-
NetEye NISG
Packet filtering technology (the first generation security gateway technology) can effectively resist the destruction of all single-packet attacks, and stateful packet filtering technology (the second-generation security gateway technology) make security gateway can be upgraded to a session-level protection capability. However, with the continuous development of information technology applications, security threats that users of information system facing today are application level based mixture of the virus, spam, malicious URL link, vulnerability scanning, hacker infiltration, etc. Neusoft NetEye NISG founded with multi-core processors, advance multi-threaded architecture-based processing mechanism, bound with Neusoft years of innovation ”Flow-based Filtering Technology” as the core detection technology, integrate multiple security technologies. The product is an effective solution to face the latest threat and traditional security problems caused by stacking products, in ensuring the stability of the network and greatly enhance the ability of comprehensive security defense.
Neusoft NetEye NISG adopt virtualization, cloud detection and other advanced techniques, and specific attack detection into Neusoft’s patent NEL description language, service users by having a safe and practical, efficient filtering, accuracy detection and so on.
NetEye SOC
NetEye SOC (Security Operation Center) is designed to help users turn their isolated security resources into an information assurance system. NetEye SOC not only incorporates various technologies but also includes operational processes and network security personnel. It therefore reflects the main principle of NetEye information assurance systems, the emphasis on technology, operations, and personnel. NetEye SOC helps users enhance their technical capabilities and effectively improves their security management infrastructure.
NetEye SOC can solve the problems of mass data and isolated information islands by streamlining security management data models. All security information from network devices will be saved to a universal database and then analyzed based on customized security policies. All information is associated with assets so risks can be monitored, analyzed, and then avoided. As a tool to help security management staff with their routine work, NetEye SOC can analyze system risks and offer solutions more effectively and flexibly.
NetEye ADSG
Considering the rapid shift towards virtualized deployments and the specific infrastructure requiredby web-based massive-scale service mode, ADSG is designed to address the security issues on theedge of cloud service. ADSG offers a 3E security solution built on top of 20 years of in-depth study,engineering and safety issues solving experience, which covers top of the art firewalling, anti-DDoS,tailored IPS, Application-specific Traffic load balancing and delivery guarantees.
Features---Effortless-Elastic-Economic
Effortless – ADSG is easy to deploy and manage in your specific networking environment. Withwell-rounded support and tailored training to get the service up and running, we offer you a solution without taking much effort to manage the complexity of security issues.
Elastic – ADSG offers a highly scalable solution to help customers manage the ever-more-large cloud-based services. It is a future-proof approach, designed from the very beginning with fully extensible architecture, and copes particularly well with unexpected disturbances in the environment. The system is adaptable and transparently accommodates the serving-scale according to the measured workload.It is ready to handle unplanned peak workload situations since the architecture of system is resilient, allows on demand reconfiguration and is implemented in a distributed way.
Economic – Without deploying expensive hardware and without facing management and maintenance difficulties, ADSG offers a combined solution for cloud-based service delivery and massive-scale threat protection with the lowest TCO. ADSG is capable of running in physical server cluster or virtualized environments.
NetEye NTARS
NetEye NTARS (Network Traffic Analysis and Response System) is mainly used to monitor and analyze backbone network traffic. It collects backbone network traffic information and system information; adopts various methods for analysis and inspection; monitors and inspects DoS/DDoS attacks, worms, viruses, junk mail, and other abnormal behaviors inside the backbone network in real-time; extracts abnormal characteristics and automatically triggers the response system so as to defend against attacks. At the same time, it also provides various methods of backbone network statistics analysis to help administrators keep track of the operation status of backbone links and key resources.
NetEye Firewall
NetEye firewalls use stream filtering technology and guarantee high performance filtering from data link layer to the application layer. They support rapid upgrade of application-level plug-ins and quickly respond to the latest threats, so NetEye firewalls can realize dynamic network protection. With the help of the NetEye collaborative emergency response system, stream filtering technology not only gives users high performance protection, but it also allows for quick custom development of special or new applications in order to respond to security events fast.
NetEye IPS
To tackle issues such as Web application security, mail server security, database security, and worms, Neusoft has launched NetEye IPS (Intrusion Prevention System), a highly effective intrusion prevention product which is based on multi-core processor architecture. NetEye IPS applies a unique "application purification" technology and uses protocol level analysis and attack prevention. It uses protocol anomalies, vulnerability characteristics, attack signatures, statistical characteristics, and other information to define intrusion detection and prevention policies. Furthermore, its rule database can be easily upgraded. Neusoft NetEye IPS also provides an open platform of attack description language so that users or third parties can customize rules whenever necessary, making it possible for NetEye IPS to protect application servers and networks for all kinds of industries.
NetEye IDS
NetEye IDS (Intrusion Detection System) is a network intrusion monitoring system developed under Neusoft’s own copyright in response to the increasing prevalence of worms and viruses, the illegitimate use of networks by internal personnel, and the lack of effective protection for the long-term, healthy operation of networks. It is the second level of security protection after the firewall and expands the depth of network defense by using the unique technology of data packet interception to continuously monitor the network. NetEye IDS diagnoses internal and external intrusion attempts by using advanced real-time intelligent analysis of the network data stream; and it also responds to and prevents attacks and sends attack alerts.
NetEye VPN
The construction of private networks with VPN products is becoming more and more popular. NetEye VPN is a total VPN solution, simple and flexible in deployment and maintenance. It can perform automatic channel maintenance, which effectively secures the continuity of the network and provides high reliability and extensibility.
NetEye Auditing System
NetEye Auditing System is an information security product that is designed for the auditing of abnormal internal network behaviors such as attacks or security breaches. It can perform real-time monitoring on the status of the key servers and hosts in the internal network and on the resource condition inside the internal network. NetEye Auditing System can collect and track the behaviors and security events of the networks and hosts that the user is concerned about and can playback, analyze, respond to, and back up those behaviors and events.
-
Finance
People’s Bank of China, Industrial and Commercial Bank of China, Agricultural Bank of China, China Construction Bank, Huaxia Bank, CITIC Industrial Bank, Orient Securities, China Minzu Securities, United Securities, Hua’an Fund Management Co., Ltd., China Asset Management Co., Ltd., Shenzhen United Securities, People's Insurance Company of China (PICC), China Investment Corporation, Industrial Securities
Telecommunications
China Telecom, China Satcom, Beijing Telecom, Liaoning Telecom, Guangdong Telecom, China Mobile Fujian Branch, Zhejiang Post and Telecommunications, Changsha Telecom, Jinan Telecom, Hangzhou Telecom, Nanning Telecom, China Unicom Liaoning Branch, China Unicom Anhui Branch, China Unicom Nanjing Branch, China Unicom Xinjiang Branch, China Unicom Heilongjiang Branch
Electric Power
Zhejiang Electric Power, Liaoning Electric Power, Guangxi Electric Power, Hunan Electric Power, Jilin Electric Power, Shandong Luneng, Harbin Electric Power, Jiaxing Electric Power, Shaoxing Electric, Shenyang Electric Power Bureau, Wenzhou Electric Power Bureau, Baishan Power Plant, Yong’an Power Plant, Xiaoshan Power Plant, Huangtai Power Plant, Zhenhai Power Plant, Sichuan Power Plant, Shandong Power Plant, Shanxi Power Plant, Jiangxi Power Plant
Healthcare
Second Clinical College of China Medical University, Second Affiliated Hospital of Shanxi Medical University, Yunnan Cancer Hospital, Yunnan Medical Treatment and Healthcare Center, Shenyang No. 6 People’s Hospital, Jinan Qianfoshang Hospital, Suzhou No. 1 People’s Hospital, Zhejiang Taizhou Hospital, Affiliated Hospital of Luzhou Medical College, Zhengzhou Medical Care and Insurance Center, PLA Hospital No. 105, Shijiazhuang No. 3 People’s Hospital
Enterprises
Sichuan Changhong, Haier Group, Meiling Group, Chunlan Group, TCL Group, Yuejin Motor Group, Xuzhou Construction Machinery Group, First Automobile Works, LG Group, Kejian Group, Bubugao Group, Wuliangye Group, Jinan International Airport, Xiamen Airport, Inc., Yuntianhua Co., Ltd., Chengdu Guotai Pharmaceutical Company, Guangshen Railway, Inc., Siemens (Chengdu), Conrowa Group, SINOPEC North Petroleum Bureau, Shanxi Tobacco Company, Gansu Tobacco Company, Tianjin Tobacco Company, Liaoning Tobacco Company, Xiamen Airlines
Education
Chinese Academy of Sciences, Jiangxi Provincial Education Department, Beijing University of Aeronautics and Astronautics, China (Xuzhou) University of Mining and Technology, China (Xi’an) Test Pilot Institute, Lanzhou Jiaotong University, Fujian College of Chinese Traditional Medicine, Zhejiang Water Conservancy and Hydropower College, Gansu Agricultural University, Shaanxi Normal University, Northeastern University, Hunan Provincial Education Department, Central South University
Government
National Development and Reform Commission, China Securities Regulatory Commission, Ministry of Public Security of the PRC, General Administration of Customs of the PRC, National Science and Technology Commission, National Tourism Administration of The PRC, the State Administration of Radio, Film, and Television, Ministry of Environmental Protection of the PRC, Ministry of Agriculture of the PRC
-
Network security system for a local commercial bank
Overview
The bank is the first joint-equity commercial bank in one of China's provinces with a business ranking of 5 following the four state-owned banks. Its operations cover retail banking, corporate banking, international and capital businesses.
Customer's Challenges
In order to improve its security protection capability and meet the requirements of hierarchical information security protection as stipulated by the state, the bank needs to deploy a 1-Gbps firewall system for its core network of accounting business and information management. One of the top priorities of the bank has been to establish an effective network access control system and enhance overall network security with a robust firewall featuring effective attack defense.
Solution
Neusoft deployed two 3-Gbps NetEye Firewall Systems at the core of the customer's accounting business and information management networks to meet its requirements for high performance and serviceability of network security protection. Each firewall system, with 8 Gbps ports, is provided with an Active/Active cluster. In addition, port link aggregation technology is applied to help increase core bandwidth.
Benefits
Neusoft NetEye Firewall has effectively prevented direct access to the core server system from different local clients and prohibited internal employees from intruding into the system via any possible loopholes with the operating system and network or in their configuration settings. Besides, its powerful attack protection performance has effectively protected the network from potential network attacks. Armed with advanced technologies, rich functionalities and stable performance, Neusoft NetEye Firewall has again fully demonstrated its capability of addressing the requirements of network security, thus ensuring stable, reliable operations of the bank's business network.
NetEye Firewall's wire speed performance, ability to support complex business applications, port link aggregation (Ethernet channel), A-A configuration and synchronous information display was appreciated by the customer. Impressed by the high-quality and stable performance, the customer commented that the solution has helped ensure smooth operations of its entire information system.
Network Security System for Nantong Telecom
Overview
Nantong Telecom is a company affiliated to China Telecom, Jiangsu Branch. Its major operations include fixed telecom network/facilities (including wireless local loop); voice, data, image and multimedia communication and information services based on fixed telecom network; international settlement of telecom businesses pursuant to China's related policies; communication/information-related system integration, technical development, technology services and information consultation; sales, design and installation of communication products (exclusive of satellite ground facilities) and design, production and distribution of advertisements.
Neusoft's NetEye Firewall won the project, despite competing with a large number of domestic and overseas competitors, with its high-quality performance, powerful protection capability and rich functions.
Solution
NetEye Firewall provides 3 Gbps throughput for the information storage system of the customer's Best Tone business system and enables many virtual subsystems with its virtual firewall appliance.
In addition to comprehensive and robust network security protection, the virtual firewall appliance also helps improve flexibility in network management at reduced investment costs. Besides, NetEye Firewall supports command line operation, allowing for convenient operation and with a low training cost of Administrators
HIS system for the First Affiliated Hospital of Xi'an Jiaotong University
Overview
The First Affiliated Hospital of Xi'an Jiaotong University, founded in 1956, is the largest level 3 grade-A hospital. It is also a consultation treatment center for difficult diseases in Northwest China. To provide better healthcare and treatment services for patients and improve its service quality, the hospital embarked on the construction of a HIS system. This eventually helped advance healthcare information management, expand treatment capacity, reduce visiting time and provide more streamlined services for patients covered by medical insurance.
Solution
The hospital required a high-performance and stable firewall deployed at the key routes of its business network to ensure its network security, smooth transmission of patient healthcare information and to protect the network from all kind of attacks and worms.
Neusoft NetEye with 1+ Gbps firewall throughput performs effective access control and filtering based on a set of strict policies. Its automatic intrusion detection & prevention module can accurately detect and defend against any worm to ensure network security and help the hospital provide uninterrupted online healthcare services around the clock.
Benefits
With the help of NetEye 1+ Gbps firewall's high stability, safety and performance features, the hospital maintains a safe network operation, realizes real-time transmission of data - both of itself and the Medical Insurance Center, improves service quality and generates more profits.
Shanghai Airlines IT Solution
Overview
Shanghai Airlines (SAL), China's first commercial airline of multidimensional investment and a member of Star Alliance (the largest airline alliance in the world), has more than 170 domestic and international passenger transport flights across more than 50 large and medium cities worldwide. In 2009, SAL merged with Eastern Airlines but still operates independently. As IT systems are essential to its businesses and development, enhancing network security of its IT systems after the merger has become a great concern to SAL. To this end, SAL invited several famous network security companies for bids and finally selected Neusoft NetEye as its vendor for information security system construction and assessment.
Customer's Challenges
Following discussions with SAL and research & analysis on its businesses and network security, we identified that a general/detailed risk evaluation on SAL's information & network system was a matter of prime importance. The specific fields identified were SAL's E-commerce business, call center, operation preparation, HR, recruitment and freight systems. The risk evaluation needed to be performed to get a full understanding of the network security status and potential risks. Based on the assessments, SAL needed to be assisted to set up new network security mechanism/management standards and map out a further network security construction and investment plan.
Solution
The solution focused on comprehensive security issues covering physical devices, system platforms, networks and applications:
Physical devices: Confirm whether the physical environment is consistent with Chinese standards and information security requirements; whether crypto security measures such as encryption and electromagnetic shielding are deployed on devices, communication circuits and physical media of the mainframes, application servers, network devices and encryptors of key systems.
System platforms: Ensure the security of operating system and database system on the mainframes.
Networks: Standardize connection methods, optimize access control, deploy security protection products and establish/implement management mechanisms.
Applications: Protect and ensure stable operation of application systems and protect legitimate rights and interests of the customer and the system's internal users.
Our security operation service team made an elaborate and comprehensive implementation plan covering a repertory of security services, such as general risk evaluation on SAL's network, evaluation on hierarchical protection construction difference, system security consolidation, security technology training, security notice pre-warning and emergency response, etc.
Importantly, we kept all tools and evaluation methods related to each process open to SAL's technicians and developed them into a technical team fully capable of risk evaluation on information security. This approach helped SAL maintain an effective network security protection from a long-term view.
Benefits
Relying on our independently-developed network security products, leading serviceability and reliable quality control, we succeeded in delivering comprehensive and specialized information security services and cultivated an excellent technical team for SAL, providing powerful guarantee for its network security.
Integration & Simplicity
- NetEye SOC helps China Huaneng Group optimize network security protectionOverview
China Huaneng Group (Huaneng) is a Fortune 500 company with a registered capital of RMB 20 billion Yuan. Its major businesses include development, investment, construction, operation and management of power sources.
Customer's Challenges
With the principle of unified planning, resource sharing and integration, Huaneng needed to build up, based on China's security construction standard norms and global best practices, a safe, reliable high-performance, easy-to-manage, all-in-one information security system. This needed to be done to ensure the security, reliability, integrity and availability of its various operations, such as document circulation, video conference, IP voice telephone, basic construction, real-time monitoring of production sites, transmission and presentation of production, planning, finance, staffing and archive data and to address the security requirement of external network.
Besides, the system needed to be consistent with Huaneng's strategic goal of building a comprehensive energy group that takes power generation as the core business, development of the coal industry as the foundation and transportation as the supporting business. The system needed to be compatible with Huaneng's IT infrastructure development plan and have the same information security management measures.
Solution for Huaneng's Headquarters
Neusoft NetEye SOC (Security Operation Center) helped Huaneng's headquarters turn isolated security resources into an information assurance system that allows centralized display, management and processing of all security events. Operation and maintenance of information security of all subsidiary companies and power plants can be directly monitored through the ports of local security operation & maintenance management platforms. In addition, NetEye NTARS (Network Traffic Analysis and Response System) has enabled effective monitoring of backbone network traffic, direction of the traffic flow and any abnormal traffic.
Insufficient IT knowledge among employees, weak IT infrastructure, and low awareness of network security are some of the drawbacks of China's traditional electric power industry and Huaneng is no exception. However, its headquarters has a high-quality and well-educated information service team, available for rapid and effective service support from vendors and integrators.
China's power generation enterprises have certain unique characteristics. For instance, they have a large number of branches, subsidiary companies and electric power plants distributed in the remote areas across a province or in areas of other provinces. The integration of all business networks in a secured manner and ensuring that these networks communicate effectively is a great priority for the network management department of Huaneng. Neusoft was able to address all of Huaneng's security service requirements by virtue of our nationwide service platform. We have also assigned a dedicated senior information security team to plan, design, execute, coordinate and maintain the security project of reconstruction of dual networks for Huaneng's new building.
Solution for Local Power Plants
Large-scale plants with high information dependence are able to monitor their network security independently and report security events to their superiors; while the network security of small-scale plants with low information dependence is monitored directly by their superiors. Lack of information, deficient IT capability and low network security awareness, strong dependence on vendors and integrators are the general shortcomings found in small-scale plants. Besides, power plants tend to be scattered across the country. Some water power and wind power plants are located in remote areas and require high-quality localized services provided by the vendors and integrators. Hence, network security vendors and integrators need to have a nationwide service support capability that can provide network services parallel to the headquarters. We at Neusoft, with a nation-wide service network, can provide seamless localized service support for all the plants of Huaneng.
For those electric power plants located in remote areas with poor network infrastructure (only ADSL for network connections), it is necessary to use VPNs to connect with their superiors. For those plants using a large external network and small internal network, since the internal network is seldom used and given the poor condition of network infrastructure and communication, it is suggested to apply external network more widely based on guaranteed network security.
Starting second half of 2009, we have established partnerships with Huaneng at its five locations, including Beijing, Shandong, Ningxia, Sichuan and Hulunbuir. We communicate with representatives from Huaneng on its system structure and network security continuously, optimizing the solution to meet their actual requirements. Our NetEye SOC has helped Huaneng simplify operation and maintenance processes of network security management and turn isolated management into an integrated system, thus improving efficiency of its operation and maintenance to a great extent.