Search By Category
Search By Keyword
conventional
Product Name
Desktop IPS Firewall
Model
NGS 7H
Introduction
Maximum number of connections: 200,000 | Maximum processing speed: 1.9Gbps ​​| VPN performance: 380Mbps | IPS performance: 800Mbps | Antivirus performance: 800Mbps
IPS / FW / HA / Two-factor two-stage authentication
1 LAN / 3 definable PORT | All Giga Port(10/100/1,000M)
Data storage space 25G
Planning mode 1LAN / 3WAN or 2LAN / 2WAN or 3LAN/1WAN
Supports 3G / 4G / 5G LTE USB mobile wireless network card
Supports IPSEC / SSL / PPTP / L2TP (available for IOS) and other VPNs
Suitable for branches and small offices with higher security requirements
Optional items: 3rd party applications / 3rd party URL database / Threat reporting instrument (DashBoard) / Kaspersky Antivirus
 
 
Product Specification
Product Manual

In today's information-developed generation, the network system has become a tool that the world depends on, and its security and danger have also become the most important piece. Therefore, in the pursuit of using the Internet, people not only choose speed, but also have to be able to take into account defense in order to help companies protect private data and create a stable working environment.

HERHSIANG NGS 7H is a next-generation firewall device with both speed and security, and supports USB3.2 port, which can connect 3G and 4G / LTE USB as another WAN network backup option, with NAT processing performance up to 1.8 Gbps . In addition to the firewall function, NGS 7H also has many powerful functions such as IPS, anti-virus, bandwidth management, Internet behavior management, load balancing, content filtering, virtual private tunnel (IPSec VPN), and collaborative defense.

NGS 7H is suitable for small and medium-sized enterprises and SOHO network environments of different sizes, and once meets the needs of professional customers for network security defense. It helps enterprises to block all kinds of virus threats on the front line of the network gateway in real time, while still keeping the network with satisfactory high-quality performance. 

Balance performance and function
HERHSIANG NGS 7H, its hardware platform is carefully designed with X86 hardware devices, so that enterprise users can fully appreciate the security protection provided by HERHSIANG New Generation Firewall. For customers with high connectivity requirements, provide high-performance security modules to improve connectivity and support USB fast restore mechanism.
Two-Factor Two-Part Authentication            
Unlike many previous network services that use single-factor password authentication by default, Two-Factor Authentication (2FA), which combines two different authentication methods, users need to pass two or more authentication mechanisms before they can get Authorize access to the system resources provided by the service provider. There are many ways to verify, such as PIN code/fingerprint/scanning QR code/or one-time code and other auxiliary verification, and the purpose is to provide higher security for the account. This The two-factor authentication function combined with Google Authenticator uses the mobile phone owned by the user as the second authentication factor to achieve auxiliary authentication. The function is disabled by default. After enabling this function, the system will prompt you to enter a password and a one-time code. Can access your account.
HERHSIANG NGS next-generation firewall has three parts, supports two-step verification: account management/Internet authentication/SSL VPN             
IP v4 / v6 dual frequency technology
The IP v4 address is in short supply, and the IP v6 era is coming sooner or later, so HERHSIANG has integrated this trend when developing the next generation of Firewall. The same network interface, whether it is defined as WAN or LAN, can be bound at the same time. The IP address of v4 or v6, so NGS 7H is the same whether it is in pure v4 environment, v4/v6 hybrid, pure v6 environment.
Support SDN controller

Supporting SDN controller, more than one port group can be combined into ZONE, which is directly managed by SDN controller, and ZONE and ZONE packets are transmitted, and will also be detected by NGS 7H packet. It also has the function of VLAN 802.1Q, which can cut the internal network into several independent subnet segments, each of which has independent operation and does not interfere with each other.


SSL encrypted connection detection
With the ability to detect SSL traffic, it can apply intrusion detection defense, gateway anti-virus, content filtering and application bandwidth management when faced with SSL-encrypted connection traffic.
Load balancing

Provides outbound load balancing, and provides multiple load balancing algorithms. When one of the lines is disconnected, all network packets will automatically switch to another normal line, ensuring that the internal user network is unblocked. When the line is restored, the packet is buffered. It will be automatically assigned. The enterprise can set the load balancing rules according to the requirements, and the network access can perform the network traffic load balancing guidance by referring to the set rules. The algorithms are: automatic allocation, manual allocation, source IP allocation, and destination IP allocation.

 

IPS intrusion prevention
The IPS intrusion detection and prevention system provides more than 30,000 signatures, IPS It checks the contents corresponding to layers 4 to 7 of the OSI model, whether there are malicious attack programs, viruses, hidden in the TCP/IP communication protocol, and after the detailed content check, the qualified signature will be Marked out, once it is discovered, it can block the packet immediately, so that these malicious packets passing through the firewall are invisible.

 

Threat detection defense           

Providing the most complete defense-in-depth mechanism of the enterprise, the attack behavior of the current network cannot rely on single-point protection and requires complete defense in depth. With different levels of defense technology, it is possible to reduce the potential threat behavior that the enterprise may suffer. In addition to providing firewalls, intrusion detection systems (IPS) and anti-virus as the basis for enterprise security protection, Hexiang NGS 7H can enhance the detection of malicious programs for traffic, web pages and emails, and the related analysis of different security mechanisms. To play the role of defense in depth.

Mail gateway protection      
The enterprise already has a mail host, but the spam filtering performance is not good. The NGS 7H can be used as a mail gateway mode to supplement the original mail server, such as spam filtering and virus letter filtering. After filtering the virus and advertising mail through NGS 7H, send the clean mail to the mail host.
Virus letter filtering

Clam AV anti-virus engine protection, free Clam AV anti-virus engine, can detect millions of viruses, worms, Trojans, automatically scan for viruses, and automatically update virus files every day through the Internet. And provide virus mail search conditions. The administrator can set the poisoning mail processing method, including the automatic deletion, the poisoned mail extension file name and the poison mail notification letter. Kabbah antivirus engine is also available.

Abnormal IP analysis

Any network behavior, regardless of which software the user performs, is roughly divided into the number of connected and downloaded Connect Sessions, Flows, and Durations from the perspective of network packets. The combination of quantities estimates whether the user is using the network normally or has abnormal behavior. When an internal user's abnormal behavior is discovered, the administrator can take various strategies, such as blocking the Internet, immediately limiting its maximum bandwidth, enabling the collaborative defense mechanism to notify the switch to block it or notify the administrator.

Bandwidth Management (QoS)

Help network administrators control network traffic, effectively slow down corporate network congestion, improve serviceability and bandwidth usage. With QoS (Bandwidth Management), it can distribute limited bandwidth to all users. The difference with the general bandwidth manager is that the NGS 5H has a guaranteed bandwidth as well as maximum bandwidth and priority management. It also has a personalized bandwidth management design that allows for bandwidth management settings for individual users. If bandwidth management is used with personalized bandwidth management, the bandwidth reserved by the bandwidth management function can be allocated to users under the enterprise, which can effectively prevent the bandwidth from being exclusive to the user.

Content filtering
Provide Web Filter (Web Filter) to block inappropriate access to web pages (such as pornography, violence) and offensive web pages (such as hackers, viruses), and to set up filtering conditions to block inappropriate websites.
URL database management
The built-in "cloud URL database" automatically classifies web pages. Managers can easily control against harmful URLs. You can easily control them without having to enter the IP address and keywords of the website one by one. Any choice of harmful URLs is a source of sin. The best way to prevent blocking is to ban the use of the Internet. If it is not completely banned, using a constantly updated URL database is the best protection mechanism.
Online behavior record

Some employees of the company go online during work hours, do things that are not for work purposes, have small chats, and have a lot of secrets. In addition to limiting the permissions used by user-related applications, NGS 7H can also record related online behaviors, including browsing web pages and mail delivery. When a company has a leak, the information that has been saved is the best evidence used to prove it.

Traffic Analysis
Provides traffic analysis tools, whether it is the internal user computer on/off status, network traffic instant display, protocol assignment and traffic leaderboard, when the line is fully loaded, you can immediately find the traffic murderer.
Application management

Various network application softwares are not only difficult to manage, but also easier to become the best conduit for data leakage and virus attacks. NGS 7H has built-in multiple application management functions, including instant messaging, audio and video services, file transfer, P2P software, remote control, browser, VOIP, online games, network protocols, etc., which can easily control employees to use application software. Permissions to protect corporate network security.

VPN function

Use IPSec, PPTP, L2TP, and SSL VPN to secure connection between Site to Site, Point to Site, and remote users. Through these VPN mechanisms, users can connect to different devices, such as laptops, branch offices, business offices, mobile devices or homes, from different locations, including home and external public information service stations and the Internet. …Wait.

Among them, SSL VPN is the most important long-distance secure transmission connection between most enterprises, customers and partners. 


HERHSIANG Android SSLVPN APP


Graphical flow meter             

Provides a flow meter of the WEB interface, and draws the historical state of the system into a chart, so that the administrator can keep abreast of the current system operation status.

NGS 7H provides system status chart (including CPU load map, memory load map, system load), network traffic graph (LAN traffic, WAN1~WAN3 traffic), and provides query conditions to quickly search each traffic status history.

 DashBoard (purchase)              
Provide common threat statistics, APP analysis, mail analysis charts, IPS analysis, WEB analysis, defense analysis, real-time dynamic session analysis and reports.

 

LOG             

Provides a variety of logs, such as log in/out log, system network settings, regulations and targets, network services, advanced protection, IPS, mail management, content logging, VPN, etc. and a detailed log search system.


It is used for debugging analysis, evaluation of system performance, and proof and tracing basis when it is illegally invaded.  


File Download

HERHSIANG Information Co., Ltd. (Uniform number: 13167798)

 88673494097  88673596785  service@herhsiang.com

 3F, No.5, Dinghe St., Sanmin District, Kaohsiung City Taiwan  

Business hours: Monday ~ Friday 8:30 ~ 12:00 / 13:30 ~ 1800 

(Except holidays and national holidays)
Copyright © 2002~2024