Home Page

Latest information security equipment
Desktop IPS Firewall Desktop IPS Firewall
Product Manual

In today's information-developed generation, the network system has become a tool that the world depends on, and its security and danger have also become the most important piece. Therefore, in the pursuit of using the Internet, people not only choose speed, but also have to be able to take into account defense in order to help companies protect private data and create a stable working environment.

HERHSIANG NGS 7H is a next-generation firewall device with both speed and security, and supports USB3.2 port, which can connect 3G and 4G / LTE USB as another WAN network backup option, with NAT processing performance up to 1.8 Gbps . In addition to the firewall function, NGS 7H also has many powerful functions such as IPS, anti-virus, bandwidth management, Internet behavior management, load balancing, content filtering, virtual private tunnel (IPSec VPN), and collaborative defense.

NGS 7H is suitable for small and medium-sized enterprises and SOHO network environments of different sizes, and once meets the needs of professional customers for network security defense. It helps enterprises to block all kinds of virus threats on the front line of the network gateway in real time, while still keeping the network with satisfactory high-quality performance. 

Balance performance and function
HERHSIANG NGS 7H, its hardware platform is carefully designed with X86 hardware devices, so that enterprise users can fully appreciate the security protection provided by HERHSIANG New Generation Firewall. For customers with high connectivity requirements, provide high-performance security modules to improve connectivity and support USB fast restore mechanism.
Two-Factor Two-Part Authentication            
Unlike many previous network services that use single-factor password authentication by default, Two-Factor Authentication (2FA), which combines two different authentication methods, users need to pass two or more authentication mechanisms before they can get Authorize access to the system resources provided by the service provider. There are many ways to verify, such as PIN code/fingerprint/scanning QR code/or one-time code and other auxiliary verification, and the purpose is to provide higher security for the account. This The two-factor authentication function combined with Google Authenticator uses the mobile phone owned by the user as the second authentication factor to achieve auxiliary authentication. The function is disabled by default. After enabling this function, the system will prompt you to enter a password and a one-time code. Can access your account.
HERHSIANG NGS next-generation firewall has three parts, supports two-step verification: account management/Internet authentication/SSL VPN             
IP v4 / v6 dual frequency technology
The IP v4 address is in short supply, and the IP v6 era is coming sooner or later, so HERHSIANG has integrated this trend when developing the next generation of Firewall. The same network interface, whether it is defined as WAN or LAN, can be bound at the same time. The IP address of v4 or v6, so NGS 7H is the same whether it is in pure v4 environment, v4/v6 hybrid, pure v6 environment.
Support SDN controller

Supporting SDN controller, more than one port group can be combined into ZONE, which is directly managed by SDN controller, and ZONE and ZONE packets are transmitted, and will also be detected by NGS 7H packet. It also has the function of VLAN 802.1Q, which can cut the internal network into several independent subnet segments, each of which has independent operation and does not interfere with each other.


SSL encrypted connection detection
With the ability to detect SSL traffic, it can apply intrusion detection defense, gateway anti-virus, content filtering and application bandwidth management when faced with SSL-encrypted connection traffic.
Load balancing

Provides outbound load balancing, and provides multiple load balancing algorithms. When one of the lines is disconnected, all network packets will automatically switch to another normal line, ensuring that the internal user network is unblocked. When the line is restored, the packet is buffered. It will be automatically assigned. The enterprise can set the load balancing rules according to the requirements, and the network access can perform the network traffic load balancing guidance by referring to the set rules. The algorithms are: automatic allocation, manual allocation, source IP allocation, and destination IP allocation.

 

IPS intrusion prevention
The IPS intrusion detection and prevention system provides more than 30,000 signatures, IPS It checks the contents corresponding to layers 4 to 7 of the OSI model, whether there are malicious attack programs, viruses, hidden in the TCP/IP communication protocol, and after the detailed content check, the qualified signature will be Marked out, once it is discovered, it can block the packet immediately, so that these malicious packets passing through the firewall are invisible.

 

Threat detection defense           

Providing the most complete defense-in-depth mechanism of the enterprise, the attack behavior of the current network cannot rely on single-point protection and requires complete defense in depth. With different levels of defense technology, it is possible to reduce the potential threat behavior that the enterprise may suffer. In addition to providing firewalls, intrusion detection systems (IPS) and anti-virus as the basis for enterprise security protection, Hexiang NGS 7H can enhance the detection of malicious programs for traffic, web pages and emails, and the related analysis of different security mechanisms. To play the role of defense in depth.

Mail gateway protection      
The enterprise already has a mail host, but the spam filtering performance is not good. The NGS 7H can be used as a mail gateway mode to supplement the original mail server, such as spam filtering and virus letter filtering. After filtering the virus and advertising mail through NGS 7H, send the clean mail to the mail host.
Virus letter filtering

Clam AV anti-virus engine protection, free Clam AV anti-virus engine, can detect millions of viruses, worms, Trojans, automatically scan for viruses, and automatically update virus files every day through the Internet. And provide virus mail search conditions. The administrator can set the poisoning mail processing method, including the automatic deletion, the poisoned mail extension file name and the poison mail notification letter. Kabbah antivirus engine is also available.

Abnormal IP analysis

Any network behavior, regardless of which software the user performs, is roughly divided into the number of connected and downloaded Connect Sessions, Flows, and Durations from the perspective of network packets. The combination of quantities estimates whether the user is using the network normally or has abnormal behavior. When an internal user's abnormal behavior is discovered, the administrator can take various strategies, such as blocking the Internet, immediately limiting its maximum bandwidth, enabling the collaborative defense mechanism to notify the switch to block it or notify the administrator.

Bandwidth Management (QoS)

Help network administrators control network traffic, effectively slow down corporate network congestion, improve serviceability and bandwidth usage. With QoS (Bandwidth Management), it can distribute limited bandwidth to all users. The difference with the general bandwidth manager is that the NGS 5H has a guaranteed bandwidth as well as maximum bandwidth and priority management. It also has a personalized bandwidth management design that allows for bandwidth management settings for individual users. If bandwidth management is used with personalized bandwidth management, the bandwidth reserved by the bandwidth management function can be allocated to users under the enterprise, which can effectively prevent the bandwidth from being exclusive to the user.

Content filtering
Provide Web Filter (Web Filter) to block inappropriate access to web pages (such as pornography, violence) and offensive web pages (such as hackers, viruses), and to set up filtering conditions to block inappropriate websites.
URL database management
The built-in "cloud URL database" automatically classifies web pages. Managers can easily control against harmful URLs. You can easily control them without having to enter the IP address and keywords of the website one by one. Any choice of harmful URLs is a source of sin. The best way to prevent blocking is to ban the use of the Internet. If it is not completely banned, using a constantly updated URL database is the best protection mechanism.
Online behavior record

Some employees of the company go online during work hours, do things that are not for work purposes, have small chats, and have a lot of secrets. In addition to limiting the permissions used by user-related applications, NGS 7H can also record related online behaviors, including browsing web pages and mail delivery. When a company has a leak, the information that has been saved is the best evidence used to prove it.

Traffic Analysis
Provides traffic analysis tools, whether it is the internal user computer on/off status, network traffic instant display, protocol assignment and traffic leaderboard, when the line is fully loaded, you can immediately find the traffic murderer.
Application management

Various network application softwares are not only difficult to manage, but also easier to become the best conduit for data leakage and virus attacks. NGS 7H has built-in multiple application management functions, including instant messaging, audio and video services, file transfer, P2P software, remote control, browser, VOIP, online games, network protocols, etc., which can easily control employees to use application software. Permissions to protect corporate network security.

VPN function

Use IPSec, PPTP, L2TP, and SSL VPN to secure connection between Site to Site, Point to Site, and remote users. Through these VPN mechanisms, users can connect to different devices, such as laptops, branch offices, business offices, mobile devices or homes, from different locations, including home and external public information service stations and the Internet. …Wait.

Among them, SSL VPN is the most important long-distance secure transmission connection between most enterprises, customers and partners. 


HERHSIANG Android SSLVPN APP


Graphical flow meter             

Provides a flow meter of the WEB interface, and draws the historical state of the system into a chart, so that the administrator can keep abreast of the current system operation status.

NGS 7H provides system status chart (including CPU load map, memory load map, system load), network traffic graph (LAN traffic, WAN1~WAN3 traffic), and provides query conditions to quickly search each traffic status history.

 DashBoard (purchase)              
Provide common threat statistics, APP analysis, mail analysis charts, IPS analysis, WEB analysis, defense analysis, real-time dynamic session analysis and reports.

 

LOG             

Provides a variety of logs, such as log in/out log, system network settings, regulations and targets, network services, advanced protection, IPS, mail management, content logging, VPN, etc. and a detailed log search system.


It is used for debugging analysis, evaluation of system performance, and proof and tracing basis when it is illegally invaded.  

6P+4P10G fiber IPS NG-UTM 6P+4P10G fiber IPS NG-UTM
Product Description

NGS 5952HTG is a network security device that complies with Next Generation UTM specifications. It has high operational efficiency, multiple security protection mechanisms, and hierarchical authorization management. It is the first choice for network security and management equipment for medium and large enterprises.


NGS 5952HTG has the powerful functions of a new generation of firewalls, including Deep Packet Inspection (DPI)-based application identification and control, In-Line IPS, SSL analysis and blocking, Web Filtering, bandwidth management, anti-virus, spam filtering, and It supports external authentication integration and other functions, which can prevent hackers from maliciously sneaking into attacks or unauthorized access to internal network resources. In addition, NGS 5952HTG also supports dual-machine backup mechanism (HA), which can ensure that the equipment is continuously running.

feature of product

NGS 5952HTG is also a core switch supporting Layer 2-Layer 7, which can directly replace the traditional Layer 3 core switch and meet the requirements of the next-generation Software Defined Network (SDN) core switch.


Integrate the centralized management of wireless base stations and network-managed switches to create an integrated wired and wireless security protection, allowing administrators to take care of both inside and outside, and can be used as the second layer as an intranet security firewall (ISFW).

Balance performance and function

HERHSIANG NGS 5952HTG, its hardware platform is carefully designed, using X86 hardware equipment, the purpose is to allow enterprise users to fully experience the security protection functions provided by HERHSIANG's new generation UTM.


For customers with high connectivity requirements, we provide high-performance security modules to improve connectivity and support the USB quick recovery mechanism.

Two-Factor Two-Part Authentication (Version 9.0.2.3 supported)
Unlike many previous network services that use single-factor password authentication by default, Two-Factor Authentication (2FA), which combines two different authentication methods, users need to pass two or more authentication mechanisms before they can get Authorize access to the system resources provided by the service provider. There are many ways to verify, such as PIN code/fingerprint/scanning QR code/or one-time code and other auxiliary verification, and the purpose is to provide higher security for the account. This The two-factor authentication function combined with Google Authenticator uses the mobile phone owned by the user as the second authentication factor to achieve auxiliary authentication. The function is disabled by default. After enabling this function, the system will prompt you to enter a password and a one-time code. Can access your account.
HERHSIANG NGS next-generation firewall has three parts, supports two-step verification: account management/Internet authentication/SSL VPN
IP v4 / v6 dual-band technology
There is a shortage of IP v4 addresses, and the era of IP v6 will come sooner or later, so HERHSIANG has integrated this trend when developing the next generation of UTM. The same network interface, whether it is defined as a WAN or a LAN, can be bound at the same time The IP address of v4 or v6, so no matter it is in a pure v4 environment, v4/v6 mixed, pure v6 environment, NGS 5952HTG is equally applicable.
Support SDN controller

Supports SDN controller, which allows more than one Port to be combined into a ZONE, which is directly managed by the SDN controller, and the transmission of ZONE and ZONE packets will also pass the packet inspection of NGS 5952HTG.


It also has the function of VLAN 802.1Q, which can cut the internal network into several independent subnet segments, each of which operates independently and does not interfere with each other. .


SSL encrypted connection detection
With the ability to detect SSL traffic, when faced with SSL encrypted connection traffic, it can apply functions such as intrusion detection and defense, gateway anti-virus, content filtering, and application bandwidth control.
Load balancing

Provides outbound and inbound load balancing, and provides multiple load balancing algorithms. When one of the lines is disconnected, all network packets will be automatically redirected to another normal line to ensure that the internal user network is smooth. When the line is restored, the packet It will be automatically assigned again.


Enterprises can set their own load balancing rules according to their needs, and network access can refer to the set rules to perform network traffic load balancing guidance. Algorithms include: automatic allocation, manual allocation, allocation by source IP, and allocation by destination IP.

 

IPS intrusion prevention
The IPS intrusion detection and prevention system provides more than 30,000 signatures, IPS will check the contents corresponding to the 4th to 7th layers of the OSI model, whether there are malicious attack programs and viruses, hidden in the TCP/IP communication protocol. After detailed content inspection, the qualified signatures will be Mark it out, once discovered, the packets can be blocked immediately, so that these malicious packets passing through the firewall will be hidden from view.


Threat detection and defense

Provide enterprises with the most complete defense-in-depth mechanism. Today's network attacks cannot only rely on a single point of defense but require complete defense-in-depth. Only by using different levels of defense technologies can companies reduce potential threats.


In addition to providing firewalls, intrusion detection systems (IPS), and anti-virus as the basis for enterprise information security protection, Hexiang NGS 5952HTG can strengthen the detection of malicious programs for traffic, web pages and emails, and analyze the correlation of different security mechanisms. , To play the role of defense in depth.

WAF ( Web Application Firewall )

Web application firewall is a product that provides protection for Web server applications by implementing a series of security policies for HTTP/HTTPS.


WAF's job is to parse the web application layer data, perform multiple conversions of different encoding methods to restore the attack plaintext, combine the deformed characters and analyze it, which can be better than the combined attack from the web layer. Providing application layer rules WEB applications are usually customized. Traditional rules for known vulnerabilities are often not effective enough. WAF provides special application layer rules and has the ability to detect deformed attacks, such as detecting mixed attacks in SSL encrypted traffic           


Mail gateway protection

The enterprise already has a mail host, but the spam filtering performance is not good. You can use NGS 5952HTG as a mail gateway mode to make up for the insufficient functions of the original mail server, such as spam filtering and virus filtering.


After filtering viruses and advertising mail through NGS 5952HTG, the clean mail is sent to the mail host.

Virus filtering

The system provides Clam AV anti-virus engine for free, which can detect more than millions of viruses, worms, and Trojan horse programs. It can automatically scan emails for viruses, automatically update virus files through the Internet every day, and provide virus mail search condition.


Administrators can set the processing methods of poisoned emails by themselves, including automatic deletion, storage of poisoned email extensions, and the subject of the poisoned email notification letter. The new generation UTM has a built-in Kabbah anti-virus engine for one year. Customers can purchase and continue to enjoy the Kaspersky anti-virus engine leader with the highest scanning rate and the strongest virus repair.

Spam filtering
Either internal mail or external mail can be filtered, and provide ST-IP network credit evaluation, Bayesian filtering, Bayesian filtering automatic learning mechanism, automatic whitelist mechanism, spam feature filtering and fingerprint identification method, etc., and there are black , Whitelist comparison and intelligent recognition learning database (Auto-Learning), you can even set personalized rules, flexibly formulate filtering rules, deal with spam, and ensure comprehensive protection without misjudgment, with an accuracy rate of more than 95%. Mail filtering can perform actions such as forwarding, deleting, and blocking letters that meet the filtering conditions set by the administrator.
Abnormal IP analysis

Any network behavior, no matter what kind of software the user runs, is roughly divided into the number of uploads and downloads (Connect Session), flow (Flow) and duration (Time) from the perspective of network packets, by detecting these The combination of the numbers, it is estimated that the user is using the Internet normally or has abnormal behavior.


When an abnormal behavior of internal users is discovered, the administrator can adopt a variety of strategies, such as blocking the Internet, immediately limiting its maximum bandwidth, enabling a collaborative defense mechanism to notify the switch to block it, or notifying the administrator.

Bandwidth Management (QoS)

Assist network administrators to control network traffic, effectively reduce corporate network congestion, and improve serviceability and bandwidth utilization.


With QoS (bandwidth management) function, the limited bandwidth can be allocated to all users.


The difference from the general bandwidth manager is that NGS 5952HTG not only provides maximum bandwidth and priority management, but also has the function of guaranteeing bandwidth. And it also has the design of personalized bandwidth management, which can set the bandwidth management for individual users.


If bandwidth management is used with personalized bandwidth management, the bandwidth reserved by the bandwidth management function can be redistributed to users under the enterprise, which can effectively prevent the phenomenon of bandwidth being monopolized by users.

Content filtering
Provide Web Filter (web page filtering) function, can block the work end access to inappropriate web pages (such as pornography, violence) and offensive web pages (such as hackers, viruses), and can set filter conditions to block inappropriate websites.
Sandstorm Malware Filtering Mechanism

Advanced Sandstorm can effectively detect unknown advanced malware attachments, such as common Microsoft, Word, Excel, Power Point or PDF; or targeted phishing emails, and even compressed files, such as ZIP and RAR.

Before scanning emails for Spam or Virus, Sandstorm Defense compares suspicious attachments, isolates problematic emails, and exposes potential malicious programs to avoid affecting users' email reception.             

URL database management [optional 3rd party database (optional)]

The built-in "cloud URL database" automatically classifies web pages. As long as the administrator prevents blocking of harmful URL networks, it can be easily controlled. There is no need to input website IP addresses, keywords... to block them one by one.


Randomly clicking on harmful URLs is the source of evil. The best way to prevent blocking is to prohibit the use of the Internet. If it cannot be completely prohibited, the URL database that is updated from time to time is the best protection mechanism.

Full record of online behavior

Some employees of enterprises use the Internet during working hours to do non-work purposes, chatting is small, and leaking secrets is a big deal.


NGS 5952HTG can not only limit the user's authority to use related applications, but also record related online behaviors, including browsing web pages and sending and receiving emails. When a company leaks secrets, the information that has been preserved is the best evidence to be used as evidence in court.

Traffic Analysis
Provide traffic analysis tools, whether it is the internal user's computer power on and off status, real-time display of network traffic, communication protocol distribution and traffic rankings, when the line is fully loaded, the traffic culprit can be found immediately.
Application management [Optional 3rd party database (optional)]

Various network application software is not only difficult to manage, but also easily becomes the best channel for data leakage and virus attacks.


NGS 5952HTG has built-in multiple application management functions, including instant messaging, audio-visual services, file transfer, P2P software, remote control, browser, VOIP, online games, network protocols, etc., which can easily control the use of application software by employees Permission to protect corporate network security.

Graphical flow meter       

Provides flow meter on the WEB interface, and plots the historical status of the system into a chart, so that the administrator can easily grasp the current system operation status at any time.
NGS 5952HTG provides system status chart (including CPU load chart, memory load chart, system load), network traffic chart (LAN traffic, WAN1~WAN13 traffic), and provides query conditions to quickly search the history of each traffic status.

Threat Intelligence Meter
Provide common threat statistics, APP analysis, mail analysis charts, IPS analysis, WEB analysis, defense analysis, real-time dynamic session analysis and reports.


LOG

Provides a variety of logs, such as log in/out log, system network settings, regulations and targets, network services, advanced protection, IPS, mail management, content logging, VPN, etc. and a detailed log search system.


It is used for debugging analysis, evaluation of system performance, and proof and tracing basis when it is illegally invaded.             

VPN function

Use IPSec, PPTP, L2TP, SSL VPN to securely connect between Site to Site, Point to Site and remote users.


Through these VPN mechanisms, it is convenient for users to connect to different devices from different locations, including home, external public information service stations, and the Internet, such as laptops, branch offices, business locations, mobile communication devices, or at home …Wait.


Among them, SSL VPN is currently the most important long-distance secure transmission connection between most enterprises, customers and partners.

          


HERHSIANG Android SSLVPN APP


Definition of UTM

IDC defines UTM information security hardware equipment as: it contains multiple security functions integrated into a single hardware device, which must include network firewall, network intrusion detection and defense, and gateway anti-virus. All functions on this device do not need to be fully utilized, but must be built-in, and individual components cannot be cut.


In order to test these devices, NSS Group clearly defined UTM devices as a single device with functions such as firewall, VPN, IDS/IPS, anti-virus, anti-spam, URL filtering, content filtering, etc. The detailed definitions are as follows:


* Firewall: Deployed at the network boundary, a powerful state NAT firewall is required.


* VPN: It is often deployed on the enterprise wide area network as a branch office network solution. Basically, it is necessary to be able to establish a small number of secure VPN channels.


* IDS/IPS: The firewall can only enforce policies. If the policy allows incoming HTTP traffic to the website server in the DMZ zone, the firewall cannot prevent hackers from damaging the target website server from the HTTP protocol. The IPS function will detect and block such intrusions that attempt to use the network boundary to break in, and prevent malicious network flows from reaching the server. The IDS function can detect intrusions and issue warnings, but it cannot block malicious traffic.


* Antivirus: The gateway antivirus filter can prevent inbound virus traffic on the network boundary, strengthen the computer desktop security, and block them before they reach the desktop. The solution can also prevent internal computers from being infected by viruses from outside the corporate network. .


* Anti-spam: Gateway anti-spam can mark incoming emails, allowing further processing by computer filtering solutions. The solution can prevent internal hosts from sending spam messages outside the enterprise.


* URL filtering: Using a continuously updated URL classification database, a set of gateway URL filtering solutions can prevent employees from accessing unpleasant or inappropriate websites from within the corporate network.


* Content filtering: Scan specific content of webpages and mail traffic. Gateway content filtering solutions can prevent unpleasant or inappropriate content from passing through or being sent out from the corporate network.

MD 1U Mail Server MD 1U Mail Server
High-quality hardware and full-featured firmware configuration       

Host hardware planning:
It adopts a server board with strong stability, an industrial-grade chassis, and an industrial-grade power supply. (Customers have used it for 10 years)


Data Security Planning:
One PCIe NVMe M.2 SSD is used for the data disk, one HDD is used for the system backup disk, and the two are automatically synchronized.


Advantages of security planning:
ONBOARD synchronization is faster than USB and network backup, which can ensure that the data is saved in a short time. When the data disk fails and the data is damaged and cannot be used, MIS can directly use the system backup disk as a data disk, and the recovery speed is fast without waiting Long recovery time.
  
Strong capacity expansion capability:

The memory can be expanded to the maximum capacity of the motherboard. When the data disk capacity is insufficient and the capacity needs to be expanded, a larger capacity HDD can be purchased. After synchronizing the settings with the system backup disk, it can be used directly as a data disk to have increased capacity data. Space is available. (Please call us for the recommended maximum capacity that can be used)


Firmware full function configuration:
The firmware function of MDS mail server adopts full-featured configuration. Apart from Kaspersky anti-virus, H169 has no other optional functions. HERHSIANG has the concept of using it, which can reduce the delay of some necessary processes. One-time purchase It is enough to meet the needs of the company in real time.


10G network speed model (optional)
HERHSIANG provides optional 10G speed models. In addition to the network speed of 10G [SPF+ interface (GBIC (RJ45/single-mode/multi-mode) is optional), the speed of speed is equipped with PCIe NVMe M.2 SSD so that enterprise organizations can also Can enjoy the thrill of speed.

Support Wake-on-LAN
It is recommended to use a UPS uninterruptible power system. When the power is restored, the UPS needs to wait for the battery capacity to charge up to the set percentage, and then wake up the remote device function.
Generally, the equipment needs to wait until the UPS battery is completely out of power to 0% to restore the power supply before starting the remote equipment.
Related functions can prevent the remote device from being unable to start the remote device after the power supply is restored after the remote device has been automatically shut down in advance when the UPS battery still has power.
SSD Solid State Drive & Traditional Hard Drive Advantages and Disadvantages

Advantages of SSD Solid State Drive
Fast reading speed
Light, thin and short
silently
less afraid of shaking


Disadvantages of SSD solid state drives
The disadvantages of SSD, in fact, are exactly opposite to the advantages of traditional hard drives.
The capacity is not high, and if the capacity is large, it will cost more
If it is bad, it will be bad without warning, and it will be more difficult to deal with than the traditional one.
Fault can not rescue data


Advantages of traditional hard drives
large capacity
Cheaper than SSD!
There will be some symptoms before failure
Fault Rescue Information


Disadvantages of traditional hard drives
Big size
Difficult to work in a shaking environment
noise and vibration
Read speed is slower than SSD             

Decentralized Mail Architecture         
It can be used by enterprises, institutions or schools that provide multi-site or large-volume mail needs. It can speed up the delivery of mail. The database, account and mail communication records between the main machine and the auxiliary machine will all be synchronized with each other through encrypted channels. , for the contact records of all mail, no matter whether it is outbound, inbound or internally sent to each other, it will be collected into the database of the computer center's mail service in the end, in case there is a problem, you want to check The email communication records are all based, and the mail host of the external point (secondary machine) receives and sends mail to the local mail host, without waiting for the reply from the remote host, which speeds up the mail processing speed and has remote backup. assistance mechanism.
Support IPV4 / IPV6 address          
The built-in IPV4/V6 dual-frequency DNS server provides the functions required for complete DNS services, such as DNS forward check, reverse check, A, AAAA records, etc., which solves the inconvenience and trouble of setting up DNS servers by the administrator.
easy to install       
All management items of MDS H169 can be set by browser software, so your computer does not need to install any software, and provides Anti-Spam and Anti-Virus filtering functions.
Home Details         
MDS H169 home page provides detailed system status information, including dynamic CPU RAM HDD, system time, mail traffic statistics, mail server information and mail server service.
Multi-domain independent mail system function         

MDS H169 has the function of multi-domain independent mail system (multi-DOMAIN). In addition to setting the domain name of its own head office, if an enterprise also needs to receive letters with domain names of other branches, it can enter other domain names on the system.


MDS H169 multi-domain name has no limit on the number of items, allowing the mail system of an enterprise to have multiple mail domain aliases at the same time.             

Exclusive IOS & Android Mail App
MDS H169 provides an exclusive App for sending and receiving messages, which is installed on mobile phones or tablets synchronously with Webmail through 3G or 4G at regular intervals, allowing you to keep track of email messages at any time. 


 
email firewall       
Back through abnormal traffic detection, authentication anomaly detection, authentication and sender confirmation can perform in-depth mail detection and filter out traditional firewalls that cannot intercept email Mail threats, all advertising spam, mass mail attacks, implanted Trojan horses, dictionary attacks or hacker attacks, etc., can be filtered by the email firewall layer by layer to protect the security of corporate email operations.
Mail Gateway Protection           
High-efficiency spam filtering function, which can be safely deployed at the front of the mail server. The Mail Gateway solution adopts OS64 3.0 technology and a multi-layer mail scanning mechanism, which can effectively block the increasing spam, virus, malicious mail, springboard, and phishing Threats such as sending emails and spyware can help enterprises effectively manage email security protection and improve email service quality.
Multi-layer spam filtering mechanism         
In addition to the built-in gray list, fingerprint identification method, black and white list setting, IP address anti-decoding verification, SPF verification, sender exception verification, DKIM verification function, MDS H169 mail server also has content link filtering and abnormal sending The detection protection mechanism can filter and analyze the URL of the email body, and can detect and scan the compressed attachment (ZIP/RAR). Anything that does not meet the rules can be filtered or blocked, which can greatly reduce the threat attacks from emails .
Spam smart learning mechanism       

Phishing email attacks and infiltration methods have been constantly improving. From emails, pictures, file folders, web advertisements, system vulnerabilities to encrypted extortion, there are all possible infiltration paths.


MDS H169 utilizes advanced tools (smart learning) to interpret all incoming and outgoing email data and analyze possible hidden threats.


For example: use the spam classification engine to automatically learn the letter characteristics of SPAM and HAM to help identify thousands of possible malicious programs or virus bodies.


MDS H169 will deal with the complex issue of emails. Through the concept of interconnection and data sharing, the email data will be passed through the cloud intelligent learning system to prevent and track the source of malicious attacks.

Sandstorm Malware Filtering Mechanism         
Advanced Sandstorm can effectively detect unknown advanced malicious program attachments, such as common Microsoft, Word, Excel, Power Point or PDF; or targeted phishing emails, and even compressed files, such as common ZIP and RAR, Sandstorm defense Before corporate emails are scanned for Spam or Virus, suspicious attachments are compared first, and problematic emails are isolated to reveal hidden malicious programs and avoid affecting users' email reception.
Ransomware Protection      

Administrators can compare the subject, attachment files (zip/rar), and file extensions through the setting of rules and regulations, and isolate and block emails that may be attacked by ransomware emails, reducing the harm of enterprises from ransomware attacks. In addition, email attacks not only use file folders to infiltrate, but also include malicious link URLs in the content to trick users into clicking.


The MDS H169 mail system provides a URL content link filtering database, which breaks through the general filtering and targets the source IP or domain of the sender. MDS H169 adds the IP and domain in the content, which can effectively prevent ransomware attacks.

Virus mail filtering [ Kaspersky Kaspersky (optional) ]  

Built-in two sets of anti-virus engines, Calm AV anti-virus engine (free), Kaspersky Kaspersky (optional). The anti-virus software Clam AV can detect more than 4 million viruses, worms, and Trojan horse programs. Regardless of email, WEB, or FTP, it will automatically scan for viruses, automatically update virus files through the Internet every day, and provide virus email rankings list report.


Automatically check and update the virus pattern every day. Paid Kaspersky Antivirus (Kaspersky) provides enterprises with top-level network security protection under the balance of performance and detection, against viruses, malware, spam and other threats.

SPF and DKIM authentication mechanism

SPF sender source verification can filter out letters sent by illegal hosts forging legal domains; DKIM domain verification emails can be used to prevent mail content from being tampered with.


When sending an email, the Server signs the email with the private key, and confirms the public key information recorded above through DNS to the sender's domain. Whether it can be successfully paired with the private key means that the email is indeed sent by the original sender. Both the receiving end and the sending end can use DKIM to verify and prevent spammers from sending spam through fake mail senders and fake private key signatures.

Email encryption (TLS) ensures secure email delivery     
MDS H169 mail server supports TLS (MDS / MDispersion full series models), so that when users send and receive mail through SMTP, POP3 or IMAP, the mail will be transmitted by TLS encrypted connection, so that the mail data can be transmitted between the personal device and the mail host When passing between files, it can be encrypted to prevent it from being stolen.
"Mail Security Signature" Authentication Mechanism

Most hacker attack methods will steal the recipient's letter, forge the sender to reply to fraud, and in order to prevent the recipient from being received by the original sender when the recipient replies for verification, the sender's name will be partially altered , so that recipients do not suspect him and be deceived.


MDS H169 mail security signature, providing a personal verification stamp and formulating a signature icon, so that the recipient can connect to the sending mail host through the link after receiving the letter to confirm the content of the original letter, and check to confirm that the letter has been sent Whether the filer and the content are consistent and consistent.        

Email content auditing and filtering         

According to corporate regulations or internal rules of the organization, automatically filter and scan emails to detect inappropriate email behavior.


It can not only scan the complete email content, but also conduct keyword scanning for individual domains of email flow (outbound, internal, and outbound), and process methods that meet the filter conditions, such as quarantine, delete, block sender IP, and send notifications Letters, CCs, etc., assist system administrators in complying with internal and external regulations.        

Personal information law filtering protection 
In response to the protection of personal information law, provide email personal information filtering protection function, filter and audit settings for emails with sensitive personal information, administrators can directly choose to check the audit ID number, credit card number, phone number, mobile phone number, date of birth and other filter conditions for control.
Mail record function backup             

For all the mails entering and leaving the mail server or mail gateway, together with the entrained files, all are recorded. If the user's computer mail disappears, it can be forwarded to the user by the recorder, and it can be automatically backed up to Network Neighborhood or FTP at regular intervals Server, and provide corresponding fields for quick query and interception reason query, which can help administrators understand the status of mail exchanges.


You can also quickly search and read email data that is backed up externally. The most important thing is that the format of the stored email is eml, which can be easily read or searched under any operating system.

Letter Painless Transfer          
It has the function of automatic account creation, which can automatically convert the original mail host account and letters. The administrator does not need to re-enter the account number and password, reducing the trouble of changing the old and new mail hosts and account creation. In addition to automatic account creation/transfer settings, it also provides manual creation of user accounts, AD account integration and other modes.
Decentralized control of management authority          
According to the policy of separation of powers and responsibilities of the enterprise department, the authority and management items of each administrator to log in to the management interface can be defined, including email records, user management, system management, log query, audit management, traffic statistics, POP3 proxy, etc.    
Various statistical reports        
Provides diverse and easy-to-read statistical report information—including traffic rankings, POP3 traffic rankings, personal data reports, user traffic rankings, letter type distribution, audit isolation rankings, device risk password rankings, spam source rankings, etc. Various statistics Auxiliary charts, and can set the way the charts are arranged.         
Dual machine (HA) and remote backup function 

"Create a network that is never disconnected", dual-machine backup can allow the main mail host of the enterprise to operate abnormally and stop working, the backup mail host will automatically take over as the main mail host, allowing the enterprise mail host to maintain 24 hours working normally.


The remote backup is to build a dedicated mail host in the head office and branch offices. When the mail host in any place fails, the system can automatically switch to another host to keep running. It is not necessary for the enterprise to send and receive emails There is a problem of interruption, so as to achieve a real remote backup service.


Responsive Webmail

In response to the popularization of mobile phones in the trend of the times, the HERHSIANG mail server has a built-in responsive WEBMAIL, which supports computer/laptop/tablet/mobile browsers to facilitate sending and receiving messages outside.


Any location is not limited, as long as you browse, write and send and receive emails directly through the browser (https), the connection transmission process is protected by encryption protection mechanism to ensure the security of email communication.


In addition, it also provides many friendly operation functions, such as: email dragging, email preview, login verification, email subject association, content quick search, multi-level folders, personal email rules, personal signature files, and more importantly, shared folders , Auto-reply forwarding, delay sending letters... and many other powerful functions.


Outlook express style Webmail (transition module)           

The HERHSIANG mail server has a built-in Outlook like Webmail, which is similar to the Outlook express style user interface, which is convenient for users to operate and use immediately.


Any location is not limited, as long as you browse, write and send and receive emails directly through a browser (http or https), the connection transmission process is protected by an encryption mechanism to ensure the security of email communication.


In addition, it also provides many friendly operation functions, such as: email dragging, email preview, login verification, email subject association, content quick search, multi-level folders, personal email rules, personal signature files, and more importantly, shared folders , Auto-reply forwarding, delay sending letters... and many other powerful functions.


Webmail folder sharing ( cloud hard drive )

The MDS H169 mail host cloud hard disk provides a shared space for all users. Users can share promotional materials, presentation materials, technical documents, market information, etc., and can quickly upload or download files through the interface, and classify these files. Some are private, and some can be made public. Users can go to the Webmail website to grab the information at any time if they want to inquire about it.


When the attached file of the mail is too large, the mail server provides that the file exceeding the file size limit can be converted into a hyperlink on the administrator side.

Webmail 2-step verification

Passwords can be stolen by users using the same password on multiple websites, downloading software over the Internet, clicking links in email messages, and more.


MDS H169 Webmail uses a two-step verification mechanism to ensure account security through LINE notification verification or backup EMAIL.


Even if someone in the wrong hands steals your password, 2-step verification keeps your account safe.

POP3 proxy

In addition to the company email account, the user may have other important accounts in use. To grasp the latest information, it is often necessary to log in to different browser pages to collect all the letters at once.


In order to save the time and convenience for users to receive mail, HERHSIANG mail server provides POP3 proxy function, which can receive all mails uniformly through the account of the machine, and users can also set their own POP3 proxy function through the Webmail interface.

Oversized attachment sending function       
The MDS H169 distributed architecture mail server mail sending method eliminates the problem of capacity limitation. It adopts the method of replacing the attachment file of the letter with hyperlink download. When the sender's transmission capacity exceeds the administrator's setting, the user will receive the When sending a letter, it will quickly download the file information in http mode or encryption mode (https).
Push Mail mobile mail

With the popularization of mobile Internet devices, when business personnel go out, they have no way to receive customer E-mail messages in real time. How can they quickly grasp the latest and most important information in the mailbox?


The Push Mail function of the MDS H169 mail host allows you to shorten the distance between you and your customers.


Whether using a tablet computer or a smart phone, users can receive the latest email information through the Internet anytime, anywhere.

e-newsletter delivery system   
E-newsletter is an indispensable marketing tool for business operations. Companies often have many new products on the market. Of course, the promotion of old products is not a problem. In the past, most new product descriptions were sent to customers by email. E-mail delivery is time-saving and convenient.    
Co-signature file (email disclaimer)      
For emails sent out by the company, the company's common signature file (including the mail disclaimer) can be automatically added. Different content can be set according to different domain names, and the administrator can set the content of the signature file by himself, and the account that does not apply the shared signature file with IP address.
Synchronization integration of Outlook address book and Google calendar       

Allowing users to use the webmail and outlook address book lists (including groups) synchronously, MDS H169 provides the Outlook Connector communication synchronization integration function, no matter you use it on the Outlook or Webmail interface, they can be synchronized with each other quickly and regularly, allowing you to E-mail is easier and more convenient to use.


The MDS H169 mail server calendar can be integrated with Google Calendar, and all schedules can be viewed on the same page, whether it is meetings, work or private leisure time, it can be easily arranged.             

personal calendar

The easy-to-use calendar tool included in Webmail can also help you manage daily events and calendars.


It also provides a group calendar function, allowing you to keep track of all department-related activities at the same time.


MDS H169 Webmail calendar not only has the operation settings of the web version, but also provides APP applications (including IOS and Android), which can synchronize schedules.Webmail

easy management 

Use the web method to set and update the firmware, the operation screen can be switched to traditional Chinese/simplified Chinese/English at any time, and the remote control service of ping/http/https can be turned on/off at will.


It also provides a variety of network testing tools, including PING, Traceroute, DNS query, Port query and other tools.

Email encryption and compression (whole email or attachment)        

MDS H169 mail host allows enterprises to provide a more secure operation structure for gateway and terminal under the existing mail system structure.


Administrators can convert their entire .eml emails to encrypted PDF files for specific personnel, or encrypt and compress only the attachments of their emails to ensure that emails are stolen during transmission and leak important information.


The receiver can use the PDF reader program when receiving the email, and enter the password to view the original email content, including the attachment files of course.

System backup restore

In addition to the high-quality configuration of the hardware, for the set backup content, the backup is performed at a specified time, and the USB slot on the HERHSIANG mail server interface can be directly used for backup, which makes maintenance convenient for the administrator.


After the whole machine is backed up with USB HDD, if the local system hard disk fails, you can also choose the USB system backup disk to be used when starting up, and the whole machine will return to the state before backup, which can replace the tape drive The system does permanent storage.

Hard drive auto detection (PCIe NVMe M.2 SSD fully automatic)        

For mail hosts, the hard disk plays an important role like the heart of the human body. It stores all the emails of the company. If the company does not have a good backup mechanism, there may be data loss when the hard disk is damaged. At this time, it is possible to remedy it. It's too late.


In view of this, the MDS H169 mail host provides an automatic hard disk detection mechanism. Through real-time detection, the health status of the hard disk can be grasped, and relevant warnings can be provided, so that the administrator has an additional security precaution.


hardware specification     

DDRIII-RAM: 8GB

PCIe NVMe M.2 SSD 1000GB*1 ( Micron P3-Series )

SATA-III 3.5" HDD 1000GB*1 [Change Singe Port 10GbE SFP+ fiber optic network model to 2.5" SSD]

Console: On-Screen Keyboard

USB 3.0 Port: 2 / USB 2.0 Port: 2

Number of people: no limit

System Management

Admin settings using a browser ( HTTPS )

Supported Service Agreement

ICMP, HTTP, HTTPS, SMTP, SMTPS, POP3, POP3S, IMAP, IMAPS

OnBoard web interface

1 LAN / 1 HA (All Giga Port) [Singe Port 10GbE SFP+ fiber optic network model(LAN)]

use environment

Working environment temperature: 0~60°C / Working environment humidity: 5%~95%

Safety certification

FCC,CE,UL,cUL

Model Dimensions

385mm (D) x 145mm (H) x 565mm (W)

Power Supplier

Input Power : 100~250 VAC (Auto Switching) / Power Supply: 250 Watts

Placement method: rack mount

MD Wall Mail Server MD Wall Mail Server
High-quality hardware and full-featured firmware configuration              

Host hardware planning:
Adopt a stable server motherboard, industrial-grade chassis, industrial-grade power supply. (Customers have used it for 10 years)

Data security planning:
The data disk uses 1 PCIe NVMe M.2 SSD, the system backup disk 1 HDD, and the two are automatically synchronized.


Advantages of security planning:

ONBOARD synchronization is faster than USB and network backup, which can ensure that the data is saved in a short time. When the data disk is faulty and the data is damaged and cannot be used, MIS can directly use the system backup disk as a data disk, and the recovery speed is fast without waiting. Annoyingly long restoration time.
 
Strong capacity expansion capability:

The memory can be expanded to the maximum capacity of the motherboard. In addition, when the data disk capacity is insufficient and the capacity needs to be expanded, it also supports 3 empty hot extraction boxes. A larger capacity HDD can be purchased. After the settings are synchronized with the system backup disk, the data can be directly used Use the disk to increase the data space available. (Please call us for the recommended maximum capacity that can be used)


Full firmware configuration:
The firmware of MDS mail server adopts a full-featured configuration. In addition to Kaspersky Anti-Virus, H169 does not have other optional functions. HERHSIANG needs to use the existing concept, which can reduce the time wasted by some necessary processes. It is enough to meet the company's needs in real time.


10G network speed model (optional)
HERHSIANG provides optional 10G speed models. In addition to the network speed of 10G [SPF+ interface (GBIC (RJ45/single-mode/multi-mode) is optional), the speed of speed can be matched with PCIe NVMe M.2 SSD so that enterprise organizations can also Enjoy the thrill of speed.     

Support Wake-on-LAN
It is recommended to use a UPS uninterruptible power system. When the power is restored, the UPS needs to wait for the battery capacity to charge up to the set percentage, and then wake up the remote device function.
Generally, the equipment needs to wait until the UPS battery is completely out of power to 0% to restore the power supply before starting the remote equipment.
Related functions can prevent the remote device from being unable to start the remote device after the power supply is restored after the remote device has been automatically shut down in advance when the UPS battery still has power.
SSD Solid State Drive & Traditional Hard Drive Advantages and Disadvantages

Advantages of SSD Solid State Drive
Fast reading speed
Light, thin and short
silently
less afraid of shaking


Disadvantages of SSD solid state drives
The disadvantages of SSD, in fact, are exactly opposite to the advantages of traditional hard drives.
The capacity is not high, and if the capacity is large, it will cost more
If it is bad, it will be bad without warning, and it will be more difficult to deal with than the traditional one.
Fault can not rescue data


Advantages of traditional hard drives
large capacity
Cheaper than SSD!
There will be some symptoms before failure
Fault Rescue Information


Disadvantages of traditional hard drives
Big size
Difficult to work in a shaking environment
noise and vibration
Read speed is slower than SSD

Decentralized mail architecture
For companies, institutions, or schools that provide multi-site or high-traffic e-mail needs, it can speed up mail delivery and communication. The database, account number, and e-mail communication records between the main and auxiliary machines will be synchronized with each other through encrypted channels. For the communication records of all mails, whether it is outbound, inbound or internal mails of each outbound point, will be aggregated into the database of the mail service of the computer center, in case you want to query The communication records of the mails are all based, and the mail hosts of the external point (slave) all receive and send mails from the local mail host. There is no need to wait for the reply from the remote host, which speeds up the processing speed of the mail and has remote backup Aid mechanism function.               
Support IPV4 / IPV6 address            
The built-in IPV4 / V6 dual-frequency DNS server provides the functions required for a complete DNS service. For example, DNS forward check, reverse check, A, AAAA records, etc., solve the inconvenience and trouble of the administrator to set up the DNS server.                              
Easy to install
All management items of MDS H169 can be set by browser software, so your computer does not need to install any software, and provides Anti-Spam and Anti-Virus filtering functions.              
Home details 
MDS H169 homepage provides detailed system status information, including dynamic CPU RAM HDD, system time, mail traffic statistics, mail server information and mail server services.                 
Multi-domain independent mail system function

MDS H169 has the function of multi-domain independent mail system (multi-DOMAIN). In addition to setting the domain name of its own head office, if an enterprise also needs to receive letters with domain names of other branches, it can enter other domain names on the system.


MDS H169 multi-domain name has no limit on the number of items, allowing the mail system of an enterprise to have multiple mail domain aliases at the same time.

Exclusive IOS & Android Mail App
MDS H169 provides a dedicated App sending and receiving program, which is synchronized with Webmail and installed on a mobile phone or tablet through 3G or 4G, allowing you to keep track of mail messages at any time.                         




Mail firewall
Through anomalous traffic detection, authentication anomaly detection, authentication and sender confirmation, you can perform in-depth email detection and filter out email threats that traditional firewalls cannot intercept. All advertising spam letters, massive email attacks, and Trojan horses. , Dictionary attacks or hacking attacks, etc., can be filtered through the mail firewall layer by layer to protect the security of corporate mail operations.       
Mail Gateway Protection
High-efficiency spam filtering function. The Mail Gateway solution that can be safely deployed in the front of the mail server. It uses OS64 3.0 technology and multiple layers of mail scanning mechanisms to effectively block increasing spam, viruses, malicious mail, springboards, and phishing. Threats such as email and spyware sending help companies effectively manage email security protection and improve email service quality.
Multi-layer spam filtering mechanism
MDS H169 mail server has built-in gray list, fingerprint identification, black and white list setting, IP address anti-decryption verification, SPF verification, sender abnormality verification, DKIM verification function, and has text link filtering and abnormal sending Detection and protection mechanism, which can filter and parse the URL of the message body, and detect and scan compressed archives (ZIP / RAR). Any irregularity can be filtered or blocked, which can greatly reduce the threat from email threat
Smart Spam Learning Mechanism

Phishing email attacks and infiltration methods have been continuously improved, from emails, pictures, file archives, web page advertisements, system vulnerabilities to encrypted ransomware.


MDS H169 uses advanced tools (smart learning) to interpret all incoming and outgoing email data and analyze the threats that may be hidden in it.


For example, use the spam classification engine to automatically learn the letter characteristics of SPAM and HAM to help identify thousands of malicious programs or viruses.


MDS H169 will deal with the complex problem of email. Through the concept of interconnection and data sharing, the email data will be transmitted through the cloud intelligent learning system to prevent and track the source of malicious attacks.                        

Sandstorm malware filtering mechanism
Advanced Sandstorm can effectively detect unknown advanced malware attachments, such as common Microsoft, Word, Excel, Power Point or PDF; or targeted phishing emails, or even compressed files, such as common ZIP and RAR, Sandstorm defense Before scanning Spam or Virus for corporate email, first compare the suspicious attachments and isolate the problematic letters, so that the hidden malicious programs can take shape and avoid affecting user email reception.            
Ransomware protection

Managers can compare the subject, attachment file (zip / rar), and extension by setting the rules and regulations to isolate and block e-mails that may be subject to ransomware attacks, reducing the harm of enterprises from ransomware attacks. In addition, in addition to infiltration by file attacks, e-mail attacks also include malicious link URLs in the text to trick users into clicking.


The MDS H169 email system provides a URL body link filtering database, which breaks through the general filtering against the sender's source IP or domain. MDS H169 plus the body IP and domain can effectively prevent ransomware attacks.

Virus mail filterin [ Kaspersky Kaspersky (optional) ]

Virus mail filtering Built-in two sets of anti-virus engines, Calm AV anti-virus engine (free) and Kaspersky (optional). Anti-virus software Clam AV can detect more than 4 million types of viruses, worms, and Trojans. No matter email, WEB, or FTP, it will automatically scan for viruses, update virus files automatically through the Internet daily, and provide rankings of virus messages Leaderboard report.


Automatically check for virus patterns daily. Kaspersky Anti-Virus provides enterprise-class network security protection against viruses, malware, spam, and other threats, taking into account performance and detection.        

SPF and DKIM authentication mechanism

SPF sender source verification can filter out letters from illegal hosts forged by legitimate domains; DKIM domain verification emails can be used to prevent email content from being tampered with.


When sending the mail, the server signs the mail with the private key, and confirms the public key data recorded above with the sender's domain through DNS. It can be paired successfully with the private key, which means that the mail was indeed sent by the original sender. Both the receiving end and the sending end can use DKIM authentication to prevent spammers from spamming, sending spam letters through fake mail senders and fake private key signatures.  

Message Encryption (TLS) for secure message delivery

MDS H169 mail server supports TLS (MDS / MDispersion full series models), so that when users send and receive mail through SMTP, POP3 or IMAP, the mail will be transmitted by TLS encrypted connection, so that the mail data can be transmitted between the personal device and the mail host When passing between files, it can be encrypted to prevent it from being stolen.
"Mail Security Signature" Identity Authentication Mechanism

Most hacking methods will steal the recipient's letter, fake the sender's reply scam, and in order to make the recipient reply to the letter for verification and not be received by the original sender, the sender's name will be partially changed. , So that the recipient is deceived without any doubt about him.


MDS H169 mail security seal, provide personal verification seal and develop a seal icon, so that after receiving the letter, the recipient can return to the sending mail host through the link to confirm the original letter content, and check the confirmation letter sent Whether the content is consistent and consistent with the content.   

Email content audit filtering

Automatically filter and scan emails in accordance with corporate regulations or internal rules of the organization to detect inappropriate email behavior.


Not only can scan the complete message content, but also perform keyword scanning for individual domains where the message is sent (outbound, inbound, outbound), and for filtering methods that meet the filtering conditions such as quarantine, delete, block sender IP, and send notification Letters, carbon copies, etc. can help system administrators comply with regulations inside and outside the enterprise. 

Personal data filtering protection
In order to respond to the protection of personal information laws, provide the filtering function of personal information filtering, and perform filtering audit settings for sensitive personal information. Administrators can directly choose to check the identity card number, credit card number, phone number, mobile phone number, date of birth Wait for filtering conditions for control.             
Mail log function backup

For all the mail entering or leaving the mail server or mail gateway, along with the enclosing file, all the records are recorded, the user's computer letters are not visible, and can be forwarded to the user by the recorder, and can be automatically backed up to the network neighborhood or FTP Server, and provide corresponding fields for quick query and intercept reason query, which can help managers understand the status of mail exchanges.


Quickly search and read email data backed up externally. The most important thing is that the format of the stored email is eml, which can be easily read or searched under any operating system.  

Painless transfer of letters
With the function of automatic account creation, the original mail host account and letter can be automatically converted. The administrator does not need to re-enter the account number and password, which reduces the trouble of new and old mail host replacement and account creation. In addition to automatic account creation / transfer settings, it also provides user account manual creation and AD account integration modes.      
Decentralized management and management
According to the decentralization and decentralization policy of the enterprise department, the authority and management items for each administrator to log in to the management interface can be defined, including mail records, user management, system management, log query, audit management, traffic statistics, POP3 proxy, etc.       
Various statistical reports
Provide diversified and easy-to-read statistical report information-including various kinds of statistics including traffic rankings, POP3 traffic rankings, personal reports, user traffic rankings, letter type distribution, audit isolation rankings, equipment dangerous password rankings, spam source rankings, etc. Auxiliary charts, and can set the chart column.    
Dual-machine (HA) and remote backup function

"Creating a never-ending network", dual-machine backup allows the main mail host of an enterprise to stop working when there is an abnormal operation. The backup mail host will automatically take over as the main mail host, allowing the corporate mail host to stay on for 24 hours. working normally. The off-site backup is to set up a dedicated mail host in the head office and the branch office. When the mail host fails in any place, the system can automatically switch to another host to keep it running. There are interruptions, and truly offsite backup services are available.              

 

Responsive Webmail

In response to the popularization of mobile phones in the trend of the times, the HERHSIANG mail server has a built-in responsive WEBMAIL, which supports computer/laptop/tablet/mobile browsers to facilitate sending and receiving messages outside.


Any location is not limited, as long as you browse, write and send and receive emails directly through a browser (https), the connection transmission process is protected by an encryption mechanism to ensure the security of email communication.


In addition, it also provides many friendly operation functions, such as: email dragging, email preview, login verification, email subject association, content quick search, multi-level folders, personal email rules, personal signature files, and more importantly, shared folders , Auto-reply forwarding, delay sending letters... and many other powerful functions.  


Outlook express style Webmail (transition module)

HERHSIANG mail server has built-in Outlook like Webmail, which is similar to Outlook express style user interface, which is convenient for users to use immediately.


You can browse, compose, and send and receive emails directly through any browser (http or https). The connection transmission process is protected by encryption to ensure the security of email communication.


In addition, it also provides many friendly operation functions, such as: email dragging, email preview, login verification, email subject association, content quick search, multi-level folders, personal email rules, personal signature files, and more importantly, shared folders , Auto-reply forwarding, delay sending letters... and many other powerful functions.


Webmail folder sharing (cloud disk)

MDS H169 mail host cloud hard disk provides a space for all users to share, users can share information, briefing materials, technical documents, market information, etc., through the interface can quickly upload or download files, and classify these files, which Some are private and which can be made public. Users can check the information at any time by crawling on the Webmail website.


When the attached file is too large, the mail server provides a manager that can convert files that exceed the file size limit into hyperlinks.                         

Webmail 2-step verification

Users can steal passwords by using the same password on multiple websites, downloading software over the Internet, and clicking links in email messages.


MDS H169 Webmail uses a two-step verification mechanism to ensure account security through LINE notification verification or backup email.


Even if a bad person steals your password, 2-step verification still keeps your account secure.      

POP3 proxy

In addition to the company's email account, users may have other important accounts in use. To grasp the latest information, they often need to log in to different browser pages to collect the letters all at once.


In order to save users the time and convenience of receiving mails, the HERHSIANG mail server provides the function of POP3 proxy. All the mails can be collected by the local account, and users can also set their own POP3 proxy function through Webmail interface.

Oversized attachment sending function
MDS H169 decentralized architecture mail server mail sending method, eliminates the problem of capacity limitation. Adopts the method of downloading the mail attachment file with a super download. When the sender's sending capacity exceeds the administrator's setting, the user receives When you send a letter, you can quickly download the file in http or encrypted mode (https).
Push Mail            

With the popularization of mobile Internet devices, when business people go out and cannot receive the customer's E-mail messages in real time, how to quickly grasp the latest and most important information in the mailbox?


The Push Mail function of the MDS H169 mail host Push Mail function allows you to shorten the distance between you and your customers.


Whether using a tablet or smartphone, users can receive the latest email information through the Internet anytime, anywhere.                            

Newsletter delivery system
E-newsletters are an indispensable marketing tool for business operations. Many new products are often listed on the company. Of course, the publicity of old products is not a problem. In the past, most new product descriptions were sent to customers by email. Sending by e-newsletter is time-saving and convenient.      
Co-signed files (mail disclaimer)
For the mail sent by the company, the company's common signature file (including the mail disclaimer) can be automatically annotated, and different content can be set according to different domain names, and the administrator can set the content of the signature file, and the account without the shared signature file With IP address.  
Outlook address book, Google calendar synchronization integration

Allows users to synchronize the use of webmail and outlook contact list (including groups), MDS H169 provides Outlook Connector communication synchronization integration function, whether you use it in Outlook or Webmail interface, you can quickly and regularly synchronize with each other, allowing you to E-mail is easier and more convenient to use.


MDS H169 mail server calendar can be integrated with Google Calendar, all schedules can be viewed on the same page, and meetings, work or private leisure time can be easily arranged.              

Personal calendar

Webmail's easy-to-use calendar tool also helps you manage daily events and calendars.


And provides a group calendar function, so that you can also grasp all department-related activities at the same time.


MDS H169 Webmail calendar not only has a web version of operating settings, but also provides APP applications (including IOS and Android), the two can be synchronized schedule.     

Simple management

Use the Web method to set and update the firmware. The operation screen can be switched to Traditional Chinese / Simplified Chinese / English at any time. You can open / close the remote control service of ping / http / https at will.


Also provides a variety of network testing tools, including PING, Traceroute, DNS query, Port query and other tools.   

Encrypted mail compression (full email or attached file)

The MDS H169 mail host allows enterprises to provide a more secure operating structure for gateways and terminals under the existing mail system architecture.


Managers can convert entire .eml emails to encrypted PDF files for specific personnel, or only encrypt and compress the attachments of their emails to ensure that emails are stolen during transmission and leak important information.


The recipient can use a PDF reader when receiving the email, and enter the password to view the original email content, including of course the attached attachment file.          

System backup and restore

In addition to the high-quality hardware configuration, the backup content is set to be backed up at a specified time, and the USB slot on the interface of the HERHSIANG mail server can be directly used for backup, allowing the administrator to maintain it conveniently.


After using USB HDD to back up the whole machine, in case the system hard disk of the machine fails, you can also choose the USB system backup disc to be used when booting, and the whole machine will return to the state before the backup, which can replace the tape drive. The system does permanent preservation.       

Hard drive auto-test (PCIe NVMe M.2 SSD fully automatic)

For the mail host, the hard disk plays an important role like the heart of the human body. It stores all the corporate emails. If the enterprise itself does not have a backup mechanism, there will be doubts about data loss when the hard disk is damaged. At this time, a remedy is possible. It's too late.


In view of this, the MDS H169 mail host provides an automatic hard disk detection mechanism. Through real-time detection, the hard disk health status can be grasped, and related warning messages are provided to allow administrators an additional security protection mechanism.      


Hardware specifications

DDRIII-RAM: 8GB

PCIe NVMe M.2 SSD 1000GB*1 (Micron P3 Series)

SATA-III HDD 1000GB*1

Console: On-screen keyboard

USB 3.0 Port: 2

Number of people limit: no limit

System Management

Manage settings using a browser (HTTPS)

Supported service agreements

ICMP, HTTP, HTTPS, SMTP, SMTPS, POP3, POP3S, IMAP, IMAPS

OnBoard web interface

1 LAN / 1 HA (All Giga Port) [10GbE SFP+ fiber optic network model (LAN)]

Usage environment

Operating environment temperature: 0~60°C / Operating environment humidity: 5%~95%

Safety certification

FCC,CE,UL,cUL

Model dimensions

318mm (D) x 206mm (H) x 197mm (W)

Power Supplier

Input power: 100~250 VAC (automatic switching) / Power supply: 200 Watts

Placement method: desktop

MD 2U Mail Server MD 2U Mail Server
High-quality hardware and full-featured firmware configuration           

Host hardware planning:
Uses a highly stable server motherboard with built-in IPMI, industrial-grade chassis, and industrial-grade power supply. (Customer has been using it for 10 years)


Data security planning:
The data disk uses a built-in 2.5" SSD 2TB (original factory warranty is 5 years). The system backup disk uses a NAS-level HDD 2TB hard drive, and the two are automatically synchronized.


Security Planning Advantages:
ONBOARD synchronization is faster than USB and network backup, ensuring that data is saved in a short time. When the data disk fails and the data is damaged and cannot be used, MIS can use the system backup disk directly as a data disk. The recovery speed is fast and there is no need to wait. Annoyingly long restore time.


Strong capacity expansion capability:
The memory can be expanded to the maximum capacity of the motherboard. When the data disk capacity is insufficient and the capacity needs to be expanded, a larger capacity HDD can be purchased. After synchronizing the settings with the system backup disk, it can be used directly as a data disk to have increased capacity data. Space is available. (Please call us for the recommended maximum capacity that can be used)


Full-featured firmware configuration:
The MDS mail server firmware function is fully functional. H368 has no other optional functions except Kaspersky anti-virus, which needs to be purchased. HERHSIANG has the concept of using it, which can reduce the time wasted on some necessary processes. One-time purchase Sufficient to meet the company's needs in real time.


10G network speed model (optional)
HERHSIANG provides optional 10G high-speed models. In addition to the network speed required for 10G [SPF+ interface (GBIC (RJ45/single-mode/multi-mode) optional]), the high-speed model can also be equipped with SSD so that mid-range models can also be used by enterprise organizations. Enjoy the thrill of speed.

Support Wake-on-LAN           
It is recommended to use a UPS uninterruptible power system. When the power is restored, the UPS needs to wait for the battery capacity to charge up to the set percentage, and then wake up the remote device function.
Generally, the equipment needs to wait until the UPS battery is completely out of power to 0% to restore the power supply before starting the remote equipment.
Related functions can prevent the remote device from being unable to start the remote device after the power supply is restored after the remote device has been automatically shut down in advance when the UPS battery still has power.            
 IPMI (IP KVM) feature description

IPMI Tool is an Out-of-Band IPMI tool that allows users to connect to system devices with IPMI through CLI (Command Line Interface).


The program provides two usage modes, namely: OS command line mode and Shell mode..


The program can be easily integrated with the existing infrastructure to connect with the server's baseboard management controller (BMC) to achieve the function of remotely configuring the system.


Main features of IPMI Tool:   

Remote system management
SuperBlade management
MicroBlade management
System power control
HDD and NVMe management
FRU management
System diagnosis (via Super Diagnostics Offline)
NM (Node Manager) management
Group management
Remote IPMI management
Support IPv6
Remote text interface operation (Serial-Over-LAN)
Firmware upgrade
System sensor and event log
Power supply and battery backup power (BBP®) module monitoring
Multi-node system information
Virtual media management (node ​​product key required)
Remote desktop interception (node ​​product key required)
Operating System (OS)
Red Hat Enterprise Linux (RHEL) 6.8 and above
SUSE Linux Enterprise Server (SLES) 11 and above
Ubuntu Server 14.04 and above
Windows 7, 10
Windows Server 2008 R2 SP 1, 2012 R2


IPMI View is an application software based on a graphical user interface that allows administrators to manage multiple systems through BMC.


IPMIView supports BMC compliant with IPMI v1.5 or v2.0.


IPMI View monitors and reports the status of the SuperBlade system, and supports remote KVM and mounting virtual media.

 

IPMI View product features:
IPMI system management
Remote Graphical Interface (KVM) control
Remote text interface (SOL) control
Virtual media device management
IPMI user/group management
Trap receiver
Mobile application (Android, iOS)
Operating System (OS)
Red Hat Enterprise Linux (RHEL) 6.8 and above
SUSE Linux Enterprise Server (SLES) 11 and above
Ubuntu Server 14.04 and above
Windows 7, 10
Windows Server 2008 R2 SP 1, 2012 R2  
Decentralized mail architecture
For companies, institutions, or schools that provide multi-site or high-traffic e-mail needs, it can speed up mail delivery and communication. The database, account number, and e-mail communication records between the main and auxiliary machines will be synchronized with each other through encrypted channels. For the communication records of all mails, whether it is outbound, inbound or internal mails of each outbound point, will be aggregated into the database of the mail service of the computer center, in case you want to query The communication records of the mails are all based, and the mail hosts of the external point (slave) all receive and send mails from the local mail host. There is no need to wait for the reply from the remote host, which speeds up the processing speed of the mail and has remote backup Aid mechanism function.            
Support IPV4 / IPV6 address
The built-in IPV4 / V6 dual-frequency DNS server provides the functions required for a complete DNS service. For example, DNS forward check, reverse check, A, AAAA records, etc., solve the inconvenience and trouble of the administrator to set up the DNS server.             
Easy to install
All management items of MDS H368 can be set by browser software, so your computer does not need to install any software, and provides Anti-Spam and Anti-Virus filtering functions.            
Home details
The MDS H368 homepage provides detailed system status information, including dynamic CPU RAM HDD, system time, mail traffic statistics, mail server information and mail server services.                       
Multi-domain independent mail system function

MDS H368 has a multi-domain independent mail system function (multi-DOMAIN). In addition to setting the domain name of its parent company, if it also needs to receive other branch domain name letters at the same time, you can enter other domain names on the system. There is no limit to the number of multi-domain names, which allows the enterprise mail system to have multiple mail domain aliases at the same time.             

Exclusive IOS & Android Mail App
MDS H368 provides a dedicated App sending and receiving program, which is synchronized with Webmail and installed on a mobile phone or tablet through 3G or 4G, allowing you to keep track of mail messages at any time.                    

 


Mail firewall
Through anomalous traffic detection, authentication anomaly detection, authentication and sender confirmation, you can perform in-depth email detection and filter out email threats that traditional firewalls cannot intercept. All advertising spam letters, massive email attacks, and Trojan horses. , Dictionary attacks or hacking attacks, etc., can be filtered through the mail firewall layer by layer to protect the security of corporate mail operations.            
Mail Gateway Protection
High-efficiency spam filtering function. The Mail Gateway solution that can be safely deployed in the front of the mail server. It uses OS64 3.0 technology and multiple layers of mail scanning mechanisms to effectively block increasing spam, viruses, malicious mail, springboards, and phishing. Threats such as email and spyware sending help companies effectively manage email security protection and improve email service quality.            
Multi-layer spam filtering mechanism
 MDS H368 mail server has built-in gray list, fingerprint identification, black and white list setting, IP address anti-decryption verification, SPF verification, sender abnormality verification, DKIM verification function, and has text link filtering and abnormal sending Detection and protection mechanism, which can filter and parse the URL of the message body, and detect and scan compressed archives (ZIP / RAR). Any irregularity can be filtered or blocked, which can greatly reduce the threat from email threat .            
Smart Spam Learning Mechanism

Phishing email attacks and infiltration methods have been continuously improved, from emails, pictures, file archives, web page advertisements, system vulnerabilities to encrypted ransomware. MDS H368 uses advanced tools (smart learning) to interpret all incoming and outgoing email data and analyze the threats that may be hidden in it. For example, use the spam classification engine to automatically learn the letter characteristics of SPAM and HAM to help identify thousands of malicious programs or viruses. MDS H368 will deal with the complex problem of email. Through the concept of interconnection and data sharing, the email data will be transmitted through the cloud intelligent learning system to prevent and track the source of malicious attacks.

Sandstorm malware filtering mechanism
Advanced Sandstorm can effectively detect unknown advanced malware attachments, such as common Microsoft, Word, Excel, Power Point or PDF; or targeted phishing emails, or even compressed files, such as common ZIP and RAR, Sandstorm defense Before scanning Spam or Virus for corporate email, first compare the suspicious attachments and isolate the problematic letters, so that the hidden malicious programs can take shape and avoid affecting user email reception.            
Ransomware protection

Managers can compare the subject, attachment file (zip / rar), and extension by setting the rules and regulations to isolate and block e-mails that may be subject to ransomware attacks, reducing the harm of enterprises from ransomware attacks. In addition, in addition to infiltration by file attacks, e-mail attacks also include malicious link URLs in the text to trick users into clicking. The MDS H368 email system provides a URL body link filtering database, which breaks through the general filtering against the sender's source IP or domain. MDS H368 the body IP and domain can effectively prevent ransomware attacks.  

Virus Letter Filter [Kaspersky (optional)]     

Built-in two sets of anti-virus engines, Calm AV anti-virus engine (free) and Kaspersky (optional). Anti-virus software Clam AV can detect more than 4 million types of viruses, worms, and Trojans. No matter email, WEB, or FTP, it will automatically scan for viruses, update virus files automatically through the Internet daily, and provide rankings of virus messages Leaderboard report. Automatically check for virus patterns daily. Kaspersky Anti-Virus provides enterprise-class network security protection against viruses, malware, spam, and other threats, taking into account performance and detection.            

SPF and DKIM authentication mechanism

SPF sender source verification can filter out letters from illegal hosts forged by legitimate domains; DKIM domain verification emails can be used to prevent email content from being tampered with. When sending the mail, the server signs the mail with the private key, and confirms the public key data recorded above with the sender's domain through DNS. It can be paired successfully with the private key, which means that the mail was indeed sent by the original sender. Both the receiving end and the sending end can use DKIM authentication to prevent spammers from spamming, sending spam letters through fake mail senders and fake private key signatures.             

Message Encryption (TLS) for secure message delivery
The MDS H368 mail server supports TLS (all MDS/MDispersion models). When users send and receive mail through SMTP, POP3, or IMAP, the mail will be transmitted using TLS encrypted connection, allowing mail data to be transmitted between personal devices and mail hosts. In this way, it is possible to securely prevent theft from being encrypted.             
"Mail Security Signature" Identity Authentication Mechanism

Most hacking methods will steal the recipient's letter, fake the sender's reply scam, and in order to make the recipient reply to the letter for verification and not be received by the original sender, the sender's name will be partially changed. , So that the recipient is deceived without any doubt about him. MDS H368 mail security seal, provide personal verification seal and develop a seal icon, so that after receiving the letter, the recipient can return to the sending mail host through the link to confirm the original letter content, and check the confirmation letter sent Whether the content is consistent and consistent with the content.            

Email content audit filtering

Automatically filter and scan emails in accordance with corporate regulations or internal rules of the organization to detect inappropriate email behavior. Not only can scan the complete message content, but also perform keyword scanning for individual domains where the message is sent (outbound, inbound, outbound), and for filtering methods that meet the filtering conditions such as quarantine, delete, block sender IP, and send notification Letters, carbon copies, etc. can help system administrators comply with regulations inside and outside the enterprise.

Personal data filtering protection
In order to respond to the protection of personal information laws, provide the filtering function of personal information filtering, and perform filtering audit settings for sensitive personal information. Administrators can directly choose to check the identity card number, credit card number, phone number, mobile phone number, date of birth Wait for filtering conditions for control.            
Mail log function backup

For all the mail entering or leaving the mail server or mail gateway, along with the enclosing file, all the records are recorded, the user's computer letters are not visible, and can be forwarded to the user by the recorder, and can be automatically backed up to the network neighborhood or FTP Server, and provide corresponding fields for quick query and intercept reason query, which can help managers understand the status of mail exchanges. Quickly search and read email data backed up externally. The most important thing is that the format of the stored email is eml, which can be easily read or searched under any operating system.

Painless transfer of letters

With the function of automatic account creation, the original mail host account and letter can be automatically converted. The administrator does not need to re-enter the account number and password, which reduces the trouble of new and old mail host replacement and account creation. In addition to automatic account creation / transfer settings, it also provides user account manual creation and AD account integration modes.            

Decentralized management and management
According to the decentralization and decentralization policy of the enterprise department, the authority and management items for each administrator to log in to the management interface can be defined, including mail records, user management, system management, log query, audit management, traffic statistics, POP3 proxy, etc.            
Various statistical reports
Provide diversified and easy-to-read statistical report information-including various kinds of statistics including traffic rankings, POP3 traffic rankings, personal reports, user traffic rankings, letter type distribution, audit isolation rankings, equipment dangerous password rankings, spam source rankings, etc. Auxiliary charts, and can set the chart column.             
Dual-machine (HA) and remote backup function

"Creating a never-ending network", dual-machine backup allows the main mail host of an enterprise to stop working when there is an abnormal operation. The backup mail host will automatically take over as the main mail host, allowing the corporate mail host to stay on for 24 hours. working normally. The off-site backup is to set up a dedicated mail host in the head office and the branch office. When the mail host fails in any place, the system can automatically switch to another host to keep it running. There are interruptions, and truly offsite backup services are available.            


Responsive Webmail

In response to the popularization of mobile phones in the trend of the times, the HERHSIANG mail server has a built-in responsive WEBMAIL, which supports computer/laptop/tablet/mobile browsers to facilitate sending and receiving messages outside.
Any location is not limited, as long as you browse, write and send and receive emails directly through a browser (https), the connection transmission process is protected by an encryption mechanism to ensure the security of email communication.

In addition, it also provides many friendly operation functions, such as: email dragging, email preview, login verification, email subject association, content quick search, multi-level folders, personal email rules, personal signature files, and more importantly, shared folders , Auto-reply forwarding, delay sending letters... and many other powerful functions.           


Outlook express style Webmail (transition module)

HERHSIANG mail server has built-in Outlook like Webmail, which is similar to Outlook express style user interface, which is convenient for users to use immediately. You can browse, compose, and send and receive emails directly through any browser (http or https). The connection transmission process is protected by encryption to ensure the security of email communication.       

In addition, it also provides many friendly operation functions, such as: email dragging, email preview, login verification, email subject association, content quick search, multi-level folders, personal email rules, personal signature files, and more importantly, shared folders , Auto-reply forwarding, delay sending letters... and many other powerful functions.

 


Webmail folder sharing (cloud disk)
MDS H368 mail host cloud hard disk provides a space for all users to share, users can share information, briefing materials, technical documents, market information, etc., through the interface can quickly upload or download files, and classify these files, which Some are private and which can be made public. Users can check the information at any time by crawling on the Webmail website. When the attached file is too large, the mail server provides a manager that can convert files that exceed the file size limit into hyperlinks.            
Webmail 2-step verification

Users can steal passwords by using the same password on multiple websites, downloading software over the Internet, and clicking links in email messages. MDS H368 Webmail uses a two-step verification mechanism to ensure account security through LINE notification verification or backup email. Even if a bad person steals your password, 2-step verification still keeps your account secure.            

POP3 proxy

In addition to the company's email account, users may have other important accounts in use. To grasp the latest information, they often need to log in to different browser pages to collect the letters all at once. In order to save users the time and convenience of receiving mails, the HERHSIANG mail server provides the function of POP3 proxy. All the mails can be collected by the local account, and users can also set their own POP3 proxy function through Webmail interface.           

Oversized attachment sending function
MDS H368 decentralized architecture mail server mail sending method, eliminates the problem of capacity limitation. Adopts the method of downloading the mail attachment file with a super download. When the sender's sending capacity exceeds the administrator's setting, the user receives When you send a letter, you can quickly download the file in http or encrypted mode (https).             
Push Mail
With the popularization of mobile Internet devices, when business people go out and cannot receive the customer's E-mail messages in real time, how to quickly grasp the latest and most important information in the mailbox? MDS H368 mail host Push Mail function allows you to shorten the distance between you and your customers. Whether using a tablet or smartphone, users can receive the latest email information through the Internet anytime, anywhere.
Newsletter delivery system
E-newsletters are an indispensable marketing tool for business operations. Many new products are often listed on the company. Of course, the publicity of old products is not a problem. In the past, most new product descriptions were sent to customers by email. Sending by e-newsletter is time-saving and convenient.          
Co-signed files (mail disclaimer)
For the mail sent by the company, the company's common signature file (including the mail disclaimer) can be automatically annotated, and different content can be set according to different domain names, and the administrator can set the content of the signature file, and the account without the shared signature file With IP address.            
Outlook address book, Google calendar synchronization integration           

Allows users to synchronize the use of webmail and outlook contact list (including groups), MDS H368 provides Outlook Connector communication synchronization integration function, whether you use it in Outlook or Webmail interface, you can quickly and regularly synchronize with each other, allowing you to E-mail is easier and more convenient to use. MDS H368 mail server calendar can be integrated with Google Calendar, all schedules can be viewed on the same page, and meetings, work or private leisure time can be easily arranged.            

Personal calendar

Webmail's easy-to-use calendar tool also helps you manage daily events and calendars. And provides a group calendar function, so that you can also grasp all department-related activities at the same time. MDS H368 Webmail calendar not only has a web version of operating settings, but also provides APP applications (including IOS and Android), the two can be synchronized schedule.            

Simple management

Use the Web method to set and update the firmware. The operation screen can be switched to Traditional Chinese / Simplified Chinese / English at any time. You can open / close the remote control service of ping / http / https at will. Also provides a variety of network testing tools, including PING, Traceroute, DNS query, Port query and other tools.         

Encrypted mail compression (full email or attached file)

The MDS H368 mail host allows enterprises to provide a more secure operating structure for gateways and terminals under the existing mail system architecture. Managers can convert entire .eml emails to encrypted PDF files for specific personnel, or only encrypt and compress the attachments of their emails to ensure that emails are stolen during transmission and leak important information. The recipient can use a PDF reader when receiving the email, and enter the password to view the original email content, including of course the attached attachment file.            

System backup and restore

For the set backup content, the backup is performed at a specified time. It is more convenient to directly use the USB slot on the HERHSIANG mail server interface for backup, making it easier for the administrator to maintain. After using USB HDD for full machine backup, if the local system hard disk fails, select the USB backup system hard disk to be used when booting, and the whole machine will return to the state before the backup, which can replace the tape drive to the system. Do permanent storage.

Hard drive test

For the mail host, the hard disk plays an important role like the heart of the human body. It stores all the corporate emails. If the enterprise itself does not have a backup mechanism, there will be doubts about data loss when the hard disk is damaged. At this time, a remedy is possible. It's too late.

In view of this, the MDS H368 mail host provides a hard disk detection mechanism. Through real-time detection, the hard disk health status can be grasped, and related warning messages are provided to allow administrators an additional security protection mechanism.            

Hardware specification

DDRIII-RAM: ECC 8GB

SATA-III HDD: 2.5" SSD (original 5-year warranty) 2000GB*1 3.5" NAS red label 2000GB*1

Console: On-screen keyboard

USB 2.0 Port: 4

Number of people limit: no limit

System Management

Manage settings using a browser (HTTPS)

Supported service agreements

ICMP, HTTP, HTTPS, SMTP, SMTPS, POP3, POP3S, IMAP, IMAPS

OnBoard web interface

1 LAN / 1 HA / 1 iSCSI / 1 IPMI Port (All Giga Port) [Dual-port 10GbE RJ45 network port model (LAN/HA)]

Usage environment

Operating environment temperature: 0~60°C / Operating environment humidity: 10%~85%

Safety certification

FCC,CE,UL,cUL

Model dimensions

19" x 2U x 360mm (14.17" deep) (standard)

Power Supplier

Input power: 100~250 VAC (automatic switching) / Power supply: 400 Watts

Placement method: rack-mounted

MD 1U Mail Server MD 1U Mail Server
High-quality hardware and full-featured firmware configuration

Host hardware planning:
Adopt a stable server motherboard, industrial-grade chassis, industrial-grade power supply. (Customers have used it for 10 years)


Data security planning:
The data disk uses a 2.5" SSD (original warranty of 5 years) 4TB, and the system backup disk uses a NAS-level HDD 4TB hard drive, and the two are automatically synchronized.


Advantages of security planning:
ONBOARD synchronization is faster than USB and network backup, which can ensure that the data is saved in a short time. When the data disk is faulty and the data is damaged and cannot be used, MIS can directly use the system backup disk as a data disk, and the recovery speed is fast without waiting. Annoyingly long restoration time.


Strong capacity expansion:
The memory can be expanded to the maximum capacity of the motherboard. In addition, when the capacity of the data disk is insufficient, you can use another 2bay spare hot-swappable box, purchase a larger capacity HDD, and set the system backup disk capacity to be used directly as a data disk after synchronization Then there is an increased capacity data space available. (The suggested maximum capacity can be used, please call for inquiry)


Full firmware configuration:
The firmware of MDispersion mail server adopts a full-featured configuration. In addition to Kaspersky Anti-Virus, H57TA2D does not have other optional functions. HERHSIANG needs to use the existing concept, which can reduce the time wasted by some necessary processes. It is enough to meet the company's needs in real time.


10G network speed model (optional)
HERHSIANG offers optional 10G speeding models. In addition to the network speed of 10G [SPF+ interface (GBIC (RJ45/single-mode/multi-mode) is optional), the speeding speed can also be equipped with SSD so that enterprises and organizations of mid-level models can also enjoy speeding Fast pleasure.      

Support Wake-on-LAN
It is recommended to use a UPS uninterruptible power system. When the power is restored, the UPS needs to wait for the battery capacity to charge up to the set percentage, and then wake up the remote device function.
Generally, the equipment needs to wait until the UPS battery is completely out of power to 0% to restore the power supply before starting the remote equipment.
Related functions can prevent the remote device from being unable to start the remote device after the power supply is restored after the remote device has been automatically shut down in advance when the UPS battery still has power.
IPMI (IP KVM) feature description

IPMI Tool is an Out-of-Band IPMI tool that allows users to connect to system devices with IPMI through CLI (Command Line Interface).


The program provides two usage modes, namely: OS command line mode and Shell mode..


The program can be easily integrated with the existing infrastructure to connect with the server's baseboard management controller (BMC) to achieve the function of remotely configuring the system.


Main features of IPMI Tool:      

Remote system management
SuperBlade management
MicroBlade management
System power control
HDD and NVMe management
FRU management
System diagnosis (via Super Diagnostics Offline)
NM (Node Manager) management
Group management
Remote IPMI management
Support IPv6
Remote text interface operation (Serial-Over-LAN)
Firmware upgrade
System sensor and event log
Power supply and battery backup power (BBP®) module monitoring
Multi-node system information
Virtual media management (node ​​product key required)
Remote desktop interception (node ​​product key required)
Operating System (OS)
Red Hat Enterprise Linux (RHEL) 6.8 and above
SUSE Linux Enterprise Server (SLES) 11 and above
Ubuntu Server 14.04 and above
Windows 7, 10
Windows Server 2008 R2 SP 1, 2012 R2

 

IPMI View is an application software based on a graphical user interface that allows administrators to manage multiple systems through BMC.


IPMIView supports BMC compliant with IPMI v1.5 or v2.0.


IPMI View monitors and reports the status of the SuperBlade system, and supports remote KVM and mounting virtual media.


IPMI View product features:
IPMI system management
Remote Graphical Interface (KVM) control
Remote text interface (SOL) control
Virtual media device management
IPMI user/group management
Trap receiver
Mobile application (Android, iOS)
Operating System (OS)
Red Hat Enterprise Linux (RHEL) 6.8 and above
SUSE Linux Enterprise Server (SLES) 11 and above
Ubuntu Server 14.04 and above
Windows 7, 10
Windows Server 2008 R2 SP 1, 2012 R2

Decentralized mail architecture
For companies, institutions, or schools that provide multi-site or high-traffic e-mail needs, it can speed up mail delivery and communication. The database, account number, and e-mail communication records between the main and auxiliary machines will be synchronized with each other through encrypted channels. For the communication records of all mails, whether it is outbound, inbound or internal mails of each outbound point, will be aggregated into the database of the mail service of the computer center, in case you want to query The communication records of the mails are all based, and the mail hosts of the external point (slave) all receive and send mails from the local mail host. There is no need to wait for the reply from the remote host, which speeds up the processing speed of the mail and has remote backup Aid mechanism function.
Support IPV4 / IPV6 address
The built-in IPV4 / V6 dual-frequency DNS server provides the functions required for a complete DNS service. For example, DNS forward check, reverse check, A, AAAA records, etc., solve the inconvenience and trouble of the administrator to set up the DNS server.
Easy to install
All management items of MDispersion H57TA2D can be set by browser software, so your computer does not need to install any software, and provides Anti-Spam and Anti-Virus filtering functions.
Home details
The MDispersion H57TA2D homepage provides detailed system status information, including dynamic CPU RAM HDD, system time, mail traffic statistics, mail server information and mail server services.
Multi-domain independent mail system function
MDispersion H57TA2D has a multi-domain independent mail system function (multi-DOMAIN). In addition to setting the domain name of its parent company, if it also needs to receive other branch domain name letters at the same time, you can enter other domain names on the system. There is no limit to the number of multi-domain names, which allows the enterprise mail system to have multiple mail domain aliases at the same time.
Exclusive IOS & Android Mail App
MDispersion H57TA2D provides a dedicated App sending and receiving program, which is synchronized with Webmail and installed on a mobile phone or tablet through 3G or 4G, allowing you to keep track of mail messages at any time.



Mail firewall
Through anomalous traffic detection, authentication anomaly detection, authentication and sender confirmation, you can perform in-depth email detection and filter out email threats that traditional firewalls cannot intercept. All advertising spam letters, massive email attacks, and Trojan horses. , Dictionary attacks or hacking attacks, etc., can be filtered through the mail firewall layer by layer to protect the security of corporate mail operations.
Mail Gateway Protection
High-efficiency spam filtering function. The Mail Gateway solution that can be safely deployed in the front of the mail server. It uses OS64 3.0 technology and multiple layers of mail scanning mechanisms to effectively block increasing spam, viruses, malicious mail, springboards, and phishing. Threats such as email and spyware sending help companies effectively manage email security protection and improve email service quality.
Multi-layer spam filtering mechanism
MDispersion H57TA2D mail server has built-in gray list, fingerprint identification, black and white list setting, IP address anti-decryption verification, SPF verification, sender abnormality verification, DKIM verification function, and has text link filtering and abnormal sending Detection and protection mechanism, which can filter and parse the URL of the message body, and detect and scan compressed archives (ZIP / RAR). Any irregularity can be filtered or blocked, which can greatly reduce the threat from email threat .
Smart Spam Learning Mechanism
Phishing email attacks and infiltration methods have been continuously improved, from emails, pictures, file archives, web page advertisements, system vulnerabilities to encrypted ransomware. MDispersion H57TA2D uses advanced tools (smart learning) to interpret all incoming and outgoing email data and analyze the threats that may be hidden in it. For example, use the spam classification engine to automatically learn the letter characteristics of SPAM and HAM to help identify thousands of malicious programs or viruses. MDispersion H57TA2D will deal with the complex problem of email. Through the concept of interconnection and data sharing, the email data will be transmitted through the cloud intelligent learning system to prevent and track the source of malicious attacks.
Sandstorm malware filtering mechanism
Advanced Sandstorm can effectively detect unknown advanced malware attachments, such as common Microsoft, Word, Excel, Power Point or PDF; or targeted phishing emails, or even compressed files, such as common ZIP and RAR, Sandstorm defense Before scanning Spam or Virus for corporate email, first compare the suspicious attachments and isolate the problematic letters, so that the hidden malicious programs can take shape and avoid affecting user email reception.
Ransomware protection
Managers can compare the subject, attachment file (zip / rar), and extension by setting the rules and regulations to isolate and block e-mails that may be subject to ransomware attacks, reducing the harm of enterprises from ransomware attacks. In addition, in addition to infiltration by file attacks, e-mail attacks also include malicious link URLs in the text to trick users into clicking. The MDispersion H57TA2D email system provides a URL body link filtering database, which breaks through the general filtering against the sender's source IP or domain. MDispersion H57TA2D the body IP and domain can effectively prevent ransomware attacks.
Virus Letter Filter [Kaspersky (optional)]             
Built-in two sets of anti-virus engines, Calm AV anti-virus engine (free) and Kaspersky (optional). Anti-virus software Clam AV can detect more than 4 million types of viruses, worms, and Trojans. No matter email, WEB, or FTP, it will automatically scan for viruses, update virus files automatically through the Internet daily, and provide rankings of virus messages Leaderboard report. Automatically check for virus patterns daily. Kaspersky Anti-Virus provides enterprise-class network security protection against viruses, malware, spam, and other threats, taking into account performance and detection.
SPF and DKIM authentication mechanism
SPF sender source verification can filter out letters from illegal hosts forged by legitimate domains; DKIM domain verification emails can be used to prevent email content from being tampered with. When sending the mail, the server signs the mail with the private key, and confirms the public key data recorded above with the sender's domain through DNS. It can be paired successfully with the private key, which means that the mail was indeed sent by the original sender. Both the receiving end and the sending end can use DKIM authentication to prevent spammers from spamming, sending spam letters through fake mail senders and fake private key signatures.
Message Encryption (TLS) for secure message delivery
The MDispersion H57TA2D mail server supports TLS (all MDispersion models). When users send and receive mail through SMTP, POP3, or IMAP, the mail will be transmitted using TLS encrypted connection, allowing mail data to be transmitted between personal devices and mail hosts. In this way, it is possible to securely prevent theft from being encrypted.
"Mail Security Signature" Identity Authentication Mechanism
Most hacking methods will steal the recipient's letter, fake the sender's reply scam, and in order to make the recipient reply to the letter for verification and not be received by the original sender, the sender's name will be partially changed. , So that the recipient is deceived without any doubt about him. MDispersion H57TA2D mail security seal, provide personal verification seal and develop a seal icon, so that after receiving the letter, the recipient can return to the sending mail host through the link to confirm the original letter content, and check the confirmation letter sent Whether the content is consistent and consistent with the content.
Email content audit filtering
Automatically filter and scan emails in accordance with corporate regulations or internal rules of the organization to detect inappropriate email behavior. Not only can scan the complete message content, but also perform keyword scanning for individual domains where the message is sent (outbound, inbound, outbound), and for filtering methods that meet the filtering conditions such as quarantine, delete, block sender IP, and send notification Letters, carbon copies, etc. can help system administrators comply with regulations inside and outside the enterprise.
Personal data filtering protection
In order to respond to the protection of personal information laws, provide the filtering function of personal information filtering, and perform filtering audit settings for sensitive personal information. Administrators can directly choose to check the identity card number, credit card number, phone number, mobile phone number, date of birth Wait for filtering conditions for control.
Mail log function backup
For all the mail entering or leaving the mail server or mail gateway, along with the enclosing file, all the records are recorded, the user's computer letters are not visible, and can be forwarded to the user by the recorder, and can be automatically backed up to the network neighborhood or FTP Server, and provide corresponding fields for quick query and intercept reason query, which can help managers understand the status of mail exchanges. Quickly search and read email data backed up externally. The most important thing is that the format of the stored email is eml, which can be easily read or searched under any operating system.
Painless transfer of letters
With the function of automatic account creation, the original mail host account and letter can be automatically converted. The administrator does not need to re-enter the account number and password, which reduces the trouble of new and old mail host replacement and account creation. In addition to automatic account creation / transfer settings, it also provides user account manual creation and AD account integration modes.
Decentralized management and management
According to the decentralization and decentralization policy of the enterprise department, the authority and management items for each administrator to log in to the management interface can be defined, including mail records, user management, system management, log query, audit management, traffic statistics, POP3 proxy, etc.
Various statistical reports
Provide diversified and easy-to-read statistical report information-including various kinds of statistics including traffic rankings, POP3 traffic rankings, personal reports, user traffic rankings, letter type distribution, audit isolation rankings, equipment dangerous password rankings, spam source rankings, etc. Auxiliary charts, and can set the chart column.
Dual-machine (HA) and remote backup function
"Creating a never-ending network", dual-machine backup allows the main mail host of an enterprise to stop working when there is an abnormal operation. The backup mail host will automatically take over as the main mail host, allowing the corporate mail host to stay on for 24 hours. working normally. The off-site backup is to set up a dedicated mail host in the head office and the branch office. When the mail host fails in any place, the system can automatically switch to another host to keep it running. There are interruptions, and truly offsite backup services are available.

 

Responsive Webmail

In response to the popularization of mobile phones in the trend of the times, the HERHSIANG mail server has a built-in responsive WEBMAIL, which supports computer/laptop/tablet/mobile browsers to facilitate sending and receiving messages outside.
Any location is not limited, as long as you browse, write and send and receive emails directly through a browser (https), the connection transmission process is protected by an encryption mechanism to ensure the security of email communication.

In addition, it also provides many friendly operation functions, such as: email dragging, email preview, login verification, email subject association, content quick search, multi-level folders, personal email rules, personal signature files, and more importantly, shared folders , Auto-reply forwarding, delay sending letters... and many other powerful functions.            




Outlook express style Webmail (transition module)

HERHSIANG mail server has built-in Outlook like Webmail, which is similar to Outlook express style user interface, which is convenient for users to use immediately. You can browse, compose, and send and receive emails directly through any browser (http or https). The connection transmission process is protected by encryption to ensure the security of email communication.       

In addition, it also provides many friendly operation functions, such as: email dragging, email preview, login verification, email subject association, content quick search, multi-level folders, personal email rules, personal signature files, and more importantly, shared folders , Auto-reply forwarding, delay sending letters... and many other powerful functions.




Webmail folder sharing (cloud disk)
MDispersion H57TA2D mail host cloud hard disk provides a space for all users to share, users can share information, briefing materials, technical documents, market information, etc., through the interface can quickly upload or download files, and classify these files, which Some are private and which can be made public. Users can check the information at any time by crawling on the Webmail website. When the attached file is too large, the mail server provides a manager that can convert files that exceed the file size limit into hyperlinks.
Webmail 2-step verification
Users can steal passwords by using the same password on multiple websites, downloading software over the Internet, and clicking links in email messages. MDispersion H57TA2D Webmail uses a two-step verification mechanism to ensure account security through LINE notification verification or backup email. Even if a bad person steals your password, 2-step verification still keeps your account secure.
POP3 proxy
In addition to the company's email account, users may have other important accounts in use. To grasp the latest information, they often need to log in to different browser pages to collect the letters all at once. In order to save users the time and convenience of receiving mails, the HERHSIANG mail server provides the function of POP3 proxy. All the mails can be collected by the local account, and users can also set their own POP3 proxy function through Webmail interface.
Oversized attachment sending function
MDispersion H57TA2D decentralized architecture mail server mail sending method, eliminates the problem of capacity limitation. Adopts the method of downloading the mail attachment file with a super download. When the sender's sending capacity exceeds the administrator's setting, the user receives When you send a letter, you can quickly download the file in http or encrypted mode (https).
Push Mail
With the popularization of mobile Internet devices, when business people go out and cannot receive the customer's E-mail messages in real time, how to quickly grasp the latest and most important information in the mailbox? MDispersion H57TA2D mail host Push Mail function allows you to shorten the distance between you and your customers. Whether using a tablet or smartphone, users can receive the latest email information through the Internet anytime, anywhere.
Newsletter delivery system
E-newsletters are an indispensable marketing tool for business operations. Many new products are often listed on the company. Of course, the publicity of old products is not a problem. In the past, most new product descriptions were sent to customers by email. Sending by e-newsletter is time-saving and convenient.             
Co-signed files (mail disclaimer)
For the mail sent by the company, the company's common signature file (including the mail disclaimer) can be automatically annotated, and different content can be set according to different domain names, and the administrator can set the content of the signature file, and the account without the shared signature file With IP address.
Outlook address book, Google calendar synchronization integration
Allows users to synchronize the use of webmail and outlook contact list (including groups), MDispersion H57TA2D provides Outlook Connector communication synchronization integration function, whether you use it in Outlook or Webmail interface, you can quickly and regularly synchronize with each other, allowing you to E-mail is easier and more convenient to use. MDispersion H57TA2D mail server calendar can be integrated with Google Calendar, all schedules can be viewed on the same page, and meetings, work or private leisure time can be easily arranged.
Personal calendar
Webmail's easy-to-use calendar tool also helps you manage daily events and calendars. And provides a group calendar function, so that you can also grasp all department-related activities at the same time. MDispersion H57TA2D Webmail calendar not only has a web version of operating settings, but also provides APP applications (including IOS and Android), the two can be synchronized schedule.
Simple management
Use the Web method to set and update the firmware. The operation screen can be switched to Traditional Chinese / Simplified Chinese / English at any time. You can open / close the remote control service of ping / http / https at will. Also provides a variety of network testing tools, including PING, Traceroute, DNS query, Port query and other tools.
Encrypted mail compression (full email or attached file)
The MDispersion H57TA2D mail host allows enterprises to provide a more secure operating structure for gateways and terminals under the existing mail system architecture. Managers can convert entire .eml emails to encrypted PDF files for specific personnel, or only encrypt and compress the attachments of their emails to ensure that emails are stolen during transmission and leak important information. The recipient can use a PDF reader when receiving the email, and enter the password to view the original email content, including of course the attached attachment file.
System backup and restore
For the set backup content, the backup is performed at a specified time. It is more convenient to directly use the USB slot on the HERHSIANG mail server interface for backup, making it easier for the administrator to maintain. After using USB HDD for full machine backup, if the local system hard disk fails, select the USB backup system hard disk to be used when booting, and the whole machine will return to the state before the backup, which can replace the tape drive to the system. Do permanent storage.
Hard drive test

For the mail host, the hard disk plays an important role like the heart of the human body. It stores all the corporate emails. If the enterprise itself does not have a backup mechanism, there will be doubts about data loss when the hard disk is damaged. At this time, a remedy is possible. It's too late.


In view of this, the MDispersion H57TA2D mail host provides a hard disk detection mechanism. Through real-time detection, the hard disk health status can be grasped, and related warning messages are provided to allow administrators an additional security protection mechanism.             

Hardware specification

DDRIII-RAM: ECC 16GB

SATA-III HDD: 2.5" SSD (original factory warranty 5 years) 4000GB*1 3.5" NAS red label 4000GB*1

Console: On-screen keyboard

USB 3.0 Port: 2

Number of people: Unlimited

System Management

Management settings using a browser (HTTPS)

Supported Service Agreement

ICMP, HTTP, HTTPS, SMTP, SMTPS, POP3, POP3S, IMAP, IMAPS

OnBoard web interface

1 LAN / 1 HA  / 1 iSCSI  / 1 IPMI Port (All Giga Port) [Single Port 10GbE SFP+ Optical Network Model (LAN)]

Hot extraction box (panel lockable, with key)

4

Use environment

Operating environment temperature: 0 ~ 60 ° C / Operating environment humidity: 5% ~ 95%

Safety certification

FCC, CE, UL, cUL

Model size

19" x 1U x 437.20mm (17.21" deep) (standard)

19" x 1U x 600mm (23.62" deep) (1U 250W Redundant Power Supply)

Power Supplier

Input power: 100 ~ 250 VAC (auto switching) / Power supply: 250 Watts / Power on automatically starts

Placement: rack             

MA 2U server MA 2U server
Hardware quality enhancement and firmware configuration

Host hardware planning:
Uses a highly stable server motherboard with built-in IPMI, industrial-grade chassis, and industrial-grade power supply. (Customer has been using it for 10 years)


Data security planning:
The data disk uses an enterprise-grade HDD 2TB, and the system backup disk uses a NAS-grade HDD 2TB hard disk. The two are automatically synchronized.


Security Planning Advantages:
ONBOARD synchronization is faster than USB and network backup, ensuring that data is saved in a short time. When the data disk fails and the data is damaged and cannot be used, MIS can use the system backup disk directly as a data disk. The recovery speed is fast and there is no need to wait. Annoyingly long restore time.


Strong capacity expansion capability:
The memory can be expanded to the maximum capacity of the motherboard. When the data disk capacity is insufficient and the capacity needs to be expanded, a larger capacity HDD can be purchased. After synchronizing the settings with the system backup disk, it can be used directly as a data disk to have increased capacity data. Space is available. (Please call us for the recommended maximum capacity that can be used)


Firmware function configuration:
MArchive email archiving server firmware function configuration, H368 has no other optional functions except Kaspersky anti-virus and email big data analysis functions, which can meet the needs of the company.


10G network speed model (optional)
HERHSIANG provides optional 10G high-speed models. In addition to the network speed required for 10G [SPF+ interface (GBIC (RJ45/single-mode/multi-mode) optional]), the high-speed model can also be equipped with SSD so that mid-range models can also be used by enterprise organizations. Enjoy the thrill of speed.

Support Wake-on-LAN
It is recommended to use a UPS uninterruptible power system. When the power is restored, the UPS needs to wait for the battery capacity to charge up to the set percentage, and then wake up the remote device function.
Generally, the equipment needs to wait until the UPS battery is completely out of power to 0% to restore the power supply before starting the remote equipment.
Related functions can prevent the remote device from being unable to start the remote device after the power supply is restored after the remote device has been automatically shut down in advance when the UPS battery still has power.
IPMI (IP KVM) feature description

IPMI Tool is an Out-of-Band IPMI tool that allows users to connect to system devices with IPMI through CLI (Command Line Interface).


The program provides two usage modes, namely: OS command line mode and Shell mode.


The program can be easily integrated with the existing infrastructure to connect with the server's baseboard management controller (BMC) to achieve the function of remotely configuring the system.


Main features of IPMI Tool:

Remote system management
SuperBlade management
MicroBlade management
System power control
HDD and NVMe management
FRU management
System diagnosis (via Super Diagnostics Offline)
NM (Node Manager) management
Group management
Remote IPMI management
Support IPv6
Remote text interface operation (Serial-Over-LAN)
Firmware upgrade
System sensor and event log
Power supply and battery backup power (BBP®) module monitoring
Multi-node system information
Virtual media management (node ​​product key required)
Remote desktop interception (node ​​product key required)
Operating System (OS)
Red Hat Enterprise Linux (RHEL) 6.8 and above
SUSE Linux Enterprise Server (SLES) 11 and above
Ubuntu Server 14.04 and above
Windows 7, 10
Windows Server 2008 R2 SP 1, 2012 R2

 

IPMI View is an application software based on a graphical user interface that allows administrators to manage multiple systems through BMC.


IPMI View supports BMC compliant with IPMI v1.5 or v2.0.


IPMI View monitors and reports the status of the SuperBlade system, and supports remote KVM and mounting virtual media.

 

IPMI View product features:
IPMI system management
Remote Graphical Interface (KVM) control
Remote text interface (SOL) control
Virtual media device management
IPMI user/group management
Trap receiver
Mobile application (Android, iOS)
Operating System (OS)
Red Hat Enterprise Linux (RHEL) 6.8 and above
SUSE Linux Enterprise Server (SLES) 11 and above
Ubuntu Server 14.04 and above
Windows 7, 10
Windows Server 2008

Product Manual                         

MAS H368's main functions include front-end gate protection capabilities (Anti-Virus, Anti-Spam, pre-mail audit, ransomware protection) and back-end audit capabilities (post-mail audit, mail record archiving, and mail history tracking). A single device can meet the email management needs of most enterprises. In addition to the basic record backup, the product also provides a complete internal and external, internal and external audit mechanism to review the mail received by employees.

Archive server features

Provide a stable, safe and stable storage space with unlimited capacity expansion.
Archive the entire enterprise's mail to one or more My SQL Server / MariaDB database.
Reduce the workload of the mail server. When the email is archived, the email can be deleted to keep the workload of the mail server at a certain level of operation.
With mail data leakage protection function, it can filter email content and attachment files to prevent data leakage.
Prevent users from deleting e-mails, avoid users from deleting important e-mails at will, and let enterprises have the risk of losing important information. The HERHSIANG archive server can completely eliminate this risk
Provide cloud backup and archive cloud services such as Office365 and Gmail.
Comply with relevant laws and regulations such as the Personal Assets Law and Business Secrets Protection Law.
Mail can be quickly restored through the personal mail backup and restore process-even accidentally deleted mail!
Provides webpage management mode, allowing users to search past emails from anywhere in the world.        



AI Spam (Optional) (NEW)      
HERHSIANG Information has introduced a new AI Spam function module, which can make the judgment accuracy of mails as high as 99.5%. Through the judgment and analysis of mail content and sending behavior of the system function, it can automatically distinguish between normal and malicious or spam letters, and improve the level of spam letters It can also reduce the chance of users opening phishing letters.
In addition, hacker attack methods are also constantly improving, they will forge emails to be the same as real emails, so MArchive H57TA mail host core system must constantly learn new attacks or emails that can be phished.
The research and development unit has included these attack and phishing features in the calculation logic database as a basis for judgment, so that the AI Spam system can use the continuous self-learning mechanism to face the phishing letters and spam attacks that are attacked 24 hours a day throughout the year. It can also quickly make accurate judgments, thereby effectively reducing spam and phishing letters to users, causing unnecessary losses.        



PST file transfer management              
Free you from the problem of PST file management and reduce the dependence on bulky PST files (Outlook)-easy to damage or lose in the event of hardware failure, you can archive and back up all Mail of the company early on HERHSIANG MAS H368 equipment
Provide users with a single web interface to search, and can retrieve past mails through My Mail personal inbox "retrieve mail"
Significantly reduce the storage requirements of mail, and at the same time do a good job of mail backup function.
Enhance Exchange performance and simplify backup and recovery
Reduce IT costs and expenses, reduce the excessive burden on the mail server, and reduce the complexity of the IT department's backup and letter preservation and restoration.
Helps to comply with personal data protection laws and ISO BS7799 regulations.
Provides extremely fast full-text search emails and all types of file attachments    

Support multiple domains and multiple mail hosts at the same time
HERHSIANG MAS H368 mail filtering and auditing equipment can support enterprises with multiple domain names (for example: herhsiang.com; herhsiang.com.tw ...) or a network environment built by multiple mail hosts, and can follow the preset rules Automatically transfer letters and attachments to storage devices.

Mail Gateway Protection
HERHSIANG provides high-efficiency spam filtering functions. The Mail Gateway solution can be safely deployed on the front of the mail server. The original HERHSIANG Mail OS technology and multi-layer mail scanning mechanism can effectively block the increasing number of spam, viruses and malicious email , Springboards, phishing emails, spyware and other threats to help companies effectively manage email security protection and improve service quality.
MArchive supports IPV4 / IPV6 address
In addition to supporting the IPv4 network environment, MAS H368 also supports the latest IPv6 Internet Protocol, a network architecture that allows IPv4 and IPv6 to run concurrently.             
Full anti-spam filtering mechanism (Anti-Spam)
HERHSIANG spam filtering adopts the industry's most innovative approach to threat detection, applying the latest multi-layer scanning technology, including IP address credit rating, Bayesian filtering, Bayesian filtering automatic learning mechanism, spam feature filtering, and text link filtering mechanism , Automatic garbage learning, system black and white lists and personal black and white lists. In addition, in order to filter the hackers' penetration through the use of text links, the system provides a text link database, which can further protect corporate email security.              
Garbage learning sharing mechanism
The "spam learning sharing" mechanism developed by the professional research and development team is a concept similar to the sharing economy. Users share spam information, analyze and interpret the email behaviors by the professional research and development team, and add machine learning algorithms to handle large Data allows enterprise users to quickly filter thousands of e-mail threats without using complex scanning engines, achieving a higher detection rate and the lowest false blocking rate than traditional spam filtering.
Anti-Virus Protection [Kaspersky (optional)]

MAS H368 has two built-in virus filtering engines, Clam AV and Kabbah Anti-Virus Engine (optional), which can accurately filter hidden viruses trapped in emails. Clam AV can automatically and automatically update the virus code for free. Millions of pens, so that enterprises can always stay up-to-date with the least cost. In addition, users can purchase a Kabbah anti-virus engine. The dual-engine protection can ensure mail security even more. All virus emails that are quarantined through the system provide complete virus filtering reports and records, and support Alarm.

Sandstorm Malware Detection
Detect files or URLs that are suspected to be at risk, and filter and detect attachments and URLs by comparing hash values. It can deeply block some malicious programs that have not been filtered by viruses and IPS signature databases. Letters are quarantined to hide hidden malicious programs and prevent users from receiving mail.        
Event log viewer

Provides information, warnings, and errors and when they occur within the mail audit filtering facility. Simple and detailed log query service makes system maintenance easy and convenient. Its log management function is very comprehensive, and through WEB, it allows administrators to quickly query and search various types of system logs.

Mail archiving, review, and review (Mail Archive)

MAS H368 has a built-in post-mail archival audit mechanism, which can completely archive and store corporate emails. Whether it is external to internal, internal to external, or internal to internal, real-time archiving is performed. In addition to preventing users from deleting emails by mistake, Provide email resume graphs and provide a friendly keyword search mechanism. The system provides an interface for personal email archiving. Users can search online through IE, and search through keywords such as domain, user, sender / receiver, subject, email content, date, and attached files. Search archived messages, and read or retrieve the messages you need.         

Mail audit filtering (Mail Audit), and has a personal filtering function
Through the device management interface, network administrators can adjust the conditions for sending and receiving mail according to the company's own mail policy settings. MAS H368 audit filtering equipment adopts the Policy method, and administrators can apply control rules based on the types of recipients, the subject of the message, the content of the message, the capacity of the message, and the file extension of the message. For personal information related conditions, He Xiang also provides personal information filtering related to sensitive information, including ID card number, date of birth, phone number, credit card number, mobile phone and other conditions. When the detection meets the filtering conditions, you can choose to forward it to the auditors for quarantine, deletion, copying, or sending a notification letter.   
Mail logging, archiving and backup

Local storage record: HERHSIANG MAS H368 has a built-in 2TB hard disk capacity, which is archived according to the system default. The recorded mail is backed up to the database and stored in the local storage for 7 days by default.

External storage backup: Including USB backup, FTP backup, SAMBA (Network Neighborhood Backup), if the personal computer or mail host has an unexpected situation and cannot work, personal mail is still safely stored in the MARCHIVE H57TA hard disk and storage device. MARCHIVE H57TA can connect to multiple storage servers at the same time, and the administrator can directly search, retrieve or retrieve the backed up emails.            

System backup and restore

In addition to high-quality hardware configuration, backups are performed at specified times based on the set backup content.

It becomes more convenient to use the local backup disk or USB slot of the HERHSIANG mail archiving device for backup, which makes maintenance easier for administrators.

After using the built-in backup hard drive or USB HDD to back up the complete data, if the primary hard drive fails, you can choose the local backup hard drive or USB backup data to be used directly as the primary hard drive.

Support Office365, Gmail email backup files
MAS H368 mail backup service can support cloud platform and storage services, provide a hybrid cloud (public cloud / private cloud) flexible platform, integrate existing Google, Microsoft Office 365 cloud mail services, in addition to allowing enterprises to continuously maintain audit data on cloud mail Capabilities can also allow corporate emails to be placed in different storage locations to achieve the purpose of diversifying risks and offsite backups.
Integration of multiple identity authentication servers
MAS H368 can integrate multiple types of identity authentication servers to effectively check the correctness of the account during the user login email management process. At present, it can integrate servers including Radius, AD, POP3, IMAP, LDAP, and Google oAuth to check the validity of accounts and passwords. Among them, you must enter a complete email account account to connect to the back-end authentication server for queries. .
Original mail resume function

HERHSANG mail resume function is an original design based on the concept of time axis. In addition to complete auditing and archiving of all incoming and outgoing emails, it also has HERHSIANG'S original mail resume function. With a simple chart to grasp the start of each letter Relevance. When did you receive this letter? How many passes back and forth in the middle? Which users are included in each pass? What is the content of each letter? Through the mail association chart, users can quickly grasp the main interactive associations of letters.

Email Big Data Analysis (Mail Behavior) (Optional)            
Data's data analysis is an important feature of Hexiang's archive server. It can analyze the behavior of users, including correlation diagrams of mailing, abnormal mail analysis data, and user time analysis data, so that managers can better understand the enterprise. Internal user mail usage status.      
System management and use status

MAS H368 provides all network interface usage status, software and hardware system performance table (including real-time information such as boot time, CPU / HD / Memory usage ...), and all system usage status at a glance. The system has Event Log and Sys Log log management functions. If an abnormal event occurs, it will actively record and alert, and the system will send it to the administrator by email. MAS H368 provides automatic system update check and download function, which can regularly check the latest update status, and directly perform firmware update service through Web UI.   

Flexible decentralized management mechanism
The user rights decentralization setting is super flexible. Users' rights can be set at different levels, including whether they have a manager role or just general queryer or user rights. And can set different mail access and manager permissions. With the authorization of hierarchical management, enterprises can have more flexible control, safe use and management and maintenance. According to the decentralization and decentralization policy of the enterprise department, the authority and management items for each administrator to log in to the management interface can be defined, including system management, SMTP server settings, transparent mode, domain management, authentication, and authority management ...    
Web UI management / system settings

Use the Web method to set and update the firmware. The operation screen can be switched to Traditional Chinese / Simplified Chinese / English at any time. You can open / close / https remote control services at will. In addition, the administrator can set the MAS H368 device browser title, home page title, and host name of the server.  

System backup and restore

According to the set backup content, the backup is performed at a specified time. It is more convenient to use the USB slot on the interface of the HERHSIANG mail audit filter device for backup, which makes it easier for the administrator to maintain.

After using the built-in backup data disk or USB HDD for backup full machine backup, in case the local system hard disk fails, select the backup data disk or USB backup system hard disk to be used when booting, and then return the whole machine to backup It can replace the tape drive to save the system permanently.   

No user authorization and restrictions
HERHSIANG MArchive series equipment has no restrictions on the use of the number of people, which will vary depending on the hardware operating performance or the amount of corporate mail. The system provides a free firmware update service mechanism, including the garbage database signature code, and the Clam AV anti-virus engine, which greatly saves maintenance and management costs and reduces after-sales service operations.             
Personal Archive interface
Provide personal Archive interface, user permissions include domain query, department query and individual user query. Mail query provides multiple search interface fields, including sender, recipient, subject, content, date, etc. For users who are accustomed to the Outlook interface, Outlook Plug-in is also provided to facilitate searching and archiving directly through Outlook mail.
Personal email disaster backup and restore
In addition to the high-quality hardware configuration, Passive to active, recovery files no longer need to rely on IT professionals to handle, personally send the data on HERHSIANG MAS H368 directly to a specific user account again, when the user's computer, hard disk is damaged, data is lost, you can borrow The backup and restore function restores all user letters to the account again, providing the best backup mechanism for disaster recovery.      
Exclusive Personalized Dashboard Chart
Different from the traditional system report format, MAS H368 mail audit and archiving device provides a personalized report analysis charter. Users can customize the query date to understand the statistics of personal general mail, spam and virus letters. Graphical display. In addition, users can further analyze the proportion of mail received and related information.
Hardware specifications

DDRIII-RAM: ECC 8GB

SATA-III HDD: 3.5" Enterprise Disk 2000GB*1 3.5" NAS Red Label 2000GB*1

Console: On-screen keyboard

USB 2.0 Port: 4

Number of people limit: no limit

System Management

Manage settings using a browser (HTTPS)

Supported service agreements

ICMP, HTTP, HTTPS, SMTP, SMTPS

OnBoard web interface

1 LAN / 1 HA / 2 Define 1 & 2 / 1 IPMI Port (All Giga Port)

Dual-port 10GbE SFP+ fiber optic network module (define Port 3 & 4) (optional)

Usage environment

Operating environment temperature: 0~60°C / Operating environment humidity: 10%~85%

Safety certification

FCC,CE,UL,cUL

Model dimensions

19" x 2U x 360mm (14.17" deep) (standard)

Power Supplier

Input power: 100~250 VAC (automatic switching) / Power supply: 400 Watts

Placement method: rack-mounted

Build architecture: Supports transparent mode (Bridge), gateway mode (Gateway), POP3/IMAP revenue generation deployment architecture

Transparent mode (Bridge)

MAS H368 has a set of LAN Bypass mode, which can be set up in front of the main mail server. It uses Bridge mode to record all incoming and outgoing mail. As internal users of the enterprise may use a variety of mail software to receive mail (for example: outlook, Thunderbird …), Whether internal or external or internal to internal, the mail will be audited, filtered, spam filtered, and virus filtered through the MAS H368 mail audit and archiving device, and all communication emails will be completely recorded.

 

Gateway Mode

MAS H368 can also be used as a gateway for e-mail. After the virus and advertisement mails are completed, the clean mail is forwarded to the back-end mail server. The e-mail function usually consumes high system resources. Outlook users can also point SMTP to MAS H368 as a gateway for audit filtering, and then send the mail to the back-end mail server, or some enterprise users set up the mail server on a virtual machine (VM). The mode of receiving traffic is also applicable to the gateway mode.

 


POP3 / IMAP collection mode

Adopt POP3 and IMAP collection methods, similar to copying all incoming and outgoing mail to the device in Journal mode, whether the mail host is supported in the cloud (Gmail / 163 / Office365) or the internal Microsoft Exchange Server, IBM Lotus, just need Set the necessary information and download the messages to be backed up to the device.             

MA 2U server MA 2U server
Hardware quality enhancement and firmware configuration

Host hardware planning:
Using strong stability server motherboard built-in IPMI, industrial-grade chassis, industrial-grade power supply. (Has been used by customers for 10 years)


Data security planning:
The data disk adopts 2 enterprise HDD 4TB (RAID 0), and the system backup disk adopts 1 NAS grade HDD 8TB hard disk.


Advantages of security planning:
When the data disk (RAID 0) fails and the data is damaged and cannot be used, MIS can directly use the system backup disk as a data disk, and the recovery speed is fast, without waiting for a long recovery time.


Strong capacity expansion:
The memory can be expanded to the maximum capacity of the motherboard. When the capacity of the data disk is insufficient, the capacity can be expanded. Two data disks can be replaced with a larger capacity HDD. After the settings are synchronized with the system backup disk capacity, the data disk can be enlarged Capacity data space is available. (The suggested maximum capacity can be used, please call for inquiry)


Full firmware configuration:
The firmware of MDispersion mail server adopts a full-featured configuration. In addition to Kaspersky Anti-Virus, H91X2D does not have other optional functions. HERHSIANG needs to use the existing concept, which can reduce the time wasted by some necessary processes. It is enough to meet the company's needs in real time.


10G network fast model
HERHSIANG 10G fast model, besides the network speed of 10G [SPF+ interface (optional GBIC (RJ45/single-mode/multi-mode)] is required for fast speed, it can also be equipped with SSD so that enterprises and organizations of high models can also enjoy fast speed.

Support Wake-on-LAN
It is recommended to use a UPS uninterruptible power system. When the power is restored, the UPS needs to wait for the battery capacity to charge up to the set percentage, and then wake up the remote device function.
Generally, the equipment needs to wait until the UPS battery is completely out of power to 0% to restore the power supply before starting the remote equipment.
Related functions can prevent the remote device from being unable to start the remote device after the power supply is restored after the remote device has been automatically shut down in advance when the UPS battery still has power.
IPMI (IP KVM) feature description             

IPMI Tool is an Out-of-Band IPMI tool that allows users to connect to system devices with IPMI through CLI (Command Line Interface).


The program provides two usage modes, namely: OS command line mode and Shell mode.


The program can be easily integrated with the existing infrastructure to connect with the server's baseboard management controller (BMC) to achieve the function of remotely configuring the system.


Main features of IPMI Tool:

Remote system management
SuperBlade management
MicroBlade management
System power control
HDD and NVMe management
FRU management
System diagnosis (via Super Diagnostics Offline)
NM (Node Manager) management
Group management
Remote IPMI management
Support IPv6
Remote text interface operation (Serial-Over-LAN)
Firmware upgrade
System sensor and event log
Power supply and battery backup power (BBP®) module monitoring
Multi-node system information
Virtual media management (node ​​product key required)
Remote desktop interception (node ​​product key required)
Operation Systeem ( OS )
Red Hat Enterprise Linux ( RHEL ) 6.8 以上版本
SUSE Linux Enterprise Server ( SLES ) 11 以上版本
Ubuntu Server 14.04 以上版本
Windows 7, 10
Windows Server 2008 R2 SP 1, 2012 R2

 

IPMI View is an application software based on a graphical user interface that allows administrators to manage multiple systems through BMC.


IPMI View supports BMC compliant with IPMI v1.5 or v2.0.


IPMI View monitors and reports the status of the SuperBlade system, and supports remote KVM and mounting virtual media.

 

IPMI View product features:
IPMI system management
Remote Graphical Interface (KVM) control
Remote text interface (SOL) control
Virtual media device management
IPMI user/group management
Trap receiver
Mobile application (Android, iOS)
Operation Systeem ( OS )
Red Hat Enterprise Linux ( RHEL ) 6.8 以上版本
SUSE Linux Enterprise Server ( SLES ) 11 以上版本
Ubuntu Server 14.04 以上版本
Windows 7, 10
Windows Server 2008

Built-in 2 hard disk arrays support hot extraction (RAID 0 1)

Supports two 3.5 ”SATA hard drives.

Support SATAIII interface to connect with host.

Support RAID 0, 1.

Supports a single hard drive with a capacity of more than 500GB.

Provide 2 Hot Swap hard disk extraction boxes, support online hard disk hot swap.

Support online automatic rebuild after updating the hard disk, the maximum rebuild speed is 200GB per hour.

Supports disk roaming technology.

Support sleep power saving mode.

Support online bad track detection and repair function.

Supports the function of delayed staggered startup of hard disks to reduce the power consumption when booting.

The front LCD display panel can monitor the hard disk status, system voltage, temperature, and fan operation detection.

With LED status indicator, hard disk access / fault indicator.

Support buzzer sound warning.

Built-in 5cm ball bearing cooling fan to increase system stability.             

Product Manual

MArchive H91XT main functions include front-end gate protection capabilities (Anti-Virus, Anti-Spam, pre-mail audit, ransomware protection) and back-end audit capabilities (post-mail audit, mail record archiving, and mail history tracking). A single device can meet the email management needs of most enterprises. In addition to the basic record backup, the product also provides a complete internal and external, internal and external audit mechanism to review the mail received by employees.

Archive server features

Provide a stable, safe and stable storage space with unlimited capacity expansion.
Archive the entire enterprise's mail to one or more My SQL Server / MariaDB database.
Reduce the workload of the mail server. When the email is archived, the email can be deleted to keep the workload of the mail server at a certain level of operation.
With mail data leakage protection function, it can filter email content and attachment files to prevent data leakage.
Prevent users from deleting e-mails, avoid users from deleting important e-mails at will, and let enterprises have the risk of losing important information. The HERHSIANG archive server can completely eliminate this risk
Provide cloud backup and archive cloud services such as Office365 and Gmail.
Comply with relevant laws and regulations such as the Personal Assets Law and Business Secrets Protection Law.
Mail can be quickly restored through the personal mail backup and restore process-even accidentally deleted mail!
Provides webpage management mode, allowing users to search past emails from anywhere in the world.



AI Spam (Optional) (NEW)

HERHSIANG Information has introduced a new AI Spam function module, which can make the judgment accuracy of mails as high as 99.5%. Through the judgment and analysis of mail content and sending behavior of the system function, it can automatically distinguish between normal and malicious or spam letters, and improve the level of spam letters It can also reduce the chance of users opening phishing letters.
In addition, hacker attack methods are also constantly improving, they will forge emails to be the same as real emails, so MArchive H57TA mail host core system must constantly learn new attacks or emails that can be phished.
The research and development unit has included these attack and phishing features in the calculation logic database as a basis for judgment, so that the AI Spam system can use the continuous self-learning mechanism to face the phishing letters and spam attacks that are attacked 24 hours a day throughout the year. It can also quickly make accurate judgments, thereby effectively reducing spam and phishing letters to users, causing unnecessary losses.             




PST file transfer management              
Free you from the problem of PST file management and reduce the dependence on bulky PST files (Outlook)-easy to damage or lose in the event of hardware failure, you can archive and back up all Mail of the company early on HERHSIANG MArchive H91XT equipment
Provide users with a single web interface to search, and can retrieve past mails through My Mail personal inbox "retrieve mail"
Significantly reduce the storage requirements of mail, and at the same time do a good job of mail backup function.
Enhance Exchange performance and simplify backup and recovery
Reduce IT costs and expenses, reduce the excessive burden on the mail server, and reduce the complexity of the IT department's backup and letter preservation and restoration.
Helps to comply with personal data protection laws and ISO BS7799 regulations.
Provides extremely fast full-text search emails and all types of file attachments             
Support multiple domains and multiple mail hosts at the same time
HERHSIANG MArchive H91XT mail filtering and auditing equipment can support enterprises with multiple domain names (for example: herhsiang.com; herhsiang.com.tw ...) or a network environment built by multiple mail hosts, and can follow the preset rules Automatically transfer letters and attachments to storage devices.            
Mail Gateway Protection

HERHSIANG provides high-efficiency spam filtering functions. The Mail Gateway solution can be safely deployed on the front of the mail server. The original HERHSIANG Mail OS technology and multi-layer mail scanning mechanism can effectively block the increasing number of spam, viruses and malicious email , Springboards, phishing emails, spyware and other threats to help companies effectively manage email security protection and improve service quality.            

MArchive supports IPV4 / IPV6 address            
In addition to supporting the IPv4 network environment, MArchive H91XT also supports the latest IPv6 Internet Protocol, a network architecture that allows IPv4 and IPv6 to run concurrently.             
Full anti-spam filtering mechanism (Anti-Spam)
HERHSIANG spam filtering adopts the industry's most innovative approach to threat detection, applying the latest multi-layer scanning technology, including IP address credit rating, Bayesian filtering, Bayesian filtering automatic learning mechanism, spam feature filtering, and text link filtering mechanism , Automatic garbage learning, system black and white lists and personal black and white lists. In addition, in order to filter the hackers' penetration through the use of text links, the system provides a text link database, which can further protect corporate email security.            
Garbage learning sharing mechanism
The "spam learning sharing" mechanism developed by the professional research and development team is a concept similar to the sharing economy. Users share spam information, analyze and interpret the email behaviors by the professional research and development team, and add machine learning algorithms to handle large Data allows enterprise users to quickly filter thousands of e-mail threats without using complex scanning engines, achieving a higher detection rate and the lowest false blocking rate than traditional spam filtering.             
Anti-Virus Protection [Kaspersky (optional)]

MArchive H91XT has two built-in virus filtering engines, Clam AV and Kabbah Anti-Virus Engine (optional), which can accurately filter hidden viruses trapped in emails. Clam AV can automatically and automatically update the virus code for free. Millions of pens, so that enterprises can always stay up-to-date with the least cost. In addition, users can purchase a Kabbah anti-virus engine. The dual-engine protection can ensure mail security even more. All virus emails that are quarantined through the system provide complete virus filtering reports and records, and support Alarm.            

Sandstorm Malware Detection
Detect files or URLs that are suspected to be at risk, and filter and detect attachments and URLs by comparing hash values. It can deeply block some malicious programs that have not been filtered by viruses and IPS signature databases. Letters are quarantined to hide hidden malicious programs and prevent users from receiving mail.            
Event log viewer

Provides information, warnings, and errors and when they occur within the mail audit filtering facility. Simple and detailed log query service makes system maintenance easy and convenient. Its log management function is very comprehensive, and through WEB, it allows administrators to quickly query and search various types of system logs.

Mail archiving, review, and review (Mail Archive)
MArchive H91XT has a built-in post-mail archival audit mechanism, which can completely archive and store corporate emails. Whether it is external to internal, internal to external, or internal to internal, real-time archiving is performed. In addition to preventing users from deleting emails by mistake, Provide email resume graphs and provide a friendly keyword search mechanism. The system provides an interface for personal email archiving. Users can search online through IE, and search through keywords such as domain, user, sender / receiver, subject, email content, date, and attached files. Search archived messages, and read or retrieve the messages you need.                          
Mail audit filtering (Mail Audit), and has a personal filtering function

Through the device management interface, network administrators can adjust the conditions for sending and receiving mail according to the company's own mail policy settings. MArchive H91XT audit filtering equipment adopts the Policy method, and administrators can apply control rules based on the types of recipients, the subject of the message, the content of the message, the capacity of the message, and the file extension of the message. For personal information related conditions, He HERHSIANG also provides personal information filtering related to sensitive information, including ID card number, date of birth, phone number, credit card number, mobile phone and other conditions. When the detection meets the filtering conditions, you can choose to forward it to the auditors for quarantine, deletion, copying, or sending a notification letter.

Mail logging, archiving and backup

Local storage record: HERHSIANG MArchive H91XT has a built-in 4TB hard disk capacity, which is archived according to the system default. The recorded mail is backed up to the database and stored in the local storage for 7 days by default.

External storage backup: Including USB backup, FTP backup, SAMBA (Network Neighborhood Backup), if the personal computer or mail host has an unexpected situation and cannot work, personal mail is still safely stored in the MARCHIVE H91XT hard disk and storage device. MARCHIVE H91XT can connect to multiple storage servers at the same time, and the administrator can directly search, retrieve or retrieve the backed up emails.      

Support Office365, Gmail email backup files
MArchive H91XT mail backup service can support cloud platform and storage services, provide a hybrid cloud (public cloud / private cloud) flexible platform, integrate existing Google, Microsoft Office 365 cloud mail services, in addition to allowing enterprises to continuously maintain audit data on cloud mail Capabilities can also allow corporate emails to be placed in different storage locations to achieve the purpose of diversifying risks and offsite backups.
Integration of multiple identity authentication servers
MArchive H91XT can integrate multiple types of identity authentication servers to effectively check the correctness of the account during the user login email management process. At present, it can integrate servers including Radius, AD, POP3, IMAP, LDAP, and Google oAuth to check the validity of accounts and passwords. Among them, you must enter a complete email account account to connect to the back-end authentication server for queries. .            
Original mail resume function

HERHSANG mail resume function is an original design based on the concept of time axis. In addition to complete auditing and archiving of all incoming and outgoing emails, it also has HERHSIANG'S original mail resume function. With a simple chart to grasp the start of each letter Relevance. When did you receive this letter? How many passes back and forth in the middle? Which users are included in each pass? What is the content of each letter? Through the mail association chart, users can quickly grasp the main interactive associations of letters.            

Email Big Data Analysis (Mail Behavior)                    
Data's data analysis is an important feature of HERHSIANG's archive server. It can analyze the behavior of users, including correlation diagrams of mailing, abnormal mail analysis data, and user time analysis data, so that managers can better understand the enterprise. Internal user mail usage status.             
System management and use status

MArchive H91XT provides all network interface usage status, software and hardware system performance table (including real-time information such as boot time, CPU / HD / Memory usage ...), and all system usage status at a glance. The system has Event Log and Sys Log log management functions. If an abnormal event occurs, it will actively record and alert, and the system will send it to the administrator by email. MArchive H91XT provides automatic system update check and download function, which can regularly check the latest update status, and directly perform firmware update service through Web UI.            

Flexible decentralized management mechanism
The user rights decentralization setting is super flexible. Users' rights can be set at different levels, including whether they have a manager role or just general queryer or user rights. And can set different mail access and manager permissions. With the authorization of hierarchical management, enterprises can have more flexible control, safe use and management and maintenance. According to the decentralization and decentralization policy of the enterprise department, the authority and management items for each administrator to log in to the management interface can be defined, including system management, SMTP server settings, transparent mode, domain management, authentication, and authority management ...            
Web UI management / system settings

Use the Web method to set and update the firmware. The operation screen can be switched to Traditional Chinese / Simplified Chinese / English at any time. You can open / close / https remote control services at will. In addition, the administrator can set the MArchive H91XT device browser title, home page title, and host name of the server.             

No user authorization and restrictions
HERHSIANG MArchive series equipment has no restrictions on the use of the number of people, which will vary depending on the hardware operating performance or the amount of corporate mail. The system provides a free firmware update service mechanism, including the garbage database signature code, and the Clam AV anti-virus engine, which greatly saves maintenance and management costs and reduces after-sales service operations.             
Personal Archive interface
Provide personal Archive interface, user permissions include domain query, department query and individual user query. Mail query provides multiple search interface fields, including sender, recipient, subject, content, date, etc. For users who are accustomed to the Outlook interface, Outlook Plug-in is also provided to facilitate searching and archiving directly through Outlook mail.            
Personal email disaster backup and restore
In addition to the high-quality hardware configuration, Passive to active, recovery files no longer need to rely on IT professionals to handle, personally send the data on HERHSIANG MArchive H91XT directly to a specific user account again, when the user's computer, hard disk is damaged, data is lost, you can borrow The backup and restore function restores all user letters to the account again, providing the best backup mechanism for disaster recovery.            
Exclusive Personalized Dashboard Chart
Different from the traditional system report format, MArchive H91XT mail audit and archiving device provides a personalized report analysis charter. Users can customize the query date to understand the statistics of personal general mail, spam and virus letters. Graphical display. In addition, users can further analyze the proportion of mail received and related information.            

Hardware specifications     

CPU: INTEL E3 XEON E3-1200 V5 CPU

Motherboard: SUPERMICOR server grade

DDRIII-RAM ECC: 32GB (2 pieces of 16GB) dual channel

SATA-III HDD: 2.5" SSD (original factory warranty 5 years)4000GB *2 Shipping RAID 0 (RAID 0 1 for internal 2-layer disk array subsystem box)

Built-in backup hard disk (enterprise level 8000GB*1)

Console: On-Screen Keyboard

USB 2.0 Port: 4

Number of people: no limit

System Management

Admin settings using a browser ( HTTPS )

Supported Service Agreement

ICMP, HTTP, HTTPS, SMTP, SMTPS, POP3, POP3S, IMAP, IMAPS

OnBoard web interface

1 LAN / 1 HA / 1 IPMI Port (All Giga Port)

PCIe3.0 network interface card

2Define Port (Define Port 1 & 2) [2-Port 10GbE SFP+ Optical Module]

2 Define Port (Define Port 3 & 4) [2 Port 10GbE SFP+ Optical Module] (Optional)

use environment

Working environment temperature: 0~60°C / Working environment humidity: 5%~95%

Safety certification

FCC,CE,UL,cUL

Model Dimensions

19" x 2U x 550mm (21.65" deep)

Industrial control server grade PS2 POWER SUPPLY (power supply not for general PC use)

Input power : 100~250 VAC (Autosensing) / Power supply: 450 Watts or more / Power on and start automatically

Mounting method

Rack-mount models suitable for rack-mounting

Build architecture: Supports transparent mode (Bridge), gateway mode (Gateway), POP3/IMAP revenue generation deployment architecture

Transparent mode (Bridge)

MArchive H91XT has a set of LAN Bypass mode, which can be set up in front of the main mail server. It uses Bridge mode to record all incoming and outgoing mail. As internal users of the enterprise may use a variety of mail software to receive mail (for example: outlook, Thunderbird …), Whether internal or external or internal to internal, the mail will be audited, filtered, spam filtered, and virus filtered through the MArchive H91X mail audit and archiving device, and all communication emails will be completely recorded.

 

Gateway Mode

MArchive H91XT can also be used as a gateway for e-mail. After the virus and advertisement mails are completed, the clean mail is forwarded to the back-end mail server. The e-mail function usually consumes high system resources. Outlook users can also point SMTP to MArchive H91XT as a gateway for audit filtering, and then send the mail to the back-end mail server, or some enterprise users set up the mail server on a virtual machine (VM). The mode of receiving traffic is also applicable to the gateway mode.

 


POP3 / IMAP collection mode

Adopt POP3 and IMAP collection methods, similar to copying all incoming and outgoing mail to the device in Journal mode, whether the mail host is supported in the cloud (Gmail / 163 / Office365) or the internal Microsoft Exchange Server, IBM Lotus, just need Set the necessary information and download the messages to be backed up to the device.              

Hot-selling information security equipment
6P+2P10G fiber IPS NG-UTM 6P+2P10G fiber IPS NG-UTM
Product Description

NGS 3542HTG is a network security device that complies with the Next Generation UTM specification. It features high operational efficiency, multiple security protection mechanisms and hierarchical authorization management. It is the network security and management device of choice for medium and large enterprises.


NGS 3542HTG has powerful functions of a new generation firewall, including application identification and control based on Deep Packet Inspection (DPI), In-Line IPS, SSL analysis and blocking, Web Filtering, bandwidth management, antivirus, spam filtering and It supports functions such as external authentication integration, which can prevent hackers from maliciously infiltrating attacks or unauthorized access to internal network resources. In addition, the NGS 3542HTG also supports dual backup mechanism (HA), which can ensure the continuous operation of the equipment.

feature of product

The NGS 3542HTG is also a core switch supporting Layer 2 - Layer 7, which can directly replace the traditional Layer 3 core switch and meets the requirements of the next-generation Software Defined Network (SDN) core switch.


Integrate the centralized management of wireless base stations and managed switches to create integrated wired and wireless security protection, allowing managers to take into account both internal and external factors, and can be used as a layer 2 intranet security firewall

Balancing performance and functionality

HERHSIANG NGS 3542HTG, its hardware platform is carefully designed, using X86 hardware devices, the purpose is to allow enterprise users to fully experience the security protection functions provided by the new generation of HERHSIANG UTM.


For customers with high connection capacity requirements, we provide high-performance security modules to improve connection capacity and support USB fast recovery mechanism.

Two-Factor Two-Stage Authentication
Unlike many previous network services that use single-factor password authentication by default, Two-Factor Authentication (2FA), which combines two different authentication methods, users need to pass two or more authentication mechanisms before they can get Authorize access to the system resources provided by the service provider. There are many ways to verify, such as PIN code/fingerprint/scanning QR code/or one-time code and other auxiliary verification, and the purpose is to provide higher security for the account. This The two-factor authentication function combined with Google Authenticator uses the mobile phone owned by the user as the second authentication factor to achieve auxiliary authentication. The function is disabled by default. After enabling this function, the system will prompt you to enter a password and a one-time code. Can access your account.
HERHSIANG NGS next-generation firewall has three parts, supports two-step verification: account management/Internet authentication/SSL VPN
IP v4/v6 Dual Band Technology           
There is a shortage of IP v4 addresses, and the age of IP v6 will come sooner or later, so HERHSIANG has integrated this trend when developing the next-generation UTM. The same network interface, whether it is defined as WAN or LAN, can be bound at the same time. The IP address of v4 or v6, so the NGS 3542HTG works equally well in pure v4 environment, mixed v4/v6, pure v6 environment.
Support SDN controller

Supporting SDN controller, more than one Port can be combined into a ZONE, which is directly managed by the SDN controller, and the packet transmission of ZONE and ZONE will also pass the packet inspection of NGS 3542HTG.


And with VLAN 802.1Q function, the internal network can be cut into several independent subnet segments, each segment operates independently without interfering with each other. .


SSL encrypted connection detection
With the ability to detect SSL traffic, when faced with traffic from SSL-encrypted connections, it can apply intrusion detection and prevention, gateway antivirus, content filtering, and application bandwidth control.
load balancing

Provide outbound and inbound load balancing, and provide a variety of load balancing algorithms. When one line is disconnected, all network packets will be automatically redirected to another normal line to ensure that the internal user network is smooth. When the line is restored, the packet will be automatically assigned again.


Enterprises can set their own load balancing rules according to their needs, and network access can refer to the set rules to implement network traffic load balancing guidance. Algorithms include: automatic allocation, manual allocation, allocation by source IP, and allocation by destination IP.           

 

IPS Intrusion Prevention
The IPS intrusion detection and prevention system provides more than 30,000 signatures, IPS It will check the content corresponding to layers 4 to 7 of the OSI model, whether there are malicious attack programs or viruses hidden in the TCP/IP communication protocol. Mark it out, once found, it can block the packet immediately, so that these malicious packets that pass through the firewall are invisible.

Threat Detection Defense

Provide the most complete defense-in-depth mechanism for enterprises. Today's network attacks cannot rely only on single-point protection and require complete defense-in-depth. Only through different levels of defense technology can we reduce the potential threat behavior that enterprises may suffer.


Hexiang NGS 3542HTG not only provides firewall, intrusion detection system (IPS), anti-virus as the basis for enterprise information security protection, but also strengthens the detection of malware for traffic, web pages and emails, through the correlation analysis of different security mechanisms , to play the role of defense in depth.

WAF ( Web Application Firewall )

Web Application Firewall is a product that provides protection for Web server applications by implementing a series of HTTP/HTTPS security policies.


The work of WAF is to parse the data of the web application layer, perform forced multiple conversions for different encoding methods and restore them to attack plaintext, and combine the deformed characters for analysis, which can be better than the combined attack from the web layer. Provide application layer rules Web applications are usually customized, traditional rules for known vulnerabilities are often not effective enough, WAF provides dedicated application layer rules, and has the ability to detect deformation attacks, such as detecting mixed attacks in SSL encrypted traffic


Mail Gateway Protection

The enterprise already has a mail host, but the spam filtering performance is not good. The NGS 3542HTG can be used as the mail gateway mode to make up for the insufficient functions of the original mail server, such as spam filtering and virus filtering.


After filtering viruses and advertisement emails by NGS 3542HTG, the clean emails are delivered to the mail host.

virus letter filter

The system provides Clam AV anti-virus engine free of charge, which can detect more than millions of viruses, worms, and Trojans, automatically scan emails for viruses, automatically update virus files through the Internet every day, and provide virus email search condition.


Administrators can set the processing method of poisoned emails, including automatic deletion, storage of poisoned email extensions and the subject of poisoned email notification letters. The new-generation UTM has a built-in Kaspersky anti-virus engine for one year, and customers can choose to renew and enjoy the leading Kaspersky anti-virus engine with the highest anti-virus rate and the strongest virus repair.

Spam filtering
Internal mail or external mail can be filtered, and provide ST-IP network credit rating, Bayesian filtering method, Bayesian filtering method automatic learning mechanism, automatic whitelist mechanism, spam feature filtering and fingerprint identification method, etc. , whitelist comparison and intelligent identification learning database (Auto-Learning), you can even set personalized rules, flexibly formulate filtering rules, deal with spam, and ensure comprehensive protection without misjudgment, with an accuracy rate of more than 95%. Mail filtering, which can perform actions such as forwarding, deleting, blocking, etc., for letters that meet the filtering conditions set by the administrator.
Abnormal IP Analysis

Any network behavior, no matter what kind of software the user runs, from the perspective of network packets, it is roughly divided into the number of upload and download connections (Connect Session), flow (Flow) and duration (Time), by detecting these A combination of numbers to estimate whether the user is using the Internet normally or has abnormal behavior.


When the abnormal behavior of internal users is found, the administrator can take various strategies, for example, block the Internet, limit its maximum bandwidth immediately, enable the cooperative defense mechanism to notify the switch to block it, or notify the administrator.

Bandwidth Management ( QoS )

Assist network administrators to control network traffic, effectively slow down corporate network congestion, improve service and bandwidth utilization.


With QoS (bandwidth management) function, the limited bandwidth can be distributed to all users.


The difference from general bandwidth managers is that in addition to providing maximum bandwidth and priority management, NGS 3542HTG also has a guaranteed bandwidth function. It also has the design of personalized bandwidth management, which can be set for individual users.


If bandwidth management is used with personalized bandwidth management, the bandwidth reserved by the bandwidth management function can be allocated to users under the enterprise, which can effectively prevent the phenomenon of bandwidth being monopolized by users.

Content filtering
Provides Web Filter (web filtering) function, which can block the access of inappropriate web pages (such as pornography, violence) and offensive web pages (such as hackers, viruses) at the work end, and can set its own filtering conditions to block inappropriate web sites.
Sandstorm Malware Filtering Mechanism

Advanced Sandstorm can effectively detect unknown advanced malware attachments, such as common Microsoft, Word, Excel, Power Point or PDF; or targeted phishing emails, and even compressed files, such as ZIP and RAR.

Before scanning emails for Spam or Virus, Sandstorm Defense compares suspicious attachments, isolates problematic emails, and exposes potential malicious programs to avoid affecting users' email reception.             

URL database management [Optional 3rd party database (optional)]

The built-in "cloud URL database" automatically classifies web pages. As long as the administrator can prevent and block harmful URL networks, it can be easily controlled. There is no need to enter website IP addresses, keywords.... to block them one by one.


Arbitrarily clicking on harmful URLs is the source of evil. The best way to prevent blocking is to prohibit the use of the Internet. If it cannot be completely prohibited, using the URL database updated from time to time is the best protection mechanism.

Full record of online behavior

Some corporate employees use the Internet during working hours to do things that are not for work purposes.


NGS 3542HTG can not only limit users' permission to use related applications, but also record related online behaviors, including web browsing and email sending. When a company leaks, the preserved information is the best evidence to use as evidence in court.

Traffic Analysis
Provides a traffic analysis tool, whether it is the internal user's computer on/off status, real-time display of network traffic, communication protocol allocation and traffic rankings, when the line is fully loaded, you can immediately find the traffic killer.
Application Management [Optional 3rd Party Database (Optional)]

Various network application software is not only difficult to manage, but also becomes the best channel for data leakage and virus attack.


NGS 3542HTG has built-in various application management functions, including instant messaging, video and audio services, file transfer, P2P software, remote control, browser, VOIP, online games, network protocols, etc., which can easily control employees' use of application software. Permissions to protect corporate network security.

Graphical flow meter           

Provides the flow meter of the WEB interface, and draws the historical status of the system into a chart, so that the administrator can grasp the current operating status of the system at any time.


NGS 3542HTG provides system status charts (including CPU load chart, memory load chart, system load), network traffic charts (LAN traffic, WAN1~WAN7 traffic), and provides query conditions to quickly search for the historical records of each traffic status.

Threat Intelligence Meter
Provide common threat statistics, APP analysis, mail analysis charts, IPS analysis, WEB analysis, defense analysis, real-time dynamic session analysis and reports.


log

Provide a variety of logs, such as log in/out log, system network settings, regulations and targets, network services, advanced protection, IPS, mail management, content logging, VPN, etc. and a detailed log search system.


It is used for debugging analysis, evaluation of system performance, and proof and tracing basis when it is illegally invaded.             

VPN function

Use IPSec, PPTP, L2TP, SSL VPN to securely connect between Site to Site, Point to Site and remote users.


Through these VPN mechanisms, users can connect to different devices such as laptops, branch offices, business offices, mobile communication devices or home from different locations, including home, external public information service stations, and the Internet. …Wait.


Among them, SSL VPN is currently the most important long-distance secure transmission connection between most enterprises, customers and partners.           


HERHSIANG Android SSLVPN APP

Definition of UTM

IDC's definition of UTM information security hardware device is: It contains multiple security functions integrated into a single hardware device, which must include network firewall, network intrusion detection and prevention, and gateway anti-virus. All functions on this device do not have to be fully utilized, but must be built in, and individual components cannot be cut.


In order to test these devices, NSS Group more clearly defines the UTM device as a single device combining firewall, VPN, IDS/IPS, anti-virus, anti-spam, URL filtering, content filtering and other functions. The detailed definitions are as follows:


* Firewall: Deployed at the network boundary, a strong stateful NAT firewall is required.


* VPN: It is often deployed in the enterprise wide area network as a branch network solution, and basically needs to be able to establish a small number of secure VPN tunnels.


* IDS/IPS: Firewall can only enforce policy, if policy allows incoming HTTP traffic to web server in DMZ zone, firewall cannot prevent hackers from destroying target web server from HTTP protocol. The IPS function will detect and block intrusions like these that attempt to exploit the network perimeter, preventing malicious network traffic from reaching the server. The IDS function can detect intrusions and issue alerts, but cannot block malicious traffic.


* Anti-virus: Gateway anti-virus filtering can prevent inbound virus traffic at the network boundary, strengthen the security of computer desktops, block them before they reach the desktop, and the solution can also prevent internal computers from being infected by viruses from outside the corporate network. .


* Anti-spam: Gateway Anti-spam can flag incoming e-mail, allowing further processing by computer filtering solutions. Solutions to prevent internal hosts from sending spam outside the enterprise.


* URL Filtering: Using a continuously updated database of URL classifications, a gateway URL filtering solution prevents employees from accessing unpleasant or inappropriate websites from the corporate network.


* Content Filtering: Scanning web and email traffic for specific content, gateway content filtering solutions prevent objectionable or inappropriate content from passing through or emanating from the corporate network.         

MA 1U Server MA 1U Server
Hardware quality enhancement and firmware configuration

Host hardware planning:
Using strong stability server motherboard built-in IPMI, industrial-grade chassis, industrial-grade power supply. (Has been used by customers for 10 years)


Data security planning:
The data disk uses 1 enterprise-level HDD 4TB, and the system backup disk uses 1 NAS-grade HDD 4TB hard disk, and the two are automatically synchronized.


Advantages of security planning:
ONBOARD synchronization is faster than USB and network backup, which can ensure that the data is saved in a short time. When the data disk is faulty and the data is damaged and cannot be used, MIS can directly use the system backup disk as a data disk, and the recovery speed is fast without waiting. Annoyingly long restoration time.


Strong capacity expansion:
The memory can be expanded to the maximum capacity of the motherboard. In addition, when the capacity of the data disk is insufficient, you can use another 2bay spare hot-swappable box, purchase a larger capacity HDD, and set the system backup disk capacity to be used directly as a data disk after synchronization Then there is an increased capacity data space available. (The suggested maximum capacity can be used, please call for inquiry)


Firmware function configuration:
MArchive mail archive server firmware function configuration, H57TA has no other optional functions except Kaspersky anti-virus and email big data analysis functions, which can meet the needs of the company.


10G network speed model (optional)
HERHSIANG offers optional 10G speeding models. In addition to the network speed of 10G [SPF+ interface (GBIC (RJ45/single-mode/multi-mode) is optional), the speeding speed can also be equipped with SSD so that enterprises and organizations of mid-level models can also enjoy speeding Fast pleasure.

Support Wake-on-LAN
It is recommended to use a UPS uninterruptible power system. When the power is restored, the UPS needs to wait for the battery capacity to charge up to the set percentage, and then wake up the remote device function.
Generally, the equipment needs to wait until the UPS battery is completely out of power to 0% to restore the power supply before starting the remote equipment.
Related functions can prevent the remote device from being unable to start the remote device after the power supply is restored after the remote device has been automatically shut down in advance when the UPS battery still has power.
IPMI (IP KVM) feature description

IPMI Tool is an Out-of-Band IPMI tool that allows users to connect to system devices with IPMI through CLI (Command Line Interface).


The program provides two usage modes, namely: OS command line mode and Shell mode.


The program can be easily integrated with the existing infrastructure to connect with the server's baseboard management controller (BMC) to achieve the function of remotely configuring the system. 


Main features of IPMI Tool:

Remote system management
SuperBlade management
MicroBlade management
System power control
HDD and NVMe management
FRU management
System diagnosis (via Super Diagnostics Offline)
NM (Node Manager) management
Group management
Remote IPMI management
Support IPv6
Remote text interface operation (Serial-Over-LAN)
Firmware upgrade
System sensor and event log
Power supply and battery backup power (BBP®) module monitoring
Multi-node system information
Virtual media management (node ​​product key required)
Remote desktop interception (node ​​product key required)
Operating System (OS)
Red Hat Enterprise Linux (RHEL) 6.8 and above
SUSE Linux Enterprise Server (SLES) 11 and above
Ubuntu Server 14.04 and above
Windows 7, 10
Windows Server 2008 R2 SP 1, 2012 R2

 

IPMI View is an application software based on a graphical user interface that allows administrators to manage multiple systems through BMC.


IPMI View supports BMC compliant with IPMI v1.5 or v2.0.


IPMI View monitors and reports the status of the SuperBlade system, and supports remote KVM and mounting virtual media.

 

IPMI View product features:
IPMI system management
Remote Graphical Interface (KVM) control
Remote text interface (SOL) control
Virtual media device management
IPMI user/group management
Trap receiver
Mobile application (Android, iOS)
Operating System (OS)
Red Hat Enterprise Linux (RHEL) 6.8 and above
SUSE Linux Enterprise Server (SLES) 11 and above
Ubuntu Server 14.04 and above
Windows 7, 10
Windows Server 2008

Product Manual
MArchive H57TA's main functions include front-end gate protection capabilities (Anti-Virus, Anti-Spam, pre-mail audit, ransomware protection) and back-end audit capabilities (post-mail audit, mail record archiving, and mail history tracking). A single device can meet the email management needs of most enterprises. In addition to the basic record backup, the product also provides a complete internal and external, internal and external audit mechanism to review the mail received by employees.            
Archive server features
Provide a stable, safe and stable storage space with unlimited capacity expansion.
Archive the entire enterprise's mail to one or more My SQL Server / MariaDB database.
Reduce the workload of the mail server. When the email is archived, the email can be deleted to keep the workload of the mail server at a certain level of operation.
With mail data leakage protection function, it can filter email content and attachment files to prevent data leakage.
Prevent users from deleting e-mails, avoid users from deleting important e-mails at will, and let enterprises have the risk of losing important information. The HERHSIANG archive server can completely eliminate this risk
Provide cloud backup and archive cloud services such as Office365 and Gmail.
Comply with relevant laws and regulations such as the Personal Assets Law and Business Secrets Protection Law.
Mail can be quickly restored through the personal mail backup and restore process-even accidentally deleted mail!
Provides webpage management mode, allowing users to search past emails from anywhere in the world.


 

AI Spam (Optional) (NEW)
HERHSIANG Information has introduced a new AI Spam function module, which can make the judgment accuracy of mails as high as 99.5%. Through the judgment and analysis of mail content and sending behavior of the system function, it can automatically distinguish between normal and malicious or spam letters, and improve the level of spam letters It can also reduce the chance of users opening phishing letters.
In addition, hacker attack methods are also constantly improving, they will forge emails to be the same as real emails, so MArchive H57TA mail host core system must constantly learn new attacks or emails that can be phished.
The research and development unit has included these attack and phishing features in the calculation logic database as a basis for judgment, so that the AI Spam system can use the continuous self-learning mechanism to face the phishing letters and spam attacks that are attacked 24 hours a day throughout the year. It can also quickly make accurate judgments, thereby effectively reducing spam and phishing letters to users, causing unnecessary losses.             

 



PST file transfer management              
Free you from the problem of PST file management and reduce the dependence on bulky PST files (Outlook)-easy to damage or lose in the event of hardware failure, you can archive and back up all Mail of the company early on HERHSIANG MArchive H57TA equipment
Provide users with a single web interface to search, and can retrieve past mails through My Mail personal inbox "retrieve mail"
Significantly reduce the storage requirements of mail, and at the same time do a good job of mail backup function.
Enhance Exchange performance and simplify backup and recovery
Reduce IT costs and expenses, reduce the excessive burden on the mail server, and reduce the complexity of the IT department's backup and letter preservation and restoration.
Helps to comply with personal data protection laws and ISO BS7799 regulations.
Provides extremely fast full-text search emails and all types of file attachments              
Support multiple domains and multiple mail hosts at the same time
HERHSIANG MArchive H57TA mail filtering and auditing equipment can support enterprises with multiple domain names (for example: herhsiang.com; herhsiang.com.tw ...) or a network environment built by multiple mail hosts, and can follow the preset rules Automatically transfer letters and attachments to storage devices.
Mail Gateway Protection
HERHSIANG provides high-efficiency spam filtering functions. The Mail Gateway solution can be safely deployed on the front of the mail server. The original HERHSIANG Mail OS technology and multi-layer mail scanning mechanism can effectively block the increasing number of spam, viruses and malicious email , Springboards, phishing emails, spyware and other threats to help companies effectively manage email security protection and improve service quality.
MArchive supports IPV4 / IPV6 address
In addition to supporting the IPv4 network environment, MArchive H57TA also supports the latest IPv6 Internet Protocol, a network architecture that allows IPv4 and IPv6 to run concurrently.
Full anti-spam filtering mechanism (Anti-Spam)
HERHSIANG spam filtering adopts the industry's most innovative approach to threat detection, applying the latest multi-layer scanning technology, including IP address credit rating, Bayesian filtering, Bayesian filtering automatic learning mechanism, spam feature filtering, and text link filtering mechanism , Automatic garbage learning, system black and white lists and personal black and white lists. In addition, in order to filter the hackers' penetration through the use of text links, the system provides a text link database, which can further protect corporate email security.
Garbage learning sharing mechanism
The "spam learning sharing" mechanism developed by the professional research and development team is a concept similar to the sharing economy. Users share spam information, analyze and interpret the email behaviors by the professional research and development team, and add machine learning algorithms to handle large Data allows enterprise users to quickly filter thousands of e-mail threats without using complex scanning engines, achieving a higher detection rate and the lowest false blocking rate than traditional spam filtering.
Anti-Virus Protection [Kaspersky (optional)]
MArchive H57TA has two built-in virus filtering engines, Clam AV and Kabbah Anti-Virus Engine (optional), which can accurately filter hidden viruses trapped in emails. Clam AV can automatically and automatically update the virus code for free. Millions of pens, so that enterprises can always stay up-to-date with the least cost. In addition, users can purchase a Kabbah anti-virus engine. The dual-engine protection can ensure mail security even more. All virus emails that are quarantined through the system provide complete virus filtering reports and records, and support Alarm.
Sandstorm Malware Detection
Detect files or URLs that are suspected to be at risk, and filter and detect attachments and URLs by comparing hash values. It can deeply block some malicious programs that have not been filtered by viruses and IPS signature databases. Letters are quarantined to hide hidden malicious programs and prevent users from receiving mail.
Event log viewer
Provides information, warnings, and errors and when they occur within the mail audit filtering facility. Simple and detailed log query service makes system maintenance easy and convenient. Its log management function is very comprehensive, and through WEB, it allows administrators to quickly query and search various types of system logs.
Mail archiving, review, and review (Mail Archive)
MArchive H57TA has a built-in post-mail archival audit mechanism, which can completely archive and store corporate emails. Whether it is external to internal, internal to external, or internal to internal, real-time archiving is performed. In addition to preventing users from deleting emails by mistake, Provide email resume graphs and provide a friendly keyword search mechanism. The system provides an interface for personal email archiving. Users can search online through IE, and search through keywords such as domain, user, sender / receiver, subject, email content, date, and attached files. Search archived messages, and read or retrieve the messages you need.
Mail audit filtering (Mail Audit), and has a personal filtering function
Through the device management interface, network administrators can adjust the conditions for sending and receiving mail according to the company's own mail policy settings. MArchive H57TA audit filtering equipment adopts the Policy method, and administrators can apply control rules based on the types of recipients, the subject of the message, the content of the message, the capacity of the message, and the file extension of the message. For personal information related conditions, He Xiang also provides personal information filtering related to sensitive information, including ID card number, date of birth, phone number, credit card number, mobile phone and other conditions. When the detection meets the filtering conditions, you can choose to forward it to the auditors for quarantine, deletion, copying, or sending a notification letter.
Mail logging, archiving and backup

Local storage record: HERHSIANG MArchive H57TA has a built-in 4TB hard disk capacity, which is archived according to the system default. The recorded mail is backed up to the database and stored in the local storage for 7 days by default.

External storage backup: Including USB backup, FTP backup, SAMBA (Network Neighborhood Backup), if the personal computer or mail host has an unexpected situation and cannot work, personal mail is still safely stored in the MARCHIVE H57TA hard disk and storage device. MARCHIVE H57TA can connect to multiple storage servers at the same time, and the administrator can directly search, retrieve or retrieve the backed up emails.

Support Office365, Gmail email backup files
MArchive H57TA mail backup service can support cloud platform and storage services, provide a hybrid cloud (public cloud / private cloud) flexible platform, integrate existing Google, Microsoft Office 365 cloud mail services, in addition to allowing enterprises to continuously maintain audit data on cloud mail Capabilities can also allow corporate emails to be placed in different storage locations to achieve the purpose of diversifying risks and offsite backups.
Integration of multiple identity authentication servers
MArchive H57TA can integrate multiple types of identity authentication servers to effectively check the correctness of the account during the user login email management process. At present, it can integrate servers including Radius, AD, POP3, IMAP, LDAP, and Google oAuth to check the validity of accounts and passwords. Among them, you must enter a complete email account account to connect to the back-end authentication server for queries. .
Original mail resume function
HERHSANG mail resume function is an original design based on the concept of time axis. In addition to complete auditing and archiving of all incoming and outgoing emails, it also has HERHSIANG'S original mail resume function. With a simple chart to grasp the start of each letter Relevance. When did you receive this letter? How many passes back and forth in the middle? Which users are included in each pass? What is the content of each letter? Through the mail association chart, users can quickly grasp the main interactive associations of letters.
Email Big Data Analysis (Mail Behavior) (Optional)
Data's data analysis is an important feature of Hexiang's archive server. It can analyze the behavior of users, including correlation diagrams of mailing, abnormal mail analysis data, and user time analysis data, so that managers can better understand the enterprise. Internal user mail usage status.
System management and use status
MArchive H57TA provides all network interface usage status, software and hardware system performance table (including real-time information such as boot time, CPU / HD / Memory usage ...), and all system usage status at a glance. The system has Event Log and Sys Log log management functions. If an abnormal event occurs, it will actively record and alert, and the system will send it to the administrator by email. MArchive H57TA provides automatic system update check and download function, which can regularly check the latest update status, and directly perform firmware update service through Web UI.
Flexible decentralized management mechanism
The user rights decentralization setting is super flexible. Users' rights can be set at different levels, including whether they have a manager role or just general queryer or user rights. And can set different mail access and manager permissions. With the authorization of hierarchical management, enterprises can have more flexible control, safe use and management and maintenance. According to the decentralization and decentralization policy of the enterprise department, the authority and management items for each administrator to log in to the management interface can be defined, including system management, SMTP server settings, transparent mode, domain management, authentication, and authority management ...
Web UI management / system settings
Use the Web method to set and update the firmware. The operation screen can be switched to Traditional Chinese / Simplified Chinese / English at any time. You can open / close / https remote control services at will. In addition, the administrator can set the MArchive H57TA device browser title, home page title, and host name of the server.
System backup and restore

According to the set backup content, the backup is performed at a specified time. It is more convenient to use the USB slot on the interface of the HERHSIANG mail audit filter device for backup, which makes it easier for the administrator to maintain.

After using the built-in backup data disk or USB HDD for backup full machine backup, in case the local system hard disk fails, select the backup data disk or USB backup system hard disk to be used when booting, and then return the whole machine to backup It can replace the tape drive to save the system permanently.             

No user authorization and restrictions
HERHSIANG MArchive series equipment has no restrictions on the use of the number of people, which will vary depending on the hardware operating performance or the amount of corporate mail. The system provides a free firmware update service mechanism, including the garbage database signature code, and the Clam AV anti-virus engine, which greatly saves maintenance and management costs and reduces after-sales service operations.
Personal Archive interface
Provide personal Archive interface, user permissions include domain query, department query and individual user query. Mail query provides multiple search interface fields, including sender, recipient, subject, content, date, etc. For users who are accustomed to the Outlook interface, Outlook Plug-in is also provided to facilitate searching and archiving directly through Outlook mail.
Personal email disaster backup and restore
In addition to the high-quality hardware configuration, Passive to active, recovery files no longer need to rely on IT professionals to handle, personally send the data on HERHSIANG MArchive H57TA directly to a specific user account again, when the user's computer, hard disk is damaged, data is lost, you can borrow The backup and restore function restores all user letters to the account again, providing the best backup mechanism for disaster recovery.
Exclusive Personalized Dashboard Chart
Different from the traditional system report format, MArchive H57TA mail audit and archiving device provides a personalized report analysis charter. Users can customize the query date to understand the statistics of personal general mail, spam and virus letters. Graphical display. In addition, users can further analyze the proportion of mail received and related information.
Hardware specifications

DDRIII-RAM: ECC 16GB
SATA-III HDD: 3.5" Enterprise Disk 4000GB*1 3.5" NAS Red Label 4000GB*1

Console: On-screen keyboard
USB 3.0 Port: 2
Number limit: no limit
System Management
Use a browser to manage settings (HTTPS)
Supported service agreements
ICMP, HTTP, HTTPS, SMTP, SMTPS
OnBoard network interface
1 LAN / 1 HA / 2 Definition 1 & 2 / 1 IPMI Port (All Giga Port)

Dual Port 10GbE SFP+ Fiber Optic Network Module (Define Port 3 & 4)(Optional)
Hot extraction box (Panel can be locked, with key)
4
Use environment
Operating environment temperature: 0~60°C / Operating environment humidity: 5%~95%
Safety certification
FCC, CE, UL, cUL
Model Dimensions

19" x 1U x 437.20mm (17.21" deep) (standard)

19" x 1U x 600mm (23.62" deep) (1U 250W Redundant Power Supply)
Power Supplier
Input power: 100~250 VAC (auto switching) / power supply: 250 Watts / power on automatically start
Placement method: rack-mounted

Build architecture: Supports transparent mode (Bridge), gateway mode (Gateway), POP3/IMAP revenue generation deployment architecture

Transparent mode (Bridge)

MArchive H57TA has a set of LAN Bypass mode, which can be set up in front of the main mail server. It uses Bridge mode to record all incoming and outgoing mail. As internal users of the enterprise may use a variety of mail software to receive mail (for example: outlook, Thunderbird …), Whether internal or external or internal to internal, the mail will be audited, filtered, spam filtered, and virus filtered through the MArchive H57TA mail audit and archiving device, and all communication emails will be completely recorded.

 

Gateway Mode

MArchive H57TA can also be used as a gateway for e-mail. After the virus and advertisement mails are completed, the clean mail is forwarded to the back-end mail server. The e-mail function usually consumes high system resources. Outlook users can also point SMTP to MArchive H57TA as a gateway for audit filtering, and then send the mail to the back-end mail server, or some enterprise users set up the mail server on a virtual machine (VM). The mode of receiving traffic is also applicable to the gateway mode.

 


POP3 / IMAP collection mode

Adopt POP3 and IMAP collection methods, similar to copying all incoming and outgoing mail to the device in Journal mode, whether the mail host is supported in the cloud (Gmail / 163 / Office365) or the internal Microsoft Exchange Server, IBM Lotus, just need Set the necessary information and download the messages to be backed up to the device.             

HERHSIANG Information Co., Ltd. (Uniform number: 13167798)

 88673494097  88673596785  service@herhsiang.com

 3F, No.5, Dinghe St., Sanmin District, Kaohsiung City Taiwan  

Business hours: Monday ~ Friday 8:30 ~ 12:00 / 13:30 ~ 1800 

(Except holidays and national holidays)
Copyright © 2002~2024