Unified Security Solution

Share this Post

NexG UTM

Overview

VForce UTM is a unified security solution that integrates VPNs, firewalls, IPS, contents filtering, and many other essential security features.
An embedded multicore network processor, encryption and IPS pattern matching accelerators are what make VForce UTM the most cost-effective security solution.

VForce UTM chose hardware modules optimized for each security feature to prevent performance degradation, which has been a major defect of existing security appliances. Since different engines run different security operations, one does not need to worry about the device going into a bottleneck state.
VForce UTM provides VPN on IPsec, L2TP, and PPTP protocols to deliver a secure network environment. It can operate as an IPsec-based VPN gateway and be linked to other IPsec supporting devices, which has elicited compliments from a number of enterprises. Above all, VForce UTM’s high available multi-line architecture allows Failover over different lines while supporting VRRP and IPAT (IP Address Takeover), BGP4, RIP v1/v2 and other various routing protocols.

VForce_UTM_Overview

Key features

VForce_UTM_Key features

Multicore NPU mounted, high performance unified security solution

Multimode-based network processing and hardware-based encryption/IPS pattern matching accelerator mounted to deliver the highest cost-effectivity

VPN

IKE v1, v2
Standard authentication∙encryption algorithm
xDSL multi-line Load balancing and Bonding to enhance line availability
Convenient VPN configuration allowed by multi-tunneling
Supports client VPN on mobile (Android, iOS) and PC (Windows)

Firewall

Stateful Inspection
Diverse object management (IP, service, user, time)
Schedule-based policy management
Efficient management of security policies and redundancy check enabled by policy simulation

User authentication-based policy

User- and user group-based policy management
Interwork with external authentication servers such as AD, LDAP, RADIUS

IPS

Deep Packet Inspection
Traffic Anomaly, Protocol Anomaly detection and response
Threshold-based traffic management

QoS

Traffic priority, restriction, guarantee, directivity
Security policy-based QoS
DSCP (Diffserv)

HA (High Availability)

Without L4 Switch/Active-Active configuration
VRRP
Auto session/SA sync and many other sync functionalities triggered by a state change

Network

Dynamic routing (RIP, OSPF)
Multicast routing
Link Aggregation (802.3ad)
802.1Q (VLAN, Trunk)
Diverse NAT

IPv6

Ipv6 address-based policy management
Tunneling (6to4, ISATAP)
DAD (Duplicate Address Detection), RA (Router Advertisement)
IPv6 Routing
IPv6 IPsec
IPv6 IPS detection

Management

Real-time monitoring on dashboard
Intuitive graphic data analysis and a variety of reports

Specs

VForce UTM 500
Image VForce_UTM_500
CPU 2 Cores
Memory 4 GB
Storage HDD -
Flash 4 GB
Network
Interface
10/100/1000 Base-TX 4
10/100/1000 Combo -
10/100/1000 LAN Switch 8
1000 Base-X -
10G Base-R -
Module Slot -
BYPASS 0/0
MGMT Ports 0
Console 1 (RJ-45)
Throughput VPN 1.5G
Firewall 2G
VPN Tunnel 10,000
Concurrent Session 1,000,000
Power Single
Dimensions(WxHxD mm) 300 x 44 x 180
Weight(kg) 1.9
Rack mountable 1U Mini
Temperature 0 ~ 40 ℃
Humidity 5~90%(non-condensing)
VForce UTM 1500
Image VForce_UTM_1500
CPU 4 Cores
Memory 4 GB
Storage HDD 500 GB
Flash 4 GB
Network
Interface
10/100/1000 Base-TX 8
10/100/1000 Combo -
10/100/1000 LAN Switch -
1000 Base-X -
10G Base-R -
Module Slot -
BYPASS 1(opt)/0
MGMT Ports 0
Console 1 (RJ-45)
Throughput VPN 3.5G
Firewall 4G
VPN Tunnel 20,000
Concurrent Session 2,000,000
Power Single
Dimensions(WxHxD mm) 440 x 44 x 315
Weight(kg) 4
Rack mountable 1U
Temperature 0 ~ 40 ℃
Humidity 5~90%(non-condensing)
VForce UTM 2500
Image VForce_UTM_2500
CPU 6 Cores
Memory 4 GB
Storage HDD 1TB
Flash 4 GB
Network
Interface
10/100/1000 Base-TX -
10/100/1000 Combo 8
10/100/1000 LAN Switch -
1000 Base-X -
10G Base-R -
Module Slot -
BYPASS 1(opt)/0
MGMT Ports 0
Console 1 (RJ-45)
Throughput VPN 6G
Firewall 8G
VPN Tunnel 20,000
Concurrent Session 2,000,000
Power Single
Dimensions(WxHxD mm) 440 x 44 x 405
Weight(kg) 6
Rack mountable 1U
Temperature 0 ~ 40 ℃
Humidity 5~90%(non-condensing)
VForce UTM 3500
Image VForce_UTM_3500
CPU 10 Cores
Memory 8 GB
Storage HDD 1TB
Flash 4 GB
Network
Interface
10/100/1000 Base-TX MAX 8
10/100/1000 Combo -
10/100/1000 LAN Switch -
1000 Base-X MAX 8
10G Base-R MAX 2
Module Slot 2
BYPASS Option
MGMT Ports 1
Console 1 (RJ-45)
Throughput VPN 10G
Firewall 15G
VPN Tunnel 40,000
Concurrent Session 4,000,000
Power Redundant
Dimensions(WxHxD mm) 430 x 88 x 455
Weight(kg) 9
Rack mountable 2U
Temperature 0 ~ 40 ℃
Humidity 5~90%(non-condensing)
VForce UTM 4500
Image VForce_UTM_4500
CPU 24 Cores
Memory 16 GB
Storage HDD 2TB
Flash 4 GB
Network
Interface
10/100/1000 Base-TX MAX 16
10/100/1000 Combo -
10/100/1000 LAN Switch -
1000 Base-X MAX 16
10G Base-R MAX 4
Module Slot 4
BYPASS Option
MGMT Ports 1
Console 1 (RJ-45)
Throughput VPN 23G
Firewall 30G
VPN Tunnel 120,000
Concurrent Session 10,000,000
Power Redundant
Dimensions(WxHxD mm) 430 x 88 x 510
Weight(kg) 11
Rack mountable 2U
Temperature 0 ~ 40 ℃
Humidity 5~90%(non-condensing)
VForce UTM 5500
Image VForce_UTM_5500
CPU 32 Cores
Memory 32 GB
Storage HDD 2TB
Flash 4 GB
Network
Interface
10/100/1000 Base-TX MAX 16
10/100/1000 Combo -
10/100/1000 LAN Switch -
1000 Base-X MAX 16
10G Base-R MAX 4
Module Slot 4
BYPASS Option
MGMT Ports 1
Console 1 (RJ-45)
Throughput VPN 30G
Firewall 40G
VPN Tunnel 190,000
Concurrent Session 20,000,000
Power Redundant
Dimensions(WxHxD mm) 430 x 88 x 510
Weight(kg) 12
Rack mountable 2U
Temperature 0 ~ 40 ℃
Humidity 5~90%(non-condensing)

Key Functions

Firewall Stateful Inspection
5 Tuples (IP/Port/Protocol)
Zone-based policy
User-based policy
Object- and schedule-based policy
Independent from the number of policies and sessions
Policy statistics and Search function
Static, Dynamic NAT
Excluded, Twice NAT
VPN Gateway
To
Gateway
Crypto H/W accelerator loaded
Multi-tunnel
Bonding Tunnel
Split Tunneling
IKE Version 1 / 2
Transport / Tunnel Mode
Crypto Algorithm (3DES, AES128/192/256, SEED, ARIA)
Integrity Algorithm (MD5, SHA1, SHA2)
DPD (Dead Peer Detection)
NAT Traversal
L2 Bridge VPN
Remote Access NexG SecureClient  (Available on PC and mobiles)
       –  Windows Application (Windows 7, 8, 8.1 32/64bit support)
       –  Android App (Android version 4.0~5.0 support)
       –  iOS : IPsec, PPTP, L2TP over IPsec connectable
User Authentication  (ID, Password, Certificate)
Interconnectivity with certification server (Radius, LDAP)
User Grouping / Control
IPS Deep Packet Inspection
Pattern matching H/W accelerator loaded
3000+ signatures maintainable
Snort Rule Format support
Profile based policy configuration
PCRE support
Black-list / White-list
Anti-Evasion
Anti-Virus (stream-based) detection and blocking
Anti-DDoS TCP/UDP/ICMP/DNS/HTTP
Protection from Flooding
Protection from Scan, Sweep
Signature based protection
Forgery detecting protection
Traffic Limit based protection
Application Control Application based behavior control
Control over Game, P2P, and HTS
Control over Web Mail, Web Hard
Control over Instants Messenger
Control over Streaming, File-type
Web Filter URL and URL extension check
User defined DB filter
Web surfing control through 96 Web Category DB filter
KISOCOM(Korea Communication Commission’s database), Malware, Phishing filters
HA Active-Active / Active-Standby
VRRP, IPAT
LLCF(Link Loss Carry Forward)
L2 Bypass
Synchronization (Policy, Session)
Network Route / Bridge Mode
802.1Q VLAN Trunk
802.3ad LACP
ECMP Routing
Policy-based Routing
RIP, OSPF
PIM-SM/DM, IGMP
VoIP(H.323, SIP) support
QoS(guarantee, limit, DSCP)
DHCP Server , Relay, HA
3G/LTE support
DDNS support
Secure DNS support
LLDP support
IPv6 IPv6 Routing
IPv6 Firewall
IPv6 IPsec
IPv6 DHCP Server
6 to 4, ISATAP
NAC Genian NAC Sensor
User based access control
Makes Compliance compulsory
Interoperability with Genian Policy Center
Management CLI ,Web UI
Dashboard
SNMP Version 1 / 2 / 3 support
Syslog transmission support
Export / Import support
Lookup unused policy and objects
Statistics and reports provided
System configuration/Firmware backup and restoration
Interoperability with VForce NMS