 4 Gigabit ports (1 fixed LAN and 3 custom ports), 4G RAM, and 32G storage. Hardware-accelerated NAT operates at gigabit speeds up to 1.9 Gbps, making HiGuard VI a basic unit with comparable performance and remarkable stability.
Load Balance
The HiGuard Series supports outbound and inbound load balancing, providing businesses with at least 2 WAN links. Multi-homing load balancing is supported to spread a business's Internet traffic among multiple access links to increase the aggregate throughput and to divert traffic away from non-functional links when they fail. An additional 3G/4G/LTE USB can also be attached to one of the USB ports to add a backup wireless connectivity.
SD WAN
MPLS services typically require dedicated and private network connections from the service provider. On the contrary, ShareTech supports SD-WAN with IPSec VPN, which promises to remove the constraints of legacy connectivity technology. Flexible WAN connectivity allows for the efficient use of bandwidth between sites and the data center by reducing latency and using multiple routes to help reduce costs. With ShareTech SD-WAN, geographic boundaries get erased, and all data of an organization stays connected. Employees will always have access to their data no matter what happens with their internet connections so that they'll never have to worry about missing important emails or ERP data.
QoS
QoS offers more agile bandwidth management for industries and organizations. All the servers and users can be configured with their minimum and maximum bandwidth; the remaining bandwidth will be allotted to the other users according to their configuration. A QoS policy can be applied to single or multiple zones, controlling or prioritizing traffic by policy application, traffic direction (TX/RX), and source IP address. In this way, any network can take advantage of QoS for optimum efficiency.
URL Database (1-year license)
Integrated with a third-party database, the HiGuard Series can automatically detect and enforce policies for malicious URLs. They are classified into 6 categories according to their attack type and lexical analysis. Admins can easily manage entries for URLs whether they are using either HTTP or HTTPS protocol, customize the display message when a website is blocked, retain loggings, and keep a query available for future use. Users do not have to fear they might stumble on a malicious URL and get infected with malware. The URL database is updated daily at the time specified.
Application Control (1-year license)
To prevent data leakage and ensure regulatory compliance, admins have to take an ongoing active role in managing access to work-related applications during working hours. Integrated with a third-party database, the HiGuard Series can enforce policies for 17 types of applications like P2P, VPN and Remote Control, Streaming and VoIP, Network Service, Online Sharing and Storage, Web Service, Social Networks, Instant Messaging, System and Update, News and Media, Shopping and Auction, Entertainment and Arts, Sports and Travel, Food and Drink, Finance and Insurance, Gambling and porn, Games, etc. The application database is updated daily at the time specified.
Sandstorm
To detect unknown attached files, such as Word, Excel, PowerPoint, PDF, ZIP or RAR format. Threatening emails will be quarantined and will not have the opportunity to affect the operation of the email system. HiGuard Series supports Sandstorm IP that compares suspicious files with our database.
Wireless AP Management
Wireless connectivity plays a central role in increasing businesses' agility. Employees rely on WiFi more than ever to perform their jobs and stay productive. By supporting SNMP or Telnet/SSH, the HiGuard Series can be a wireless controller, grouping wireless APs and assigning the same configurations. Admins can obtain brief information about login IP address, MAC address, the amount of time, and the number of users per SSID. Moreover, admins can debug, improve user experiences, and optimize wireless connectivity by remotely restarting an AP managed by firewalls.
Complete VPN Solutions (IPSec/PPTP/L2TP/SSL VPN/IP Tunnel)
Using IPsec, PPTP, L2TP, and SSL VPN connections, HiGuard VI provides data confidentiality, data integrity, and data authentication. At the same time, popular protocols such as web, SMTP, and POP3 that contain packets transmitting within tunnels can be controlled.
Supports IPSec, PPTP, L2TP, SSL, and GRE Tunnel
Supports DES, 3DES, AES, AES128, AES192, and AES256 encryption and SHA-1, SHA256, SHA512, and MD5 authentication algorithms
SSL VPN mobility client for Android and Apple iOS
Controls connectivity of remote sites from the central site
Dashboard (Optional)
The dynamic dashboard in the web user interface (web UI) presents a graphic view of the system status. HiGuard VI supports real-time concurrent connections, network resource usage, threat intelligence, flow analysis, defense, application control, Geo IP, and DNS query. The design makes it easier for admins to drill down to the root cause. Administrators can define reports by time, data ranking, IPv4/v6, and document in PNG/PDF format. The dashboard gives the admins an overview of the HiGuard VI and improves agility, reduces risk, and cuts IT costs in a business.
Diagram
Eye Cloud supports standard services for config, files and firmware updates.
Eye Cloud allows admins to create site-based delivery tasks by selecting UTM series, devices, config. files/firmware, and intervals. Tasks can be published and targeted to relevant locations in real time. To reduce operational costs and complexity at branches, minimizing the need for regional IT professionals is an effective way. The head office can create standardized and repetitive tasks to prevent the remote sites from becoming potential entry points for cyber-attacks.
Specification
HiGuard VI Features