Nếu bạn cho rằng một máy tính cài phần mềm chống virus bản quyền được update liên tục bởi công nghệ đám mây gì đó là an toàn thì vẫn chưa đủ bởi Antivirus chỉ tìm và diệt được khi nó đã có mẫu. Điều gì xảy ra khi một sâu máy tính mới hoặc Attacker/Hacker xâm nhập vào máy tính của bạn rồi lặng lẽ nhân bản sang toàn bộ máy trong mạng LAN của công ty ??? Hiện chúng ta đã có công nghệ bảo mật đủ mạnh cho phòng chống tấn công từ ngoài nhưng chúng ta đang để lỗ hổng rất lớn là không có giải pháp bảo mật, phòng chống tấn xông xâm nhập từ bên trong. Tài liệu Brochure này giới thiệu về thiết bị Switch bảo mật của HDN, một Cty tiên phong thế giới về giải pháp bảo mật cho Access Layer. Nếu bạn cần thêm thông tin vui lòng email tới songk38@gmail.com hoặc điện thoại 0903212322, tôi sẽ hỗ trợ và cung cấp cho bạn.
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
Giai phap bao mat - Thiet bi ly tuong cho mang LAN
1. HanDreamnet Co., Ltd.
www.handream.net
The World 1 st Security Switch
Integrated Management System of IP Resource Control / Access Control
Visual
Node Manager
L2/L3 Security Switch
Visual Node Manager
Visual IP Manager
Should you have any inquiries, feel free to contact us. We will respond as soon as possible.
Product and sales inquiry : sales@handream.net / www.handream.net
The World 1st Security Switch
HanDreamnet acquired the world first L2 security switch patent with
HanDreamnet's own technologies and will help to build more safe network.
SG Security Switch Series
Detect / block malicious traffic caused by virus such as
DoS/DDoS, Flooding or Scanning in IPv4/IPv6 environment
Prevent information leaking with blocking ARP spoofing
and block internal information hacking
Guarantee network continuity with Self Loop Detect function
Provide the network stability through patented MDS engine (ASIC)
Supply integrated network management software (VNM)
IPv6 Ready Logo
HanDreamnet Co., Ltd.
#1209 MarioTower, 28,
Digitalro-30-gil, Guro-Gu, Seoul
152-741 Korea
TEL : 82-2-890-6650
FAX : 82-2-890-6654
www.handream.net
E-mail : sales@handream.net
2. L2/L3 Security Switch
Visual Node Manager
www.handream.net
Visual IP Manager
Network Topology for Security Switch
The world 1st
Security Switch
SG Security Switch
SG Security
Switch Series
Internet
UTM (Firewall, VPN, IPS)
SG8800
SG8800
Visua
l
Node
Manag
er
No.1 in L2 security switch market share
Traditional
L2 Switch
VIPM
IP Resource &
Access Control
SG202
4
SG202
4
L2 Security
Switch
SG202
4
420
2GS
L3 Security
Switch
L2 Security
Switch
SG202
4
420
2GS
420
2GS
SG Security switch blocks malicious traffic in real time such as DoS/DDoS, Flooding, Scanning and
Spoofing through packet analysis up to layer 4. SG Security switch blocks virus infection including
Zero-Day attack. SG security series are essential to construct safe network environment.
VNM
Integrated Network
Management
420
2GS
SG Security Switch Series
Prevent trouble in advance by blocking malicious traffic like worm and virus in access level
It detects and blocks malicious traffic by worm and virus to prevent network speed reduction and down in
advance. The network administrator enables to carry out 'without service interruption’.
IP Management
(Unauthorized PC detection)
Block Zero-Day Attack
(DoS/DDoS/Scanning/Flooding)
Block ARP Spoofing
(Tapping and leaking personal information)
Protect confidential and financial information of individual / company / public institution
from ARP Spoofing attack
Increasing IP phone tapping, financial information and ID/Password hacking cause a huge damage to
privacy and banking. SG security switch series detect and block ARP Spoofing in real time and protect
user’s confidential information.
L2 PoE Security Switch Comparison
SG2124GXPoE
Simultaneously detect / block malicious traffic in IPv4 and IPv6 network
Traditional PoE Switch
SG security switch acquired IPv6 ready logo. SG security switch supports secure and stable network in
IPv4 and IPv6 network.
Performance
Up to 32K MAC address support
144G Switching Capacity
131Mpps Throughput
Up to 8K MAC address support
176G Switching Capacity
42Mpps Throughput
Full wire speed with security function
PoE
Support internal power supply redundancy
802.3af = 24port
802.3at = 24port
Support external power supply redundancy
802.3af = 24port
802.3at = 12port
Types of
Blocking
Malicious
Traffic
IPv4/IPv6 network (Static IP & Dynamic IP)
- Stable network by installing a patented MDS security
engine
- Real-time blocking malicious traffic such as DoS / DDoS,
Flooding, Scanning
- Secure network continuity by blocking selective malicious
traffic
- Prevent information leaking with blocking ARP spoofing
- Easy management for malicious traffic
IPv4/IPv6 network (Static IP & Dynamic IP)
- Security engine not supported
- Real-time blocking unavailable (only
support storm control)
- Malicious traffic blocking not supported
- ARP spoofing blocking with static IP
address not supported
- Takes time to figure out cause of problem
and trouble shooting
Detect & Block
Looping
Real-time detect and block cable loop
Guarantee network continuity
Unable to control cable loop
Network downtime by cable loop available
Integrated Network Management(VNM)
- GUI based integrated network management system
- Log and report output at integrated management system screen
- Available to check IP, MAC and Network bandwidth in use
Extra network management system required
Management
System
MDS(Multi Dimension Security) engine is ASIC based hardware chip and carries out security function by
analyzing traffic. MDS engine guarantees the full wire-speed while providing security features.
Smart protection (Block only malicious traffic)
By blocking virus infected packet or service port only, it provides work continuity like web service, e-mail
and groupware.
It enables to monitor/control whole network status and condition on a screen. It helps to figure out attacking
history, detection/blocking log and history in a table which can be used as internal report.
Reliability and stability are proven by large security references in Korea & Overseas market.
3. L2/L3 Security Switch
Visual Node Manager
www.handream.net
Visual IP Manager
Product Feature
Product Feature
SG security switch makes possible to build more safe network by checking
various network attacks in access level through behavior based blocking.
Implementation of SG security switch helps IT administrator to have
secure and reliable network.
Stable network through embedded MDS security engine
Secure and reliable IPv6 network
MDS developed by HanDreamnet adopts behavior
based blocking method which does not require signature file update like other pattern matching(IPS/IDS)
products. It blocks only malicious traffic through
analyzing traffic up to layer 4 in real-time, so guarantees the safe and reliable network.
SG security switch acquired IPv6 ready logo. It can
block and detect malicious traffic in IPv6 as well as
IPv4 network. It supports various IPv6 routing protocol such as RIPng, OSPFv3, BGP4+ and supports
various IPv6 management features.
Point!!
Point !!
Real-time detect / block malicious traffic in
IPv4/IPv6 network
Full wire speed in all ports with security function
Blocking only malicious traffic through smart protection
Strong privacy network
It secures work continuity without service interruption by blocking malicious traffic only in PC, smart
phone, and IP phone.
It helps to get rid of hacking hazard by allowing
communication between designated uplink port and
terminal only in hotel and apartment. It blocks file
sharing with NetBIOS.
Internet
Point!!
Secure service continuity of normal traffic by
blocking malicious traffic only
Smart protection in security switch vs IP/Port
blocking in other traditional switch
Point!!
Room1
Room2
Room3
Room4
Normal traffic
Malicious traffic
Real-time detection and blocking of malicious traffic such as DoS/DDoS,
Flooding and Scanning
MDS security engine blocks worm spread so that it
prevents secondary damage. SG security switch blocks
malicious packet under each stacks in real-time to
keep network safety. It is good for financial institutions and ISP that have to carry out guaranteed
traffic.
Point!!
Real-time block malicious traffic
Prevent network overload caused by malicious
traffic
Ring topology support
SG security switch supports ERP(Ethernet Ring Protection) protocol for ring topology. So, it can extend
its value to carrier or metro ethernet area with
powerful security feature.
SG21
24GX
PoE
SG21
24GX
PoE
SG21
24GX
PoE
Point!!
Primary
(Forwarding)
SG21
24GX
PoE
Secondary
(Blocking)
4. L2/L3 Security Switch
Visual Node Manager
www.handream.net
Visual IP Manager
Product Feature
Product Feature
SG security switch detects and blocks the network problems in advance
to provide reliable network service.
Implementation of SG security switch can support an optimal IPT network.
Network continuity with Self Loop Detect function
Effective IPT network with LLDP-MED
The entire network service is often down by users
mistake during the operation. SG security switch
detects and blocks cable loop so provides the reliable
network.
SG security switch supports Voice VLAN and Auto
QoS feature with LLDP-MED for IPT network. So
regardless of network congestion, it can guarantee
voice quality.
Point!!
Point !!
IPT Wizzard helps to build IPT network
Easy configuration of Voice VLAN based on
LLDP-MED
Prevent entire network downtime by cable loop
Provide real-time log in case of cable loop
Redundancy feature
802.3af/at support with maximum 740W PoE power budget
SG2124GXPoE
SG security switch provides various redundancy
feature. It prevents network suspension due to cable
trouble, port trouble, and switch trouble.
SG2124GXPoE
Master
Slave
SG security switch supports built-in dual power
supply in 1U size. So it supports 15.4W to all 48
ports, and 30W to all 24 ports.
SG security switch power supply
SSR
Point!!
SPR
Point!!
Internal power supply redundancy for reliability
Support sufficient PoE/PoE+
SSR: Smart Switch Redundancy
SPR: Smart Port Redundancy
2
Power supply
Internal power
supply redundancy
Prevent information leaking with blocking ARP Spoofing
Green IT network environment by reducing power consumption
SG security switch detects and blocks attacks using
internal information. It prevents users to steal personal
information in advance.
Power for unused port is reduced to cut off power
consumption significantly. And SG2100/3100 series
can support EEE(Energy Efficient Ethernet). It enables
to make green IT network through CO2 reduction.
SG2
124G
X
PoE
SG2
124G
X
PoE
SG2
124G
X
PoE
SG2
124G
X
PoE
SG2
124G
X
PoE
Point!!
Point!!
Prevent IPT/UC tapping
Prevent personal information and company
confidential resources to be leaked by hacking
Save power consumption up to 50%
Minimize port power according to port connection
Energy
Efficient
Ethernet
1
Power supply
5. L2/L3 Security Switch
Visual Node Manager
www.handream.net
Visual IP Manager
Product Feature
Product Feature
SG security switch detects/blocks malicious traffic, and blocks unauthorized
users to access the network, and also support user notification function.
SG security switch provides various management feature for administrator convenience.
Blocks unauthorized users to access the internal network
Management enhancements
SG security switch supports powerful authentication
function with embedded RADIUS server and external
VIPM server. It blocks an unauthorized users and
support user access control.
By supporting Multi OS and USB interface, the administrator easily manages switch firmware. Also, it supports
sFlow and IPv6 management feature for the purpose
of management convenience.
RADIUS Server / VIPM
Point !!
Firmware
Upgrade
USB
Point!!
ID
Pass
hdn123
*********
Mac Address
F4:1C:XX:12:XX
IP Address
192.168.0.254
Powerful IPv4/IPv6 management
Firmware upgrade support with USB interface
Mac Address
+
IP Address
+
Port
User notification for malicious traffic (MDS Web Alert)
TFM(Traffic Flow Monitoring)
It sends alert pop-up message to the user through
web browser in case of malicious traffic. So users can
do self-check for virus and windows update.
FTP, SFTP
Firmware Upgrade
SG security switch provides N:N monitoring capabilities instead of expensive extra TAP. With TFM, it
supports improved monitoring feature.
Internet
SG8800
Point!!
SG8800
Point!!
Improved monitoring feature
1:N, N:N monitoring capabilities support with
TFM
Intrusion
Detection
Loop
Prevention
Integrated
Management
User
Access
Control
Network
Security
Anti Virus
Network Traffic
Analysis Tool
6. L2/L3 Security Switch
Visual Node Manager
www.handream.net
Visual IP Manager
Product Feature
Integrated Network
Management SoftWare
Group Policy
Switch Auto Config
VNM
(Visual Node Manager)
VNM, integrated network management software is provided as a bundle. It helps to monitor
switch and traffic status.
Network status analysis
Network Topology
VNM applies the policy to the individual switch or
group.
VNM with auto config feature can set IP address,
gateway and SNMP community to the new security
switch without console access.
Switch Configuration Backup
Switch Firmware Upgrade
Visu
al
Node
VNM supports network status analysis, traffic usage, IP
usage and malicious traffic tracking.
Real time malicious traffic monitoring
Switches and 3rd party products can be configured in
the topology map. The administrator can monitor
individual devices or groups in topology map.
Real time user status monitoring
VNM can save up to 10 configuration files per switch.
With this feature when a failure occurs, you can easily
recover the switch configuration.
Mana
ger
VNM supports firmware upgrade without additional
program.
Special Report
VNM server installation
Minimum requirements Recommended requirements
(Under 50 devices)
(More than 50 devices)
Window XP 32Bit
(SP2/3)
CPU
Memory
HDD
VNM supports malicious traffic monitoring in many
security switches.
VNM supports real-time monitoring about IP address/
MAC address/Port information of users. Additional
information such as department and name can be added.
VNM provides network status & malicious traffic status
to operator based on daily/weekly/monthly. It also
supports the feature of scheduling report.
Window 7 32Bit higher
Window 7 32Bit higher
2003 Server, Vista
OS
Window XP 32Bit
(SP2/3)
2003 Server, Vista
Intel Dual Core 2GHz
higher
Intel Core i7 higher
2GB higher
4GB higher
200GB higher
500GB higher
Should open TCP 8085~8087 and UDP 161~162 service port
in firewall.
7. L2/L3 Security Switch
Visual Node Manager
www.handream.net
Visual IP Manager
Product Feature
IP resource management
Integrated Network Management
Powerful authentication feature
VIPM
(Visual IP Manager)
VIPM in conjunction with SG security switch, supports IP resource control, NMS, authentica-
- Monitor and control IP/MAC condition
- Network access control with IP/MAC/Port
tion system and network access control capabilities.
VIPM enables to monitor IP/MAC status at a look and
prevents IP change, tapping or collision.
Network access control with IP/MAC/Port
The network which you manage...
How many resources are accessed?
Are there malicious traffic inside network?
Integrated Access M
Management
rated
at
ated
Ma
SSH
VIPM access
Internet
SG8800
Who, when and where accessed?
Are there any information leaking or hacking by internal user?
How many traffic does it have?
Are there any network troubles by IP resources?
IP resource authorized?
Is batch upgrade of switch firmware available?
Network status analysis
Malicious traffic and device monitoring
Special Report
SG8800
Administrator
Telnet/SSH
direct access
is restricted
SG2024G
SG2024G
SG2024G
Telnet/SSH
access is allowed
through VIPM
- Powerful security feature by restricting
direct access
VIPM can allow access to the device through VIPM and
restrict direct access to device. VIPM supports powerful
management by assigning banned words, and tracking
command history.
VIPM Redundancy feature
- Periodically report
VIPM supports a special report for network status and
malicious traffic monitoring. Scheduling report and
finding features are also supported.
Product Configuration:
VRRP
Dedicated Appliance
Only for VIPM
- Real-time monitoring of whole network status
- Real-time monitoring of switch status
- Reliable IP resource management
VIPM monitors network status in real-time such as
network topology, IP address usage status, and
malicious traffic detect/block status.
VIPM monitors current status of switch including IP
usage, traffic usage and malicious traffic detect/block
status per each port.
VIPM supports redundancy feature for entire hardware,
and power supply to ensure IP resource management.
- Max 50,000 users
- Raid 1 support (option)
- Dual power supply
(option)
SG2000 Series
S i
SG2100 Series
SG3000 Series
SG3100 Series