Sangfor IAG - Secure Web Gateway & Web Filtering Solution

Accelerating modern trends such as cloud applications adoption, the move of the hybrid workplace and increased use of mobile and personal devices for work have all constantly put more pressure on the organization to ensure a secure workforce environment. At the same time, a rise in encrypted applications, proxy avoidance applications, and increasingly affordable availability of third-party VPN applications have imposed further liability for the organization where it can easily bypass your security perimeter undetected without any protection. You need an extensive secure web gateway not only to protect your organization against these common threats but also as a critical asset for safeguarding user internet access behavior.

Click Here to Watch the Video
Click Here to Watch the Video

Why Sangfor IAG?

Sangfor IAG enables you to identify, analyze and take immediate action upon user internet access behavior.

icon

Gain full visibility to find any bad behavior in encrypted traffic.

icon

Uncover user identity with analytics into who is using what applications and when it is used on your network.

icon

Take full control to increase user productivity by ensuring internet access compliance.

Product Advantages

Proxy Avoidance Protection

Web filters are commonly used by the organization to restrict user internet access to certain web applications content and it has increasingly become non-effective against proxy avoidance applications. IAG collaborates with Endpoint Secure to enforce Proxy Avoidance Protection on any user attempt to use this application for bypassing the security perimeter more effectively. R&D team within Sangfor employs a dedicated team of application signatures security experts who are continuously categorizing and adding the latest proxy avoidance applications to ensure that detection rate and blocking capabilities are current and up to date.

Intelligent Traffic Management

Sangfor IAG improves bandwidth utilization by more than 30% using three unique major traffic management solutions. Dynamic Traffic Control automatically adjusts traffic control policies and intelligently allocates idle bandwidth resources. Intelligent Flow Control precisely manages both up-link and down-link P2P traffic and can customize traffic "packages" for different users, allocating specific traffic quotas and limiting bandwidth for heavier users.

Gateway and Client Decryption to Uncover Encrypted Traffic

Typically, a majority of internet traffic is protected by SSL/TLS encryption. While encryption helps to keep user and corporate data protected and private, it also creates security challenges when it comes to the rapid growth of malware infections and other malicious content. Sangfor IAG offers both decryption methods including gateway and client decryption to overcome these challenges. This enables an organization to have the flexibility to run either one or both in parallel to uncover encrypted traffic according to your corporate IT strategy and planning. 

Unified Network-wide Management of all Clients

Sangfor IAG provides Unified Management and effectively controls both Wired and Wireless networks for the entire network. With intuitive and flexible authentication methods, it fully guarantees the security of access control, supporting a variety of traditional authentication methods such as username/password, IP/MAC binding, and a wide array of value-added marketing authentication methods (QR code, SMS, WeChat, Social media, OA account, SAML 2.0, third-party system, etc.). Permissions are controlled based on user, application, location, and client types while using IAG or third-party wireless controller as a unified authentication server, building a faster and more cost-effective wireless network. 

Precise and Accurate Application Control

Sangfor IAG manages and controls network applications more comprehensively, accurately, and conveniently with the largest application signature database in Asia, which can identify more than 6,000+ applications in its database including 700+ cloud applications, 1,000+ mobile applications, 300+ web applications, and is updated every 2 weeks. In addition, it precisely controls applications according to their specific functions, such as distinguishing upload, download, and other actions in the network. Finally, bulk management mode for large enterprises greatly improves management efficiency.

Offloading Performance When Using ICAP Integration With Third Party System

Sangfor IAG can act as an ICAP client to be used with any ICAP server-enabled network appliance by offloading threat protection or other value-added services. In addition, Sangfor IAG provides request and response inspection mode while enabling the ICAP server group to run on a round-robin or concurrent condition. 

Secure Onboarding Devices With Endpoint Security Posture

Sangfor IAG identifies and secure endpoint devices with or without agents, it helps to ensure these devices are connected with compliant and secure. You gain visibility and control what is on your environment without impacting your network performance.  

What People Say

image peer

Comprehensive reporting, ease of use and intuitive dashboard

Administrator of State and Local Government

image peer

IAG is practical and helpful. It help to kept the log for company for audit.

CTO of a Carriers Industry

image peer

IAM is a good product for improve the network security, operation and control.

Assistant IT Manager of an Industrial Company

image peer

Bye bye...... bad performance online meeting by using Sangfor IAG

CxO of an Insurance Industry

image peer

Comprehensive reporting, ease of use and intuitive dashboard

Administrator of State and Local Government

image peer

IAG is practical and helpful. It help to kept the log for company for audit.

CTO of a Carriers Industry

Customer Success Stories

Below you will find all the Success Stories of Sangfor, classified by Industry, such as Enterprises, Governments, Schools & Universities, etc.

Sripatum University SPU logo

Education

Sripatum University (SPU)

Bank Victoria

Banking & Securities

Bank Victoria International

Mitra Keluarga logo

Healthcare Providers

Mitra Keluarga Hospital

Universitas Pelita Harapan - UPH logo

Education

Universitas Pelita Harapan - UPH Medan

Sripatum University SPU logo

Sripatum University (SPU)

Bank Victoria

Bank Victoria International

Mitra Keluarga logo

Mitra Keluarga Hospital

Universitas Pelita Harapan - UPH logo

Universitas Pelita Harapan - UPH Medan

Product Models

Models M5100 M5200 M5400 M5500 M5600
Profile 1U 1U 1U 1U 1U
HD Capacity 128 GB SSD 64 GB SSD + 960 GB SSD 64 GB SSD + 960 GB SSD 64 GB SSD + 960 GB SSD 64 GB SSD + 960 GB SSD
Application Layer Throughput Options 160 Mbps 400 Mbps 600 Mbps 1 Gbps 1.2 Gbps
Recommended Concurrent Users 600 Users 2,000 Users 3,000 Users 5,000 Users 6,000 Users
Model Datasheets
Click to Download pdf file pdf file pdf file pdf file pdf file

 

Models M6000 M6000-UPG¹ M9000 M10000 M12000
Profile 2U 2U 2U 2U 2U
HD Capacity 64 GB SSD + 960 GB SSD 64 GB SSD + 960 GB SSD 64 GB SSD + 960 GB SSD 64 GB SSD + 960 GB SSD 64 GB SSD + 960 GB SSD
Application Layer Throughput Options 2 Gbps 4 Gbps 10 Gbps 20 Gbps 40 Gbps
Recommended Concurrent Users 15,000 Users 20,000 Users 50,000 Users 100,000 Users 200,000 Users
Model Datasheets
Click to Download pdf file pdf file pdf file pdf file pdf file

¹ M6000-UPG is a license upgrade from M6000 with application layer bandwidth increased from 1G to 2G.

Videos

PT Bank Victoria International Tbk x Sangfor: Success Story

video-image
PT Bank Victoria International Tbk x Sangfor: Success Story
video-image
Guy Rosefelt Interview with Cyber Defense Magazine 2022
video-image
Sangfor IAG – Secure Internet Access
video-image
Interview with Tun Lin Khaing from Sweety Home Myanmar
video-image
SANGFOR IAM: Ingress Client Walkthrough Video
video-image
SANGFOR IAM Newest Features and Functions (2020)
video-image
Sangfor IAM SNAT and DNAT Configuration
video-image
Sangfor IAM: Your Secure Web Gateway and More !

Latest Blog

latsest webinars img
Cyber Security

Black Friday and Cyber Monday 2022: Will Ransomware Break Records?

Black Friday has been a coveted and anticipated event in retail for years – boasting low prices for most products and wildly sought sales across stores both online and in real life. The event comes at the end of the year on the 25th of November - a month before Christmas and is used as a way for stores to attract the rush of festive season shoppers. Black Friday sales are complemented by the equally sought Cyber Monday deals that lean more towards virtual sale items online – ensuring that the rat race to the bottom of a cart carries on for whole weeks with some companies. This year will be no different as most people are now fully out of the pandemic hesitation and are ready to rush the shopping centers and online stores alike to seek out the lowest prices. While people are focusing on keeping their trolleys full, cybercriminals are also anticipating this retail extravaganza with bated breath. Black Friday and Cyber Monday present hackers with an easy mark as they also rush to exploit human gullibility and carry out a barrage of ransomware and other cyber-attacks. Black Friday and Cyber Monday as a Cyber Threat With the spike of purchases taking place on Black Friday and Cyber Monday, many people will likely fall prey to illegitimate emails of promotions and online scams while in search of legitimate retail sales. Ransomware attacks are focused on exfiltrating data from networks and holding the encrypted information hostage until a company or person pays a ransom to have the data decrypted and given back. With the invitation of numerous promotional initiatives during Black Friday and Cyber Monday, it's not difficult to see how these retail events can pose as significant ransomware attack vectors. Online Shopping The upcoming festive season drives people to endure long lines and crowded stores for the sake of Black Friday sales and the e-commerce industry has taken some of that pressure off people. Cyber Monday was initially the day set aside for virtual sales but retailers have also moved most Black Friday deals onto online platforms as well – widening the scope of online shopping. Online stores have become a convenient and trusted way to make purchases across the globe – with retailers such as Amazon.com leading the global e-commerce market, with a revenue of US$131,019 million in 2021, and Jd.com coming in second at the forefront of the Chinese market, with net sales of US$117,922 million. Unfortunately, this useful portal is also ideal for hackers to exploit the lax attitude people have toward sharing their financial and personal credentials to reach lower prices. Opportunistic hackers will take advantage of the desperation in this window through promotional phishing emails and online scams that exfiltrate consumers’ data. Cryptocurrency Black Friday similarly presents cryptocurrency users with exclusive incentives in which products bought using digital currency will incur a price reduction. The coined “Bitcoin Black Friday” encourages merchants to use their bitcoin to make purchases and even invest in more crypto. Crypto is also the preferred currency for ransomware attackers due to its virtual standing and potential for anonymity. Hackers may use this to lure in users and the existing cybersecurity flaws within the industry make it easier to exploit. Metaverse Shopping The metaverse is a virtual reality that can be used to interact with other humans and bots to play games, conduct business, socialize, and shop. A relatively new technology that allows users to navigate a virtual environment through their avatars using immersive gadgets. The metaverse shopping experience allows users to shop and even interact with salespeople from the comfort of their homes. As with all innovative technologies, the metaverse is not immune to cyber-attacks and inadequate cybersecurity measures on personal networks could lead to data breaches and ransomware attacks. Companies Reducing Staff for Festive Seasons As the year ends, most companies ease up on their cybersecurity measures and operate on a skeleton staff setup. Employees start to take their festive season vacation time and generally, the atmosphere is less rigid. Hackers, however, don’t always commit to the seasonal spirit and will use this window as a key vulnerability to exploit. Especially, Thanksgiving, Black Friday, Cyber Monday and Christmas Holidays are lined up, it takes a hug risk for companies ignoring cyber threats. With a reduced staff and a majority of IT security teams unavailable, cyber-attacks run rampant during this time of the year. Companies should invest in automated cybersecurity solutions to avoid these sneak attacks and mitigate any threats encountered without needing a strong staff present. Sangfor’s Cyber Command platform provides an extensive and automated network detection and response solution with the use of AI technology and machine learning to help networks isolate, analyze, and eliminate potential threats before they can infiltrate your system. Sangfor's Endpoint Secure - Endpoint Security delivers end-to-end protection to secure endpoints before, during, and after attacks. It provides integrated protection against malware infections and APT breaches across your entire organization's network – all with ease of management, operation, and maintenance. The platform also received the AV-TEST “Top Product” award for achieving 100% ransomware protection against zero-day malware. Ransomware Attacks on Black Friday and Cyber Monday Ransomware attacks are focused on exfiltrating data from networks and holding the encrypted information hostage until a company or person pays a ransom to have the data decrypted and given back. With the invitation of numerous promotional initiatives during Black Friday and Cyber Monday, it's not difficult to see how these retail events can pose as significant ransomware attack vectors. Consumers and corporations alike need to understand the ways ransomware attacks can occur and how to mitigate the damage they cause. Some of the most commonly used attack methods include: Phishing Attacks A phishing scam captures its victims by appearing as legitimate communication received from trustworthy organizations and sources. The correspondence usually contains a simple corrupted email link which can open the floodgates for any number of malware. A phishing email may be sent out to multiple people at once in the hopes that even just one person falls for the trap. In contrast, spear phishing is more targeted in its approach and baits specific vulnerable individuals. It is more effective and harder to detect. These methods are used during peak promotional periods when legitimate retailers may be sending out emails about their Black Friday deals, phishing scams will likely also crowd up your inbox. Be vigilant about which links you click on and where you provide your details. Malware Threats Malicious software programs infect your device through viruses, trojan horses, and worms, which can all easily hack into your system – allowing criminals to steal your personal information, destroy data or hold your files for ransom. Corrupted Web Pages Ransomware code can also be hidden in web scripts of compromised websites. This is a perfect attack vector when consumers engage with online stores in a hurry and don’t ascertain the credibility of the store before entering their personal and financial details. When an individual visits the corrupted site, the malicious code is automatically downloaded, and once executed can infect the user’s entire infrastructure – moving laterally across the network to encrypt data. Pop-up Ads Pop-up advertisements can be very annoying but we usually skim over them anyway, Black Friday deals tend to catch the eye quicker this time of the year and can trick people into clicking on them by posing as trusted brands with seemingly legitimate sales. After clicking on the pop-up, users are directed to a new window with malicious links or automatically download the ransomware onto their device. Black Friday ransomware attack threats force companies and individuals to take a close look at cyber practices and how to improve their digital hygiene habits to ensure they don’t fall prey to a hacker. Companies must note that their network may come under fire from their employee’s cyber practices as well. This is especially due to most working environments being remote – a neglectful worker might click on a link on their personal device at home while shopping and present any number of malware a foot into your organization’s network. Even as we’re reaching the end of November, the lessons from Cybersecurity Awareness Month should be kept in mind as we chase down those seasonal savings. As the US campaign enforced, it is the duty of companies and ordinary people alike to engage with and establish lasting cybersecurity practices. For more information on Sangfor’s cyber security and cloud computing solutions, visit www.sangfor.com.   Contact Us for Business Inquiry


Cyber Security

National Cybersecurity Strategy Launched: the Italian Breakthrough in Cybersecurity

As many people know, cyber security is the set of processes, technologies, and people involved in protecting the IT infrastructure of a business or organization from cyber-attacks. For about 50 years, viruses have spread to PCs and organizations, causing damage, sometimes irreparable. The first virus spread was Creeper, in 1971, when there was still Arpanet, the precursor of the Internet, and it is thanks to this occurrence that it was also inaugurated the first antivirus software to hunt and delete it, Reaper. In the 80s the first security solutions were designed, but only in the 90' years were created the first antivirus scanners created. With this simple data we can easily understand how long viruses have been running in networks and some may take it for granted that people have been worried about security for many years. But it’s not like that. Cybersecurity in Italy In fact, the Italian market has never worried enough about cyber security, it has never been given the right importance. Most organizations have always thought that antivirus is enough to protect their assets: maybe before it was right to think in this way, but today’s antivirus is no longer enough to ensure adequate protection of their business. The real boom occurred in 2021, after the advent of the pandemic Covid-19. One of the most obvious consequences of the pandemic was the new trend of hybrid working, which, while it was able to safeguard people’s health, gave space to other threats. Faced with the spread of these new ways of working, cyber-attacks have also increased. More and more companies considered it necessary to strengthen staff awareness initiatives on how to behave about cyber threats. In 2021, the Italian cybersecurity market reached a value of 1.55 billion euros, with a 13% increase compared to 2020, highlighting the high growth rate. The bigger organizations immediately work to prevent cyber threats and planned an increase in the budget for cyber security activities. Italy has started to invest, but not enough. It should be noted that cyber attackers not only hit the "big ones" but also the small ones, which often find themselves in even more difficulties when they have to pay ransoms or solve the damage received. Check out some interesting statistics from 2022-2022 (Source: Comparetech). Over 85% of Italian organizations were subject to at least one successful attack within a 12-month period 60% of organizations in Italy dealt with ransomware attacks The average cost of a ransomware attack in Italy was around $680,000 Italy has seen over 400,000 COVID-19 related malicious files The 2 Major Pillars In 2022 there are 2 major pillars that are making cyber security a business priority, in addition to the constant increase in cyber threats: the extreme digitization of the population and the ongoing rules. Increasing Digitalization There is a real increase in attacks due to increasing digitalization. The link between digitized life and cybersecurity is becoming ever closer. According to the Primo Rapporto Censis-DeepCyber sul valore della cybersecurity, 61.6% of Italians are concerned about their cybersecurity and take precautions to defend themselves; Almost 4 out of 10 Italians are indifferent or do not protect themselves against cyber-attacks. The same report also reveals that 64.6% of Italians happened to find themselves the target of deceptive emails aimed at extorting sensitive personal information and that 44.9% saw their computer infected with a virus. The research also investigated the context of cyber risks for companies and workers, revealing that 19.5% experienced cyber-attacks with damage to social accounts or the site of their company and 14.7% of attacks have caused the loss of business data and information. The Launch of National Cybersecurity Strategy In terms of the regulatory front, regulatory activities are in place. In Italy the "National Cybersecurity Strategy" has been launched by the National Cybersecurity Agency (NCA), stating that the country will devote 1.2% of gross national investment a year to cybersecurity. This is a fundamental step that looks at the present and, above all, the future. And it is precisely on this front that a cross can occur between the application of the rules in the field of cyber and the rules on the protection of personal data. There are also numerous funds earmarked to encourage the digitization of businesses and the protection of their business.  About Sangfor We have to protect ourselves from malware, ransomware, phishing, sniffing, and other common techniques of use. Sangfor Technologies is a leading global vendor that can help Italian and worldwide organizations to protect themselves from cyber-attacks. A wide range of integrated cyber security solutions that can help protect your business and defend it in real time against cyber threats.  Some of Sangfor's cybersecurity solutions are:  Sangfor Cyber Command - NDR Platform, AI-based cyber threat detection and automatic response platform  Sangfor NGAF - Next Generation Firewall, the next-generation firewall for a holistic view of the organizational network Sangfor Internet Access Gateway (IAG), the simplified network and user management solution Sangfor Endpoint Secure - Endpoint Security, which provides a holistic response to malware infections and APT breaches across the organization’s entire network   Contact Us for Business Inquiry


Cyber Security

Surviving the Recession Era: What IT and Cyber security Preparation Do Organizations Need

The recession news has been spreading worldwide, asking us to prepare ourselves better to face it. Every individual began to compete to prepare themselves in the face of the financial crisis that is expected to occur in the next year. Just as personal preparation is needed in the face of an economic slowdown, preparation of every company where special strategies are needed in dealing with the impending recession. The existence of a revolution or change that will occur during a recession is feared to have quite an impact on everyone's life. Not only that, companies and individuals are also required to install more advanced high-level security systems to protect personal and corporate data from facing  more serious threats during times of economic slowdown. Reporting from a recent publicationnof Which Industries Are Most Affected by a Recession, several industries that were affected by the recession during the Covid-19 period are: Retail Restaurant Travel and Tourism Leisure and Hospitality Service Purveyors Real Estate Manufacturing and Warehouse Then what is the possibility of good or bad from the financial crisis we might face? One of the worst possibilities that can happen is that corporate leaders will be using cost-down strategies when it comes to weak buying and selling power and declining demand. This does not rule out the possibility of reducing human resources and replacing them with Artificial Intelligence or existing sophisticated machines. Followed by the good possibility, that is, as an effect of this cost-down and low buying and selling power, it is possible that we will certainly enter the digitalization era rapidly and it is assumed that we will recover faster. It doesn't necessarily matter how good or bad the result is, we have to face it with the best possible preparation right? Prepare for a Recession So, what kind of preparation do we need? Let's dig into the 3 points that might happen and how to be prepared for it. Budget Cutting / Cost Down This strategy is certainly the most elected strategy by many companies. It is not difficult to explain that IT needs can consume a large amount of funds. Especially for large industries such as manufacturing, government and healthcare. Start by grouping the IT needs and creating the roadmap for your business and then, consider reducing the needs that are cost-intensive yet yield low results. One such instance is the use of space for hardware which utilizes a significant portion of space, and thus driving up the costs. By switching to cloud computing, you can save not only space but also costs with high accessibility. For example, by deploying Sangfor Hyper-Converged Infrastructure, organizations can save 90% in power, cooling, and space requirements, reducing at least 70% on the Total Cost of Ownership.   Improve On-demand Security with Less Resources With the entry of the recession era, it is assumed that crime also continues to increase daily. Tons of cybercrime and malware out there are haunting us every day (no kidding!). The banking sector is certainly the most targeted in this case. Starting from phishing methods, social engineering, and even identity theft and many more. Choosing the right security product for your business, which can provide 24/7 up-to-date protection with low resources and simple operation is on your list now. It will certainly make your job or business easier and more secure. Sangfor Next Generation Firewall (NGFW) is the world's 1st AI-enabled NGFW that intelligently detects threats to eliminate over 99% of external threats at the network perimeter. It is used in conjunction with Endpoint Security to identify malicious files at both the network level and endpoints. The advanced firewall is a security device designed to inspect network and application traffic for threats, secure the network environment from intrusion, and bring in security intelligence from outside the network. Change of Environment and Mindset We all must prepare ourselves for the upcoming environmental changes. Again, this may not be a bad thing. Entering the era of digitalization has been predicted. Starting from the creation of the Metaverse virtual world, to the sophistication of Artificial Intelligence and much more. Surely this makes you not only compete with living things (humans) but also compete for positions with sophisticated machines that were created, right? Now, we can get any information very easily simply in our hands. Prepare yourself to face the digitalization era by maximizing internet usage and bandwidth control in your business, especially for Government, Education or even Manufacture sector. Implementing or limiting internet accessibility can help your business operation to be more focused, and productive with better results. Organizations can deploy Sangfor Internet Access Gateway, which not only protects against common threats but also observes internet access for any suspicious behavior to safeguard user internet access behavior. The most important thing is to have a product or IT vendor that fits your main and greatest needs. What's the biggest IT concern and priority in your businesses? About Sangfor Technologies Sangfor Technologies is one of the leading vendors of Security and IT infrastructure, equipped with advanced technology and proven efficiency, providing convenience with a competitive budget and prioritizing the best experience for its users. Sangfor not only has security services that can protect you from cyber-attacks and malware 24/7, but also with its 3rd Generation Hyper-Converged Infrastructure as a trusted private cloud, can help your business operate more efficiently, and flexibly with a high level of security. Make your business simpler and more secure with Sangfor Technologies.   Contact Us for Business Inquiry


Latest News

latest news img
News

Sangfor Recognized by Gartner® as a Sample Vendor in Emerging Tech Impact Radar: Security

Sangfor Recognized as a Sample Vendor for Two Technologies We are excited to announce that Sangfor has been recognized as a Sample Vendor for two security technologies in the Gartner Emerging Tech Impact Radar: Security, published November 16, 2022.[1] The two technologies Sangfor is recognized for are: AI-Based Security Operations Deception as a Feature About the Emerging Tech Impact Radar: Security  Emerging Tech Impact Radar: Security is a piece of Gartner research that “aims to track some of the more impactful emerging technologies and trends driving innovation in the security market.” This Impact Radar analyzes 27 emerging security technologies and trends, which are then scored on two significant aspects: Range: when the technology is expected to have a significant impact on the market. Mass: how big an impact the technology will have on relevant markets. We believe that this Gartner research helps IT security managers gain a deeper understanding of emerging technologies and trends in the security market. Based on each technology’s Range and Mass as observed by Gartner, IT security managers can assess the value of each technology to their organization and time investments according to their organization’s needs.  About Sangfor’s Recognized Technologies  AI-Based Security Operations   Range: 1-3 years Description: “AI-based security operations will be leveraged for post-detection actions, including alert prioritization, augmented threat detection/hunting, playbook creation and the automation of specific incident response (IR) processes. All this will speed up and increase the efficacy of alert triage, enhance alert enrichment, enable better correlation of low level alerts and telemetry across multiple source systems and ultimately improve analyst accuracy and response times.”  Mass: High. Gartner rates AI-Based Security Operations as high, noting that “the shortage of skilled security practitioners will continue to drive an increased appetite for automation within the security operations field, and AI will be strongly leveraged across a range of products to deliver enhanced security outcomes at greater speed.”  AI-Based Security Operations in Sangfor Products  Artificial intelligence (AI) runs through all Sangfor security products and is the key enabler of their advanced threat detection capabilities. For example, our next generation firewall, Sangfor NGAF, and endpoint detection and response (EDR) solution, Endpoint Secure, are both integrated with our AI-powered Engine Zero malware detection engine. Unlike signature-based detection, which matches files with known malware patterns and characteristics, Engine Zero combs through the entire suspected file for signs of maliciousness and categorizes its finds into multiple features. To ensure the accuracy of malware detection, we tested Engine Zero against millions of malware samples to enable it to run and teach itself, expanding our capacity to discover unknown malware and their families.  Our network detection and response (NDR) solution, Sangfor Cyber Command, leverages AI to detect highly sophisticated behavioral threats hidden in network traffic. Using AI to analyze and correlate events from across the network, Cyber Command “connects the dots” between events from various data sources to uncover threats that are missed by point solutions. Event correlation also provides security operators with highly contextualized alerts to streamline investigation and threat hunting efforts so that threats can be identified and eliminated in a timely manner.  Deception as a Feature  Range: 6-8 years  Mass: Medium  Description: “The design point of deception technology is to supplement an organization’s legitimate technology assets (files, databases, domains, servers, applications, credentials, etc.) with a maze of fake assets (decoys, lures, traps and bait) in an attempt to learn about attackers and misdirect them from the genuine articles. In doing so, the attackers are tempted into interacting with this fictitious environment. This ensures that they are not spending their time fruitfully progressing toward their ultimate aims while simultaneously triggering alerts that enable security teams to observe, understand and respond to the attack that is in progress.” Deception as a Feature in Sangfor Products We have integrated deception as a feature into our endpoint detection and response (EDR) solution, Endpoint Secure. Sangfor Endpoint Secure customers will be more familiar with our deception as a feature as the ransomware honeypot, which is part of Sangfor’s range of innovative anti-ransomware capabilities. To date, Sangfor Endpoint Secure is the world’s first and only endpoint security product with a built-in endpoint ransomware honeypot. The ransomware honeypot strategically places bait files in system-critical, high target and random computer directories. Once the honeypot detects the encryption of these bait files, Endpoint Secure immediately kills the encryption process. The encryption controlling application is also identified and then located on other infected systems allowing “One-Click Kill” to eradicate the detected ransomware throughout the organization with just a single mouse click. Learn more about Sangfor’s entire range of cutting-edge security products and services by visiting our cyber security page, where you will find out all about their features and capabilities, use cases, customer success stories, and more!   Sources: [1] Gartner, Inc., Emerging Tech Impact Radar: Security, Elizabeth Kim et al., published 16 November 2022 Disclaimer: GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. 


News

Sangfor Partners With NGXess to Deliver Cyber Solutions in Sri Lanka

Sangfor Technologies has now partnered up with the technology-distributing local powerhouse that is NGXess in a move to deliver the most advanced cyberinfrastructure and cybersecurity solutions across Sri Lanka. The Brand Launch Kickoff event held in Colombo, Sri Lanka was hosted by Sangfor from the 6th to the 7th of October and set the platform for the announcement of the Sangfor and NGXess partnership. The event hailed more than 150 customers and 20 core partners from 80 different companies to showcase the latest Sangfor innovations in cybersecurity and cloud computing. The rapid growth of the technology industry has made market expansion challenging and costly for start-ups and new technology vendors in emerging economies and NGXess strives to counter this by understanding the complexities of these technologies to market them efficiently to the people of Sri Lanka, the Maldives, Bangladesh, and expansions in other ASEAN emerging markets. NGXess is a value-added distributing company based in Sri Lanka that helps businesses, governments, and organizations deliver and apply successful advanced technology projects by partnering with next-generation computing vendors and innovators. They can provide training from a professional aspect with a consultative sales approach to allow target markets to fully grasp the concepts and designs of the IT infrastructure we are trying to implement. With almost 22 years of research and development investments, Sangfor is committed to ensuring IT infrastructure and cybersecurity solutions with superior integration and automation through our distributors. We welcome teamwork and provide superior consulting services, active solutions, and thorough post-sales support to all our customers to ensure maximum efficiency. This partnership with NGXess is one of Sangfor’s strategic steps into the South Asian market and through our allyship with NGXess, we can create a deeper understanding of the existing local market trends to deliver more effective and tailored solutions to customers. Sangfor’s country manager, Finn Yang assured the press that this new partnership with NGXess will be essential in the digital development of Sri Lanka and all its industry sectors, stating that a wide range of potential customers exists within the South Asian country and he is confident that “Sangfor can fully match their IT transformation business needs.” Sangfor security, cloud, and infrastructure solutions keep the lights burning, the people connected and the businesses safe – welcome to our site, our solutions, and our future. Finn Yang, Sangfor’s country manager Sangfor aims to create a world of innovation and excellence and the choice to partner with us is a choice to drastically improve the digital infrastructure and cybersecurity of your organization. This step into partnership will empower the people of Sri Lanka and allow Sangfor to assist in ensuring innovative and effective digital transformation. We are grateful for and pleased with this collaboration with NGXess and hope to see positive growth and fruitful expansion from this endeavor in the future. Watch the news video from Art TV News. News video from Art TV News For more information on Sangfor’s cyber security and cloud computing solutions, visit www.sangfor.com.


News

Sangfor Named as a Representative Vendor of MDR Services 

Sangfor Technologies has been listed as a Representative Vendor of Managed Detection and Response (MDR) Services in China in the 2022 Market Guide for Managed Detection and Response Services, China[1] by Gartner®. According to Gartner, Representative Vendors listed in the report “are those that are visible to Gartner clients based on inquiries and represent variety in both distribution and size.” What is Managed Detection and Response? For readers unfamiliar with Managed Detection and Response, let us back up and provide a brief introduction. Gartner defines MDR as “the services providing customers with remotely delivered modern security operations center (MSOC) functions. These functions allow organizations to rapidly detect, analyze, investigate and actively respond to threat mitigation and containment.” Core MDR services include 24/7 security monitoring, incident detection and response, threat hunting, and threat intelligence. MDR vendors may also package adjacent security services along with core MDR services. These may include asset discovery and management, vulnerability assessments, forensics, incident root cause analysis, penetration testing, and on-site emergency response. MDR services can be deployed in various service models. In a Full Technology Stack service model, the majority of the security tools used to render the service is owned by the MDR vendor. This is the opposite in a Bring-Your-Own-Technology stack model, in which customers mainly use their own security tools for the service. A Hybrid Technology Stack, on the other hand, involves a more even proportion of security tools from the MDR vendor and the customer. Readers who wish to gain a deeper understanding of MDR the following article by our MDR experts. Learn why MDR is the answer to today’s cyber security talent shortage and discover the many benefits organizations can reap from MDR. Insights into the MDR Services Market in China The Gartner Market Guide observes that “MDR services in China are different from those of the global market through their hybrid delivery model of combining remote and on-site service teams and the various options of adjacent services that are available.” However, the report notes that the Chinese MDR market is “moving forward to the international model”. The transition to the international model we believe is fueled by a number of factors, including: Lockdown and Quarantine Measures Pandemic-related lockdown and quarantine measures mean that on-site delivery of MDR services is not always possible and reliable. This has pushed many organizations to “seek automated, remote and fast-to-deploy security operations solutions.” Global Security Talent Shortage In line with the global situation, China is also suffering from the shortage in cyber security personnel and skills. The report notes that “small and midsize businesses without sufficient security foundations (headcount, technology deployment, etc.) want MDR services to quickly deliver basic monitoring and response functions, to meet security baselines from regulations and standards such as multilevel protection scheme (MLPS) 2.0, and to respond to security incidents that are not expected to occur frequently or with huge impacts.” In terms of market direction, the Gartner Market Guide notes that “the MDR services market is still in a stage of expansion in China, so it has huge potential for growth.” Specifically, the report predicts that “by 2026, 60% of organizations in China that currently have an internal security operations center (SOC) will use MDR services to augment their internal security capabilities and resources.” Sangfor Cyber Guardian MDR Sangfor Cyber Guardian is Sangfor’s Managed Detection and Response (MDR) service. Sangfor Cyber Guardian seamlessly integrates human and machine intelligence to help organizations detect and respond quickly and accurately to security threats. It is powered by Sangfor’s state-of-the-art AI-based threat detection and response engines, which pull in global threat intelligence to enhance detection accuracy. Sangfor Cyber Guardian's global team of security experts work 24/7. They continuously analyze threats and provide customers meaningful guidance on how to respond to these threats. With over 1,000 customers, 1.2 billion logs analyzed daily, and an expanding library of over 1,500 detection use cases, Cyber Guardian is proven to boost cyber threat detection. Visit the Cyber Guardian webpage to learn about its advantages, benefits, use cases, videos, and more!   Sources:  [1] Gartner, Inc., Market Guide for Managed Detection and Response Services, China, Angela Zhao, Published 17 October 2022 Disclaimer: Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. Gartner is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.


Use Cases

Without Sangfor IAG the office environment is comparable to an internet cafe where users and staff can freely access video, social media, and endless entertainment. IT administrators are hard-pressed to identify exactly which users are consuming excess bandwidth, preventing effective control over user browsing behavior. Sangfor IAG can identify and control non-work-related applications in the network while allowing companies to keep a close eye on their bandwidth management, whereby they allocate all available bandwidth for key business needs, and improving business efficiency and productivity. Numerous professional traffic management features allow IAG to rationally allocate bandwidth resources and maximize bandwidth usage. For organizations with multiple branches, IAG provides a unified management platform and supports 3G link backup, making network management more efficient and reliable.

Because customers have vastly different authentication procedures, each internal network requires user authentication integration with AD, Radius to achieve SSO. IAG guest authentication provides convenient access through Facebook, WeChat, SMS and offers a unified authentication solution, which manages both the wired and wireless connected users within a single IAG platform. Sangfor IAG also offers a switch based user access control capability to help control LAN user access. Finally, Sangfor IAG can be integrated with WLAN vendors like Cisco, Aruba to allow the Unified Authentication Center to drastically simplify the process of network integration and management.

To protect the user from web threats, a secure web gateway is an effective defense over web-based threats and enabling secure internet access. Sangfor IAG can work with your on-premise applications and internet traffic. With the accelerated SSL decryption performance, all HTTP and HTTPS traffic will be monitored and analyzed with IAG, which is the huge bottleneck of other solutions like NGFW or UTM. The AI-based threat intelligence platform provides web filtering services and improves the capability of identifying known and unknown threats. It also keeps users protected while ensuring they enjoy a safe and secure web experience.

As unauthorized use of networks becomes more common, many countries and regions are developing and enforcing laws governing user internet access behavior. The IAG internal application database comprehensively logs malicious user activity including file uploads, BBS posting, email, browsing history, and applications accessed. This audit solution assists in customer compliance with local legal regulations and serves as a valuable investigative resource in the event of illegal network usage incidents.

Get in Touch With Us

icon notification

Frequently Asked Question

Please perform it following:

  • Step 1. Add a new LDAP Server under the External Auth Server.
  • Step 2. Enter the details such as Server Name, IP Address of the external authentication server, the admin account username and password and select the BaseDN. After entered all the details, click the Test Validity to check whether able to connect the external authentication server or not.
  • Step 3. After tested the validity, a message will prompt out to show the result.
  • Step 4. Click the Sync with all LDAP servers to sync all the data. Now, the configuration is successfully set.

In a typical environment, SWG is used to block access to inappropriate websites or applications, prevent malware infections, and enforce corporate internet compliance. SWG is similar to a firewall in that both prevent malicious activities and provide necessary network security protections. However, the main difference is that SWG emphasizes securing user onboarding and promoting productivity. It is common for an enterprise to use both SWG and firewall to fortify their defense as both of them usually complement each other. For more info on using both IAG and NGAF, please refer to this blog webpage. https://www.sangfor.com/blog/cybersecurity/ngaf-and-iam-a-perfect-amalgamation

The main difference is Premium Bundle will have all the Essential Bundle components with the addition of Anti-malware protection (Engine Zero) and threat intelligence (Neural-X).

What is the difference between IAG Essential Bundle and Premium Bundle