Powerful & ProfessionalNext Generation Protection

SANGFOR NGFW (Next Generation Firewall)

Security Cases in the Initial Years

Disk that contains the source code of Morris Worm is still held in Boston Museum of Science.

Robert Morris

Born November 8, 1965 (age 47)

Known for Morris Worm, Via web

Alias(es) RTM

Motive "to demonstrate the inadequacies of current security measures on computer networks by exploiting the security defects that Morris had discovered."

Conviction(s) United States Code: Title 18 (18 U.S.C. § 1030, the Computer Fraud and Abuse Act, March 7, 1991.

Penalty three years of probation, 400 hours of community service, a fine of $10,050, and the costs of his supervision

Conviction status

fulfilled

Occupation Professor, Massachusetts Institute of Technology,Partner, Y Combinatory

Parents Robert Morris

Residence United States

mainly focus on network layer and attack network structures.

But now, the situation is quite different.

Here are some security cases in recent years.

Security Cases in Recent Years

Security Cases in Recent Years

Have you ever read about these news

Security Cases in Recent Years

Largest data security breaches in history!

Sony PlayStation Outage

Google Gmail Attack

Attacks from the 3rd - 7th Layers

Attacks from the 3rd - 7th Layers

Traditional Approach A: FW+IPS+AV+WAF

How to defend threats from network level to application level for an enterprise?

Users

Traditional Approach A: FW+IPS+AV+WAF

FW IPS AV WAF

Applications

Data

Viruses

Trojans

Worms

High TCO Network is

too complex to manage

Unstable and not reliable

Low performance

Hackers

Weakness of UTM

• No WAF function• Low Performance• Lack of integration

“Jack of all trades, master of none”

Traditional Approach B: UTM

URLIPSAVFW

FW URL IPS AV

100%

50%

0%

Gartner’s Report about NGFW

NGFW defined by Gartner

Basic FW function

Integrated IPS

Application visibility

Intelligence FW

High performance

Gartner believes that less than 10% of Internet connections today are secured using NGFWs . We believe that by year-end 2014 this will rise to 35% of the installed base, with 60% of new purchases being NGFWs.

—— Gartner VP Greg Young

SANGFOR Released NGFW in 2009

• Contains traditional security

• Modules intelligent interaction

• Anti application layer attacks

• Bidirectional contents inspection

• Application layer high performance

Contains Traditional Security

OSI model Security Appliances

L2-L4

L5-L7

L7&

above

FW IPS

WAF

NGFW

Modules Intelligent Interaction

FW IPS WAF

Generate FW rules dynamically &Prevent all attacks from the same SourceIP.

SQL injection defense

Vulnerability defense

Attacks&

Threats

Anti Application Layer AttacksApplication Identification User Identification

Intranet

Internet

R&D Marketing

Finance 3rd party

Bidirectional Contents Inspection

Hackers

Web application server

DestroyProcess

AttackingProcess

Scanning Process

Sensitive informationinspection

Triggerthreshold

Blocking and protecting

Application Layer High Performance

Performance

1 2 3 CPU

CPU1

CPU2

CPU3

Networking Hardware I/O

FW IPS WAF

Policy layer

Network layer

Parallel Processing

Long Term Collaboration with Microsoft

http://www.microsoft.com/security/msrc/collaboration/mapppartners.aspx

Inform the vulnerability information in advance

SANGFOR generates the feature library to ensure safety

Worms or attack methods based on the Vulnerabilities

• MAPP aims to integrate global security resources by

informing the vulnerability information to

authentication security vendors, ensuring the safety

for customers.

• MAPP authentication ensure SANGFOR can provide

Proactive security protection before attacks

Vulnerabilities are discovered and published

Perfect CVE CompatibilityCommon Vulnerabilities and Exposures (CVE®) is a dictionary of common names (i.e., CVE Identifiers) for publicly known information security vulnerabilities.

CVE’s common identifiers make it easier to share data across separate network security databases and tools, and provide a baseline for evaluating the coverage of an organization’s security tools. If a report from one of your security tools incorporates CVE Identifiers, you may then quickly and accurately access fix information in one or more separate CVE-compatible databases to remediate the problem.

4-star Appraisal from OWASP

OWASP Certificate (Chinese Version)

OWASP: Open Web Application Security Project

Thank You for taking your timeto learn about SANGFOR NGFW.

For more information, please kindly visit our official website at www.sangfor.comcall our toll free number at800-830-9565or contact your local SANGFOR office in Mainland China, Hong Kong, US, UK, Singapore, Indonesia, Malaysia & Thailand.

SANGFOR: For Your Bandwidth!