Cybersecurity TL-NASG5005

TL-NASG5005

Subscribe to get prices

Model: TL-NASG5005

Order No:

SKU: 1718705468471604772

Condition: New Sealed Under Guarantee

Size: 440.00 mm,227.00 mm,44.00 mm

Weight: 0.00kg

Product Selection Engineer:Huankanheng

In Stock

Brief Introduction

TL-NASG5005

TL-NASG5005 is a network-wide behavior management controller launched by TP-LINK, which supports visual analysis of user behavior, has a variety of feature libraries such as anti-virus, intrusion prevention, malicious domain name, application identification, website classification, etc., and integrates multiple functions such as user behavior analysis, firewall policy, attack protection, DPI in-depth security, security audit, bandwidth management, VPN, etc., to effectively audit network user behavior, resist network risks, achieve comprehensive protection, and simplify operation and maintenance. Ensure the continuous and stable operation of core applications and services of enterprises, and apply to scenarios such as enterprises, government agencies, parks, and chain hotels. Multi-core 64-bit network-specific processor, 2GB DDRIV high-speed memory 4 x Gigabit RJ45 ports, 2 x 10 Gigabit SFP+ ports User behavior visualization, traffic destination analysis, control analysis, access analysis, leakage analysis, etc You can configure security policies, audit policies, bandwidth policies, and NAT policies Expandable all-in-one DPI security (intrusion prevention, anti-virus, file filtering, malicious domain name remote query, application behavior control) Supports rich policy objects (security zones, addresses, applications, blacklists and whitelists, security profiles, intrusion prevention, audit profiles, etc.) Supports rich network functions, such as static routing, policy-based routing, intelligent balancing, VPN (IPSec/PPTP/L2TP VPN), DDNS, etc Multi-administrator roles, refined permission management Supports application-based intelligent routing Supports first-pack application identification to improve application recognition performance Abundant ports and powerful performance It adopts a professional multi-core 64-bit network-specific processor and 2GB DDRIV high-speed memory to provide powerful packet processing capabilities. It provides 4 Gigabit RJ45 ports and 2 10 Gigabit SFP+ ports, which can meet the requirements of high-speed data forwarding and facilitate users to manage and maintain the system. Precise control of network-wide behaviors to ensure enterprise information security It has rich user behavior analysis functions, including the traffic statistics of applications/application groups (traffic destination analysis, access tendency analysis, violation and leakage risk analysis), website access duration, user blocking behavior ranking, user outgoing file size ranking, website type distribution, user traffic ranking and other audit and analysis functions, comprehensively audit user online behavior, make office more standardized, more efficient and safer. It has a large-scale application identification feature database, and one-click control of nearly 6,000 common desktop and mobile Internet applications in 36 categories, including video, social networking, shopping, finance and other applications; Accurately identify popular application behaviors such as WeChat, Weibo, and QQ, such as text communication, voice and video, file transfer, music playback, etc., and finely control these behaviors, and intercept or restrict them in a purposeful and targeted manner; Built-in database of more than 10 types of domestic URLs, which can restrict employees' access to the corresponding websites with one click; Support prohibiting web submission, restricting employees from logging in to various web-based forums, microblogs, mailboxes, etc. to publish information, filtering email content, and effectively avoiding the leakage of sensitive enterprise data; *The database of applications and URLs will be updated and added continuously. First-pack application identification It supports TP-LINK's unique application identification of the first packet, which can identify the application in the first packet, realize application traffic selection, and improve the application recognition performance Comprehensive security strategy Adopting the principle of minimum security, it supports security policies based on security zones, source IP addresses, destination IP addresses, source ports, destination ports, service groups, application groups, user groups, time periods, blacklists and whitelists, websites, internal server certificates, anti-virus, URL filtering, file filtering, application behavior control, email content filtering, intrusion prevention, audit profiles and other objects. All-round attack protection It supports a variety of intranet/extranet attack protection functions, and can effectively prevent various DoS attacks, scanning attacks, and suspicious packet attacks, such as TCP Syn Flood, UDP Flood, ICMP Flood, IP Scanning, Port Scanning, WinNuke Attacks, Fragment Packet Attacks, WAN Port Ping, TCP Scan (Stealth FIN/Xmas/Null), IP Spoofing, TearDrop, etc. ARP protection, such as ARP spoofing and ARP attacks, is supported to avoid service interruption and frequent network disconnection. Support IP and MAC binding, which can bind the IP and MAC address information of the LAN port (intranet) and WAN port (extranet) hosts at the same time to prevent ARP spoofing. MAC address filtering is supported to block access to unauthorized hosts. Expandable integrated DPI for in-depth security Support intrusion prevention, get the latest threat information in the first time, and accurately detect and defend against attacks against vulnerabilities; It supports anti-virus, which can quickly and accurately detect and kill viruses and other malicious programs in network traffic, and protect more than 6 million viruses and Trojans. It supports filtering file expansion types, which can easily filter all kinds of small files embedded in web pages to prevent viruses and Trojan horses from invading the enterprise network through small files and endangering network security. Support URL filtering, remote query of malicious domain names, effectively intercept phishing websites, Trojan attacks, hacker intrusions and network fraud through local + cloud methods; It supports application recognition, and the accuracy reaches the level of application behavior. The combination of application identification and intrusion detection, anti-virus, URL filtering, and filtering file expansion types greatly improves the detection performance and accuracy. Provide a comprehensive and timely security signature database, keep up with the latest developments in the field of network security, and ensure timely and accurate updates of the feature database. Complete security audit strategy Detailed and comprehensive logging: System logs, operation logs, policy hit logs, traffic logs, audit logs, threat logs, content logs, URL logs, and email filtering logs are supported to record firewall-related traffic and operation history in detail, helping administrators understand network status and quickly locate network problems. Graphical traffic statistics: Traffic statistics can be performed in three dimensions: interface, IP, and security policy, and the traffic data of security policies can be displayed graphically in real time, which is clear at a glance. The traffic analysis report can be output in the form of PDF report to help the administrator analyze the historical traffic distribution. Internet behavior audit: Support HTTP behavior audit, FTP behavior audit, email audit, IM audit, through audit logs, you can understand the Internet behavior of employees during work, including web access, APP application, etc., so that bad Internet behavior can be traced; TP-LINK security audit system: It can be used with the TP-LINK security audit system to store logs for a long time and in large capacity, and output more detailed analysis reports. Simple O&M and security management Full Chinese web interface, detailed and clear configuration guidance; Graphical interface display, real-time monitoring of key resources such as CPU utilization, clear and intuitive; Support local/remote management, convenient chain operation, remote assistance; Support password authentication/identity recognition to ensure authorization security; Support multi-administrator roles and refined permission management; Support hard disk management, license management, and signature database upgrade; Support active/standby switchover and on-line detection to ensure high-reliability operation of the equipment; A separate console management port is provided, which can be managed from the command line. Flexible bandwidth management policies Provides flexible bandwidth management policies to control the bandwidth used by each IP address in the network to ensure the network experience of key services and users. The management and control methods include bidirectional bandwidth control, connection limit, and connection monitoring. Abundant routing features Static routing, policy-based routing, intelligent balancing, VPN (IPSec/PPTP/L2TP VPN), dynamic DNS (Peanutshell, Kemai, 3322) and other functions are supported. Supports multiple deployment modes Layer 3 routing gateway mode As a Layer 3 routing gateway, TL-NASG5005 replaces the original router in the network, and the data communication between the internal network and the external network is NAT converted through the firewall. Layer 2 transparent bridge mode TL-NASG5005 allows some or all of the interfaces to be set up as bridges, which work in a Layer 2 network and are protected by firewalls as long as data passes through the bridge interfaces. In this mode, firewall deployment does not need to change the original topology, which is more convenient and faster. Route + Bridge mode During actual network deployment, some interfaces of the firewall can be set as bridge interfaces and part of the firewall interfaces as routing interfaces according to on-site requirements, so that the two methods can be flexibly combined to achieve more cost-effective network protection.

Description

TL-NASG5005 is a network-wide behavior management controller launched by TP-LINK, which supports visual analysis of user behavior, has a variety of feature libraries such as anti-virus, intrusion prevention, malicious domain name, application identification, website classification, etc., and integrates multiple functions such as user behavior analysis, firewall policy, attack protection, DPI in-depth security, security audit, bandwidth management, VPN, etc., to effectively audit network user behavior, resist network risks, achieve comprehensive protection, and simplify operation and maintenance. Ensure the continuous and stable operation of core applications and services of enterprises, and apply to scenarios such as enterprises, government agencies, parks, and chain hotels.

  • Multi-core 64-bit network-specific processor, 2GB DDRIV high-speed memory
  • 4 x Gigabit RJ45 ports, 2 x 10 Gigabit SFP+ ports
  • User behavior visualization, traffic destination analysis, control analysis, access analysis, leakage analysis, etc
  • You can configure security policies, audit policies, bandwidth policies, and NAT policies
  • Expandable all-in-one DPI security (intrusion prevention, anti-virus, file filtering, malicious domain name remote query, application behavior control)
  • Supports rich policy objects (security zones, addresses, applications, blacklists and whitelists, security profiles, intrusion prevention, audit profiles, etc.)
  • Supports rich network functions, such as static routing, policy-based routing, intelligent balancing, VPN (IPSec/PPTP/L2TP VPN), DDNS, etc
  • Multi-administrator roles, refined permission management
  • Supports application-based intelligent routing
  • Supports first-pack application identification to improve application recognition performance

Abundant ports and powerful performance

It adopts a professional multi-core 64-bit network-specific processor and 2GB DDRIV high-speed memory to provide powerful packet processing capabilities.

It provides 4 Gigabit RJ45 ports and 2 10 Gigabit SFP+ ports, which can meet the requirements of high-speed data forwarding and facilitate users to manage and maintain the system.

Precise control of network-wide behaviors to ensure enterprise information security

It has rich user behavior analysis functions, including the traffic statistics of applications/application groups (traffic destination analysis, access tendency analysis, violation and leakage risk analysis), website access duration, user blocking behavior ranking, user outgoing file size ranking, website type distribution, user traffic ranking and other audit and analysis functions, comprehensively audit user online behavior, make office more standardized, more efficient and safer.

It has a large-scale application identification feature database, and one-click control of nearly 6,000 common desktop and mobile Internet applications in 36 categories, including video, social networking, shopping, finance and other applications;

Accurately identify popular application behaviors such as WeChat, Weibo, and QQ, such as text communication, voice and video, file transfer, music playback, etc., and finely control these behaviors, and intercept or restrict them in a purposeful and targeted manner;

Built-in database of more than 10 types of domestic URLs, which can restrict employees' access to the corresponding websites with one click;

Support prohibiting web submission, restricting employees from logging in to various web-based forums, microblogs, mailboxes, etc. to publish information, filtering email content, and effectively avoiding the leakage of sensitive enterprise data;

*The database of applications and URLs will be updated and added continuously.

First-pack application identification

It supports TP-LINK's unique application identification of the first packet, which can identify the application in the first packet, realize application traffic selection, and improve the application recognition performance

Comprehensive security strategy

Adopting the principle of minimum security, it supports security policies based on security zones, source IP addresses, destination IP addresses, source ports, destination ports, service groups, application groups, user groups, time periods, blacklists and whitelists, websites, internal server certificates, anti-virus, URL filtering, file filtering, application behavior control, email content filtering, intrusion prevention, audit profiles and other objects.

All-round attack protection

It supports a variety of intranet/extranet attack protection functions, and can effectively prevent various DoS attacks, scanning attacks, and suspicious packet attacks, such as TCP Syn Flood, UDP Flood, ICMP Flood, IP Scanning, Port Scanning, WinNuke Attacks, Fragment Packet Attacks, WAN Port Ping, TCP Scan (Stealth FIN/Xmas/Null), IP Spoofing, TearDrop, etc.

ARP protection, such as ARP spoofing and ARP attacks, is supported to avoid service interruption and frequent network disconnection.

Support IP and MAC binding, which can bind the IP and MAC address information of the LAN port (intranet) and WAN port (extranet) hosts at the same time to prevent ARP spoofing.

MAC address filtering is supported to block access to unauthorized hosts.

Expandable integrated DPI for in-depth security

Support intrusion prevention, get the latest threat information in the first time, and accurately detect and defend against attacks against vulnerabilities;

It supports anti-virus, which can quickly and accurately detect and kill viruses and other malicious programs in network traffic, and protect more than 6 million viruses and Trojans.

It supports filtering file expansion types, which can easily filter all kinds of small files embedded in web pages to prevent viruses and Trojan horses from invading the enterprise network through small files and endangering network security.

Support URL filtering, remote query of malicious domain names, effectively intercept phishing websites, Trojan attacks, hacker intrusions and network fraud through local + cloud methods;

It supports application recognition, and the accuracy reaches the level of application behavior. The combination of application identification and intrusion detection, anti-virus, URL filtering, and filtering file expansion types greatly improves the detection performance and accuracy.

Provide a comprehensive and timely security signature database, keep up with the latest developments in the field of network security, and ensure timely and accurate updates of the feature database.

Complete security audit strategy

Detailed and comprehensive logging: System logs, operation logs, policy hit logs, traffic logs, audit logs, threat logs, content logs, URL logs, and email filtering logs are supported to record firewall-related traffic and operation history in detail, helping administrators understand network status and quickly locate network problems.

Graphical traffic statistics: Traffic statistics can be performed in three dimensions: interface, IP, and security policy, and the traffic data of security policies can be displayed graphically in real time, which is clear at a glance. The traffic analysis report can be output in the form of PDF report to help the administrator analyze the historical traffic distribution.

Internet behavior audit: Support HTTP behavior audit, FTP behavior audit, email audit, IM audit, through audit logs, you can understand the Internet behavior of employees during work, including web access, APP application, etc., so that bad Internet behavior can be traced;

TP-LINK security audit system: It can be used with the TP-LINK security audit system to store logs for a long time and in large capacity, and output more detailed analysis reports.

Simple O&M and security management

Full Chinese web interface, detailed and clear configuration guidance;

Graphical interface display, real-time monitoring of key resources such as CPU utilization, clear and intuitive;

Support local/remote management, convenient chain operation, remote assistance;

Support password authentication/identity recognition to ensure authorization security;

Support multi-administrator roles and refined permission management;

Support hard disk management, license management, and signature database upgrade;

Support active/standby switchover and on-line detection to ensure high-reliability operation of the equipment;

A separate console management port is provided, which can be managed from the command line.

Flexible bandwidth management policies

Provides flexible bandwidth management policies to control the bandwidth used by each IP address in the network to ensure the network experience of key services and users. The management and control methods include bidirectional bandwidth control, connection limit, and connection monitoring.

Abundant routing features

Static routing, policy-based routing, intelligent balancing, VPN (IPSec/PPTP/L2TP VPN), dynamic DNS (Peanutshell, Kemai, 3322) and other functions are supported.

Supports multiple deployment modes

Layer 3 routing gateway mode

As a Layer 3 routing gateway, TL-NASG5005 replaces the original router in the network, and the data communication between the internal network and the external network is NAT converted through the firewall.

Layer 2 transparent bridge mode

TL-NASG5005 allows some or all of the interfaces to be set up as bridges, which work in a Layer 2 network and are protected by firewalls as long as data passes through the bridge interfaces. In this mode, firewall deployment does not need to change the original topology, which is more convenient and faster.

Route + Bridge mode

During actual network deployment, some interfaces of the firewall can be set as bridge interfaces and part of the firewall interfaces as routing interfaces according to on-site requirements, so that the two methods can be flexibly combined to achieve more cost-effective network protection.

Unsubscribe

Discount Code

Subscribe
Please check the item(s) you are interested in. (required)

Enter email to obtain information:

Verification code:

verify-code
USE : 0.014487981796265