 |
|
|
|
- Filters
- Network Address Translation
- Static and Dynamic
- Source and Destination NAT
- Application Layer Gateway (ALG)
- Denial of Service (DoS)
- Intrusion Detection/Prevention (IDP)
- Site-to-Site VPN
- IPSec, DES, 3DES & AES
- IKE
- Anti-Virus
- Voice Security
NetD Security Differentiators
- Security applied at correct data path points
- Features built on unified security platform
- Easily add on new security applications
- Highly manageable under severe attacks
- Feature-rich w/o performance compromise
Security Deployments Today
- Router forwards packets first
- Security device validates packets next
- Limitation:
- Multi-Pass/Serial security – FW, IDS/IPS, content filters, AV
- Redundant processing which negatively impacts performance
Multi-Purpose Security Devices
- Packet forwarding done twice
- Logically & architecturally cascaded routing & security devices
- No data co-relation between security modules, content processed multiple times
NetD Advantage - Truly Unified Routing + Security
- Packet forwarding done once!
- Data correlation across security modules, 1x session search & content analysis
NetD Security Differentiator - Performance
- Single pass of content analysis
- Analyzed data from one security module available to others
- Avoids redundant processing & improves performance
- FW, IDS/IPS, AV, Content Filters, all content/session data centrally stored + managed
- Single session search for FW, IDS/IPS, AV, CF
- Simplified configuration of all security features
- Same look & feel via common classification-based policies
NetD Security Differentiator – Performance
- Feature rich without performance compromise –
- FW, IDS/IPS, AV, Content Filters,…
- IPSEC card with estimated 1Gbps performance
- Innovated security acceleration card: multi-processors, pattern matching engine, and highly programmable. Therefore it’s scalable to accelerate any new types of security application
- Non-ASIC solution – lower cost and quicker time to market
NetD Security Differentiator – Ease of New Applications
- Embedded / hardened Linux OS
- Third party applications can be developed, validated before integration
- Platform APIs available for third parties
- Security “component upgrade� vs.
system-wide firmware upgrade
NetD Security Differentiator – High Manageability
- Patent-pending ManageLiveâ„¢
- Management Plane / Control Plane / Data Plane architecture
- Statistics, counters, and logs are regularly updated to Management Plane
- Out-of-band mgmt accessible under severe attack
- User commands quickly set up filters / new signatures to block CPU-intensive attacks
|
|
|
