beautypg.com

PLANET CS-2000 User Manual

Page 8

background image

CS-2000 UTM Content Security Gateway User’s Manual

- 2 -

„

VPN Connectivity: The CS-2000 supports several VPN features -- IPSec VPN, SSL VPN and PPTP
server/client. The VPN Tunnel with DES / 3DES / AES encryption and SHA-1 / MD5 authentication that
provide secured network traffic over public Internet. VPN Wizard can help administrator to have an easy
way to configure VPN settings.

„

SSL VPN: SSL VPN does not need to install any software or hardware. Only need to use the web
browser and easily establish VPN connections for transferring the data by SSL encryption.

„

VPN Trunk: VPN trunk function provides VPN load balance and VPN fail-over feature to keep the VPN
connection more reliable.

„

Content Filtering: The CS-2000 can block network connection based on URLs, Scripts (The Pop-up,
Java Applet, cookies and Active X), P2P (eDonkey, Bit Torrent, WinMX and more), Instant Messaging
(MSN, Yahoo Messenger, ICQ, QQ, Skype and Google Talk) and Download / Upload. If there are new
updated version of P2P or IM software in client side, CS-2000 will detect the difference and update the
Content Filtering pattern to renew the filtering mechanism.

„

IDP: Built-in IDP function can detect and prevent the Hacker attacks, Anomaly Flow, and Signatures
from Internet. CS-2000 provides three kinds of the Signature to complete the intrusion detection system,
user can select to configure “Anomaly”, “Pre-defined” and “Custom” according to the current
environment’s request.

„

Policy-based Firewall: The built-in policy-based firewall prevent many known hacker attack including
SYN attack, ICMP flood, UDP flood, Ping of Death, etc. The access control function allowed only
specified WAN or LAN users to use only allowed network services on specified time.

„

QoS: Network packets can be classified based on IP address, IP subnet and TCP/UDP port number and
give guarantee and maximum bandwidth with three levels of priority.

„

User Authentication: Web-based authentication allows users to be authenticated by web browser.
User database can be configured on the devices; CS-2000 also supports the authenticated database
through external RADIUS, POP3 and LDAP server.

„

WAN Backup: The CS-2000 can monitor each WAN link status and automatically activate backup links
when a failure is detected. The detection is based on the configurable target Internet addresses.

„

Outbound Load Balancing: The network sessions are assigned based on the user configurable load
balancing mode, including “Auto”, “Round-Robin”, “By Traffic”, “By Session” and “By Packet”. User can
also configure which IP or TCP/UDP type of traffic use which WAN port to connect.

„

Inbound Load Balancing: The CS-2000 provides the Inbound Load Balancing for enterprise’s internal
server. The Inbound Load Balancing can reduce the server loading and system crash risks, in order to
improve the server working efficiency.

„

Multiple NAT: Multiple NAT allows local port to set multiple subnet works and connect to the Internet
through different WAN IP addresses.

„

High Availability: The CS-2000 provides High Availability function, and the redundant system will avoid
influencing the network traffic because of the device crash down.