SlideShare ist ein Scribd-Unternehmen logo

Sangfor ngfw 修订版

Als PPTX, PDF herunterladen
Ploynatcha Akkaraputtipat
Ploynatcha Akkaraputtipat

Sangfor ngfw

Bildung
1 von 21
Next Generation Protection SANGFOR NGFW (Next Generation Firewall)
Disk that contains the source code of Morris Worm is still held in Boston Museum of Science. Robert Morris Born November 8, 1965 (age 47) Known for Morris Worm, Via web Alias(es) RTM Motive "to demonstrate the inadequacies of current security measures on computer networks by exploiting the security defects that Morris had discovered." Conviction(s) United States Code: Title 18 (18 U.S.C. § 1030, the Computer Fraud and Abuse Act, March 7, 1991. Penalty three years of probation, 400 hours of community service, a fine of $10,050, and the costs of his supervision Conviction status fulfilled Occupation Professor, Massachusetts Institute of Technology, Partner, Y Combinatory Parents Robert Morris Residence United States mainly focus on network layer and attack network structures.
But now, the situation is quite different. Here are some security cases in recent years.
Have you ever read about these news
Largest data security breaches in history! Sony PlayStation Outage Google Gmail Attack
How to defend threats from network level to application level for an enterprise?
Users FW IPS AV WAF Applications Data Viruses Trojans Worms High TCO Network is too complex to manage Unstable and not reliable Low performance Hackers
Weakness of UTM • No WAF function • Low Performance • Lack of integration “Jack of all trades, master of none” URLIPSAVFW FW URL IPS AV 100% 50% 0%
NGFW defined by Gartner Basic FW function Integrated IPS Application visibility Intelligence FW High performance Gartner believes that less than 10% of Internet connections today are secured using NGFWs . We believe that by year-end 2014 this will rise to 35% of the installed base, with 60% of new purchases being NGFWs. —— Gartner VP Greg Young
• Contains traditional security • Modules intelligent interaction • Anti application layer attacks • Bidirectional contents inspection • Application layer high performance
OSI model Security Appliances L2-L4 L5-L7 L7 & above FW IPS WAF NGFW
FW IPS WAF Generate FW rules dynamically & Prevent all attacks from the same SourceIP. SQL injection defense Vulnerability defense Attacks & Threats
Application Identification User Identification Intranet Internet R&D Marketing Finance 3rd party
Hackers Web application server Destroy Process Attacking Process Scanning Process Sensitive information inspection Trigger threshold Blocking and protecting
Performance 1 2 3 CPU CPU1 CPU2 CPU3 Networking Hardware I/O FW IPS WAF Policy layer Network layer Parallel Processing
http://www.microsoft.com/security/msrc/collaboration/mapppartners.aspx Inform the vulnerability information in advance SANGFOR generates the feature library to ensure safety Worms or attack methods based on the Vulnerabilities • MAPP aims to integrate global security resources by informing the vulnerability information to authentication security vendors, ensuring the safety for customers. • MAPP authentication ensure SANGFOR can provide Proactive security protection before attacks Vulnerabilities are discovered and published
Common Vulnerabilities and Exposures (CVE®) is a dictionary of common names (i.e., CVE Identifiers) for publicly known information security vulnerabilities. CVE’s common identifiers make it easier to share data across separate network security databases and tools, and provide a baseline for evaluating the coverage of an organization’s security tools. If a report from one of your security tools incorporates CVE Identifiers, you may then quickly and accurately access fix information in one or more separate CVE-compatible databases to remediate the problem.
OWASP Certificate (Chinese Version) OWASP: Open Web Application Security Project
Thank You for taking your time to learn about SANGFOR NGFW. For more information, please kindly visit our official website at www.sangfor.com call our toll free number at 800-830-9565 or contact your local SANGFOR office in Mainland China, Hong Kong, US, UK, Singapore, Indonesia, Malaysia & Thailand. SANGFOR: For Your Bandwidth!

Empfohlen

Why Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallWhy Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation Firewall
Ali Kapucu
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefits
Anthony Daniel
 
Next Generation Firewall and IPS
Next Generation Firewall and IPSNext Generation Firewall and IPS
Next Generation Firewall and IPS
Data#3 Limited
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall
美兰 曾
 
Next Generation Firewalls
Next Generation FirewallsNext Generation Firewalls
Next Generation Firewalls
The eCore Group
 
Nac market
Nac marketNac market
Nac market
Sumit Bhat
 
What is NAC
What is NACWhat is NAC
What is NAC
Israel Marcus
 
Enterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsEnterprise firewalls feature and benefits
Enterprise firewalls feature and benefits
Anthony Daniel
 

Empfohlen

Why Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallWhy Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation Firewall
Ali Kapucu
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefits
Anthony Daniel
 
Next Generation Firewall and IPS
Next Generation Firewall and IPSNext Generation Firewall and IPS
Next Generation Firewall and IPS
Data#3 Limited
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall
美兰 曾
 
Next Generation Firewalls
Next Generation FirewallsNext Generation Firewalls
Next Generation Firewalls
The eCore Group
 
Nac market
Nac marketNac market
Nac market
Sumit Bhat
 
What is NAC
What is NACWhat is NAC
What is NAC
Israel Marcus
 
Enterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsEnterprise firewalls feature and benefits
Enterprise firewalls feature and benefits
Anthony Daniel
 
UTM (unified threat management)
UTM (unified threat management)UTM (unified threat management)
UTM (unified threat management)
military
 
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Shakeel Ali
 
Network Control Access for Non-IT Professionals
Network Control Access for Non-IT ProfessionalsNetwork Control Access for Non-IT Professionals
Network Control Access for Non-IT Professionals
Incheon Park
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat Management
Lokesh Sharma
 
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]
Security Session
 
160415 lan and-wan-ctap
160415 lan and-wan-ctap160415 lan and-wan-ctap
160415 lan and-wan-ctap
Lan & Wan Solutions
 
Evento 15 aprile
Evento 15 aprileEvento 15 aprile
Evento 15 aprile
Lan & Wan Solutions
 
Network access control (nac)
Network access control (nac)Network access control (nac)
Network access control (nac)
cyberlocke
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation Security
neoma329
 
Secure your workloads with microsegmentation
Secure your workloads with microsegmentationSecure your workloads with microsegmentation
Secure your workloads with microsegmentation
Rasool Irfan
 
What is micro segmentation?
What is micro segmentation?What is micro segmentation?
What is micro segmentation?
Mir Mustafa Ali
 
Firewalls
FirewallsFirewalls
Firewalls
vaishnavi
 
Presentacion nac
Presentacion nacPresentacion nac
Presentacion nac
Adriana Cardona
 
An introduction to Unified Threat Management (UTM), for Dummies
An introduction to Unified Threat Management (UTM), for DummiesAn introduction to Unified Threat Management (UTM), for Dummies
An introduction to Unified Threat Management (UTM), for Dummies
Elsa Cariello
 
Firewall & types of Firewall
Firewall & types of Firewall Firewall & types of Firewall
Firewall & types of Firewall
BharathiKrishna6
 
Network firewall function & benefits
Network firewall function & benefitsNetwork firewall function & benefits
Network firewall function & benefits
Anthony Daniel
 
Internetworking With Pix Firewall
Internetworking With Pix FirewallInternetworking With Pix Firewall
Internetworking With Pix Firewall
Souvik Santra
 
Tech 101: Understanding Firewalls
Tech 101: Understanding FirewallsTech 101: Understanding Firewalls
Tech 101: Understanding Firewalls
Likan Patra
 
Watchguard short introduction
Watchguard short introductionWatchguard short introduction
Watchguard short introduction
Jimmy Saigon
 
FireEye Engineering
FireEye Engineering FireEye Engineering
FireEye Engineering
Lauren Traurig
 
Sangfor wano v5.0 presentation
Sangfor wano v5.0 presentationSangfor wano v5.0 presentation
Sangfor wano v5.0 presentation
Advanced comm
 
Sangfor presentation new world new it
Sangfor presentation new world new itSangfor presentation new world new it
Sangfor presentation new world new it
Dr. Wilfred Lin (Ph.D.)
 

Weitere ähnliche Inhalte

Was ist angesagt?

Network Control Access for Non-IT Professionals
Network Control Access for Non-IT ProfessionalsNetwork Control Access for Non-IT Professionals
Network Control Access for Non-IT Professionals
Incheon Park
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat Management
Lokesh Sharma
 
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]
Security Session
 
Internetworking With Pix Firewall
Internetworking With Pix FirewallInternetworking With Pix Firewall
Internetworking With Pix Firewall
Souvik Santra
 

Was ist angesagt? (20)

UTM (unified threat management)
UTM (unified threat management)UTM (unified threat management)
UTM (unified threat management)
 
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
 
Network Control Access for Non-IT Professionals
Network Control Access for Non-IT ProfessionalsNetwork Control Access for Non-IT Professionals
Network Control Access for Non-IT Professionals
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat Management
 
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]
 
160415 lan and-wan-ctap
160415 lan and-wan-ctap160415 lan and-wan-ctap
160415 lan and-wan-ctap
 
Evento 15 aprile
Evento 15 aprileEvento 15 aprile
Evento 15 aprile
 
Network access control (nac)
Network access control (nac)Network access control (nac)
Network access control (nac)
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation Security
 
Secure your workloads with microsegmentation
Secure your workloads with microsegmentationSecure your workloads with microsegmentation
Secure your workloads with microsegmentation
 
What is micro segmentation?
What is micro segmentation?What is micro segmentation?
What is micro segmentation?
 
Firewalls
FirewallsFirewalls
Firewalls
 
Presentacion nac
Presentacion nacPresentacion nac
Presentacion nac
 
An introduction to Unified Threat Management (UTM), for Dummies
An introduction to Unified Threat Management (UTM), for DummiesAn introduction to Unified Threat Management (UTM), for Dummies
An introduction to Unified Threat Management (UTM), for Dummies
 
Firewall & types of Firewall
Firewall & types of Firewall Firewall & types of Firewall
Firewall & types of Firewall
 
Network firewall function & benefits
Network firewall function & benefitsNetwork firewall function & benefits
Network firewall function & benefits
 
Internetworking With Pix Firewall
Internetworking With Pix FirewallInternetworking With Pix Firewall
Internetworking With Pix Firewall
 
Tech 101: Understanding Firewalls
Tech 101: Understanding FirewallsTech 101: Understanding Firewalls
Tech 101: Understanding Firewalls
 
Watchguard short introduction
Watchguard short introductionWatchguard short introduction
Watchguard short introduction
 
FireEye Engineering
FireEye Engineering FireEye Engineering
FireEye Engineering
 

Andere mochten auch

Sangfor wano v5.0 presentation
Sangfor wano v5.0 presentationSangfor wano v5.0 presentation
Sangfor wano v5.0 presentation
Advanced comm
 
WANO - IND - Product Presentation
WANO - IND - Product PresentationWANO - IND - Product Presentation
WANO - IND - Product Presentation
Yudi Rachman
 
Business Track 3: arcserve udp licensing pricing & support made simple
Business Track 3: arcserve udp licensing pricing & support made simpleBusiness Track 3: arcserve udp licensing pricing & support made simple
Business Track 3: arcserve udp licensing pricing & support made simple
arcserve data protection
 
Technical track 2: arcserve UDP for virtualization & cloud
Technical track 2: arcserve UDP for virtualization & cloudTechnical track 2: arcserve UDP for virtualization & cloud
Technical track 2: arcserve UDP for virtualization & cloud
arcserve data protection
 

Andere mochten auch (16)

Sangfor wano v5.0 presentation
Sangfor wano v5.0 presentationSangfor wano v5.0 presentation
Sangfor wano v5.0 presentation
 
Sangfor presentation new world new it
Sangfor presentation new world new itSangfor presentation new world new it
Sangfor presentation new world new it
 
CA ARCserve d2d on demand overview updated
CA ARCserve d2d on demand overview updatedCA ARCserve d2d on demand overview updated
CA ARCserve d2d on demand overview updated
 
The ca arcserve hybrid protection mess
The ca arcserve hybrid protection messThe ca arcserve hybrid protection mess
The ca arcserve hybrid protection mess
 
Sangfor wan-optimization-brochure-2015
Sangfor wan-optimization-brochure-2015Sangfor wan-optimization-brochure-2015
Sangfor wan-optimization-brochure-2015
 
WANO - IND - Product Presentation
WANO - IND - Product PresentationWANO - IND - Product Presentation
WANO - IND - Product Presentation
 
Sangfor EasyConnect Brochure 2015 (Full)
Sangfor EasyConnect Brochure 2015 (Full)Sangfor EasyConnect Brochure 2015 (Full)
Sangfor EasyConnect Brochure 2015 (Full)
 
Business Track 3: arcserve udp licensing pricing & support made simple
Business Track 3: arcserve udp licensing pricing & support made simpleBusiness Track 3: arcserve udp licensing pricing & support made simple
Business Track 3: arcserve udp licensing pricing & support made simple
 
Technical track 1: arcserve UDP deep dvie
Technical track 1: arcserve UDP deep dvieTechnical track 1: arcserve UDP deep dvie
Technical track 1: arcserve UDP deep dvie
 
Technical track 2: arcserve UDP for virtualization & cloud
Technical track 2: arcserve UDP for virtualization & cloudTechnical track 2: arcserve UDP for virtualization & cloud
Technical track 2: arcserve UDP for virtualization & cloud
 
N-able and Arcserve® talk Backup and Recovery
N-able and Arcserve® talk Backup and RecoveryN-able and Arcserve® talk Backup and Recovery
N-able and Arcserve® talk Backup and Recovery
 
CA ARCserve Solution Overview
CA ARCserve Solution OverviewCA ARCserve Solution Overview
CA ARCserve Solution Overview
 
Enable CA ARCserve to store and retrieve backup data to Cloud storage using C...
Enable CA ARCserve to store and retrieve backup data to Cloud storage using C...Enable CA ARCserve to store and retrieve backup data to Cloud storage using C...
Enable CA ARCserve to store and retrieve backup data to Cloud storage using C...
 
Arcserve Portfolio Technical Overview
Arcserve Portfolio Technical OverviewArcserve Portfolio Technical Overview
Arcserve Portfolio Technical Overview
 
Arcserve udp recovery point server and global deduplication 12-2014
Arcserve udp recovery point server and global deduplication 12-2014Arcserve udp recovery point server and global deduplication 12-2014
Arcserve udp recovery point server and global deduplication 12-2014
 
2/18 Technical Overview
2/18 Technical Overview2/18 Technical Overview
2/18 Technical Overview
 

Ähnlich wie Sangfor ngfw 修订版

Trends in network security feinstein - informatica64
Trends in network security feinstein - informatica64Trends in network security feinstein - informatica64
Trends in network security feinstein - informatica64
Chema Alonso
 
4777.team c.final
4777.team c.final4777.team c.final
4777.team c.final
AlexisHarvey8
 
Peripheral Review and Analysis of Internet Network Security
Peripheral Review and Analysis of Internet Network SecurityPeripheral Review and Analysis of Internet Network Security
Peripheral Review and Analysis of Internet Network Security
IJRES Journal
 
Anti evasion and evader - klaus majewski
Anti evasion and evader - klaus majewskiAnti evasion and evader - klaus majewski
Anti evasion and evader - klaus majewski
Stonesoft
 
Computer worm
Computer wormComputer worm
Computer worm
zelkan19
 
Computer worm
Computer wormComputer worm
Computer worm
zelkan19
 
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Cengage Learning
 

Ähnlich wie Sangfor ngfw 修订版 (20)

Trends in network security feinstein - informatica64
Trends in network security feinstein - informatica64Trends in network security feinstein - informatica64
Trends in network security feinstein - informatica64
 
cybersecurity essay.docx
cybersecurity essay.docxcybersecurity essay.docx
cybersecurity essay.docx
 
Search Diverse Models for Proactive Software Diversification
Search Diverse Models for Proactive Software DiversificationSearch Diverse Models for Proactive Software Diversification
Search Diverse Models for Proactive Software Diversification
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
4777.team c.final
4777.team c.final4777.team c.final
4777.team c.final
 
Peripheral Review and Analysis of Internet Network Security
Peripheral Review and Analysis of Internet Network SecurityPeripheral Review and Analysis of Internet Network Security
Peripheral Review and Analysis of Internet Network Security
 
Anti evasion and evader - klaus majewski
Anti evasion and evader - klaus majewskiAnti evasion and evader - klaus majewski
Anti evasion and evader - klaus majewski
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Computer worm
Computer wormComputer worm
Computer worm
 
Computer worm
Computer wormComputer worm
Computer worm
 
NetWitness
NetWitnessNetWitness
NetWitness
 
Defending the Endpoint with Next-Gen Security
Defending the Endpoint with Next-Gen SecurityDefending the Endpoint with Next-Gen Security
Defending the Endpoint with Next-Gen Security
 
Secure by design and secure software development
Secure by design and secure software developmentSecure by design and secure software development
Secure by design and secure software development
 
Computer Worms
Computer WormsComputer Worms
Computer Worms
 
The Threat Landscape & Network Security Measures
The Threat Landscape & Network Security MeasuresThe Threat Landscape & Network Security Measures
The Threat Landscape & Network Security Measures
 
Internet security
Internet securityInternet security
Internet security
 
Cisco amp for networks
Cisco amp for networksCisco amp for networks
Cisco amp for networks
 
Tech ThrowDown: Invincea FreeSpace vs EMET 5.0
Tech ThrowDown: Invincea FreeSpace vs EMET 5.0Tech ThrowDown: Invincea FreeSpace vs EMET 5.0
Tech ThrowDown: Invincea FreeSpace vs EMET 5.0
 
Security and Linux Security
Security and Linux SecuritySecurity and Linux Security
Security and Linux Security
 
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
 

Mehr von Ploynatcha Akkaraputtipat

Mehr von Ploynatcha Akkaraputtipat (6)

nsx overview with use cases 1.0
nsx overview with use cases 1.0nsx overview with use cases 1.0
nsx overview with use cases 1.0
 
Platform administration guide-nos_v3_5
Platform administration guide-nos_v3_5Platform administration guide-nos_v3_5
Platform administration guide-nos_v3_5
 
Setup guide nos-v3_5
Setup guide nos-v3_5Setup guide nos-v3_5
Setup guide nos-v3_5
 
Command reference nos-v3_5
Command reference nos-v3_5Command reference nos-v3_5
Command reference nos-v3_5
 
NETWORK SERVICEOPENSSH + NTP + SQUID
NETWORK SERVICEOPENSSH + NTP + SQUIDNETWORK SERVICEOPENSSH + NTP + SQUID
NETWORK SERVICEOPENSSH + NTP + SQUID
 
Book software-ex-series-system-monitoring
Book software-ex-series-system-monitoringBook software-ex-series-system-monitoring
Book software-ex-series-system-monitoring
 

Kürzlich hochgeladen

The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
heathfieldcps1
 

Kürzlich hochgeladen (20)

Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptxExploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Plant propagation: Sexual and Asexual propapagation.pptx
Plant propagation: Sexual and Asexual propapagation.pptxPlant propagation: Sexual and Asexual propapagation.pptx
Plant propagation: Sexual and Asexual propapagation.pptx
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentation
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 
Single or Multiple melodic lines structure
Single or Multiple melodic lines structureSingle or Multiple melodic lines structure
Single or Multiple melodic lines structure
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptx
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 

Sangfor ngfw 修订版

  • 1. Next Generation Protection SANGFOR NGFW (Next Generation Firewall)
  • 2. Disk that contains the source code of Morris Worm is still held in Boston Museum of Science. Robert Morris Born November 8, 1965 (age 47) Known for Morris Worm, Via web Alias(es) RTM Motive "to demonstrate the inadequacies of current security measures on computer networks by exploiting the security defects that Morris had discovered." Conviction(s) United States Code: Title 18 (18 U.S.C. § 1030, the Computer Fraud and Abuse Act, March 7, 1991. Penalty three years of probation, 400 hours of community service, a fine of $10,050, and the costs of his supervision Conviction status fulfilled Occupation Professor, Massachusetts Institute of Technology, Partner, Y Combinatory Parents Robert Morris Residence United States mainly focus on network layer and attack network structures.
  • 3. But now, the situation is quite different. Here are some security cases in recent years.
  • 4. Have you ever read about these news
  • 5. Largest data security breaches in history! Sony PlayStation Outage Google Gmail Attack
  • 6.
  • 7.
  • 8. How to defend threats from network level to application level for an enterprise?
  • 9. Users FW IPS AV WAF Applications Data Viruses Trojans Worms High TCO Network is too complex to manage Unstable and not reliable Low performance Hackers
  • 10. Weakness of UTM • No WAF function • Low Performance • Lack of integration “Jack of all trades, master of none” URLIPSAVFW FW URL IPS AV 100% 50% 0%
  • 11. NGFW defined by Gartner Basic FW function Integrated IPS Application visibility Intelligence FW High performance Gartner believes that less than 10% of Internet connections today are secured using NGFWs . We believe that by year-end 2014 this will rise to 35% of the installed base, with 60% of new purchases being NGFWs. —— Gartner VP Greg Young
  • 12. • Contains traditional security • Modules intelligent interaction • Anti application layer attacks • Bidirectional contents inspection • Application layer high performance
  • 13. OSI model Security Appliances L2-L4 L5-L7 L7 & above FW IPS WAF NGFW
  • 14. FW IPS WAF Generate FW rules dynamically & Prevent all attacks from the same SourceIP. SQL injection defense Vulnerability defense Attacks & Threats
  • 15. Application Identification User Identification Intranet Internet R&D Marketing Finance 3rd party
  • 17. Performance 1 2 3 CPU CPU1 CPU2 CPU3 Networking Hardware I/O FW IPS WAF Policy layer Network layer Parallel Processing
  • 18. http://www.microsoft.com/security/msrc/collaboration/mapppartners.aspx Inform the vulnerability information in advance SANGFOR generates the feature library to ensure safety Worms or attack methods based on the Vulnerabilities • MAPP aims to integrate global security resources by informing the vulnerability information to authentication security vendors, ensuring the safety for customers. • MAPP authentication ensure SANGFOR can provide Proactive security protection before attacks Vulnerabilities are discovered and published
  • 19. Common Vulnerabilities and Exposures (CVE®) is a dictionary of common names (i.e., CVE Identifiers) for publicly known information security vulnerabilities. CVE’s common identifiers make it easier to share data across separate network security databases and tools, and provide a baseline for evaluating the coverage of an organization’s security tools. If a report from one of your security tools incorporates CVE Identifiers, you may then quickly and accurately access fix information in one or more separate CVE-compatible databases to remediate the problem.
  • 20. OWASP Certificate (Chinese Version) OWASP: Open Web Application Security Project
  • 21. Thank You for taking your time to learn about SANGFOR NGFW. For more information, please kindly visit our official website at www.sangfor.com call our toll free number at 800-830-9565 or contact your local SANGFOR office in Mainland China, Hong Kong, US, UK, Singapore, Indonesia, Malaysia & Thailand. SANGFOR: For Your Bandwidth!

Hinweis der Redaktion

  1. 9秒