新版本特性8.90

单击此处编辑母版标题样式,单击此处编辑母版文本样式,第二级,第三级,第四级,第五级,8.9,版本新特性,技术部,发布了一个应用中心,三个新的应用层网关（,ALG,）,十个新的主要特性,进一步的扩充了,xUTM,增强了系统综合和多安全服务平台,介绍,Clavister CorePlus,Release 8.90,概览,SIP,TFTP,Anti-Spam,（,DNS Black List,）,POP3,地址池,多,IP,规则表,支持,SNMPv2c,实时监控报警,PCAP,记录（一个抓包工具，将捕获的数据包记录到防火墙上）,支持,Broadcom,芯片（网卡芯片）,Internet,Clavister Protecting the Telephony infrastructure,SIP Server/Proxy stationed in,for example the service providers service/access network,SIP Server/Proxy,Phone B,VoIP Network,SIP,（会话初始化协议）,特性,益处,隐藏拓扑,(NAT),隐藏内部网络结构增强安全,动态和透明的端口开放,在,NAT,的情况下，只需要配置安全网关，减少电话的管理。增强安全，仅仅动态开放需要的端口,灵活的网络分割,增强安全，简单的故障处理和提高服务质量,协议分析,(SIP Message Inspection),增强安全保护违反协议的攻击行为,DoS,保护,提供泛洪攻击保护，比如，限制每个用户的会话数或者其他类似的攻击。,Registration Hijacking Attack Protection,劫机攻击保护,防止黑客截取,SIP,会话,VoIP,威胁分类,Social Threats,社交威胁,Misrepresentation,误传,Identity,身份,Authority,威信,Rights,正确,Content,内容,Theft of Services,服务窃取,Unwanted Contact,不必要的接触,Harassment,折磨,Extortion,敲诈,Spit(VoIP Spam),垃圾消息,Eavesdropping,窃听,Call Pattern Tracking,呼叫跟踪,Traffic Capture,流量捕获,Number Harvesting,号码获取,Call Reconstruction(voice,video,fax,text,voicemail),呼叫重建,VOIP SA Threat,TaxonomyVOIP,威胁分类,Interception and Modification,拦截和修改,Call Black Holing,呼叫黑洞,Call Rerouting,呼叫转移,Conversation Degradation,交谈降级,Conversation Impersonation and Hijacking,会话扮演和截取,False Caller Identification,假冒呼叫者的识别,Service Abuse,服务的滥用,Denial of Service,拒绝服务,VoIP Specific,DoSVoIP,特定的,DoS,Request Flooding,请求泛洪,QoS,AbuseQos,滥用,Spoofed Messages,欺骗消息,Call Hijacking,呼叫截取,Malformed Requests and Messages,非法的请求和消息,Network Services,DoS,网络服务的,Dos,Underlying Operating System/Firmware,DoS,操作系统或者底层固件的,DoS,Distributed DoS(,DDoS,),分布式的,Dos,TFTP ALG,特性,益处,在,TFTP,服务器和客户端之间担任代理,在网络中增加全面的安全,定义读写权限,增强管理员的能力和安全等级,组织未知的协议选项,控制仅允许详细定义的命令可以运行,提高安全,最大文件传输大小,最小降低使用,TFTP,传输机密信息的风险,阻止目录转移,减少“探索”攻击,Clavister Protecting the Telephony infrastructure,Service Provider networks with automated provisioning of configurations and firmware updates over the TFTP protocol,Hackers trying to launching attacks over the TFTP protocol,VoIP Network,垃圾邮件,更加讨厌的事情,Spam is not going to go away and heres why:,Financial gain,Popular malware distribution and attack launch mechanism,Most security systems deployed are either to weak or miss-configured to protect against modern spammers,Source:Commtouch Software Online Labs,http:/ what Clavister Anti-Spam has to offer:,Remove the bulk of spam mails before it even reaches the mail server,Add an extra layer of Anti-Spam protection to the network,Rapid deployment Service Oriented Approach(no software/hardware installation needed),Increases employee productivity,Decreases the risk of malware(Virus,Phishing,etc)spreading through spam mail,Clavister Anti-Spam Scenario,Internet,SPAM List Server 2(for example,Spamhause)Positive Result=5 points,Infected ZombiesUsed as a part of bot-net for relaying spam,Mail ServerSpam Gateway,SPAM List Server 3(for example,SpamCop)Positive Result=5 points,Spam Policy Logic,Query Servers:Spam List Server 1,2,3,Points:0-5:Action=AllowPoints:5-14:Action=Tag with*SPAM*Points:15-:Action=Drop E-mailWhite-list all mails from*,Hackers/Spammers,Roaming users accessing mail via phones and PDAs,SPAM List Server 1(for example,Sorbs)Positive Result=10 Points,Internal Mail Users,特性,益处,邮件地址黑白名单,允许你阻止或者允许特定用户或整个域,速度异常过滤,保护避免遭受,DoS,攻击和帮助识别病毒爆发,DNS,黑名单列表,(DNSBL),允许你简单的和互联网上众多的反垃圾邮件服务器联动,使用多个,DNS,黑名单服务器,改良的精确度和跳转，在免费和商业列表服务器中进行选择,高级垃圾邮件服务器计分系统,改进精确度，排除假阳性和假阴性,垃圾邮件重寄,降低存储消耗和提高安全性,Clavister Anti-Spam Features&Benefits,Feature,Benefit,E-mail Address,Whitelisting,/Blacklisting,Allows you to block or allow specified users or entire domains,E-mail Sender Address Verification,Improves security through verification of the email address in the header,Rate Anomaly Filters,Protects you against DoS attacks and helps identify viral outbreaks,DNS Blacklisting(DNSBL),Allows you to easily integrate with most spam servers available on the internet,User Definable DNSBL Server List,Allows you to choose your favorite blacklist servers,free or commercial,Use of Multiple DNS Blacklist Servers,Allows you to use more the one server,thereby increasing accuracy and availability.Simply put,it allows you to catch more spam!,Advanced Spam Scoring System,Improves accuracy,eliminates false positives and false negatives,Spam Redirection,Allows you to store the spam mails in a different account,thus minimizing productivity loss and decrease storage costs,POP3 ALG,/Anti-Virus Scanning,特性,益处,加强选择和更强健的认证,简单的管理和增强网络安全,隐藏用户名,这个特性可以隐藏用户名并且防止一类发现存在用户名后的强力攻击,允许或阻止未知的命令,改善管理和安全，允许阻止异常,控制文件扩展名,增强安全，允许被详细定义的文件类型,协议检查,增强安全，校验数据符合协议标准,病毒扫描,提供集中管理和高性能的,PoP3,数据病毒扫描,Internal Network,Internet,Service Provider/Data Center that hosts e-mail server,POP3 Protocol used for transfering e-mails,地址池,内部用户，使用公有地址,1,和公有地址二做,NAT,，（地址池一）,NAT Pool 1,Public IP1=83.12.1.1Public IP2=83.12.2.2,NAT Pool 2,Public IP3=83.12.1.3Public iP4=83.12.1.4,需要大量连接的情况，比如,BT,下载等,内部用户，使用公有地址二和公有地址三做,NAT,，（地址池二）,NAT Pool,性能,多规则表,多规则表的益处,:,更低的整体成本和较短的投资回报率,减少管理并使其简化,改善利润率在多安全服务平台,-,通过一个安全网关管理多个用户,由多个管理员分发安全策略,(,每个服务