XN시스템즈 | Product | Network security

XN-Box is a new-concept integrated security solution that combines UTM and
the L2 security switch into one to reinforce both internal and external security.

As security threats targeting both external and internal networks increase, the importance of internal security has been growing. As the typical UTM has limitations in terms of internal network security, XN-Box ensures both internal and external security by combining UTM with the L2 security switch.
XN-Box combines the internal/external security function with a self-diagnosis module to provide security that goes beyond thelimitations of
normal security solutions and ensures service continuity. In addition, the black box memory mounted on the product enables convenient follow-up management.

XN-Box provides security functions such as Firewall, VPN, IPS, Web-Filtering, DDoS, etc. and the L2 security function in a single device, reducing the initial costs compared to installing security equipment and the L2 security switch separately. It is a new-concept integrated security solution that can easily handle security threats in all network stages from L2 to L7.

XN-Box is a customer-oriented integrated security solution focused
on enhanced security and better operational efficiency.

Enhances security through the combination
of UTM and L2 security switch
Records all situations to
identify the causes
of malfunctions
Automatically controls
power to reduce down time

Stable HA (High Availability) service: Supports multiple equipment HA configuration through the use of VRRP; Supports real-time N:M session synchronization; Supports functional item-specific setup synchronization

Traffic split through smart NLB: Supports load balancing and fail-over for multi-line use; Supports round robin and weighted session based auto split method; Supports network split method through advanced routing

More powerful content filtering function: Controls both HTTP and HTTPS through filtering engine; Filters encrypted communication HTTPS to control access
to non-business websites such as SNS, webhard, etc.; Controls traffic by blocking streaming sites such as YouTube; Filters various bypass access methods such as proxy and VPN to provide a network that is safe from security threats such as access to vulnerable websites or internal information leakage; Blocks non-business traffic to enhance the business network service quality

Enhanced security engine performance: Features a dedicated security engine for the security function to ensure the switch performance; Multi-core based parallel pipe processing enhances the performance of the security engine

Intelligent blocking through smart security engine: Protects the internal network from various harmful traffic generated from the terminal; Selectively detects/blocks harmful traffic to ensure service continuity

ARP/IP spoofing attack blocking: Blocks packet interception attacks to prevent personal information leakage; Prevents network failure in the L2 section caused by ARP spoofing

IP/MAC management: Protects the internal network from various harmful traffic generated from the terminal; Selectively detects/blocks harmful traffic to ensure service continuity

목록게시판
Item	Details
Network	Supports IPv4 / IPv6 Hybrid function Supports IPv4 / IPv6 static routing Supports RIP,OSPF,BGP+ dynamic routing Supports PIM-SM/SSM, RIPng and multi routing Supports Max VLAN (4K), 802.1Q, Ingress/Egress tagging, and Hybrid/Private VLAN Supports Port-based/Protocol/MAC/ Voice/Subnet VLAN Supports Spanning Tree - STP, RSTP, MSTP, PVST+, RPVST+ Supports DHCP server/relay LACP - Link trunking / Load balancing Supports Trunk group(8), Members per group(8) Supports 1:1 , N:1 Port Mirroring
Firewall	Stateful Inspection 1:1, 1:N, N:M NAT IP/Port/Protocol Filtering Supports Group and Schedule Policy-specific use frequency monitoring Supports Active-Active / Active-Standby Supports VRRP, auto link detection (LLCF) Supports policy and session synchronization
VPN	Supports IKE V1/2 Uses National Intelligence Service certified cryptographic module Supports DDNS inter-operation Multi-core IKE loadsharing Supports X-Auth Clustering type expansion Multi-core IPSec loadsharing Multi-line multi-tunnel Supports OSPF inter-operation (RRI) Supports DPD/NAT Traversal Supports packet compression
IPS	Pattern-based filtering Flooding control Supports over 3,000 patterns Supports commercial patterns Supports PCRE pattern Supports user-defined patterns
Web-Filtering	User-defined URL filter Korea Communications Standards Commission database filter Block page generation and redirection Supports HTTPS blocking Supports bypass access blocking
DDoS Probe	Excessive traffic detection and ISP network inter-operation Supports departure/destination IP-specific excessive traffic detection/blocking
Anti Virus/spam	Supports signature-based virus detection/blocking Supports signature-based virus detection/blocking
QoS	Provides L2, L3 and L4 header-based classification function Ingress rate-limiting(per port/per flow) Engress rate-limiting(per port)
L2 Security	One-to-One, Random, MAC flooding IP scanning, Port scanning IP, ARP, Neighbor spoofing 802.1X, MAC auth, Web auth, Fall-back certified Radius, TACACS+ inter-operation IP Source Guard, Dynamic ARP Inspection, Self loop detection/blocking function Unauthorized router detection function Terminal detection function DHCP, NetBIOS filtering System Access security DAD, Land, Teardrop attack TCP, ICMP fragments Abnormal L4 source port range, same port(sPort/dPort) Abnormal TCP flag, Smurf Join/Leave, IGMP v1/v2/v3 Multicast group (1K)
Management	Supports SNMP v1, v2, v3 / Syslog Supports Syslog Real-time monitoring of system traffic and sessions Supports log search Supports backup/restore settings Interface state, sFlow, routing, ARP, RMON Central management (with Neomanager)

목록게시판
Model		XB1226F	XB1226G	XB1212G
Model
CPU		2 Core	2 Core	2 Core
Memory(UTM/L2)		2 GB(Max 8 GB) / 512 MB	2 GB(Max 8 GB) / 512 MB	2 GB(Max 8 GB) / 512 MB
CF(UTM/L2)		1 GB / 160 MB	1 GB / 160 MB	1 GB / 256 MB
Storage		32 GB(Max 500 GB)	32 GB(Max 500 GB)	32 GB(Max 500 GB)
NIC	Switch	10/100/1000Base-T * 24 1G Combo * 2	1G SFP * 2 10/100/1000Base-T * 20 1G Combo * 4	10/100/1000Base-T * 10 1G SFP * 2
NIC	UTM	1G Combo * 2	1G Combo * 2	1G Combo * 2
Size		1U	1U	1U
Firewall Throughput		2G	4G	4G
IPS Throughput		2G	3.5G	3.5G
VPN Throughput		1G	1G	1G
Concurrent session		1,000,000	1,000,000	1,000,000
Switching Fabric		28.8G	72G	100G
Forwarding Rate		13.09M	71.43M	35.71M

비쥬얼

Overview

Features

Functions

사양