Transcription
Product HighlightsMonitor not just by reports, but in real-timeDrill-down views of traffic in realtime instead of justtop reports.Control not just apps, but behaviorsControl behaviors of apps, such as message /file/voice etc.Record not just sessions, but contentsSecureInstantCheck Monitor ProtectAudit contents of webmals / webHDs / messengers Isocial websites.Filter not just URLs, but secretesData loss prevention (DLP) stops privacy leakage viahttps clouds.Identify not just Ips, but usersIntegrate with Microsoft AD for user-based policy /reports.Block with global threat centersActive sync with 8 global threat research groupsInstantCheck Cloud Security GatewayDecryption and Digital ForensicsVisibility into httpsUser-unaware installation is extremely important for such auditingInstantCheck recognizes applications with the DPI (Deep Packet Inspec-tools. InstantCheck employs transparent mode or proxy mode totion) technology. With its unique drill-down real-time view of traffic, youinstall without changing your network architecture. InstantCheck can easily get a full picture of your network, assign the analysed result withcan filter detailed behaviours and reconstruct mainstream webmailits dynamic bandwidth borrowing, prioritization, fair queuing, per-IP rate /contents (Gmail / Outlook / YahooMail ) WebHD contents (Dropbox /quota / session controls, and tree-based QoS channels to optimize yourOne Drive / Google Drive), messenger contents (Line / WeChat /traffic. The built-in report engine can bring you fully customizable charts toFacebook Chat / Gmail Chat), social contents (Facebook / Twitter) fordemonstrate its effectiveness. Instant Check can also track major applica-network data forensics.tion’s detailed behaviours for administrators to setup advanced L8 policies.One example is the built-in URL database can classify website traffic into70 categories. You can assign porn traffic to limited QoS channels whilenews traffic to high-bandwidth QoS channels.Integration with AD to track usersNGFW controls apps, InstantCheck control app behaviours!InstantCheck combines several approaches to integrate withModern clouds, such as Web Mail Cloud (Gmail / Outlook / Yahoo Mail)Microsoft Active Directory:1) GPO-dispatched end-point agent to report its User-IP mappinghaving login / send / attach / read / download attachment; Social Cloudevery 20s(Facebook / Twitter / Google Plus) having login / friend post / status / like /video / wall / share; WebHD Cloud (Dropbox / Google Drive / One Drive)2) WMI-based agent registered to AD for interested login events3) Auto-AD authentication by NTLMhaving login / file upload / file download; Messenger Cloud (Line4) Auto proxy authentication by NTLMtransfer. Next-Generation Firewall (NGFW) may have the ability to block5) Captive portal for web login with AD/LDAP/POP3/SMTP/Radiususer database. These techniques can work together simultane-separate cloud apps, but NGFWs cannot investigate the cloud to controlously to get the best knowledge of which user is using which IPaddress./ Skype / Google Hangout / Facebook Chat) having login / message / filethe behaviours inside the cloud. InstantCheck brings you the ability tocontrol behaviours, not just apps.
InstantCheck Cloud Security GatewayRegulatory ComplianceContent recorder for auditing purposeCorporate scandals and breakdowns such as the Enron case haveTraditional & modern cloud apps mentioned above can be traced andincreased calls for stronger compliance and regulations in differentrecorded for auditing purpose. Keyword matched contents will alarmkinds of industries, such as GDPR, Sarbanes–Oxley, ISO27000,auditors to analyse if any policy violation exists. Only permittedPCI-DSS, HIPAA, SEC, FINRA, FSA, IIROC, FERC, NERC, CFTC, NFA. Theyaccount can see privacy data.required electronic communications to be logged for several years forauditing. It is a must to audit https traffic since most crime activitiesInstantCheck Choice : 4 Package for Your Businesshide themselves in encrypted https tunnels.Exchange of threat information with global threat centres Modern attacks have combined a lot of techniques for hackers tocontrol botnets for starting various attacks or stealing confidentialinformation. Multiple agencies in the world have contributed somecoverage of C&C servers. held the https://blacklisttoal.com to syncwith many world-class blacklists to provide the best coverage ofglobal threats. Malicious IPs are identified with virus names toNPM: (NetworkPerformance Monitoring)QoS: (Quality of Service)BasicSilverGoldMax SWG: Proxy/ Secure WebGatewayDLP: Data Loss Protectionaccurately stop threats immediately.Basic Package : NPM ( Network Performance Monitoring ) Visibility: not just reports, but in real-time- Real-time drill down into https sessions: IP/URL/Web category- Track Line App into: Login/ File-up / file-dw / video / voice / store /. Security: not just blacklists, but threat centers- Detect botnets / ransomwares with 8 global threat centers- Top reports of malware / C&C / compromised hosts / cryptojack / .
InstantCheck Cloud Security GatewaySilver Package : QoS ( Quality of Service ) Qos : not just limites, but guarantees Security:- Patented PotACK TCP control-Schedule-based policy-Quota control- Block C&C/botnets-Stop IP Spoofing attacksLimit access to unwanted web categoriesGold Package : Proxy / Secure Web Gateway (SWG) Recorder: not just emails, but also WebMails Regulatory compliance- Record popular WebMail / WebHD / Social / Messenger cloud contents-Match keywords with alerts to auditors for further investigations-Track and filter employees’ cloud behaviors- Lawful compliance to GDPR, Sarbanes-Oxley, ISO27000, PCI-DSS, HIPAA,.- Improve corporate governance with strict content rulesMax Package : DLP ( Data Loss Protection) Web DLP: Email DLP- Transparently installed between employees and firewall-Decrypt HTTPS to scan for any personal identity information (PII)-Built-in PII fields: name/ addr / tel / visa / birth date / gender / .- Transparent installed between your mail server & firewall.- Scan outgoing SMTP mails for PII / secrete patterns USB DLP- Lock down Mass Storage Device to prevent information leakage-Allow USB drives only issued by your corporation
InstantCheck Cloud Security GatewayGeneralInstantCheck ModelsDimension1G UTP1G Fiber10G FiberVManagementHardware BypassOptional Fiber BypassSSD Capacity (Expandible)InterfaceIC5019' 1U2GBGEx4GEx1GEx4480GBIC10019' 1U2GBGEx4GEx1GEx4480GBIC50019' GBIC x Concurrent IPsMax Session RateMax Concurrent SessionsLan-to-Lan ThroughputLan-to-Wan ThroughputSpecificationsDeploymentUser IdentificationReal time MonitoringSupport IPv4/IPv6 sniffer/inline/proxy mode deployment with L7 applicationcontrol and https decryptionSingle-sign-on AD integration by auto NTLM, proxy authentication, web login, end-point agent, AD logeventsICAP redirection of decrypted https traffic for anti-virus, malware sandboxing, data leakage prevention (DLP)Cloud Content ng and filtering of https get / post requests, including filename, file content, uploaded files, URLsReconstructing and filtering of webmail Senders / Receivers / Attachments, including Gmail / Outlook / YahooMail etcReconstructing and filtering of webhd upload / download files, including Dropbox / Google Drive / OneDriveetcReconstructing and filtering of social website behaviors (posts, photo sharing, status, .), including Facebook/ Twitter etcReconstructing and filtering of web messengers (messages / files), including Facebook Chat / Google Hangout/ WeChat etcLegacy Content ForensicsTelnet/FTPReconstruction of Telnet screen, FTP behaviours (upload / download file names and file contentsEmailReconstruction of SMTP / POP3 / IMAP, sent / received emails with attachment file contentsEnd-Point Forensics (Optional)Message RecorderReconstruction of messengers (messages / files), including PC-version Skype / Line / Wechat etcChat Screen RecorderMP4 video recording of Line / Line@chrome / skype / skype@Winstore / WeChat / Aliwangwang / QQ / DingDingetchttp(s) Safe BrowsingURL DatabaseGoogle Safe BrowsingAnti-Virus DatabaseRansomware ProtectionBotnet C&C BlacklistsCustomized Block PageQoS by URL CategorySupport 70 URL categories, including porn / ads / gambling / stocks / news / games / comics / chatrooms /jokes / hackers / phishing etcIntegrate blacklists from Google Safe Browsing to stop visiting malicious / phishing / botnet C&C / compromised website linksIntegrate Virus Total-listed anti-virus engine AegisLabIntegrate ransomware domain prediction engine from Malware Patrol to stop downloading keys from botnetC&C sitesIntegrate IP / domain clacklists from FireHOL, Cisco Talos, NICST etc with periodical auto updatesSupport HTML customization of blocking page which contains user name, source IP, reason to blockQoS policy rules are conditioned on internal / external IP / network / range, built-in or self-defined URLcategoriesBYODMobile DetectionUSB ControlMobile SSOSupport detection of PC / Androld / iOS / Windows Phone / BlackBerry devices for policy rulesSupport blocking of Windows USB mass storage devices but remaining funtionality of other USB accessoriesSupport over-quota limiting policy to fully disconnect users or restrict users to a even lower bandwidth
InstantCheck Cloud Security GatewayQoS PipesTree-based PipesSupport partitioning link bandwidth into QoS pipes which can be furthher divided into child QoS pipesGuaranteed/BurstsEach pipe can have a guarantee bandwidth with a burst bandwidth to borrow unused bandwidth from itsparent pipeFairness withink PipesFlows can be defined by host/session/subnet and fairness among fiows within a pipe can be strictlyenforcedPer-IP LimitSupport Per-IP policy for limiting bandwidth / quota / concurrent session / new session rate2-Level PunishmentSupport over-quota limiting policy to fully disconnect users or restrict users to a even lower bandwidth.L7 Patterns (3000 )ChatLine/QQ/ AliWang Wang/Fetion/Dushow/Popo/5inaUC/5kype/Yahoo/ AOL/ICQ/Jabber /LavaLava/Gadu/GoogleHangout.P2PXunIei / Thunder / WebThunder / Flash Get / BT / eDonkey / eD2K / eMu Ie / Overn et / EzPeer / Kuro /CIubBox / Poco / F s2You / Ka Za A / Vagga / GoBoogy / Ares / iMesh / Gnutel la / WinMX / Bearshare /Shareaza / Morpheus / Gnucleus / Kugoo / Pigo / dc / 100bao etcVoIPSkype / Polycom / RTP / RTCP / SkypeOut / Eye ba11chat / SIP / TeITeI / H .323 / MsnVoice / NetMeeting etcTunnelHopster / YourFreedom / Garden / Gpass / Tor / HttpTunnel / JAP / ReaITunneI / Vnn / SoftEther / FreeGate /Wu jie etcStreamingQQTV / UUsee / PPfilm / PPlive / PPstream / RealPlayer / Quicklime / KKBox / Shoutcast / Winamp / Live365 /Radio365 / PPTV / Tvants / FastTV / SSTV / MeteorNetTV / 3TV / PhoenixTV / YahooMusic / MMS / SeeTV /QQlive / QQmusic / JetAudio / JetcastEnterpriseCitrix / MySQL / Notes / Oracle / MSSQL / RDP / VNC / UltraVNC / Win / PcAnywhere / Telnet / SSH /TeamViewer / LogmeinFile TransferSkypeFile / Line File / SMB / FTP / OneDrive / GoogleDriveUp / Dropbox / AsusWebStorage / AsperaStockHuaTai / Tazihuei / TungHuaShuen / TienI / FenShiChia / Stoc kStar / ZaoZa ng / AnShi n / SkyNetGameDiablo3 / LoL / CounterStrike / DaHuaShiYo / Dance / Wa re raft / MoYu / CadinCa r / Mira cleWorid / Fight /WenDao / Lineage etchttp(s) DLP (Optional)File FormatsSupport pdf / doc(x) / xls(x) / ppt(x) / txt / eml formats compressed in zip / tgz / 7z / rar / tar / gz filesbandwidthRulesAppearanceSupport user-defined regular expressions with additional computational checking to lower false positivesSupport counting of appearances of each field with logical operators such as AND / OR / NOT to avoid falsepositivesManagementUser InterfaceAuthenticationAuto UpgradeConfig Backup/RestoreSupport web-based Java UL, CLI (Telnet / SSH / Console), SNMP, management client softwareSupport AD single sign-on or captive portal with AD / LDAP / RADIUS / POP3(S) / IMAP(S) authenticationScheduled updates of application patterns / URL database / Anti-botnet databaseAuto-save featurefacilitates easy configuration rollback to previous versionsPermission ControlBuilt-in centralized management and log server with 3-level permissions: admin / manager / audit
InstantCheck Cloud Security GatewayOrdering InformationPart NumberDescriptionIC50-BasicThroughput Downlink Uplink (Total 80 Mbps, SSL Decrypt 10Mbps), 70 Maximum # Active User/IP, 1U-Short, Basic License - Monitor (Network Performance Monitoring)IC50-Basic-1Y-HW1 Year extended warranty on IC50-Basic HardwareIC50-Basic-1Y-MA1 Year SW/URLDB/Pattern online updates on IC50-BasicIC50-SilverThroughput Downlink Uplink (Total 80 Mbps, SSL Decrypt 10Mbps), 70 Maximum # Active User/IP, 1U-Short, Silver License - Monitor Control (Quality of Service)IC50-Silver-1Y-HW1 Year extended warranty on IC50-Silver HardwareIC50-Silver-1Y-MA1 Year SW / URLDB / Pattern online updates on IC50-SilverIC-50-GoldThroughput Downlink Uplink (Total 80 Mbps, SSL Decrypt 10Mbps), 70 Maximum # Active User/IP, 1U-Short, Gold License - Monitor Control Content (Proxy / Secure Web Gateway)IC50-Gold-1Y-HW1 Year extended warranty on IC50-Gold HardwareIC50-Gold-1Y-MA1 Year SW / URLDB / Pattern online updates on IC50-GoldIC50-MaxThroughput Downlink Uplink (Total 80 Mbps, SSL Decrypt 10Mbps), 70 Maximum # Active User/IP, 1U-Short, Max License - Monitor Control Content DLP (Data Loss Protection)IC50-Max-1Y-HW1 Year extended warranty on IC50-Max HardwareIC50-Max-1Y-MA1 Year SW / URLDB / Pattern online updates on IC50-MaxIC100-BasicThroughput Downlink Uplink (Total 160 Mbps, SSL Decrypt 30Mbps), 150 Maximum # Active User/IP, 1U-Short, Basic License - Monitor (Network Performance Monitoring)IC100-Basic-1Y-HW1 Year extended warranty on IC100-Basic HardwareIC100-SilverThroughput Downlink Uplink (Total 160 Mbps, SSL Decrypt 30Mbps), 150 Maximum # Active User/IP, 1U-Short, Silver License - Monitor Control (Quality of Service)IC100-Silver-1Y-HW1 Year extended warranty on IC100-Silver HardwareIC100-Basic-1Y-MA1 Year SW / URLDB / Pattern online updates on IC100-SilverIC100-GoldThroughput Downlink Uplink (Total 160 Mbps, SSL Decrypt 30Mbps), 150 Maximum # Active User/IP, 1U-Short, Gold License - Monitor Control Content (Proxy / Secure Web Gateway)IC100-Gold-1Y-HW1 Year extended warranty on IC100-Gold HardwareIC100-Gold-1Y-MA1 Year SW / URLDB / Pattern online updates on IC100-GoldIC100-MaxThroughput Downlink Uplink (Total 160 Mbps, SSL Decrypt 30Mbps), 150 Maximum # Active User/IP, 1U-Short, Max License - Monitor Control Content DLP (Data Loss Protection)IC100-Max-1Y-HW1 Year extended warranty on IC100-Max HardwareIC100-Max-1Y-MA1 Year SW / URLDB / Pattern online updates on IC100-MaxIC500-BasicThroughput Downlink Uplink (Total 300 Mbps, SSL Decrypt 50Mbps), 500 Maximum # Active User/IP, 1U-Short, Basic License - Monitor (Network Performance Monitoring)IC500-Basic-1Y-HW1 Year extended warranty on IC500-Basic HardwareIC500-Basic-1Y-MAIC500-Silver1 Year SW / URLDB / Pattern online updates on IC500-BasicThroughput Downlink Uplink (Total 300 Mbps, SSL Decrypt 50Mbps), 500 Maximum # Active User/IP, 1U-Short, Silver License - Monitor Control (Quality of Service)IC500-Silver-1Y-HW1 Year extended warranty on IC500-Silver HardwareIC500-Silver-1Y-MA1 Year SW / URLDB / Pattern online updates on IC500-SilverIC500-GoldThroughput Downlink Uplink (Total 300 Mbps, SSL Decrypt 50Mbps), 500 Maximum # Active User/IP, 1U-Short, Gold License - Monitor Control Content (Proxy / Secure Web Gateway)IC500-Gold-1Y-HW1 Year extended warranty on IC500-Gold HardwareIC500-Gold-1Y-MA1 Year SW / URLDB / Pattern online updates on IC500-GoldIC500-MaxThroughput Downlink Uplink (Total 300 Mbps, SSL Decrypt 50Mbps), 500 Maximum # Active User/IP, 1U-Short, Max License - Monitor Control Content DLP (Data Loss Protection)IC500-Max-1Y-HW1 Year extended warranty on IC500-Max HardwareIC500-Max-1Y-MA1 Year SW / URLDB / Pattern online updates on IC500-Max
InstantCheck Cloud Security GatewayOrdering InformationPart NumberDescriptionIC1000-BasicThroughput Downlink Uplink (Total 600 Mbps, SSL Decrypt 100Mbps), 1000 Maximum # Active User/IP, 2U-Short, Basic License - Monitor (Network Performance Monitoring)IC1000-Basic-1Y-HW1 Year extended warranty on IC1000-Basic HardwareIC1000-Basic-1Y-MA1 Year SW / URLDB / Pattern online updates on IC1000-BasicIC1000-SilverThroughput Downlink Uplink (Total 600 Mbps, SSL Decrypt 100Mbps), 1000 Maximum # Active User/IP, 2U-Short, Silver License - Monitor Control (Quality of Service)IC1000-Silver-1Y-HW1 Year extended warranty on IC1000-Silver HardwareIC1000-Silver-1Y-MA1 Year SW / URLDB / Pattern online updates on IC1000-SilverIC1000-GoldThroughput Downlink Uplink (Total 600 Mbps, SSL Decrypt 100Mbps), 1000 Maximum # Active User/IP, 2U-Short, Gold License - Monitor Control Content (Proxy / Secure Web Gateway)IC1000-Gold-1Y-HW1 Year extended warranty on IC1000-Gold HardwareIC1000-Gold-1Y-MA1 Year SW / URLDB / Pattern online updates on IC1000-GoldIC1000-MaxThroughput Downlink Uplink (Total 600 Mbps, SSL Decrypt 100Mbps), 1000 Maximum # Active User/IP, 2U-Short, Max License - Monitor Control Content DLP (Data Loss Protection)IC1000-Max-1Y-HW1 Year extended warranty on IC1000-Max HardwareIC1000-Max-1Y-MA1 Year SW / URLDB / Pattern online updates on IC1000-MaxIC3000-BasicThroughput Downlink Uplink (Total 1.2Gbps, SSL Decrypt 500Mbps), 3000 Maximum # Active User/IP, 2U-Short, Basic License - Monitor (Network Performance Monitoring)IC3000-Basic-1Y-HW1 Year extended warranty on IC3000-Basic HardwareIC3000-Basic-1Y-MA1 Year SW / URLDB / Pattern online updates on IC3000-BasicIC3000-SilverThroughput Downlink Uplink (Total 1.2Gbps, SSL Decrypt 500Mbps), 3000 Maximum # Active User/IP, 2U-Short, Silver License - Monitor Control (Quality of Service)IC3000-Silver-1Y-HW1 Year extended warranty on IC3000-Silver HardwareIC3000-Silver-1Y-MA1 Year SW / URLDB / Pattern online updates on IC3000-SilverIC3000-GoldThroughput Downlink Uplink (Total 1.2Gbps, SSL Decrypt 500Mbps), 3000 Maximum # Active User/IP, 2U-Short, Gold License - Monitor Control Content (Proxy / Secure Web GatewayIC3000-Gold-1Y-HW1 Year extended warranty on IC3000-Gold HardwareIC3000-Gold-1Y-MA1 Year SW / URLDB / Pattern online updates on IC3000-GoldIC3000-MaxThroughput Downlink Uplink (Total 1.2Gbps, SSL Decrypt 500Mbps), 3000 Maximum # Active User/IP, 2U-Short, Max License - Monitor Control Content DLP (Data Loss Protection)IC3000-Max-1Y-HW1 Year extended warranty on IC3000-Max HardwareIC3000-Max-1Y-MA1 Year SW / URLDB / Pattern online updates on IC3000-MaxIC5000-BasicThroughput Downlink Uplink (Total 2 Gbps, SSL Decrypt 1 Gbps), 5000 Maximum # Active User/IP, 2U-Short, Basic License - Monitor (Network Performance Monitoring)IC5000-Basic-1Y-HW1 Year extended warranty on IC5000-Basic HardwareIC5000-Basic-1Y-MA1 Year SW / URLDB / Pattern online updates on IC5000-BasicIC5000-SilverThroughput Downlink Uplink (Total 2 Gbps, SSL Decrypt 1 Gbps), 5000 Maximum # Active User/IP, 2U-Short, Silver License - Monitor Control (Quality of Service)IC5000-Silver-1Y-HW1 Year extended warranty on IC5000-Silver HardwareIC5000-Silver-1Y-MA1 Year SW / URLDB / Pattern online updates on IC8000-SilverIC5000-GoldThroughput Downlink Uplink (Total 4 Gbps, SSL Decrypt 2 Gbps), 8000 Maximum # Active User/IP, 2U-Long, Gold License - Monitor Control Content (Proxy / Secure Web Gateway)IC5000-Gold-1Y-HW1 Year extended warranty on IC5000-Gold HardwareIC5000-Gold-1Y-MA1 Year SW / URLDB / Pattern online updates on IC5000-GoldIC5000-MaxThroughput Downlink Uplink (Total 2 Gbps, SSL Decrypt 1 Gbps), 5000 Maximum # Active User/IP, 2U-Short, Max License - Monitor Control Content DLP (Data Loss Protection)IC5000-Max-1Y-HW1 Year extended warranty on IC5000-Max HardwareIC5000-Max-1Y-MA1 Year SW / URLDB / Pattern online updates on IC5000-Max
Authorized Distributor :HQ Office (KL)SecureOne Distribu on Sdn Bhd (828358 - X)Northern OfficeSecureOne Distribu on (Northern) Sdn Bhd (977172 - H)Tel: 6(03) 7984 6086 Fax: 6(03) 7984 6032Email: sales@secureone.com.myTel: 6(04) 619 2692 Fax: 6(04) 619 2699Email: northern@secureone.com.myNo.7, Jalan 109E, Desa Business Park,Taman Desa, Jalan Kelang Lama,58100 Kuala Lumpur, Malaysia.1A-2-02 @ One Precint (1160),Lengkok Mayang Pasir,11950 Bayan Baru, Penang, Malaysia.www.secureone.com.my
Flows can be de ned by host/session/subnet and fairness among ows within a pipe can be strictly enforced Support Per-IP policy for limiting bandwidth / quota / concurrent session / new session rate Support over-quota limiting policy to fully disconnect users or restrict users to a even lower bandwidth.
