Home Home Services Products Company


TRY NOW Call: +852.2586.1100 Internet Access Management (IAM) Functions Advantages Technologies Functions
Log & Reports & Network Visibility
Real-time monitor
Real-time monitoring of CPU/hard disk/traffic/connection/ session status, as well as online user information, traffic ranking and connection ranking; real-time utilization visibility of bandwidth channels;
Access audit (Optional)
Records a wide variety of audit information including: URL, Webpage title and content accessed (can record only Webpage content containing specific keywords), outbound file transmissions via HTTP and FTP and file content, names and behavior of files downloaded, plain text thread posting and emails, chat sessions on MSN, MSN Shell, Skype, Yahoo! Messenger, Google Talk, etc.; also records application behavior such as network gaming, stock trading, entertainment, P2P downloads and Telnet; tallies user traffic and access duration and audits Webpage/file/email access of extranet users on intranet servers;
Supports various kinds of reports, including scheduled reporting of statistics, behaviors, trend, comparison, plus customized reporting of traffic statistics, queries, ranking, times and behavior of users and user groups;
Data center
Massed log storage with built-in and independent data center support; administrators can easily manage users based on a hierarchical permissions structure;
Audit-free Key
Prevents access audits for users assigned audit-free keys; audit-free status cannot be arbitrarily changed by system administrator (Optional);
Data center authentication Key
Data center administrators can view recorded audit logs only via audit check key (Optional);
Content search
Google-like log search tool to enable the manager to locate logs quickly by entering multiple keywords, including the search and location of the content of the log attachments; supports the title subscription, and supports automatically sending the search results to designated mailbox;
Internet Access Control
User identification
IP, MAC, IP/MAC binding, username/password, third-party authentication such as LDAP/AD/RADIUS/POP3/PROXY, USB-KEY and hardware authentication; Single Sign-on (SSO) options include LDAP/POP3/Proxy and forced SSO of designated network segment/account; account control via public/private accounts and account validity period; account import options include text list, IP/MAC scanning, and even account and organization structures from Active Directory servers;
Authentication exception
Accounts can be renamed (in the IP/MAC/computer name formats) based on new users' IP segments; authentication exception-handling includes conflict detection, privileged control after authentication failure and page forward control after successful authentication;
Online access authorization
Multi-level user account management to align with organizational structure, allowing access control based on account, IP, application, behavior, content, period, etc.; Implements re-use, integration and forced inheritance of access privileges by combining object-based access policy templates; Monitoring of accumulated duration and maximum traffic for specified user applications;
Web filtering
Support Webpage filtering based on URL/search word/keyword contained in Webpage; Support keyword-based filtering of outbound Webmail and Web post; fine-grained control such as allowing only reading post but not post thread, and only allowing receiving but not sending mail; Optional URL database for on-disk URL database, in-cloud URL database, Blue Printdata URL database;
Application control
Over 1000 application identification rules conveniently built-in to identify and control popular network protocols, including IM chat, network games, Web-based stock trading, P2P, streaming media, remote control, and proxy software;
IM software control
Perfectly control over the usage of IM tools, including IM tool that been encrypted or not encrypted, such as MSN, Skype, Gtalk, MSNShell, Yahoo!, QQ, etc. Support blocking the designated IM tools or allow IM chatting while block file sharing and other applications via IM tools. Apart from that, the IAM's IM logging feature also allows you to audit all the IM chatting content to ensure the full visualization of the network;
File control
Capable to control outbound file transmission via HTTP/FTP/email attachments, supports identification and blocking of outbound files based on file extensions and file types (to identify encrypted, compressed, extension name modified files);
Email control
Supports complete blocking of email reception and sending, and filtering of outbound and inbound junk mail; filtering can be based on multiple conditions such as keyword, sender and receiver addresses;
Intelligent P2P identification
and controll
Identifies over 30 popular P2P application protocols such as BitTorrent, eMule, etc. with deep packet inspection (DPI); SANGFOR's patented intelligent P2P identification technology can further comprehensively identify and manage other variant P2P protocols, encrypted P2P behaviors and unknown P2P behaviors;
Advanced control
Encrypted SSL URL filtering; identifies and filters attempts to avoid management via public network proxies or encrypted proxy software; Capable to control behavior of sharing web access privileges with others via installed proxy software;
Additional Features
HTTP proxy; Socks 5 proxy; Transparent proxy;
Built-in SPI firewall thwarts a range of security threats to gateway reliability, including DoS attacks, ARP spoofing, etc.;
End-point detection
Detects end-point profile (including OS version/patch, system processes, disk files, registry, etc.) and can prompt or reject access for end-points not meeting IT requirements or passing security tests;
Gateway anti-virus
Built-in professional anti-virus engine supports gateway virus elimination (Optional);
Internet Access Optimization
Bandwidth management
Bandwidth management based on wide range of criteria, including application type/Website type/file type, user, time, target IP, etc.; extranet-to-intranet access flow control and bandwidth management;
Multiplexing and intelligent
In case that organizations may have multi-lines that connecting to the Internet, the IAM's multi-lines and intelligent routing feature will allocate the best output for users automatically when Intranet users are visiting the resources of different ISP operators. To guarantee stability, IAM can also lead the traffic to the other healthy lines automatically when one line is interrupted;
Virtual line
The "virtual line" visualizes one link into multiple virtual links and each virtual links can be applied with independent traffic shaping policies;
virtual pipe
The "virtual pipe" allows the traffic shaping pipes to be divided into 8 layers to offer better flexibility;
Dynamic bandwidth control
The "dynamic bandwidth control" allows "bandwidth borrowing" to optimize the bandwidth usage. All policies can be applied to uplink as well as downlink;
The frequently accessed webpage, files and videos are cached in IAM appliance. When internal users visit these websites or watch these videos, they will get the data from IAM's cache rather than directly from the servers in Internet;
Equipment Management
Deployment mode
Deployable via router, bridge, bypass and multi-bridge topologies, with active-standby, active-active for HA;
Device management
Web based management access; functionality of different modules can be assigned to different administrators as needed, via a hierarchical management paradigm;
Supports hardware bypass