AhnLab ¼öÈ£½Å Absolute´Â ±¹³» ÃÖÃÊÀÇ »ó¿ë ¹æȺ®ÀÎ ¡®¼öÈ£½Å¡¯°ú ±¹³» ÃÖ°íÀÇ Virus ŽÁö ´É·ÂÀ» º¸À¯ÇÑ ¡®¾Èö¼ö¿¬±¸¼Ò V3¡¯ °¡ °áÇÕÇÑ Çϵå¿þ¾î ÀÏüÇü ÅëÇÕº¸¾È½Ã½ºÅÛÀÔ´Ï´Ù.
ÀÌ Á¦Ç°Àº º¸¾ÈÀÇ ÇÙ½É ±â¼úÀÎ Firewall, IDS, VPNÀ» ¹ÙÅÁÀ¸·Î QoS, ¾ÈƼ¹ÙÀÌ·¯½º, À¯ÇØ Æ®·¡ÇÈ Â÷´Ü µîÀÇ ±â´ÉÀ» Á¦°øÇÕ´Ï´Ù. ¶ÇÇÑ Áö³ 10¿© ³â°£ 3,000¿© °³ °í°´ ·¹ÆÛ·±½º¸¦ È®º¸, ¾ÈÁ¤¼º°ú ¼º´ÉÀ» °ËÁõ ¹ÞÀº Á¦Ç°ÀÔ´Ï´Ù.
AhnLab ¼öÈ£½Å Absolute´Â ±â°¡ ȯ°æ¿¡ ÀûÇÕÇÑ ´ë¿ë·® °í±Þ ¸ðµ¨¿¡¼ ¼Ò±Ô¸ð ³×Æ®¿öÅ© ¸ðµ¨¿¡ À̸£±â±îÁö ´Ù¾çÇÑ Á¦Ç° ¶óÀξ÷À» °®Ãß°í ÀÖ¾î ³×Æ®¿öÅ© ȯ°æ¿¡ ÀûÇÕÇÏ°Ô ¼±ÅÃÇÒ ¼ö ÀÖ½À´Ï´Ù. ¶ÇÇÑ °¡°Ý ´ëºñ ¼º´É ¹× ¾ÈÁ¤¼ºÀÌ ¶Ù¾î³ª ÅõÀÚ ÀÌ»óÀÇ È¿°ú¸¦ °ÅµÑ ¼ö ÀÖ½À´Ï´Ù.
AhnLab ¼öÈ£½Å Absolute 100/400/1000´Â 2008³â 12¿ù ±¹Á¦¿ë CC(Common Criteria; ±¹Á¦°øÅëÆò°¡±âÁØ) ÀÎÁõÀ» EAL4(Evaluation Assurance Level 4) µî±ÞÀ¸·Î ȹµæÇß½À´Ï´Ù. ¶ÇÇÑ Ä§ÀÔÂ÷´Ü½Ã½ºÅÛ¿¡ ´ëÇÑ K4E¿Í ħÀÔŽÁö½Ã½ºÅÛ¿¡ ´ëÇÑ K4 ÀÎÁõÀ» ¸ðµÎ ¹ÞÀº ÅëÇÕº¸¾È½Ã½ºÅÛÀÔ´Ï´Ù.
[Á¦Ç° °³³äµµ]
1. ÆíÀ̼º°ú º¸¾È¼ºÀÌ ±Ø´ëÈµÈ ¡®All-in-One Box¡¯
AhnLab Absolute Series´Â ´Ù¾çÇÑ º¸¾È ±â´ÉÀ» ´ÜÀÏ Àåºñ(Appliance)¿¡¼ ±¸ÇöÇÑ Çϵå¿þ¾î ÀÏüÇü ÅëÇÕº¸¾È½Ã½ºÅÛÀ¸·Î ±âÁ¸ º¸¾È½Ã½ºÅÛÀÇ ÇѰ踦 ¶Ù¾î ³ÑÀº Á¦Ç°ÀÔ´Ï´Ù.
Firewall
IDS / IDPS
IPsec VPN
Anti-virus, Anti-Spam
QoS
2. ÀÚü °³¹ßÇÑ °í¼º´É ³×Æ®¿öÅ© Àü¿ë Àåºñ
N/W º¸¾È Àåºñ¸¦ À§ÇØ ÃÖÀûÈµÈ ¼³°è Àû¿ë
CPUÀÇ È¿À²¼º Áõ´ë ¹× ³ôÀº ¼º´É
3. Àü¿ë OS
N/W Á¦Ç°¿¡ ÀûÇÕÇϵµ·Ï ³×Æ®¿öÅ© ½ºÅÃÀÇ ¼³°è
OS Â÷¿øÀÇ º¸¾È ±â´É °È
4. ¾ÈÁ¤ÀûÀÎ ¼º´É
º¸¾È Á¤Ã¥ °³¼ö ¹× concurrent session ¼ö¿¡ µ¶¸³ÀûÀÎ ¼º´É º¸Àå
Giga Ethernet ½Ç¸Á ȯ°æ¿¡¼ °ËÁõµÈ ¼º´É
5. ¼Õ½¬¿î °ü¸®
À¥ UI¸¦ ÅëÇÑ Æí¸®ÇÑ ¿î¿µ
LED/LCD¸¦ ÅëÇÑ ½Ã½ºÅÛ »óÅ Á¤º¸ ¹× ¼º´É ÆľÇ
Firmware Update ±â´É : OS À缳ġ ºÒÇÊ¿ä
6. Firewall (with QoS, Anti-Virus) ±â´É
º¸¾È Á¤Ã¥ °³¼ö ¹× concurrent session¼ö¿¡ ¹«°üÇÑ ¼º´É : °í¼Ó Packet Classification AlgorithmÀ» Àû¿ë
Application Proxy »ç¿ë½Ã¿¡µµ °í¼Ó ÆÐŶ ó¸® ¹× ¾ÈÁ¤ÀûÀÎ ¼ºñ½º Á¦°ø : ºÎÇÏ ºÐ»ê ±â¹ýÀ» ÀÌ¿ëÇÑ FrameworkÀ» Àû¿ë
º¸¾È Á¤Ã¥º° QoS ±â´É Á¦°ø : º¸¾È Á¤Ã¥º° Æ®·¡ÇÈ ½¦ÀÌÇÎ/Æú¸®½Ì ±â´É µ¿½Ã Á¦°ø
½Ã°£(½Ã°£/ÀÏ/ÁÖ°£/¿ù°£/³â°£)´ëº° º¸¾È Á¤Ã¥ Àû¿ë °¡´É
ÆÐŶ ÇÊÅÍÀÇ ¼¼¼Ç µ¿±âÈ ±â¼úÀ» ÀÌ¿ëÇÑ ºÎÇÏ ºÐ»ê °¡´É
°í°¡¿ë¼º (Active-Active, Active-Standby HA) Á¦°ø
¸ÞÀÏ/FTP/HTTP¸¦ ÅëÇÑ ¹ÙÀÌ·¯½º Â÷´Ü
À¯ÇØ Æ®·¡ÇÈ(Port Scan / Syn Flooding / CGI Attack / IIS Attack / Messenger Á¢¼Ó ¹× ÆÄÀÏ ¼Û¼ö½Å
P2P Á¢¼Ó, °Ë»ö ¹× ÆÄÀÏ ¼ö½Å / IP Spoofing / Source Routing / ICMP Redirect µî) Â÷´Ü
Traffic Monitoring ±â´É Á¦°ø
¿©·¯´ë¸¦ ÅëÇÕ °ü¸®ÇÒ ¼ö ÀÖ´Â ¼³Á¤ µ¿±âÈ ±â´É Á¦°ø
Link Aggregation, VLAN µî ´Ù¾çÇÑ ³×Æ®¿öÅ© ȯ°æ¿¡¼ ¿î¿µ °¡´É
7. VPN ±â´É
IPsec Standard Áö¿ø
Manual/IKE(Pre-shared Key, X.509) mode Áö¿ø
´Ù¾çÇÑ Crypto / Hash Algorithm Á¦°ø
IPsec NAT Traversal
Dead Peer Detection
(Absolute 400, Absolute 1000Àº VPN Accelerator ±â´Éµµ Áö¿ø)
8. IDS / IDPS ±â´É
Áö¿ø ÇÁ·ÎÅäÄÝ : ÀÎÅͳݻóÀÇ ¸ðµç TCP/IP ÇÁ·ÎÅäÄÝ ¹× Windows Networking ¹æ½ÄÀÎ NetBIOS ÇÁ·ÎÅäÄÝ Áö¿ø
ŽÁö °ø°Ý À¯Çü : Backdoor, Denial of Service Attacks, Distributed Denial Service Attacks, Unauthorized Access Attempts, Pre-Attack Probes, Suspicious Activity, port sweep, internet worm, SQL injection , XSS µî 1400¿© °³ÀÇ ÆÐÅÏ º¸À¯.
¿ìȸ °ø°ÝŽÁö
¼øÂ÷ÀûÀÎ byte ´ÜÀ§ÀÇ TCP Segment
ºñ¼øÂ÷ÀûÀÎ byte ´ÜÀ§ÀÇ TCP Segment
Byte ´ÜÀ§ÀÇ Checksum ¿À·ù Segment
IP Layer Fragmentation
±âŸ evasion tool¿¡ ÀÇÇÑ 20 ¿©°¡Áö URI ¿ìȸ °ø°Ý¿¡ ´ëÇÑ ÀçÁ¶ÇÕ Ã³¸®
Anomaly Detection : traffic ÀÓ°èÄ¡¸¦ ÅëÇÑ anomaly detection ( TCP/UDP/PORT )
Absolute 100
Absolute 400
Absolute 1000
Firewall
Dynamic and Stateful Packet Filtering
O
O
O
TCSEC B1-Level º¸¾È·¹À̺íÀ» ÀÌ¿ëÇÑ Á¢±Ù ÅëÁ¦ Áö¿ø
O
O
O
QoS
O
O
O
º¸¾È Á¤Ã¥ °³¼ö ¹× µ¿½Ã ¼¼¼Ç ¼ö¿¡ µ¶¸³ÀûÀÎ ¼º´É º¸Àå
O
O
O
Anti-Virus, Anti-Spam Á¦°ø
O
O
O
À¯ÇØ »çÀÌÆ® ¹× À¯ÇØ Æ®·¡ÇÈ Â÷´Ü
O
O
O
P2P¹× Messenger Á¦¾î, ½Ã½ºÅÛ ¹æ¾î
O
O
O
º¸¾È Á¤Ã¥ ½ºÄÉÁ층(ÀÏ/ÁÖ/¿ù/³â, one-time)
O
O
O
»ç¿ëÀÚ ÀÎÁõ(password / OTP)
O
O
O
¿ÜºÎ ÀÎÁõ ¼¹ö ¿¬µ¿ (Radius µî)
O
O
O
IDS
ħÀÔŽÁöÆÐÅÏ ÀÚµ¿ ¾÷µ¥ÀÌÆ®, ¾÷µ¥ÀÌÆ® º¹±¸ ±â´É
O
O
O
Stealth mode
O
O
O
°Á¦ Á¾·á, Email °æ°í, SNMP trap, syslog
O
O
O
Firewall ¿¬µ¿ (Absolute, Firewall-1, Netscreen, Secureworks µî)
O
O
O
ESM ¿¬µ¿ (À̱۷ç Spider-1 µî)
O
O
O
Á÷°üÀûÀÎ GUI
O
O
O
º¸°í¼ ±â´É
O
O
O
³×Æ®¿öÅ© ¸ð´ÏÅ͸µ
O
O
O
»ç¿ëÀÚÁ¤ÀÇ Á¤Ã¥
O
O
O
¿¹¿Üó¸® Á¤Ã¥
O
O
O
Snort Á¤Ã¥
O
O
O
VPN
IPSec Standard
O
O
O
Manual Key/ IKE (Pre-shared key, x.509)
O
O
O
¾ÏÈ£ ¾Ë°í¸®Áò (3DES, AES, SEED)
O
O
O
Çؽ¬ ¾Ë°í¸®Áò (SHA-1, HAS160)
O
O
O
Çϵå¿þ¾î VPN Accelerator
N/A
O
O
IPSec NAT Traversal
O
O
O
Hub & Spoken
O
O
O
Dead Peer Detection
O
O
O
Windows ±â¹Ý IPSec VPN Client
O
O
O
À¯ÇØ Æ®·¡ÇÈ Â÷´Ü
Port Scan, Syn Flooding, CGI Attacks µî Â÷´Ü
O
O
O
Protocol Analyzing + Pattern Matching
O
O
O
Anomaly Detection
O
O
O
¿ìȸ °ø°Ý Â÷´Ü
O
O
O
Web Attack Â÷´Ü
O
O
O
Network Environment
Transparent, Route, NAT mode
O
O
O
Dual Default Gateway
O
O
O
Source / Dynamic/Multicast Routing
O
O
O
Link Aggregation
N/A
O
O
PPP, DHCP Server / Client / Relay
O
O
O
System Management
CLI / Web UI / Windows GUI
O
O
O
Log Server (´ë¿ë·® DB Áö¿ø-DB2)
O
O
O
System& Network Traffic Monitoring
O
O
O
High Availability (HA)
Transparent, Route, NAT mode HA
O
O
O
Active-Standby
O
O
O
Active-Active HA (without L4)
O
O
O
Features
Absolute 100
Absolute 400
Absolute 1000
Performance
Major Function
Firewall, VPN, IDS
Operation Mode
Transparent mode, Route Mode, NAT mode
Concurrent Session
800.000
1,000,000
1,500,000
Firewall Performance
400 Mbps
800 Mbps
2 Gbps
Specifications
CPU
Mobile Celeron
Xeon
Dual Xeon
RAM
1GB
1GB
4GB
NIC
(4) 10/100/1000B-TX
(6) 10/100/1000B-TX
(2)1000B-SX (Option)
(4) 10/100/1000B-TX
(8)1000B-SX
Management
(1) Serial Port
(1) Serial Port
(1) Serial Port
VPN Accelerator
N/A
Yes
Yes
Display
2-line LCD Panel, Ethernet LED
2-line LCD Panel, Ethernet LED
2-line LCD Panel, Ethernet LED
Power
100 ~ 240 VAC, 200W
100 ~ 240 VAC, 300W
100 ~ 240 VAC, 460W
Dual-Redundant
Dimensions (W*D*H)
426 X 269 X 44 mm
426 X 500 X 44 mm
426 X 550 X 88 mm
Chassis Design
19¡± Rack-Mount
19¡± Rack-Mount
19¡± Rack-Mount
