Surfilter Network Security Audit System

    Intranet information security is protected using content audit and behavior control in the network application. The system also supports rapid log query. The rich and diverse statistical reports enable the administrator to implement targeted network management enhancement, providing effective evidence for standardizing network management and instituting correct management decisions.

    Core Technology

    High performance data analysis processing

    Single audit device processing 10G traffic can be achieved using professional data analysis processing engine and dedicated hardware accelerator module.

    Massive data full-text retrieval

    High-efficiency audit data retrieval under high bandwidth is achieved by fully optimizing data storage, data retrieval and business discovery, as well as using advanced full-text retrieval engine.

    Parallel protocol stack

    Replacing the traditional protocol stack by using parallel protocol stack, sufficient scope for multiplex CPU, multi-core CPU and super line CPU is provided. Equally processing workload among threads in a high traffic scenario is guaranteed, effectively avoiding overloaded threads.

    FPGA-based dedicated network card

    FPGA-based dedicated network card adopts zero copy technology. Message received by network card does not pass through layer-by-layer coping of operating system protocol stack, instead, it moves directly from DMA to application buffer, so as to reduce data copying costs.

    Product Functions

    Behavior Audit

    Standard protocol and its derived applications, instant messaging (IM)/VoIP applications, streaming media/video webcast, P2P download application, entertainment/game applications, finance and securities, database access.

    Content Audit

    Standard e-mail, webpage browsing, remote login, file transfer, instant chat, webmail, forum, micro-blog, blog, database access.

    Application Control

    Application plugging strategy, flow limitation, flow control based on IP and application protocol, IP/MAC binding, black-and-white list.

    User Management

    Transparent identification of internet users, authenticated identification of internet users, enterprise organizational structure division, automatic grouping of organization management. Integrated with PPPOE, RADIUS, Dr. COM, AD domain and other third party systems.

    Real-time Monitoring

    Monitor device CPU, memory, disk occupancy, online users, system time, network interface, and other information, as well as user traffic ranking and application traffic ranking.

    Data Report

    Statistical report, user analysis, behavior analysis, traffic analysis, computer operating analysis, search analysis, trend analysis, output file analysis, smart report, report subscription.

    Product Advantages

    Super-High Performance

    Advanced structure system is adopted and combined with a series of technical means, ensuring the system has excellent performance and adaptability. Audit requirements of group enterprise, governmental authority and operator can be met through this product.

    Strong Alarm Function

    Supports interface alarm, e-mail alarm, SMS alarm, and enables relevant responsible person to receive safety information in the shortest time, enabling them to take immediate corresponding process action.

    In-depth Data Analysis and Data Mining Capability

    Relying on a strong Protocol Analysis Engine, various online application protocols can be accurately restored, generating different smart analysis data reports.

    Multi-layered Self-security Protection

    Four layers of self-security protection mechanism, including network, system, operation, and data.

    Completed External System Interface

    Meeting the requirements of unified monitoring and control of online behavior by a public security regulatory department enables enterprises to change original passive cooperation inspection to active reporting. Integrated with third party AAA; achieves real name audit.