Web Application Firewalls and Internet Security Solutions

With the fast evolution of the IT industry, all applications, services and devices will be connected through internet with new technologies such as BYOD, IoT (Internet of Things), Cloud and so on. This will bring many advantages to businesses in terms of convenience & productivity, however, with tremendous power coming handy, comes also great responsibility in handling Network Security.

Choose the next generation, enterprise firewall protection + Web Application Firewall

Sensitive data such as credit card information, confidential files, etc. are a gold mine for hackers or competitors to earn money. There are currently many examples such as Ransomware, which is growing at an alarming rate with new varieties being developed on a regular basis. Network security and protection is often considered as an additional investment with few benefits but traditional security solutions are too general against the increasing number of vulnerabilities, which often can only protect against the existing vulnerabilities.

At Sangfor, we develop complete & comprehensive firewall solutions with our users in mind by protecting them against all type of threats, no matter if its internal or external, existing or future threats, with an easy-to-use converged security solution. Security should be simple, easy to understand, and deploy as well as operate for the average IT employee. Sangfor’s concept of network security is following four fundamentals points that are at the core of our market strategy as described below.

Product Models

Models M5100 M5200 M5300 M5400 M5500 M5600 M5800 M5900 M6000
Profile 1U 1U 1U 1U 2U 2U 2U 2U 2U
Firewall Throughput 2 Gbps 3 Gbps 6 Gbps 8 Gbps 12 Gbps 18 Gbps 20 Gbps 40 Gbps 80 Gbps
IPS + WAF Throughput 550 Mbps 850 Mbps 950 Mbps 1.5 Gbps 3 Gbps 8 Gbps 12 Gbps 20 Gbps 40 Gbps
IPS Throughput 1 Gbps 2 Gbps 3.6 Gbps 5.4 Gbps 8 Gbps 12 Gbps 15 Gbps 20 Gbps 40 Gbps
WAF Throughput 1 Gbps 2 Gbps 3.6 Gbps 5.4 Gbps 8 Gbps 12 Gbps 15 Gbps 20 Gbps 40 Gbps
IPsec VPN Throughput 250 Mbps 375 Mbps 1 Gbps 1.25 Gbps 2 Gbps 3 Gbps 3.75 Gbps 5 Gbps 5 Gbps
Max Ipsec VPN Tunnels 300 500 1,000 1,500 3,000 4,000 5,000 10,000 10,000
Concurrent Connections (TCP) 250,000 1,000,000 1,000,000 1,000,000 1,000,000 2,000,000 4,000,000 8,000,000 16,000,000
New Connections (TCP) 50,000 60,000 100,000 110,000 220,000 300,000 330,000 450,000 600,000
Power and Hardware Specifications
Support Dual Power Supplies N/A N/A N/A N/A Yes Yes Yes Yes Yes
Power [Watt] Max 60W 100W 100W 250W 300W 300W 500W 500W 500W
Model Datasheets
Click to Download

Product Advantages

Security Visibility

Security is becoming more and more complex with illegal traffic mixed with legitimate traffic. Even in trusted domains, legitimate users cannot be trusted as they might be a potential attacker. Therefore we believe that the visibility of the whole network is the foundation of network management. We need to see the risk of information assets, people and behaviors, so that we can recognize security threats and timely dispose of them.

With Sangfor NGAF Reporting Tools included in the product itself (Free-of-Charge), users are able to have an extensive overview of their network with just a few clicks. You can choose whether you want to see information such as who the online users are, servers, abnormal traffics, attack status, attack source, etc.

Effective Analysis & Presentation: Risk Positioning | Analysis of Data | Graphical Display.

Broader Visibility: User | Behavior | Business.

Real-Time Detection, Rapid Response

For many users, real-time detection is only limited for attacks that happened before it entered the network. However real-time detection should also take into account all attacks that have already succeeded and bypassed security protection. Sangfor NGAF is capable of detecting in real-time threats at every step and provide a rapid response on how to deal with them.

Threat Alerts List & Notification: All threats in the Network will be listed according to their threats level and protection status. Dangerous threats will also be provided with detailed description and recommendation on how to solve it.

Risk Assessment Module: It allows our users to assess the protection level of their network and make before/after comparison for reporting purpose.

Sangfor Cloud Sandbox: Sangfor NGAF also includes its own Cloud Sandbox tool to help our users isolate possible emerging new threats that haven’t been included in any security database, which is especially useful against 0-day attacks.

Simplified Security Operation & Maintenance

For many small & medium organizations without any specialized IT security team, managing network security can be a nightmare, especially if those organizations are using traditional security solutions without any intelligent & automated reporting tools.

For Sangfor, IT should not only be reliable but also simple. Easy deployment and O&M (Operation & Maintenance) are the keys to effective & productive IT environment.

They have to check every report one by one and identify real & effective threats amongst thousands of alerts. Amongst these alerts, many of them will be bypassed and for those identified, IT team will waste time to find the right solution due to lack of knowledge. This will lead to a waste of resources, and more importantly, make mistakes that could generate losses and damage to the organization’s reputation.

Sangfor NGAF is using an intuitive configuration wizard to make security policies deployment easy. IT team can easily add or modify rules. With the visibility and real-time detection features of Sangfor NGAF, IT team can check the network security before the system goes online and make sure that no vulnerabilities exist in the network.

High-Performance for Application Layer Security

With around 75% of the attacks happening at the Application Layer, it is important for organizations to ensure that they have the right tools to protect them. Unfortunately many vendors will sacrifice some critical features for better performance. This will often lead to attacks bypassing the existing security solutions.

For a successful Application Layer Security, it must be focus on the Detection Methods, Software Architecture, Engine Performance and Computing Power. This is where Sangfor NGAF excels at, with superior technologies overcoming common performance issues.

Hardware Architecture: Optimized for performance with all included security features such as WAF (Web Application Firewall), AV (Anti-Virus), IPS (Intrusion Prevention System) and FW (Firewall) able to all computing power to run at the same time thanks to the core strengths of Sangfor NGAF's Hardware Architecture: Intel Quick Path Interconnect, Multi-Core Level Processing and Hybrid Processing Model.

Software Architecture: Resources are not wasted with Sangfor's “1X” technology that performs all action such as data replication, decapsulation and detection only once. With also one content detection engine and Sangfor patented REGEX engine, users can enjoy a fast & flexible security.

Scenario Solutions

Internet Gateway: Advanced Threats Prevention With Visibility Reporting

In addition to traditional firewall security, Sangfor NGAF is combined with deep content inspection and attack behavior analysis technologies. Graphical reporting tools are available (free-of-charge) to make you understand your business risk with immediate action to be taken. Sangfor NGAF can also more effectively detect and locate Advanced Threats with the built-in Cloud Sand-boxing and Anti-Malware features. 

DMZ: One-Stop Security Solution for Web Applications

This solution does not only protect the user's public-facing applications against various types of network/application layer threats, but also resolve the issues of webpage tampering, webpage Trojans and information leakage, even if the defense was bypassed. Compared with traditional webpage protection solutions, Sangfor NGAF can provide better resistance against all kind of web attacks and effectively protect your web business applications.

Branch : Visualized, Controllable & Manageable WAN Networking

This solution does not only enhance the security protection capability for your WAN, but also help you understand the security risks of branches in real-time, as well as avoid branches from becoming the weak point of intrusion due to their poor security construction. With Sangfor NGAF, you can truly realize centralized management, automatic operation and maintenance.

2nd-Tier Firewall: Smart Infrastructure Protection with Threat Prevention

Nowadays cyber threats are driving the evolution of security devices as well as the security infrastructure. Modern threats are becoming evasive of the traditional defenses. Once bypassing the defense perimeter, those malware threats can take advantage of flat internal network and cause serious infection, data theft and even lead to APT attacks. To mitigate business risks caused by cyber threats, additional layer of defense must be deployed on top of the perimeter firewall for segmentation and threat prevention, with requirements of Total Threat Protection, Risk Mitigation Capability, Easy Deployment and Cost Effectiveness.

view more

Success Stories


Related Videos




Our Social Networks

Global Service Center: