Cybervision Intrusion Detection and Management System Cybervision Vulnerability Assessment and Management System Cybervision Anti-DoS System
Cybervision Security Domain Monitoring System Cybervision Anti-spam system Cybervision Transparant Gateway Bypass Protector
Cybervision Network Security Audit System Cybervision SMS Filtering System Cybervision Website Anti-Defacement System
Cybervision Disaster Recovery System Cybervision Encryption Appliances Cybervision AIO-Hammer Firewall
 
 

Cybervision AIO-Hammer Firewall is a integrated security appliance built on leading-edge hardware. Based on intelligent stateful Inspection firewall , Cybervision AIO-Hammer integrates functions such as Deep Packet Inspection ( DPI ) , virus filtering gateway , VPN connectivity , user authentication and route/NAT. Cybervision AIO-Hammer supports comprehensive hierarchical security protection and powerful centralized management .

 Typical Deployment

                               


 Key Features

Operation Mode (Figure 1)
•  Layer 2 mode (transparent bridge mode)
•  Layer 3 mode (route and/or NAT mode)
•  Layer 2 and Layer 3 mixed mode

 Firewall Function
•  Access control based on Intelligent Stateful Inspection
•  Attack protection
•  DoS and DDoS protection
•  Deep Packet Inspection: embedded antivirus and URL filtering

 Routing
•  Static route
•  Policy-based routing
•  Equal cost multi-path routing
•  OSPF Dynamic routing protocol
•  RIPv1/v2 Dynamic routing protoco

 NAT Function
•  SNAT (Source Network Address Translation)
•  DNAT (Destination Network Address Translation)
•  PAT (Port Address Translation)
•  Static NAT
•  Dynamic NAT (IP Pool)
•  Policy-based NAT

VPN Function (Figure 2)
•  DES (56-bit), 3DES (168-bit) and AES encryption
•  MD-5 and SHA-1 authentication
•  Manual Key, IKE, PKI (X.509)
•  Perfect forward secrecy (DH Groups) 1, 2, 5
•  Prevent replay attack
•  Remote access VPN
•  L2TP within IPsec
•  IPsec NAT Traversal
•  Hub-spoke connector
•  Dynamic multi-point VPN
•  Compatible with other VPN products
•  Support VPN connection in the same segment

 User Authentication & Accounting
•  Local user authentication
•  RADIUS user authentication
•  VPN user authentication
•  802.1x user authentication
•  PPPoE user authentication
•  Web-based user authentication

VLAN Character (Figure 3)
•  Support VLAN relay
•  Support VLAN routing
•  Support VLAN TRUNK
•  Support 802.1Q

 NetFlow Traffic Analysis
•  Traffic Analysis based on source IP
•  Traffic Analysis based on destination IP
•  Traffic Analysis based on application
•  Traffic Analysis based on interface
•  Top N traffic rank
•  Top N session rank
•  Alarm on network traffic baseline



→ Specifications

AIO-Hammer 1000
AIO-Hammer 600

Firewall performance

2000 Mbps
1000 Mbps

168-bit 3DES performance

700 Mbps
300 Mbps

Concurrent sessions

650,000
300,000

New sessions/second

30,000
10,000
Policies
8,000
8,000

Interfaces

3 ¡ä GE £¨ Copper or Fiber £©
4 ¡ä 10/100/1000Base-T

MTBF

> 90,000 hours
> 90,000 hours
2005 copyright by Venus Info Tech Inc. And all rights reserved   Contact:pmc_ibu@venustech.com.cn