Content Security Gateway User’s Manual
Chapter 1: Introduction
The innovation of the Internet has created a tremendous worldwide venue for e-business and information sharing, but it also creates network security problems, so the security request will be the primary concerned for the enterprise. Planet’s Content Security Gateway CS-500, a special designed of security gateway for small business, adopts Heuristics Analysis to filter spam and virus mail, auto-training system can raise identify rate of spam, and built-in Clam virus scan engine can detect viruses, worms and other threats from email transfer.
Meanwhile, Instant Messaging (IM) and peer-to-peer (P2P) are the fastest growing communications medium of all time, the spread of IM and P2P has created a network security threats and consumed amount of bandwidth. CS-500 also can prevent employees using varied IM and P2P like MSN, Yahoo Messenger, ICQ, QQ and Skype.
CS-500 not only can filter spam and virus mail, but also is a high performance VPN firewall. The IDP and firewall function can defense hacker and blaster attack from Internet. Moreover, built-in QoS feature can let you configure the traffic per specific protocol more flexibly. The completely function in one device can offers an excellent security solution and the secure environment for the SMB or SOHO users.
1.1 Features
♦Anti-Spam Filtering: Multiple defense layers (Head Analysis, Text Analysis, Blacklist & Whitelist, Bayesian Filtering), and Heuristics Analysis to block over 95% spam mail. Customizable notification options and spam mail report are provided for administrator. Varied actions toward spam mail include: Delete, Deliver, and Forward. Built-in auto-training system to rise identify rate of spam mail substantially.
♦Anti-Virus Protection: Built-in Clam virus scan engine can detect viruses, worms, and other threats from email transfer. Scan mission-critical content protocols-SMTP, POP in real time as traffic enters the network to provide maximum protection. Customizable notification options and virus mail report are provided for administrator. Varied actions toward spam mail include: Delete, Deliver, and Forward.
♦Policy-based Firewall: The built-in policy-based firewall prevent many known hacker attack including SYN attack, ICMP flood, UDP flood, Ping of Death, etc. The access control function allowed only specified WAN or LAN users to use only allowed network services on specified time.
♦VPN Connectivity: The security gateway support PPTP server/client and IPSec VPN. With DES, 3DES and AES encryption and SHA-1 / MD5 authentication, the network traffic over public Internet is secured.
♦Content Filtering: The security gateway can block network connection based on URLs, Scripts (The Pop-up, Java Applet, cookies and Active X), P2P (eDonkey, Bit Torrent, WinMX and Foxy), Instant Messaging (MSN, Yahoo Messenger, ICQ, QQ and Skype), Download and Upload.
♦IDP: CS-500 provides three kinds of the Signature to complete the intrusion detection system, user can select to configure “Anomaly”, “Pre-defined” and “Custom” according to the current environment’s request.
♦QoS: You can control the outbound and inbound Upstream/downstream Bandwidth by configuring the QoS based on the WAN bandwidth.
♦User Authentication: Web-based authentication allows users to be authenticated by web browser. User database can be configured on the devices or through external RADIUS server.
♦Multiple NAT: Multiple NAT allows local port to set multiple subnet works and connect to the Internet through different WAN IP addresses.
-1 -