Home Home Services Products Company


TRY NOW Call: +852.2586.1100 SSL VPN Functions Advantages Technologies Functions
 User Authentication
"And / Or" combination of:
- Username/Password, LDAP, RADIUS, CA (Certification Authority);
- Certificate/USB key based authentication, Dynamic token, Hardware ID, SMS authentication.

CA authentication:
- Allow import of local/external CA-authenticated certificate;
- Support OCSP (Online certificate status protocol).

Account security enhancement policies:
- On-screen keyboard; word verification, password security options, etc.
Account Binding
Bind user's SSL VPN account and authorized applications accounts together for unified authorization and simplified administration. Login and access mapping to applications and verified SSL VPN accounts ensuring complete compliance and security.
Man-in-the- middle Attack Detection
Detects if the endpoint is suffering Man-in-the-middle attack before it is connected to the internal network and send out alert if any attack is detected.
Host Checker
Uses server load balancing technology to assign users’ access requests to multiple servers and increase access speed.
Web optimization
Endpoint detection and scanning of operating system, registry file, personal firewall, anti-virus files, user-customized security rules and other security policies prior to user login, and during the SSL VPN session.
Dedicated SSL VPN Tunnel
Prevent malicious intrusions and malware from affecting mission critical systems when using its SSL VPN capabilities. Offers dynamic flexibility to disconnect automatically when threats are detected.
"User-Role- Resource" Association
Ensure specific and granular access and control of computing resources to right users, groups and permissions.
Web optimization
Secure safety and deletion of sensitive data after session termination.
Secure Desktop
Provides secure desktop workspace where all data and I/O traffic are encrypted, monitored and controlled.
Timeout Control
Allows automatic terminations to eliminate unmonitored and at risk connections.
Byte Cache
Improves performance, minimizes redundant data transfers, and reduces bandwidth utilization by reducing caching data at the byte level.
High-speed Transfer Protocol (HTP)
Optimize the traditional TCP algorithm, making the transmission control mechanism more effective in network environment with high packet loss and network latency.
Webpage Access Optimization
Dynamic reduction of web pages and images sizes displayed on mobile devices resulting in faster performance.
Streaming Compression
Conduct LZO, Gzip compression to decrease the data transmission volume
Intelligent Link Selection
Ensure optimal performance through smart selection of the healthiest and quickest line for remote access.
Resource Load Balancer
Delivers reliable access and performance through intelligent balancing of computing resources for user needs
Link Stability
Enable tunnel auto switch when used with multiple Internet link deployments.
Asymmetrical Cluster
Supports robust clustering of different hardware models with the capability of up to 20 nodes.
Cluster Cloud
Enabling of multiple Sangfor SSL VPN devices clustered in cloud or multi-datacenter environment. The SSL VPN cluster will forward remote users' SSL VPN requests to the healthiest and nearest datacenter/resource automatically for best performance and quality.
 HA Deployment
Support synchronization of sessions, no user interruption when the standby device taking over the active device.
Cross Platform Support

Windows, Linux, Mac OS and iOS, Android OS;

IE, Opera, Firefox, Safari, Google Chrome and other browsers that support https.
Resource Compatibility

Web app, TCP app, L3VPN; Full support to all kinds of B/S, C/S applications;

Support reversed SSL VPN connection, by which the endpoints can be accessed via SSL VPN tunnel from the HQ/DC.
Virtual Secure Portal
Portal Simplified customization of secure user and group environments to predefined roles and responsibilities for accessing internal systems.
Remote Application

Built-in remote application management and security of user activity and data transfers without additional hardware or software costs;

User friendly management through Sangfor EasyConnect apps, downloadable from Apple/Android apps store. Manage your smart devices to access any internal C/S and B/S applications via secure Sangfor SSL VPN.
Page Customization

4 built-in sign-in page template; Support customization to the background color, page captions, logo, bulletin information, etc.

Allow administrators to upload any preferred Sign-in page using zip file to SSL VPN gateway, replacing the existing page;

Support customization of resource icons.
System Tray
Simplified management of SSL VPN activities through the system tray.
Provides auto detect and auto reconnection capabilities during SSL VPN tunnel interruptions ensuring efficient user connectivity.
Account administration

Flexible hierarchical user organization and management up to 16 levels;

Permit both private and public SSL VPN accounts utilization. Smart use of public accounts to allow multiple user logins;

Support importing/exporting user/group information using CSV files;

Permits administrator broadcast messaging to manage user access.

Allow user to access the published applications without entering in the usernames/passwords when the user get authenticated by SSL VPN;

Support SSO with other access management systems, including FORM, BASIC, NTLM, etc.
System log

Manage real-time status: CPU, link traffic, network throughput, concurrent sessions, byte cache status, etc.;

Online user information: access time, authentication methods, concurrent sessions, traffic flow, IP address, etc.;

Alarm, error, debugging, system management logs; Support backing up the logs;

Permit external datacenter setups and sharing of SSL VPN logs, monitoring of administrator and user information and activities, resource activities, network and data traffic trends, network access trends, etc.
Additional Features

Options of standard IPsec VPN and Sangfor VPN;

Support connecting to third-party IPsec VPN gateways who are using standard IPsec VPN protocol, such as Cisco, Fortinet IPsec VPN, etc.
Support PPTP connection from iPhone, iPad, Android devices, etc.
Build-in State-of-the Art Firewall.
Authorization Security
Role-based authorization
Associates user identities with resources and directly controls user access authorization.
Fine-grained authorization
Optimizes resource allocation in the intranet and user access authorization based on URL, service, and IP.
Key file protection
Protects specified key files of the client. If these files are modified, the client cannot connect to the SSL VPN or access the key application systems.
 Hierarchical user management
Establishes a 16-level tree user group structure consistent with the administrative structure system of an organization, and clarifies permission management.