NET gate--Introduction of the Gateway products

Source: Internet
Author: User
Tags rfc switches
The real physical isolation
The physical isolation network Gate of the network has truly realized the physical separation between the two networks. The physical isolation network brake interrupts the direct connection between two networks, all data interchange must pass through the physical isolation network Gate, the net gate from the network layer seventh layer restores the data to the raw data (file), then transmits the data in the form of "the ferry file". No packets, commands, and TCP/IP protocols can penetrate the physical isolation gateway. This is the same as Transparent bridge, promiscuous mode, IP over USB, as well as through the switching mode to transfer the contract, there are essential differences, the real realization of physical isolation.
Clock switch
Physical isolation is achieved by means of a switch. At present, there are three kinds of physical isolation switch technologies: Real time switch (real-time switch), one-way connection (one-way link), and network switch (network switches). Real-time switches and one-way connections faster, the speed of the network switch a bit slower. There is a widespread concern about switching speed, and it is feared that switching speed directly affects the performance of the network. If the speed of the switch is low, the performance of the network must be affected. Even if the speed of the switch is high, the performance of the gateway is limited by the performance of the host. Regardless of the speed of the switch, the upper limit of the performance of the gateway will not exceed the upper limit of the host.
The medium network physical isolation Network Gate adopts the CPU clock of the host as the switch, realizes the switch function in the kernel of the system, achieves the maximum performance of the net gate successfully, and is superior to the three kinds of switch technology. The efficiency of the kernel is much higher than that of peripherals.

Anti-attack kernel

The physical isolation network brake interrupts the direct physical connection of two networks, so known attacks and unknown attacks do not attack the network that is physically isolated. However, the physical isolation device itself involves a part of an unreliable network or an attack from a network that is not trusted. The physical isolation network Gate protects others, but cannot avoid being attacked. Just like a firewall, you can protect others and not protect the firewall itself. The safety of the physical isolation network gate itself is very important.
In addition to the use of special security operating system, in addition to the security of the core to strengthen and minimize the service, but also the use of the unique aegis of the Shield against attack core, to ensure that the network of physical isolation network Gate has the highest resistance to attack characteristics.

Full support for all Internet standards (RFC)

The physical isolation mechanism requires that all TCP/IP protocols (Protocol) be stripped down to prevent attacks from the protocol. Starting with the IP protocol, to the TCP protocol, a session as a unit, to layer Seventh application layer (application), and finally to a file format that can be stored to "ferry" data through low-level physical media.
The network of physical isolation gateway, according to different applications, complete compliance with the relevant Internet standard RFC. Based on the relevant RFC, one application is implemented.

Protocol-based content detection

Because the medium network physical isolation network Gate from the network's first layer has been working to the seventh layer, so the content can be checked based on protocol. Different applications, corresponding to the seventh layer of the Protocol, the inspection mechanism and modules are also different.
The contents of the inspection can include but not limited to content filtering, anti-virus, anti-malicious code, Anti-disclosure, file format control, etc.

Support for identity authentication

Network physical isolation network gate, to protect the high security requirements of the network from untrusted network attacks, the decision of the high security requirements of networks must support identity authentication. In order to guarantee the dependability and reliability of the network gate configuration, it is necessary to initiate the configuration request from the trusted party, and it must be authenticated. To prevent leaks, users of trusted networks must also be authenticated. For a number of specific applications, can also be required for identity authentication.


User Benefits


High Security

The physical isolation gateway is hailed as the highest security product in all security products. The philosophy of the idea is that it is not safe to disconnect. Consider using the network in the case of security. Avoid attacks from the operating system, commands, and protocols.

High bandwidth

The maximum bandwidth of the physical isolation gateway of the network can be as high as 5G. The efficiency problem of the most physical isolation network gate is solved.

High Availability

The dual-channel communication function of the hot standby system is supported by the physical isolation gateway of the network, which provides a high availability. The dual power supply is supported by itself.


Application Occasions


High Security access Access Service

For the units and departments that require restricting access to the Internet for security reasons, the network barrier can be used to provide access services. Internal users can access the Internet, the Internet cannot invade and attack the internal network. Services include Web site access, e-mail delivery, file downloads, and more.


Protect Web sites, databases, and core assets
For those who provide e-commerce and e-government units, it is necessary to provide access services, but also to solve security problems. In the Web site or database before the use of the network of physical isolation gateway can solve the related security problems.

Physical isolation between two networks
A large number of private networks and public networks, between intranet and extranet, need to solve the problem of intrusion and security. By using the network barrier, the necessary data communication between the two networks can be realized, and the security problem of mutual intrusion is ensured.

Hardware metrics

Physical parameters
Physical Dimensions (W x D x H): 430mm x 280mm x 89mm
Weight: 13kg

Power supply parameters
Input voltage: AC ~ 250V
Input frequency: ~ HZ
Power consumption: W

Working environment
Operating temperature: 0 ~ 60 degrees Celsius
Storage Temperature:-20 ~ 80 degrees Celsius
Working Humidity: 5 ~ 95, non condensing
Storage Humidity: 5 ~ 95%, non-condensing

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.