คำอธิบาย
ShareTech NU series is the next phase of technology change which will help service providers to launch the services in a single click, delivering exceptional performance, superior multi-layered threat protection, and role-based administration to SMBs.
NU-860T carries advanced protection across your network security deployments: deep packet inspection (DPI), IPS, SSL inspection, web filtering, QoS, virus scanning, spam filtering, and two-factor authentication (2FA) to prevent potential attacks launched by hackers and legitimate authorized users from accessing the network. Moreover, high availability (HA) is supported to ensure smooth network operation.
NU-860T goes beyond traditional firewalls and brings a new approach to the way administrators define their firewalls with 6 Gigabit Ethernet ports and 2 10-Gigabit SFP+ ports. One Gigabit Ethernet port is dedicated to management, and the other 7 ports (5 Ethernet ports, 2 SFP+ ports) can be user-defined into LAN, WAN, or DMZ. To enhance internal security, NU-860T unifies and deploys consistent security policies across both wired and wireless networks, and centrally manages and monitors internal wireless APs and switches. ShareTech also introduces a cloud-based service system providing a new way to deploy, operate, and manage distributed networking appliances. When anomalies occur in network traffic, the system sends notifications to IT administrators and helps them to resolve issues quickly.
BASIC FIREWALL
– Routing: Supports static/dynamic route, designated gateway group, and default gateway.
– IPv4/v6: Supports IPv4, IPv6, and IPv4/IPv6 dual-stack. Admins can quickly swap between at the click of a button.
– IEEE VLAN 802.1Q: The Intranet can be divided into multiple segments, isolating different traffic logically.
– GEO IP: Geo IP restriction allows admins to configure a geolocation-based policy by specifying source and destination locations.
– Network Services: The NU Series supports Client/Server DHCP, DDNS, SNMP, and DNS Server and Proxy.
– Denial of Service (DoS) and Distributed Denial of Service (DDoS) prevention: TCP SYN flood attacks, UDP flood attacks, and ICMP flood attacks can all be mitigated by blocking bad bot traffic before it reaches the targeted site.
– VPN: Supports IPSec, PPTP, L2TP VPN, SSL VPN, and IP Tunnel.
– SD-WAN: SD-WAN can combine from the designated gateway or VPN tunnels, enable optimized traffic routing over multiple transport links, and select a route for applications based upon configured policies and priorities.
– IP Tunnel: A secure VPN can be created via IP Tunnel between two ShareTech UTMs, and traffic passed through the VPN can be monitored.
– Auto IPSec VPN: To create an IPSec VPN between two sites having massive/dynamic IP addresses, Auto VPN can reduce the complexity of deployment and increase stability.
– Loggings: The NU Series includes loggings for system operation and status, wizard, login/logout, system anomaly & control, configuration, networking, policies, objects, services, advanced protection, IPS, WAF, email security, content record, VPN, etc.
NETWORK & EMAIL PROTECTION
– Clam AntiVirus: Supports ClamAV, an open-source anti-virus engine that detects millions of trojans, viruses, malware, and other malicious threats.
– Kaspersky AntiVirus: Supports built-in 1-year Kaspersky license (NU-860 models and above)
– Intrusion Prevention System (IPS) & Signature Database: Supports IPS that proactively detects intrusion behaviors and matches the signature database. IPS Protection’s severity level is defined as LOW, MEDIUM, and HIGH.
– Sandstorm: The NU Series supports four types of security inspection: file hash, Web URL, domain, and IP.
– WAF: Cyberattacks are classified into 19 categories. The NU Series supports a host-based WAF that sits between external users and web applications to block and log requests.
– Anomaly IP Analysis: Flow/behavior-based anomaly detection allows both up and down sessions to be analyzed. An anomaly can be blocked, recorded, and notified to subscribers.
– Email Filtering & Logging: The NU Series supports incoming/outgoing/received email scanning for virus/spam/auditing/backup, queries on SMTP communication logs, infected email quarantine, and queries on email logs.
WEB PROTECTION
– Transport Layer Security (TLS): TLSv1.3 inspection on IPv4 and IPv6
– Deep packet inspection (DPI): DPI is a form of packet filtering that locates, classifies, and reroutes packets. It has higher detection accuracy than port-based TCP/UDP.
– WEB Service: Supports HTTPS scanning in anti-virus, SSL certificate installation, loggings for HTTPS proxy action, and certificate allowlist.
– URL Filtering: A third-party database sorts malicious URLs into six categories. Users can renew the license to get real-time updates or periodically apply firmware upgrades for free updates.
– Application Control: A third-party database sorts applications into 17 categories. Users can renew the license to get real-time updates or periodically apply firmware upgrades for free updates.
ACCESS CONTROLS & FLOW MANAGEMENT
– Authentication: The system can authenticate users with accounts on hosts, POP3/IMAP, Radius, and AD servers. Admins can add users to groups, view logs, and get status information.
– Two-Factor Authentication (2FA): Two-factor authentication can add an additional layer of login security to user accounts, authentication, and SSL VPN access. Users can download mobile security apps (Google/Microsoft authenticator) to generate codes for 2FA.
– Load Balance: Inbound and outbound can be reviewed to make sure traffic patterns are expected. Admins can set up traffic rules in priority order so that all traffic can be evenly distributed among multiple WAN links.
– QoS: Ensure an adequate bandwidth for high-priority tasks and applications, maximum bandwidth limits, and priority levels.
INTRANET PROTECTION
– Switch Co-Defense: Common SNMP switches and advanced L2/L3 switches (a topology included that gives an instant view of the operational status and speed of each port) can be centrally managed. Zyxel switches support IP Source Guard (static IP-MAC-Port binding) to perform DHCP Snooping. Moreover, the PoE schedule can be configured via UTM to manage power consumption.
– AP Management: It displays the status of AP and online users. Quick deployment (config. files) can be delivered for large numbers of access points.
– Intranet Protection: ARP spoofing prevention, IP & MAC spoofing prevention, notification, and block status.
CENTRAL ORCHESTRATION
– Cloud-Based service system (Eye Cloud): ShareTech-branded devices can be remotely monitored and efficiently maintained. Multi-region Wireless APs and switches can be accessed via UTMs as well. Flexible options (Free, VIP, and Distributor) are offered to match requirements. HQ admins can customize tasks based on sites and then select UTM series, devices, config. files/firmware, and intervals. Tasks can be published and targeted to relevant locations in real time. (Supported version: NU v9.0.2.4 or above)
– Server-Side and Client-Side CMS: The NU Series supports regularly passing data from the client side to the server side. The system makes periodic backups (config. file) automatically.
– Dashboard: A real-time Dashboard reporting module is built in the NU series (Available in SSD storage models) (optional module for NU-840H and NU-860H), showing a graphical presentation of the current status.
OTHERS
– Operation Mode: Transparent Bridge, Transparent Routing, and NAT.
– Operation Management Interface: Management interface and Dashboard GUI. (Available in SSD storage models) (optional module for NU-840H and NU-860H)
– Diagnostic Tools: Standard net tools such as Ping, Traceroute, DNS lookup, and port scanners are available to help users identify and fix connection problems. Test widgets like IP Route, Wake Up, SNMP, and IPv6 tools can test your connection and readiness.
– Remote Log Server: Log data can be forwarded in the Syslog format to a remote Syslog server that receives, categorizes and stores log messages for advanced analysis.
– Initial Setup Wizard: The wizard simplifies the configuration process by setting up LAN, WAN, URL Blacklisting, Security Settings, and Email Management. (Available in NU-840 and NU-860 models)
– Distributed administration: Authority can be delegated to one or more administrators, such as Admins and assistant admins. Admins can assign three types of privileges (READ, WRITE, and ALL privileges).
– Custom Password Policy: Password length and complexity requirements, unable to reuse old passwords, and change passwords at regular intervals.
– Interrupt: Hardware interrupts (via CPU) and software interrupts (via ZONE) are supported, allowing the CPU to perform specific tasks. IT administrators can optimize system performance and troubleshoot issues more effectively.
– Offline Signature Update via USB drives: Supports the following items: IPS, the default APP Blocklistings, anti-virus (ClamAV & Kaspersky), and Sandstorm.
– Backup & Restore: Offers USB system backup, system backup, and auto backup (Available in SSD storage models). A system recovery can be ready to minimize the damage imposed by an incident.
– UPS: Provides backup power as quickly as possible in the event of data loss and some protection from power quality issues.
– E-Bulletin Board: Ensure all users read important messages before accessing a webpage.
– LAN Bypass: Supports at least 1 pair of LAN bypass as a fault-tolerance to protect business communication in the event of a power outage. (NU-860 models and above)
– High Availability (HA): Supports Hot-Standy (Active-Passive) mode.
– Web Interface Languages: English, Traditional Chinese, and Simplified Chinese.
– LCM Display: Equipped with a parallel LCM display with 4-key buttons. (NU-860 models and above)
Warranty
- 1 Years Warranty
Download
Product Datasheet
