Next Generation UTM
Traditional Way of Network Deployment
In traditional networking, Layer 3 switches are used to logically segment a network into two or more Virtual LANs (VLANs) plus enhanced security controls to prevent unauthorized setup changes. The image of traditional network deployment is as follows:
Access rights available for guests and upper-level administrators are the same in network environments. Only by defining policies based on IP address and ports on L3 router, a computer network is not splitting into subnetworks for boosting performance and improving security. Normally, a sound security policy should entail segmenting the network into multiple zones. Should a cyber-criminal gains unauthorized access to a network, segmentation or zoning will provide effective controls to limit further movement across the network.
Overturn Business Network
In addition to carrying advanced protection across your network security deployments, ShareTech NG UTMs delivers a full range of Layer 2-7 switching which can be a great replacement for a Layer 3 router and Layer 3 core switch. Furthermore, ShareTech proposes a SDN solution to help change the Next-Gen network to be more intelligent, flexible, and open.
Zone Security
Zone-Based UTM changes the firewall configuration from the older interface-based model to a more flexible, more easily understood zone-based model. Interfaces are assigned to zones, and inspection policy is applied to traffic moving between the zones, controlling IP address, application, access, site and log.
Administrators can create a zone by binding multiple interfaces. Members in a zone can access each other; members in different zones cannot access each other. Additionally, access between zone members is controlled by the default zone policy. Next-Gen UTM functionality allows businesses to create effective security policies and set up access control between storage devices or user groups based on application controls over DPI, IPS, and anomaly flow analysis.
Zone-Based Policy
Different security policies can be defined to zones, varying security requirements and rigorously enforcing the policies on what are allowed to move from zone to zone. To increase network security, members of the highest security zone can access to any other zones; members in lower security zone cannot access to a higher security zone. Similarly, to prevent data loss or corruption, no one—except a few whitelisted users—has access to specific resources such as laboratories or research centers.
Insight into network traffics thorough analysis of your SSL
ShareTech Next-Gen UTM decrypts secure socket layer (SSL) traffic and sends it to existing security appliances to transparently enable encrypted traffic inspection. The feature allows users to either block encrypted traffic without inspecting it, or inspect encrypted or decrypted traffic with access control. Additionally, ShareTech Next-Gen UTM provides intrusion prevention system (IPS) identifies risks normally hidden by SSL, such as regulatory compliance violations, viruses, malware, data loss, and intrusion attempts.
Modernize and simplify your network architecture!
To quickly adapt to the challenges created by new services on existing networks, today's network architecture must be transformed. In traditional deployments, host-based firewalls, IPS, URL filtering, and Layer 3 switch are implemented to support for dynamic routing, switching, and VPN connectivity. For a network that can support 200+ users, the architecture gets quite a lot more complex and contributes to higher maintenances costs. After a variety of business move their website operation, email and CRM to cloud services for its agility, internal network deployment can be modernized and simplified.
Integrated Ethernet switching into Next-Gen Security Appliances
ShareTech Next-Gen UTM carries advanced protection across your network security deployments: Deep Packet Inspection (DPI), In-Line IPS, SSL Inspection, Web Filtering, QoS, virus scanning, spam filtering and external authentication to avoid illegal invaders stealing network resources and data. Moreover, it can be taken as a switch that delivers Layer 7 application-aware security by enforcing secure policies.