Home Page Services Fiber high-end 6P+4P10G fiber IPS NG-UTM
Search By Category
Search By Keyword
Product Name
6P+4P10G fiber IPS NG-UTM
Maximum number of connections: 5,000,000 | Number of new connections per second: 200,000 | Maximum processing speed: 25Gbps | VPN performance: 2,400Mbps | Antivirus performance: 1,400Mbps | IPS performance: 1400Mbps | Email scans/day: 5,200,000
IPS / WAF / UTM / FW / HA / Two-Factor Two-Part Authentication
1 LAN (MGMT.) / 9 definable PORT | 6P RJ45 1G | 4P 10G GBIC (Fiber) slot (GBIC single-mode or multi-mode or RJ45 10G optional)
Support VPN such as IPSEC / SSL / PPTP / L2TP (available for IOS)
Support 3G / 4G / LTE USB mobile wireless network card
Built-in Kabbah antivirus for 1 year, 3rd party application and 3rd party URL database control for 2 years
Optional items:
Exclusive 10G GBIC / MGB-XM03 (multimode) / MGB-XS10 (single mode) / MGB-RJ-10GT (to RJ45 30M) or 1G GBIC / MGB-RJ-1GT (To RJ45 100M) / MGB-S10 (single mode) / MGB-M05 (multimode) (the above can be mixed)
Kaspersky Anti-Virus (from the 2nd year) / 3rd party applications (from the 3rd year) / 3rd party URL database (from the 3rd year)

Product Specification
Product Description

NGS 5952HTG is a network security device that complies with Next Generation UTM specifications. It has high operational efficiency, multiple security protection mechanisms, and hierarchical authorization management. It is the first choice for network security and management equipment for medium and large enterprises.

NGS 5952HTG has the powerful functions of a new generation of firewalls, including Deep Packet Inspection (DPI)-based application identification and control, In-Line IPS, SSL analysis and blocking, Web Filtering, bandwidth management, anti-virus, spam filtering, and It supports external authentication integration and other functions, which can prevent hackers from maliciously sneaking into attacks or unauthorized access to internal network resources. In addition, NGS 5952HTG also supports dual-machine backup mechanism (HA), which can ensure that the equipment is continuously running.

feature of product

NGS 5952HTG is also a core switch supporting Layer 2-Layer 7, which can directly replace the traditional Layer 3 core switch and meet the requirements of the next-generation Software Defined Network (SDN) core switch.

Integrate the centralized management of wireless base stations and network-managed switches to create an integrated wired and wireless security protection, allowing administrators to take care of both inside and outside, and can be used as the second layer as an intranet security firewall (ISFW).

Balance performance and function

HERHSIANG NGS 5952HTG, its hardware platform is carefully designed, using X86 hardware equipment, the purpose is to allow enterprise users to fully experience the security protection functions provided by HERHSIANG's new generation UTM.

For customers with high connectivity requirements, we provide high-performance security modules to improve connectivity and support the USB quick recovery mechanism.

Two-Factor Two-Part Authentication (Version supported)
Unlike many previous network services that use single-factor password authentication by default, Two-Factor Authentication (2FA), which combines two different authentication methods, users need to pass two or more authentication mechanisms before they can get Authorize access to the system resources provided by the service provider. There are many ways to verify, such as PIN code/fingerprint/scanning QR code/or one-time code and other auxiliary verification, and the purpose is to provide higher security for the account. This The two-factor authentication function combined with Google Authenticator uses the mobile phone owned by the user as the second authentication factor to achieve auxiliary authentication. The function is disabled by default. After enabling this function, the system will prompt you to enter a password and a one-time code. Can access your account.
HERHSIANG NGS next-generation firewall has three parts, supports two-step verification: account management/Internet authentication/SSL VPN
IP v4 / v6 dual-band technology
There is a shortage of IP v4 addresses, and the era of IP v6 will come sooner or later, so HERHSIANG has integrated this trend when developing the next generation of UTM. The same network interface, whether it is defined as a WAN or a LAN, can be bound at the same time The IP address of v4 or v6, so no matter it is in a pure v4 environment, v4/v6 mixed, pure v6 environment, NGS 5952HTG is equally applicable.
Support SDN controller

Supports SDN controller, which allows more than one Port to be combined into a ZONE, which is directly managed by the SDN controller, and the transmission of ZONE and ZONE packets will also pass the packet inspection of NGS 5952HTG.

It also has the function of VLAN 802.1Q, which can cut the internal network into several independent subnet segments, each of which operates independently and does not interfere with each other. .

SSL encrypted connection detection
With the ability to detect SSL traffic, when faced with SSL encrypted connection traffic, it can apply functions such as intrusion detection and defense, gateway anti-virus, content filtering, and application bandwidth control.
Load balancing

Provides outbound and inbound load balancing, and provides multiple load balancing algorithms. When one of the lines is disconnected, all network packets will be automatically redirected to another normal line to ensure that the internal user network is smooth. When the line is restored, the packet It will be automatically assigned again.

Enterprises can set their own load balancing rules according to their needs, and network access can refer to the set rules to perform network traffic load balancing guidance. Algorithms include: automatic allocation, manual allocation, allocation by source IP, and allocation by destination IP.


IPS intrusion prevention
The IPS intrusion detection and prevention system provides more than 30,000 signatures, IPS will check the contents corresponding to the 4th to 7th layers of the OSI model, whether there are malicious attack programs and viruses, hidden in the TCP/IP communication protocol. After detailed content inspection, the qualified signatures will be Mark it out, once discovered, the packets can be blocked immediately, so that these malicious packets passing through the firewall will be hidden from view.

Threat detection and defense

Provide enterprises with the most complete defense-in-depth mechanism. Today's network attacks cannot only rely on a single point of defense but require complete defense-in-depth. Only by using different levels of defense technologies can companies reduce potential threats.

In addition to providing firewalls, intrusion detection systems (IPS), and anti-virus as the basis for enterprise information security protection, Hexiang NGS 5952HTG can strengthen the detection of malicious programs for traffic, web pages and emails, and analyze the correlation of different security mechanisms. , To play the role of defense in depth.

WAF ( Web Application Firewall )

Web application firewall is a product that provides protection for Web server applications by implementing a series of security policies for HTTP/HTTPS.

WAF's job is to parse the web application layer data, perform multiple conversions of different encoding methods to restore the attack plaintext, combine the deformed characters and analyze it, which can be better than the combined attack from the web layer. Providing application layer rules WEB applications are usually customized. Traditional rules for known vulnerabilities are often not effective enough. WAF provides special application layer rules and has the ability to detect deformed attacks, such as detecting mixed attacks in SSL encrypted traffic           

Mail gateway protection

The enterprise already has a mail host, but the spam filtering performance is not good. You can use NGS 5952HTG as a mail gateway mode to make up for the insufficient functions of the original mail server, such as spam filtering and virus filtering.

After filtering viruses and advertising mail through NGS 5952HTG, the clean mail is sent to the mail host.

Virus filtering

The system provides Clam AV anti-virus engine for free, which can detect more than millions of viruses, worms, and Trojan horse programs. It can automatically scan emails for viruses, automatically update virus files through the Internet every day, and provide virus mail search condition.

Administrators can set the processing methods of poisoned emails by themselves, including automatic deletion, storage of poisoned email extensions, and the subject of the poisoned email notification letter. The new generation UTM has a built-in Kabbah anti-virus engine for one year. Customers can purchase and continue to enjoy the Kaspersky anti-virus engine leader with the highest scanning rate and the strongest virus repair.

Spam filtering
Either internal mail or external mail can be filtered, and provide ST-IP network credit evaluation, Bayesian filtering, Bayesian filtering automatic learning mechanism, automatic whitelist mechanism, spam feature filtering and fingerprint identification method, etc., and there are black , Whitelist comparison and intelligent recognition learning database (Auto-Learning), you can even set personalized rules, flexibly formulate filtering rules, deal with spam, and ensure comprehensive protection without misjudgment, with an accuracy rate of more than 95%. Mail filtering can perform actions such as forwarding, deleting, and blocking letters that meet the filtering conditions set by the administrator.
Abnormal IP analysis

Any network behavior, no matter what kind of software the user runs, is roughly divided into the number of uploads and downloads (Connect Session), flow (Flow) and duration (Time) from the perspective of network packets, by detecting these The combination of the numbers, it is estimated that the user is using the Internet normally or has abnormal behavior.

When an abnormal behavior of internal users is discovered, the administrator can adopt a variety of strategies, such as blocking the Internet, immediately limiting its maximum bandwidth, enabling a collaborative defense mechanism to notify the switch to block it, or notifying the administrator.

Bandwidth Management (QoS)

Assist network administrators to control network traffic, effectively reduce corporate network congestion, and improve serviceability and bandwidth utilization.

With QoS (bandwidth management) function, the limited bandwidth can be allocated to all users.

The difference from the general bandwidth manager is that NGS 5952HTG not only provides maximum bandwidth and priority management, but also has the function of guaranteeing bandwidth. And it also has the design of personalized bandwidth management, which can set the bandwidth management for individual users.

If bandwidth management is used with personalized bandwidth management, the bandwidth reserved by the bandwidth management function can be redistributed to users under the enterprise, which can effectively prevent the phenomenon of bandwidth being monopolized by users.

Content filtering
Provide Web Filter (web page filtering) function, can block the work end access to inappropriate web pages (such as pornography, violence) and offensive web pages (such as hackers, viruses), and can set filter conditions to block inappropriate websites.
Sandstorm Malware Filtering Mechanism

Advanced Sandstorm can effectively detect unknown advanced malware attachments, such as common Microsoft, Word, Excel, Power Point or PDF; or targeted phishing emails, and even compressed files, such as ZIP and RAR.

Before scanning emails for Spam or Virus, Sandstorm Defense compares suspicious attachments, isolates problematic emails, and exposes potential malicious programs to avoid affecting users' email reception.             

URL database management [optional 3rd party database (optional)]

The built-in "cloud URL database" automatically classifies web pages. As long as the administrator prevents blocking of harmful URL networks, it can be easily controlled. There is no need to input website IP addresses, keywords... to block them one by one.

Randomly clicking on harmful URLs is the source of evil. The best way to prevent blocking is to prohibit the use of the Internet. If it cannot be completely prohibited, the URL database that is updated from time to time is the best protection mechanism.

Full record of online behavior

Some employees of enterprises use the Internet during working hours to do non-work purposes, chatting is small, and leaking secrets is a big deal.

NGS 5952HTG can not only limit the user's authority to use related applications, but also record related online behaviors, including browsing web pages and sending and receiving emails. When a company leaks secrets, the information that has been preserved is the best evidence to be used as evidence in court.

Traffic Analysis
Provide traffic analysis tools, whether it is the internal user's computer power on and off status, real-time display of network traffic, communication protocol distribution and traffic rankings, when the line is fully loaded, the traffic culprit can be found immediately.
Application management [Optional 3rd party database (optional)]

Various network application software is not only difficult to manage, but also easily becomes the best channel for data leakage and virus attacks.

NGS 5952HTG has built-in multiple application management functions, including instant messaging, audio-visual services, file transfer, P2P software, remote control, browser, VOIP, online games, network protocols, etc., which can easily control the use of application software by employees Permission to protect corporate network security.

Graphical flow meter       

Provides flow meter on the WEB interface, and plots the historical status of the system into a chart, so that the administrator can easily grasp the current system operation status at any time.
NGS 5952HTG provides system status chart (including CPU load chart, memory load chart, system load), network traffic chart (LAN traffic, WAN1~WAN13 traffic), and provides query conditions to quickly search the history of each traffic status.

Threat Intelligence Meter
Provide common threat statistics, APP analysis, mail analysis charts, IPS analysis, WEB analysis, defense analysis, real-time dynamic session analysis and reports.


Provides a variety of logs, such as log in/out log, system network settings, regulations and targets, network services, advanced protection, IPS, mail management, content logging, VPN, etc. and a detailed log search system.

It is used for debugging analysis, evaluation of system performance, and proof and tracing basis when it is illegally invaded.             

VPN function

Use IPSec, PPTP, L2TP, SSL VPN to securely connect between Site to Site, Point to Site and remote users.

Through these VPN mechanisms, it is convenient for users to connect to different devices from different locations, including home, external public information service stations, and the Internet, such as laptops, branch offices, business locations, mobile communication devices, or at home …Wait.

Among them, SSL VPN is currently the most important long-distance secure transmission connection between most enterprises, customers and partners.



Definition of UTM

IDC defines UTM information security hardware equipment as: it contains multiple security functions integrated into a single hardware device, which must include network firewall, network intrusion detection and defense, and gateway anti-virus. All functions on this device do not need to be fully utilized, but must be built-in, and individual components cannot be cut.

In order to test these devices, NSS Group clearly defined UTM devices as a single device with functions such as firewall, VPN, IDS/IPS, anti-virus, anti-spam, URL filtering, content filtering, etc. The detailed definitions are as follows:

* Firewall: Deployed at the network boundary, a powerful state NAT firewall is required.

* VPN: It is often deployed on the enterprise wide area network as a branch office network solution. Basically, it is necessary to be able to establish a small number of secure VPN channels.

* IDS/IPS: The firewall can only enforce policies. If the policy allows incoming HTTP traffic to the website server in the DMZ zone, the firewall cannot prevent hackers from damaging the target website server from the HTTP protocol. The IPS function will detect and block such intrusions that attempt to use the network boundary to break in, and prevent malicious network flows from reaching the server. The IDS function can detect intrusions and issue warnings, but it cannot block malicious traffic.

* Antivirus: The gateway antivirus filter can prevent inbound virus traffic on the network boundary, strengthen the computer desktop security, and block them before they reach the desktop. The solution can also prevent internal computers from being infected by viruses from outside the corporate network. .

* Anti-spam: Gateway anti-spam can mark incoming emails, allowing further processing by computer filtering solutions. The solution can prevent internal hosts from sending spam messages outside the enterprise.

* URL filtering: Using a continuously updated URL classification database, a set of gateway URL filtering solutions can prevent employees from accessing unpleasant or inappropriate websites from within the corporate network.

* Content filtering: Scan specific content of webpages and mail traffic. Gateway content filtering solutions can prevent unpleasant or inappropriate content from passing through or being sent out from the corporate network.

File Download

HERHSIANG Information Co., Ltd. (Uniform number: 13167798)

 88673494097  88673596785  service@herhsiang.com

 3F, No.5, Dinghe St., Sanmin District, Kaohsiung City Taiwan  

Business hours: Monday ~ Friday 8:30 ~ 12:00 / 13:30 ~ 1800 

(Except holidays and national holidays)
Copyright © 2002~2024