(ENG) AhnLab TrusGuard

Download as pdf or txt
Download as pdf or txt
You are on page 1of 6

Next Generation Security Platform

TrusGuard is the next generation firewall


to protect the organization from ever- PERFORMANCE DETECT RESPONSE STABILITY
evolving threats.

Overview The NGFW TrusGuard has been acknowledged by a thorough market assessment for its
technology, performance and stability. The firewall, IPS, application control, VPN, C&C,
Anti-Virus/Anti-Spam and DLP protect the business environment. TrusGuard has full lineup
from the low-end to data center level models.

Differentiated NGFW Platform


•In-depth protection on the global/local applications
•User policies settings/control
C&C Application •SSL Inspection
Firewall
Detection Control
•Interoperation with APT-exclusive MDS

Threat Detection and Block Technology


•Multi-layered engine for security threat
•Security Intelligence based threat detection
IPS
AhnLab SSL
TrusGuard Inspection •In-house threat analysis and infrastructure
•Real-time threat information for fast response

High Firewall Throughput and Performance


Anti-Spam/ •Advanced hardware platform
IPSec/SSL Anti-Virus/ •High-performing multi-core distribution
Web
& Anti-Malware/
Filtering
Secure VPN Anti-APT/
User Interface of Accumulated Know-how
DLP
•Seamless flow of policies settings/control
•Flexible user interface of drag & drop

Volumounous Traffic Throughput Differentiated Next Generation Security


High Performance Firewall on Various Threats

User Interface by Market Demand Exclusive Threat Detection and Response


Next Generation Firewall

Application Real-time analysis and blocking available on detail settings on the applications with
Control Application Control including P2P, Webhard, Instant Messenger, SNS and thousands of
global and local applications.

Allow
Access Control
Behavior Control
Behavior
Control

AhnLab TrusGuard

Block

User Control Responds to the security threats internally by mapping the user to the IP address, and with
user ID to the user.

AhnLab TrusGuard

Legacy Firewall mapping

mapping IP User

IP User mapping

User-ID User

Exclusive Threat TrusGuard inspects the inflow of contents to the network in real-time, protecting against the
Detection and Zero-Day attacks and against unknowns.

Response
Real-time Threat Information
Multi-layered engine structure
for Fast Response

Security Intelligence
Response to Zero-Day and Unknowns
(C&C/Mal-site/Threat Detection Filter)

Application DDoS Anti-Virus Website Filter


IPS Control C&C DLP Protection Anti-Spam Anti-MalSite

Content
Scan

AhnLab TrusGuard
High-performance The Advanced A-TEAM developed architecture to expedite the performance speed against
the normal speed of packet processing. It is built with multi-core optimization and software
acceleration technology.

Software
High-Density Multi-core
Acceleration
Multi-Core Optimization
Technology

[Multi-core Optimization]
[Software Acceleration] High-Density
Packet Processing Multi-Core
Ingress Packets Egress Packets

Packet Normal Processing


Classifier

Acceleration Processing

< Advanced A-TEAM Architecture >

VPN Anywhere, anytime the TrusGuard provides safe connection with IPSec/SSL VPN, preventing
(Virtual Private the expansion of malicious codes in the VPN tunnel with IPS and Application Control.

Network)

Public Terminals
Branch
IPSec VPN
Public Internet
SSL VPN

SSL VPN
Partner
Home Office
IPSec VPN

AhnLab TrusGuard

Stability Security

Simultaneously Suppport IPSec/SSL VPN


Mobile SSL VPN
Strong Central Orotection on HQ/Branches
Security AhnLab has the best and largest threat response organization and infrastructure, providing
Intelligence real-time monitoring and response on ever-evolving threats. TrusGuard's exclusive C&C
blacklist, Mal URL DB, reputation DB and vulnerabilities prove that it is the best optimized
security solution for corporates.
With the central manager TSM, more effective and intuitive monitoring and convenience on
control are provided with simple policy settings and total monitoring.

ACCESS
AhnLab Cloud Computing E-Security System

NW Threats Virus Mal URL Vulnerabilities

ASEC
Security Response Center Monitor/Response CERT

www.xxxxxx.com

Malicious URL DB
TrusGuard Anti-Malware File C&C Blacklist
Signature Signature Security Infrastructure Reputation DB DB

Latest DB through
  real-time update

AhnLab TrusGuard

Strong Central With the central manager TSM, intuitive monitoring and convenience on device
Management controls are provided with simple policy settings and maximized user-friendliness.

Policy Management
AhnLab TSM
Log Management Central Network Management

Event Monitoring

Multi/Single Management

Log and Advanced Search

Central Monitoring

Device and Asset Management

AhnLab TrusGuard
Main Features
Network Firewall IPSec VPN
Route/Bridge Mode Stateful Inspection Hub&Spoke/Star/Mesh
Static/Policy based Routing HA (A-A/A-S without L4) Various Encryption and Hash Algorithm
Dynamic (RIP/OSPF/BGP) Policy/Sessions Synch Center VPN Dual (A-A/A-S)
Multi-cast Routing (PIM-SM/ IGMP) QoS (Min/Max) Multi-line Load Balancing
Port Aggregation/ VLAN Blacklist Filtering DPD/PFS/Replay Defense
DHCP Server/Client/Relay Exceptions (Whitelist) SSL VPN
SNMP Duplicate Object/Policy Filtering Gateway-to-Client
IPv4 & IPv6 Dual Stack Policy Expiration Check 2 Factor Authentication (ID/PW + Cert)
IPv6 /IPv6 Transition Various NAT Strong User Control
(Static/Dynamic/Policy based NAT)
VoIP (H.323/SIP) Endpoint Interoperation
Auth Server User Authentication (LDAP etc.) (PC Protection before and after)
IPS
Proxy Control Mobile SSL VPN
Pre-defined Signatures (6000) (Android OS)
Session Control by Policies
Daily Signature Update Anti-Spam
IP-Mac /IPv6 Filtering
Zero-day Defense(ACCESS/MAPP) Exclusive Anti-Spam Engine
User-based Policies and Management
Signature/Anomaly based RBL/User-defined Filtering
C&C Detect/Block
(Web/OS/Network/Application) Spam Quarantine
Cloud-based C&C Detect & Block
(Worm/Bot/Trojan/Downloader) Anti-APT
Unknown Suspicious File/PUP Detect
Zone-based Policies Interoperate with AhnLab MDS
Anti-DDoS
Application Control Suspicious File Analysis
UDP/ICMP/TCP Flooding
Global / Local Application Detect/Block Suspicious File Analysis
Spoofed TCP Attack
Application Detail Control Data Leak Prevention
HTTP Vulnerabilities
Application Help Prevent Internal Information Loss
CC Attack
NAC Block Content, Attachments, Exts.
Website Filtering
Anti-Virus(V3) Interoperation Monitoring/Log
Korea Communications Standards Commission DB
Desktop Control Agent Internal HDD/Log
AhnLab Anti-malsite DB
Infected PC Detect/Control Status Monitoring/Log Search/Report
Anti-Virus
SSL Inspection Central Monitoring/Logs
AhnLab AV Engine (V3)
Encrypted Traffic Inspection Manageability
AhnLab Signature Team
Encrypted Traffic Inspection Multi-layer Admin Privilege
Attach/Compressed Files
Country and Continent Block Web-based HTTPS
Anti-Spam
Stream-based Detection

Certificates & AhnLab TrusGuard technology has been listed as a Niche player in Gartner’s Magic Quadrant
Patents for Enterprise Network Firewalls for five years in a row since 2014.

[AhnLab Patents]
300 January 2016
CC Certified
250

200

IPv6 TTA 150

100

50
Registered
Good Software
0 Patented
Domestic Overseas PCT

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or
other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties,
expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
▶ SMB/Branch Office
Specifications
TrusGuard 40A TrusGuard 50B TrusGuard 70B TrusGuard 100B TrusGuard 400B

CPU 2 Core 2 Core 4 Core 4 Core 4 Core

RAM 2GB 8GB 8GB 8GB 8GB

CF 2GB 4GB 4GB 4GB 4GB

HDD 1TB HDD 1TB


Storage - - -
or SSD 240GB or SSD 240GB

1GC 8 8 8 8 8

NIC 1GF - - - 2 4

10GF - - - - -

Firewall Throughput (Max) 1.5G 3G 4G 8G 12G

IPS Throughput (Max) - 1G 2G 3G 4G

VPN Throughput (Max)​ 600M 600M 900M 1.2G 1.5G

VPN Tunnel 2,500 5,000 5,000 10,000 20,000

Concurrent Session 500,000 1,200,000 1,700,000 2,500,000 3,500,000

* TrusGuard 40A model supports only firewall/IPSec VPN.

▶ Enterprise/Data Center and for Headquarter


TrusGuard TrusGuard TrusGuard TrusGuard
500B 1000A 5000A 10000A

CPU 4 Core 6 Core 20 Core 20 Core

RAM 16GB 16GB 16GB 32GB

CF 4GB 8GB 8GB 8GB

HDD 2TB HDD 2TB HDD 2TB HDD 2TB


Storage
or SSD 240GB or SSD 240GB or SSD 240GB or SSD 240GB

1GC 8 10 (34 MAX) 10 (34 MAX) 10 (50 MAX)

NIC 1GF 8 8 (32 MAX) 8 (32 MAX) 8 (48 MAX)

10GF 0 (4 MAX) 0 (12 MAX) 4 (16 MAX) 4 (24 MAX)

Firewall Throughput (Max) 16G 30G 60G 100G

IPS Throughput (Max) 5G 6G 10G 20G

VPN Throughput (Max)​ 2G 5G 10G 12G

VPN Tunnel 30,000 40,000 50,000 60,000

Concurrent Session 4,500,000 6,000,000 10,000,000 15,000,000

AhnLab, Inc.
220, Pangyoyeok-ro, Bundang-gu, Seongnam-si, Gyeonggi-do, 13493, Korea
global.ahnlab.com / [email protected] / Tel: +82-31-722-8900

© 2018 AhnLab, Inc. All rights reserved.

You might also like