The popularity of the Internet has changed the traditional office mode, but there are always some network users who do network behavior naturally or half unconsciously has nothing to do with the job, such as stocks, chat, play online games, watch videos, online shopping, and more and more employees are through the enterprise wireless network to use the mobiles version of APP Taobao, unfamiliar street. This seriously affects the efficiency of work, which leads to the decline of enterprise competitiveness.

Therefore, the organization needs for PC, mobiles terminals and other applications, APP for more effective identification and control.

The Internet is filled with non key business applications P2P download, online video, online games, novels and other consuming bandwidth, users will occupy a lot of bandwidth in the use of these applications, and the key personnel of business applications, the role is not enough resources.

In addition, the traditional bandwidth management strategies are static, and when bandwidth is idle, the traffic will still be limited and the bandwidth value will be wasted.

Therefore, IT departments need to provide a more flexible, detailed and dynamic bandwidth management strategy for various application types, user roles, bandwidth usage and so on, so as to enhance the user experience online.

2., for the common website content management system CMS security protection;

3., HTTP protocol based anomaly detection, buffer overflow detection, etc.;

4. server version information hiding;

5. Web weak password detection and password brute force protection;

By combining an attack log against a known vulnerability, an effective attack that can really threaten the business server is located.

Business / user security operation and maintenance

In the face of centralized data, multi business operation scenarioses, the next-generation firewall also provides a comprehensive risk report strong function, can first and the number of detected attacks to help users from the current vulnerabilities found for the overall network security situation of a risk assessment, and gives the current network security environment rating.

Working hours for personal activities, managers are difficult to stop, such as work time, browse shopping websites, micro-blog, BBS post, etc.. AC can provide for different users (Group) management method based on the role of the managers to achieve the specified user access to specific sites in the Department and work time only, such as industry information website, the company website, and other unauthorized web browsing will be rejected.

Working hours using private chat such as QQ, MSN, not only affect work efficiency, but also because of IM transfer files and the introduction of viruses and leaked out. The face of many IM software, AC by detecting the characteristics of the application packet field, to achieve IM chat software management, improve work efficiency.

Web filtering, IM chat and other controls are only part of Intranet behavior management. In the face of the user work that hang download, search for the latest network news, pictures, blogs and work time to upload pictures, watch online video, online games and other issues, AC supports the use of identification rules, including 1500 kinds of applications, the overall management of the employees' online behavior.

AC through different departments, different users, based on the distribution of permissions within the time period, you can also limit the user's total Internet access time in a day, to achieve user-friendly management. Support set a certain time value of the Internet, when the user exceeds this threshold, will automatically pop-up reminder page, reminding employees to work time, pay attention to improve work efficiency, do not engage in work-related network activities.

AC supports multi line multiplexing and bandwidth Overlay Technology (patent number: 200310112006X), and enterprises connect multiple public network lines through AC, so as to improve the overall bandwidth level. At the same time, combined with multi route intelligent routing technology (patent number: ZL03113974.4), the intelligent flow routing and load balancing can be achieved.

P2P behavior has a strong phagocytosis of bandwidth, while traditional flow control capabilities do not work on P2P applications. AC provides P2P intelligent identification patent technology (patent number: 200610156977.8), not only can identify and control commonly used P2P software and version, not unusual and future P2P will also be able to control. The P2P flow control technology provided by AC will limit the bandwidth occupied by the designated user after the P2P is switched on. Not only allows users to use P2P, but also does not misuse bandwidth.

AC supports dynamic flow control function, by setting a threshold, when the rate is too low by the whole bandwidth to automatically adjust the release of more bandwidth resources, make efficient use of bandwidth, avoid waste, is more effective than the traditional single, rigid flow control method to improve the bandwidth utilization rate.

AC data center statistics and trends, reports and so on the network behavior of Intranet users. With graphical reports, curves, and statistical results, IT managers can easily control network behavior, distribution, and bandwidth usage.

At the same time, based on the AC (user group), intelligent control application type, site type, file type, target IP, detailed classification and allocations of bandwidth resources, such as the protection of the leadership of the video conference, market access, industry website design department CAD file transfer behavior get guarantee of the bandwidth, improve the bandwidth efficiency of institutions.

In the intranet users access Internet, often to download some files contain malicious viruses inadvertently, these viruses are usually highly destructive, serious when can cause the collapse of a computer system, so that employees can work normally. And if you use Internet Security desktop in the Internet process, you can effectively prevent these viruses program damage to the machine.

When the user use the secure desktop Internet, file, registry files and registry redirection technology make this machine has been protected, and access the directory permissions function cannot access the virus infection and the internal documents, effectively prevent the virus on the system of the machine broken, anti-virus software to compensate for the lack of security incidents prior protection. Internet Security desktop using the world's leading sandbox technology to ensure that it can bring users a clean, secure network application environment, allowing users to use, and no longer plagued by viruses, Trojans flooding.

At the same time, AC has the gateway anti-virus function, carries on the virus filtration to the mail which the intranet user receives, the visiting web page, the downloading document, reduces the intranet user to infect the virus the risk.

AC built-in automatic update of the massive URL library, including pornography, reactionary classification, hidden in such sites in danger will be AC filtering; AC allows the user to manually add the new URL classification; then filter the user through the search engine search keywords, keyword filtering URL address and web page text keywords, to achieve a comprehensive filtering on the web. To reduce the network users to access web pages may bad and dangerous.

Phishing sites that fake online banks, encrypted reactionary websites and so on, show that "encryption" has become a trend, and the majority of equipment in the industry can not control the SSL encrypted web pages. AC links black and white list technology through certificate verification, filters SSL sites containing incredible digital certificates, and implements filtering of SSL encrypted pornography, cults, phishing sites, and so on.

For QQ, MSN and other IM software viruses, through to lure users to download the specified file or open the specified URL link and communication; "AC" intercepting "measures will prevent users from accessing the virus containing URL address; AC can also limit the use of QQ and MSN file transfer.

Files downloaded from the Internet through HTTP and FTP often open or run, causing users to infect viruses, Trojans, and even paralysis. The risk of "infection point" will wait for an outbreak, more users infected, paralyzed the entire network. And this kind of behavior and flow through AC, AC first restrict users to download specified types of files through HTTP, FTP upload, to allow the transmission of documents, AC gateway antivirus virus and Trojan hidden will be killing the file.

Internet behavior management system after deployment, through the definition of key way to send mail, online search, online publishing, file outward behavior such as filtering, so as to avoid the leakage of sensitive information problems caused economic losses to the enterprise. At the same time, effective prevention of bad information dissemination behavior, to avoid legal disputes. Even if the occurrence of adverse information behavior, also can through the implementation of audit records to the network behavior of Internet users, can be in the event of network violations through the audit log tracing responsible person, avoid the enterprise bear the corresponding legal responsibility.

At the same time, according to the rules of the Internet Security desktop machine data files were isolated, any program within the secure desktop trying to obtain isolated file data of the machine will be prohibited, to prevent the terminal after the Trojan invasion file information was stolen, so as to help users to effectively protect the security of sensitive data.