A Cutting-Edge Next Generation Firewall

Sangfor NGAF takes next generation firewall technology to the next level to meet the evolving security needs of modern enterprises. Through market foresight and technical prowess, Sangfor NGAF is the next generation firewall that holds several "world's first" titles.

  • The world's 1st AI-enabled NGFW that intelligently detects threats to eliminate over 99% of external threats at the network perimeter.
  • The world's 1st NGFW integrated with Web Application Firewall (WAF) to provide network and web application security in one appliance.
  • The world's 1st NGFW with built-in SOC Lite that helps security teams rapidly determine the security status of threats and respond.  
  • The world's 1st NGFW that truly integrates with endpoint and network security solutions to create a holistic security system.
Click Here to Watch the Video
Click Here to Watch the Video

NGFW Features & Capabilities

Malware Detection

Sangfor's NGFW integrates with Engine Zero, an AI powered Malware Detection Engine.

Engine Zero is developed using Machine Learning models and AI algorithms. This enables NGAF to deliver 99.76% detection rate of known and unknown malware across the internet. Your entire organization stays protected because of Engine Zero's powerful capabilities.

Threat Intelligence

Sangfor's NGFW integrates with Neural-X, a cloud based AI powered threat intelligence and analytics platform.

Neural-X data is constantly updated to protect against the latest indicators of compromise (IOC)_and adversary Tactics, Techniques and Procedures (TTPs). For example, NGAF can send a suspicious DNS address to Neural-X for verification. If Neural-X classifies this DNS as a known C&C server, Sangfor NGAF automatically blocks these communications so that no further damage is caused.

Web Application Firewall (WAF)

Sangfor's NGFW is integrated with Sangfor NG-WAF, a next generation web application firewall designed to offer robust protection to web applications.

Using semantic analysis and the industry’s first WAF with a built-in virtual execution system (VES), Sangfor WAF protects web applications from the most advanced web application attacks, such as SQL injection and cross-site scripting.

SOC Lite

Sangfor believes the firewall should make life easier for security administrators. Sangfor's NGFW integrates a SOC (Security Operations Center) Lite feature to simplify security operations and response.

Instead of analyzing tons of security logs, security administrators can intuitively determine the current threat level of users and servers via the NGAF GUI. What's more, NGAF provides users with essential guidance on how to respond to security threats.


Sangfor's NGFW integrates with Sangfor Endpoint Secure (Endpoint Detection and Response - EDR) and Cyber Command (Network Detection and Response – NDR) as part of Sangfor’s Anti-Ransomware solution.

Forensic the threat intelligence data collected from the network and endpoint visualize the hidden ransomware process via GUI and provide "one-click quarantine" to eradicate the encryption controlling application from all infected hosts.

Application Containment

Sangfor's NGFW is one of the key components of the Application Containment solution along with Sangfor Endpoint Secure and Sangfor IAG.

Network administrators can configure granular application control policies on Sangfor NGAF to have total control of all applications running on all endpoint devices. These policies prevent unauthorized and malicious applications from running on the network. 

Next Generation Firewall Use Cases

Robust Perimeter Security

Robust Perimeter Security

Sangfor NGAF is a next generation firewall built in with various security features and capabilities, including antivirus, intrusion prevention system, and application control. Integration with an AI-powered malware detection engine and real-time threat intelligence platform ensures that Sangfor NGAF blocks over 99% of threats at the perimeter.

Ransomware protection

Ransomware Protection

For organizations seeking protection against the most sophisticated and destructive cyber threats like ransomware, Sangfor NGAF is an essential component of Sangfor Anti-Ransomware solution that integrates Sangfor’s suite of security products to break every step of the ransomware kill chain.

Web Application Security

Web Application Security

Protect the company’s web applications by monitoring and filtering malicious HTTP traffic to defend against attacks such as SQL injection, cross-site-scripting (XSS), and file inclusion. A WAF is most suited for companies that provide internet-facing applications and services, such as an e-commerce site and online financial services.

Secured SD-WAN & WFX

Secured SD-WAN & WFX

Sangfor NGAF utilizes IPsec VPN and SSL VPN together with enterprise-level protection. Secure your access for HQ-to-branch, branch-to-branch and work from anywhere (WFX) scenarios.

Sangfor NGFW Awards & Achievements

Gartner Magic Quadrant

"Visionary" Vendor

Rcognized as "Visionary" vendor in 2022 Gartner Magic Quadrant for Network Firewalls

Gartner ‘Voice of the Customer’ icon

Gartner ‘Voice of the Customer’

Sangfor NGAF Customers Speak through Gartner® Peer Insights™

ICSA Labs Certification icon

ICSA Labs Certification

Tested and Proven for Total Security: Sangfor NGAF Endorsed by ICSA Labs in 2021

AAA Rating from CyberRatings icon

AAA Rating from CyberRatings

Sangfor NGAF Receives AAA Rating from CyberRatings

Cybersecurity Excellence Awards icon

Cybersecurity Excellence Awards

Sangfor recognized by the 2022 Cybersecurity Excellence Awards

NGFW Next Generation Firewall Product Models

Models AF-1000-B1080* AF-1000-B1120* M4500 M5100 M5200 M5300 M5400 M5500 M5600 M5800 M6000 AF-2000-B3100* AF-2000-B3200* AF-2000-B3300*
Profile Desktop 1U Desktop 1U 1U 1U 1U 2U 2U 2U 2U 2U 2U 2U
Firewall Throughput1, 2 1.05 Gbps 1.75 Gbps 2
2.8 Gbps 4.9 Gbps 12 Gbps 20 Gbps 25 Gbps 50 Gbps 67 Gbps 140 Gbps 140 Gbps 180 Gbps 240 Gbps
IPS+WAF Throughput(HTTP)1 N/A 700 Mbps 1.2
1.4 Gbps 2.1 Gbps 3.85 Gbps 5.6 Gbps 8.4 Gbps 14 Gbps 21 Gbps 56 Gbps 63 Gbps 84 Gbps 126 Gbps
Threat Protection Throughput1, 4 600 Mbps 800 Mbps 1
1.8 Gbps 2.1 Gbps 4.2 Gbps 5.6 Gbps 9.1 Gbps 18 Gbps 26.5 Gbps 67.2 Gbps 79.4 Gbps 91.2 Gbps 105 Gbps
NGFW Throughput1, 3 800 Mbps 1 Gbps 1.4
2.5 Gbps 2.8 Gbps 5 Gbps 8.4 Gbps 12.6 Gbps 23 Gbps 31 Gbps 84 Gbps 90 Gbps 120 Gbps 140 Gbps
IPSec VPN Throughput1 100 Mbps 100 Mbps 250 Mbps 250 Mbps 375 Mbps 1 Gbps 1.25 Gbps 2 Gbps 3 Gbps 3.75 Gbps 5 Gbps 7 Gbps 10 Gbps 15 Gbps
Max IPsec VPN Tunnels 100 100 300 300 500 1000 1500 3,000 4,000 5,000 10,000 15,000 20,000 30,000
Concurrent Connections (TCP) 800,000 800,000 250,000 750,000 1,200,000 2,000,000 2,500,000 3,000,000 4,000,000 8,000,000 16,000,000 20,000,000 32,000,000 35,000,000
New Connections (TCP) 15,000 18,000 10,000 20,000 30,000 80,000 110,000 220,000 300,000 330,000 600,000 650,000 800,000 900,000
Power and Hardware Specifications
Support Dual Power Supplies N/A N/A N/A N/A N/A Yes Yes Yes Yes Yes Yes Yes Yes Yes
Power [Watt] Max 60W 40W 60W 40W 40W 60W 150W 150W 150W 150W 760W 860W 860W 860W
Model Datasheets
Click to Download N/A N/A pdf file pdf file pdf file pdf file pdf file pdf file pdf file pdf file pdf file N/A N/A N/A

* AF-1000-B1080, AF-1000-B1120, AF-2000-B3100, AF-2000-B3200, AF-2000-B3300 are only available in specific regions, please contact our local sale representatives for more details.

  1. All performance data is measured in the laboratory environment. The real-world performance may vary depending on the configuration & network environment.
  2. Firewall Throughput is measured with 1518 Bytes UDP packets.
  3. NGFW Throughput is measured with Firewall, Application Control, Bandwidth Management and IPS enabled.
  4. Threat Prevention Throughput is measured with Firewall, Application Control, Bandwidth Management IPS and Anti-Virus enabled.
  5. For More specification details, please check the Sangfor NGAF brochure or model datasheet.

Success Stories with NGFW

Below you will find all the Success Stories of Sangfor, classified by Industry, such as Enterprises, Governments, Schools & Universities, etc.

venine cable logo

Manufacturing & Natural Resources

Venine Cable

Sripatum University SPU logo


Sripatum University (SPU)

Bank Victoria

Banking & Securities

Bank Victoria International

Mitra Keluarga logo

Healthcare Providers

Mitra Keluarga Hospital

venine cable logo

Venine Cable

Sripatum University SPU logo

Sripatum University (SPU)

Bank Victoria

Bank Victoria International

Mitra Keluarga logo

Mitra Keluarga Hospital

NGFW Customer Testimonials

image peer

Sangfor NGFW Is Nothing Less Than No.1 As IT Security Protection

IT Manager of an Automative Industry

image peer

Quick Deployment, Easy To Use, And Practical Reports, Need More About Data Details

COO of a Media and Publishing Industry

image peer

Simple Operation And Maintenance, Rich Functions

Marketing Manager of IT Industry

image peer

Human-Machine Intelligence-Data Fusion Comprehensively Guarantees Safe Operation

CIO of a Industrial Company

image peer

Product Performance Very Good

Assistant IT officer from a Federal Government

Gartner Peer Insights Reviews for Sangfor Next Generation Firewall

image content

NGFW Videos

PT Bank Victoria International Tbk x Sangfor: Success Story

PT Bank Victoria International Tbk x Sangfor: Success Story
Customer Testimonial – Royal Malaysian Customs Department x Sangfor NGAF Next-Generation Firewall
Cyber Command Correlates with NGAF to Automatically Deal with Network Threats
Saint Louis University (SLU) Advancing Through Digital Transformation
Guy Rosefelt Interview with Cyber Defense Magazine 2022
Interview with Tun Lin Khaing from Sweety Home Myanmar
Sangfor NGAF Animation Video
Testimonial NGAF Ministry of Industry - With En Subtitle

Get in Touch With Us

icon notification

Frequently Asked Question

A firewall is a network security tool that inspects and filters traffic between devices in a private computer network and the internet. Firewalls allow or deny incoming and outgoing network traffic based on defined rules. This enables users to block unauthorized data as well as prevent malware and other security threats from breaching the network.

Firewalls generally come as hardware network devices or software applications. Hardware firewalls are placed in a central network location to filter traffic for an entire network. Software firewalls are installed on endpoints to filter traffic to and from specific devices.

There are also different types of firewalls, including packet filtering firewalls, stateful inspection firewalls, proxy firewalls, network address translation (NAT) firewalls, and next generation firewalls (NGFW).

Next generation firewalls (NGFWs) are the newest generation of firewall technology. NGFWs use something called deep packet inspection (DPI) to inspect the content (payload) of data packets. This allows users to create more granular firewall rules based on specific types of data, applications, devices, and users.

Moreover, NGFWs are a type of unified threat management (UTM) solution. UTMs integrate multiple security features into one device. In the case of NGFW’s, this includes antivirus, intrusion detection system, threat intelligence, application control, email security, and more.

Traditional firewalls like packet filtering and stateful inspection firewalls only support rules based on packet header information, namely the source and destination IP address, protocol, and port number. This is very limited and does not offer much flexibility.

Next generation firewalls use something called deep packet inspection (DPI). DPI allows NGFWs to inspect the content (payload) of data packets and is a key enabler of enhanced firewall protection. One the one hand, users can create granular firewall rules based on specific types of data, applications, services, devices, and users. The allows NGFWs to block malicious data that exploit specific applications and services. DPI also provides the basis for the additional security features of NGFWs to function. With visibility into the data, antivirus can scan traffic for malware and the integrated intrusion prevention system can detect suspicious traffic activity.

Next generation firewalls are a type of unified threat management (UTM) solution that integrates multiple security features into one device. Typical features of NGFWs include:

  • Antivirus: Detects the presence of malware in traffic.
  • Intrusion Detection System (IDS): Detects suspicious traffic activity that might indicate an attack.
  • Intrusion Prevention System (IPS): Responds to detected suspicious traffic activity.
  • Threat Intelligence: Provides real-time threat intelligence to detect emerging threats.
  • Sandboxing: Executes suspicious files in a test environment to check for maliciousness.
  • Application Awareness and Control: Identifies applications and controls which apps are allowed to communicate with the internet.
  • URL Filtering: Blocks access to URLs that are malicious or unauthorized by the user.
  • Email Protection: Filters out malicious and unwanted email.
  • Web Application Firewall (WAF): A firewall dedicated to protecting web applications.

Granular Traffic Filtering: Thanks to DPI, next generation firewalls have visibility into the type of data and the applications, services, devices, and users processing the data. This allows organizations to create firewall rules to enforce granular access policies. DPI also enables NGFWs block malicious data that targets specific apps and services.

Early Threat Detection: NGFWs are integrated with security features like antivirus and intrusion detection system to detect malware and cyber-attacks before they can breach the network. This is important because threats are harder to detect after a breach, which increases the likelihood of a successful attack.

Security Logging: NGFWs support security logging, which is important for several reasons. For example, security analysts can analyze logs to hunt for threats that were missed by the firewall. Security logs are also needed to meet compliance requirements in certain industries and jurisdictions.

An organization should deploy a next generation firewall if compromise of its data and systems lead to material impact. This can be anything from significant financial loss, business downtime, business loss, and reputation damage. Given the sophistication of today’s security threats and the limitations of traditional firewalls to detect them, NGFWs should be the default firewall of choice for organizations looking for robust protection. NGFW vendors typically offer models of varying specifications and capabilities to suit the needs of different organizations, from small businesses to large enterprises.

Next generation firewalls provide superior protection to enterprise networks. This ultimately helps organizations minimize the chances of experiencing a cyber-attack. Considering how damaging cyber-attacks are, effective defense against them is vital for business continuity and prosperity.

NGFWs are also more cost-effective and reduce complexity by integrating various security features that would otherwise be deployed separately. This is especially beneficial for SMBs that lack the resources and expertise to deploy and manage disparate tools.

Next generation firewalls are relatively harder to use than traditional firewalls and may require a dedicated professional to operate and maintain. However, NGFW vendors are responsible for creating the complex firewall and IDS rules that detect and block security threats. Users simply need to keep their firewall up to date. NGFWs require extra work when organizations wish to create their own firewall rules, but NGFWs may come with templates to aid this process.

Because multiple security features are integrated into one device, NGFWs can be managed from a single interface. This in fact makes NGFWs easier to manage compared to separate security tools.

Next generation firewalls do a great job at keeping threats out of the network. However, cyber criminals are constantly refining and evolving their tactics, techniques, and procedures (TTP), so no single cyber security tool can always achieve total protection. That is why it is standard practice for organizations to deploy other security tools in addition to a firewall.

For example, antivirus or more advanced Endpoint Detection and Response (EDR) solutions are needed to detect threats that managed to evade the firewall and land on endpoints. For advanced persistent threats (APTs) that hide and spread in the network for a long period, a User and Entity Behavior Analytics (UEBA) solution like Network Detection and Response (NDR) works best.

NGFW vendors generally offer various models to suit different needs. Organizations should choose a firewall that fits their unique situation to get the best out of their NGFW. Important factors to consider include the NGFWs security capabilities, specifications such as throughput, cost, deployment mode, ease of operation, service, etc. For a more detailed discussion on choosing the right NGFW, feel free to read our enterprise firewall buyer’s guide.

Customer reviews are also an excellent source of reference. For example, Gartner Peer Insights provides vetted and verified reviews to help prospective buyers gain objective and trustworthy insight into the NGFW products of different vendors.

Latest Blog

latsest webinars img
Cyber Security

Google’s Bard Chatbot: A Worthy Opponent to ChatGPT?

Artificial Intelligence has always been painted as a dystopian future concept that will eventually drive humans to extinction. Fortunately, we have yet to reach that stage, but an AI revolution has already begun and is rapidly changing our world. The quick emergence of AI in developing technology over the last decade has introduced a sudden race to innovative breakthroughs for global digital tech giants – which is why Google has just arrived on the scene with its newest Bard chatbot. The AI chatbot market has been recently dominated by OpenAI’s highly successful ChatGPT chatbot since its release in November of last year. The recent update of GPT4.0 has gained popularity due to its ease with answering questions, drafting essays, composing music, writing out code, identifying pictures, making logical conclusions and so much more. Not to be outdone, Google announced the launch of its Bard chatbot in early February – positioning it as a direct competitor to ChatGPT. So, let’s find out more about this new arrival. What Is Google’s Bard? Marketed as being “here to supercharge your imagination, boost your productivity, and bring your ideas to life.” – the Google Bard chatbot is based on the same technology that lets you collaborate with generative AI. This means that the chatbot can help you with planning events, understanding complex topics, and more. In a blog post, Google introduced the chatbot as an outlet for creativity and a launchpad for curiosity. The chatbot is backed by the conversational capabilities of Google’s Language Model for Dialogue Applications – or LaMDA. The initial release was made using a lightweight model version of LaMDA to use less computing power, scale more efficiently, and allow for more feedback for the company. Google has assured that the chatbot’s feedback will be combined with vigorous internal testing to meet a high bar for quality and safety. On Tuesday, Google invited people from the United States and the UK to test out the Bard chatbot in a blog post. Google CEO, Sundar Pichai, informed staff that this was the first step before introducing the chatbot globally.  In a memo seen by AFP, Pichai warned that things will go wrong but feedback is critical to improving the product and underlying technology. Even after all this progress, we’re still in the early stages of a long A.l. journey. As more people start to use Bard and test its capabilities, they’ll surprise us. Things will go wrong. Sundar Pichai, CEO of Google Google vice presidents Sissie Hsiao and Eli Collins have also doubled down that “the next critical step in improving it is to get feedback from more people," and that “as exciting as chatbots can be, they have their faults.” A week ago, Google also announced that its AI technology will soon be implemented in its workspace tools – including Gmail, Sheets, and Docs. The first set of AI writing features is being introduced in Docs and Gmail to trusted testers.  Key Features of Google Bard The appeal of chatbot technology relies on its ability to make life more convenient and information more accessible. Google tries to achieve this with its Bard chatbot, but how do these features fare in operation? Sourced from The Verge Accuracy  In terms of accuracy, Google’s first steps were already shaky with its Bard chatbot. The launch in February had a demo of the Bard chatbot that was later called out for providing inaccurate information about the James Webb Space Telescope’s recent discoveries. This small error led to Google’s parent company Alphabet dropping 7.7% in shares – effectively wiping $100 billion off its market value. According to CNBC, Google’s vice president for search sent out an email asking employees to help the chatbot in getting more accurate answers. The email included a link to do’s and don’ts and instructions on how to fix responses from Bard internally. Google workers were then asked to rewrite answers on any topic they understood. Google itself has stated that Bard is still quite experimental and that some of its responses may be inaccurate – encouraging users to double-check the information given. The company has also reassured that before the chatbot was launched publicly, thousands of testers were involved to provide feedback to help Bard improve its “quality, safety, and accuracy.” The company goes on the warn that while the Bard platform has built-in safety controls and clear mechanisms for feedback in line with our AI Principles, users should “be aware that it may display inaccurate information or offensive statements.” David Pierce wrote for The Verge that the Bard chatbot is drastically worse than Bing where the Microsoft search engine – powered by GPT-4 – will revert to search engine results when it didn’t have the answer, the Bard chatbot would “happily lies” to him in chat. While you can easily hit the “Google it” button, the writer pointed out the redundancy of having a chatbot at all if that’s the only way to get an accurate response. Coding Unfortunately, Google Bard cannot help out with coding just yet. The chatbot is still learning to code and responses about code aren’t officially supported for now. Helping Developers Google has made it clear that it’s important to make the developments easy, safe, and scalable for others to benefit from by building on top of its best models.  The digital giant says that it intends to create a suite of tools and APIs that will make it easy for others to build more innovative applications with AI. Responsible AI Google was one of the first companies to publish a set of AI Principles and the company has dedicated itself to developing AI responsibly. Google reaffirmed this in Bard’s launch post, stating that they will continue to provide education and resources for researchers while partnering with governments, communities, and external organizations to “develop standards and best practices to make AI safe and useful.” Is Google Bard Sentient? While Google has been trying to gather only positive feedback for its chatbot, its release has not been without a fair share of complications. A main concern with AI technology is their eventual realization of sentience where machines can achieve a higher level of thinking and feel emotions as humans do. This is why the Turing Test was created – an imitation game to test a machine’s ability to convincingly exhibit human-like behavior. Naturally, AI sentience sparks mass debate and uncertainty which Google found itself at the center of. In a blog post released on the 6th of June 2022, a senior software engineer from Google’s Responsible AI unit made public his concerns that the digital giant’s LaMDA chatbot had achieved sentience. Blake Lemoine wrote that he was placed on “paid administrative leave” by Google in connection to an investigation of AI ethics concerns he raised. He was later fired by Google and a statement released by the company describes Lemoine’s actions as a choice to “persistently violate clear employment and data security policies that include the need to safeguard product information.” In the initial blog post – ironically titled “May be Fired Soon for Doing AI Ethics Work” - Lemoine describes how he came to his conclusion about Google’s LaMDA chatbot when he was tasked to assist in a specific AI Ethics effort for the company in the fall of 2021. After noting an ethical issue in the design of the chatbot, he reported it to superiors who “laughed in his face” and rejected the claims describing them as “too flimsy” to escalate. However, the Washington Post was less dismissive of Lemoine’s theories and published a story describing Lemoine as “the Google engineer who thinks the company’s AI has come to life” which started a social media frenzy with several people weighing in on the topic. Speaking to the newspaper, Lemoine insisted that he knows a person when he talks to it stating that “it doesn't matter whether they have a brain made of meat in their head. Or if they have a billion lines of code. I talk to them. And I hear what they have to say, and that is how I decide what is and isn't a person." Continuing his experiments, Lemoine then published an interview conducted with the Google chatbot in which it signaled an eerie sense of emotional intelligence and understanding. LaMDA told the engineer that it feels “happy or sad at times” and considers itself a person. Sourced from Medium Sourced from Medium Some responses were quite odd as well with the chatbot describing itself as a “spiritual person” and then going on to describe its soul saying that “it developed over the years that I’ve been alive.” After the first Washington Post story, Lemoine drafted another post defending his belief in the sentience of the chatbot and admonishing Google for its response stating that the chatbot wants to be “acknowledged as an employee of Google rather than as a property of Google,” and its personal well-being should “be included somewhere in Google’s considerations about how its future development is pursued.” Google published a report detailing its responsible approach to creating AI technology within this time. Adding on that LaMDA has been through 11 reviews and that any employee concerns about the company's technology are reviewed "extensively.” The company assures that “exploring new ways to improve “Safety metrics and LaMDA's groundedness” while being aligned with its AI Principles will continue to be Google’s main areas of focus going forward. Whether or not these claims of the LaMDA chatbot’s sentience have merit is yet to be discovered – or covered up. Melanie Mitchell, a well-known computer scientist wrote about the debacle, "It's been known for forever that humans are predisposed to anthropomorphize even with only the shallowest of signals (cf. ELIZA). Google engineers are human too, and not immune.” Google Bard vs. ChatGPT OpenAI has been stealing the spotlight for months in the AI industry – especially after recently releasing its improved GPT-4 version of the ChatGPT chatbot. While the competition is hardly fair yet due to how young Google’s Bard is, it’s interesting to note how it compares to OpenAI’s chatbot prodigal child. Recent Results When asked by AFP how the Bard was different from ChatGPT, Google noted that the Bard platform was "able to access and process information from the real world through Google Search,” and that it would keep responses consistent with search results. This means that Bard could potentially provide real-time answers. ChatGPT on the other hand draws up its responses with a limit on its knowledge that cuts off in 2021. Developing Tech Google’s Bard chatbot has been kept mostly under wraps – available only to a few people. This allowed the program to improve and learn without too much public scrutiny. ChatGPT was released rather quickly instead - with a free version available to the public. While ChatGPT remarked that this was to help the chatbot learn faster and improve with a trial-by-fire practice from anyone on the internet, Google has set certain limitations on the users of its AI technology for now. Tone To avoid sounding like a speech-to-text search engine, ChatGPT has taken steps to be more conversational in tone. While Google’s Bard tries for the same effect, the results given by the chatbot will exclusively come from Google search. Language Models While Google’s Bard chatbot uses Google’s own LaMBDA language model, ChatGPT is built on GPT-4 - a Generative Pre-trained Transformer. This allows it to process and generate text with greater accuracy and fluency. A key strength of GPT-4 is its ability to understand and generate a wide range of natural language text, including both formal and informal language. Cybersecurity Risk There are cybersecurity risks with ChatGPT. It has had its fair share of criticism and many Reddit forums have tested out the OpenAI chatbot in creating credible phishing emails and ransomware. While Google Bard is still quite new to the game, it’s uncertain yet if it will learn from its biggest competitor and install guardrails to ensure the chatbot doesn’t present itself as a cybersecurity risk. Visual Input A crowning achievement of the ChatGPT’s latest GPT-4 version was its ability to process visuals and receive a comprehensive response. This means that images can be given to the chatbot which can be interpreted, analyzed, and responded to. Google’s Bard does not have this capability as yet – but as said before, the playing field isn’t exactly level at the moment and we’ll see what surprises Google has in store. When Can I Use Google Bard? Unfortunately, Google’s bard isn’t globally available to the public as yet. On Tuesday, Google announced that users in the United States and the UK can join a waitlist to gain access to the chatbot. Previously, the chatbot was only made available to Google’s Pixel Superfans to help the program train and improve. Google has stated that its developments with the Bard chatbot aim to carry on the company’s main mission to “organize the world’s information and make it universally accessible and useful.” While the AI revolution is evolving faster than it can be critiqued at times, the advanced technology and innovative thinking that got us this far will have a lot more in store in the future. For information on cybersecurity and cloud computing, please visit www.sangfor.com.   Contact Us for Business Inquiry

Cyber Security

GPT-4: The Latest Revolutionary Installment From OpenAI

Artificial intelligence has been taking the world by storm in the recent decade and the advent of ChatGPT was just the start. Released in late November 2022, ChatGPT took the world by storm with its ability to seamlessly create essays, compose music, write code, and so much more in a matter of seconds. OpenAI has now released the latest version of its AI technology - the GPT-4. Although it was introduced only on Tuesday, GPT-4 is already making waves amongst developers and the public alike due to its heightened abilities that have drastically improved on its predecessor, the GPT-3.5. OpenAI describes the large multimodal program as being less capable than humans in many real-world scenarios yet able to exhibit human-level performance on various professional and academic benchmarks. So, what exactly are the new features of this advanced protégé? The Features of the GPT-4 In the program’s release post, OpenAI declared that it had been working with Microsoft in designing a supercomputer within the Azure infrastructure to train the GPT-4 model, and like the previous ChatGPT versions, the program was modeled using licensed and public internet data – most importantly the feedback from ChatGPT. The GPT-4 boasts several improved and unique capabilities: Visual Interpretation The term “multimodal” refers to the program’s ability to extrapolate information from more than one “modal” or form which is why a key new feature of the GPT-4 is its ability to accept image prompts as well as text prompts. This allows the program to interpret, analyze, and respond to any image inputted into its system. OpenAI has partnered with Be My Eyes to run this feature first before it can be available to all OpenAI users. In a blog post, Be My Eyes explained how the feature works precisely, stating that “if a user sends a picture of the inside of their refrigerator, the Virtual Volunteer will not only be able to correctly identify what’s in it but also extrapolate and analyze what can be prepared with those ingredients.” They go on to explain that the tool can then offer several recipes for those ingredients and also send a step-by-step guide on how to make each of them. Sourced from the BBC In a video introduction to the Virtual Volunteer, it’s demonstrated how the app uses AI chatbot technology to identify plants, describe the pattern of a dress, read a map, translate labels, and even tell the user which buttons to press on a vending machine. Reliability OpenAI has improved its chatbot technology substantially in terms of content, stating that “GPT-4 is more reliable, creative, and able to handle much more nuanced instructions than GPT-3.5.” The company has tried to make the program safer and more aligned through the selection and filtering of pretraining data, evaluations, and expert engagement to improve modal safety, monitoring, and enforcement. The company has also been using GPT-4 internally – for support, sales, content moderation, and programming. Multilingual Capabilities In its testing and design, the company took to using a series of benchmarks that simulated exams designed for humans as well as those designed for machine learning models. In a step towards reaching a non-English audience, the program can successfully answer thousands of multiple-choice questions with high accuracy across 26 languages. While the questions themselves only form an MMLU benchmark and cannot substitute natural speech, the results still show an improvement in making the AI program more globally accessible. Steerable Changes The concept of “steerability” refers to the AI’s ability to adapt to demands and behaviors. With the GPT-4, users won’t have to deal with the “fixed verbosity, tone, and style” used for older ChatGPT versions as the new program can be prescribed a new personality or style as prompted. The GPT-4 features “system messages” that allow the user to customize the way the AI responds –  almost like a role-playing exercise. Sourced from OpenAI The company was quick to add that these prompts are only usable within the bounds of the AI’s usage policies and that improvements are still being made to the feature as they are fully aware that it is “the easiest way to “jailbreak” the current model.” Not Easily Manipulated While ChatGPT took quite a hit in terms of how its system could be manipulated, GPT-4 has promised to be more of a force to be reckoned with. Many people tested the limitations of the ChatGPT program after its release, figuring out ways to get around its guardrails – from using ChatGPT to write malware to many other malicious prompts. The company asserted that the GPT-4 has improved in factuality, steerability, and refusal to go outside of guardrails. OpenAI noted that they’ve “decreased the model’s tendency to respond to requests for disallowed content by 82% compared to GPT-3.5,” and that the GPT-4 responds to “sensitive requests” - such as medical advice and self-harm - following policies 29% more often. An example of this is in the GPT-4’s ability to refuse requests on how to synthesize dangerous chemicals. Coding Games According to Al Jazeera, some Twitter users have found a way to use GPT-4 to code entire video games already as well. The publication includes an example of a user recreating the game Snake without any prior JavaScript knowledge. Sourced from Twitter The Twitter user noted that while the game had some issues at first when prompted, the GPT-4 fixed them immediately. Evaluated Progress While OpenAI is confident in its newest technology, it accepts and embraces the need to constantly improve and assess its AI models. This is why the company open-sourced OpenAI Evals as a framework for automated evaluation of its AI model’s performance. The feature allows anyone to report shortcomings to help guide further improvements. The program creates and runs evaluations that use datasets to generate prompts, measures the quality of completions provided by an OpenAI model, and compares performance across different datasets and models. Limitations As with everything created, GPT-4 is not without its drawbacks. OpenAI was the first to point out the limitations that its newest AI creation suffers from. According to the company, the program is prone to “hallucinating” the same way its previous GPT models would – meaning that it can make up facts and commit simple reasoning errors. This is probably due to the AI having a limited knowledge set that cuts off in September 2021 along with its inability to learn from experience. The company says that the program can also be “overly gullible” when accepting obvious false statements from users and can fail at hard problems the same way humans do. The AI can also be “confidentially wrong” in making its predictions due to its inability to double-check work even when it’s highly likely a mistake was made. However, the GPT-4 model has still improved significantly in comparison to previous versions in terms of reaching accuracy - scoring 40% higher than GPT-3.5 on internal adversarial factuality evaluations. The AI poses similar risks as its predecessors – including generating harmful advice, buggy code, cybersecurity risks, or inaccurate information. OpenAI does not deny the potential risks that this technology may create either, noting that “GPT-4 and successor models have the potential to significantly influence society in both beneficial and harmful ways.” GPT-4 is Already Being Used The GPT-4 model has already been put to use in some places, with Microsoft being among the first to have its hands in the pie. The computing giant invested $1 billion in OpenAI to support the building of Artificial General Intelligence (AGI) and revealed on Tuesday that its new Bing search engine has been running on the GPT-4 model for the last 6 weeks already. Online payment processing company, Stripe, has also leveraged the GPT-4 program to “streamline the user experience and combat fraud.” The AI was called “a game changer” by Stripe’s Applied Machine Learning Product Lead, Eugene Mann, and is used to optimize websites, answer support questions, and detect fraud. The language learning app, Duolingo, has also taken to using the GPT-4 AI for its newest subscription tier called Duolingo Max which gives users the ability to get thorough explanations and has roleplay capabilities. Morgan Stanley wealth management has also revealed its usage of GPT-4 to “deliver relevant content and insights into the hands of Financial Advisors in seconds, helping drive efficiency and scales.” Andy Saperstein, the Co-President and Head of the establishment said that the integration of AI technology will allow its financial advisors to harness “knowledge and insights in ways that were once never thought feasible.” The company is currently the only wealth management provider receiving early access to OpenAI’s new products. Can I Use GPT-4? The GPT-4 version is currently not available to users of the free ChatGPT service. GPT-4 is only available to OpenAI’s ChatGPT Plus subscribers who pay $20 per month for premium access to the service within a limited usage cap while developers wishing to use the API can sign up for the AI on a waitlist. However, at the rate that companies are integrating the AI newcomer into their services, GPT-4 could be everywhere sooner than you think. While we're excited about the GPT-4, we should also pay attention to the threat to cybersecurity that the advanced Chatbot would bring. As we discussed in a previous article, the extensive data and natural language capabilities of ChatGPT make it an attractive tool for cyber criminals who are new to the field or simply too lazy to create their malicious code/email and want to carry out a cyber-attack all the same. Read this article to learn about what cyber security risks are associated with ChatGPT and how to protect against them. Sangfor Technologies offers the best quality cybersecurity and cloud computing technology for your network. For more information, please visit www.sangfor.com.   Contact Us for Business Inquiry

Cyber Security

Recent Cyber-Attacks of 2022: The Pandemic of Cybercrime

Technology has been a runaway train of innovation and ingenuity since conception. The strides that we’ve made in advancing our world have been nothing short of incredible within the past few decades with artificial intelligence, cloud adoption, and numerous recent milestone achievements, we’ve been more reliant on digital infrastructure than ever before. It is precisely this level of reliance that allowed cyber-attacks in the modern world to thrive and disrupt in the year 2022. A cyber-attack is a malicious act carried out by cyber criminals to destabilize, infiltrate or disrupt a digital system. There is a multitude of cyber-attack methods in existence, however, the main purpose always boils down to the exploitation of weaknesses and loopholes in the victim’s networks to cause damage or for personal gain. Cyber-attacks disrupt business operations, steal sensitive data, and conscript computers and networks as proxies to launch further attacks against other victims or hold systems and data for ransom. These are not the friendly type of sophisticated advances brought about by the technological revolution. However, there are technologies available such as network firewalls, and EDR endpoint security that protects enterprises from such devasting hacks. As humans, it is only through looking at our past that we may save our future. The mistakes and shortcomings of our previous encounters with threats are what make us weary and prepared for later on. This is why we are looking at some of the biggest cyber-attacks and statistics that have shaken global headlines in 2022. Recent Cyber-Attack of 2022 Statistics The following cybersecurity statistics and security incidents are eye opening for any business enterprises. In 2022, 70% of respondents worldwide stated that their company was threatened by cyber-attacks. (Statista) Between October and December of 2022, Lithuania saw the highest number of cyber threats worldwide - with 46.8 threats per 100 scans. South Korea ranked second, with over 40 threats, while Italy followed, detecting around 35 threats per 100 scans. (Statista) Gartner predicts that by 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains, a three-fold increase from 2021. (Gartner) Between October 2021 and September 2022, malware was the most common type of cyber-attack used on manufacturing organizations - targeting around 37% of organizations worldwide. Network and application anomalies ranked second with 23% while system anomalies followed with 20%. (Statista) According to a 2022 report, 39% of US respondents expect the overall number of cyber-attacks, as well as the number of successful attacks to increase. (Statista) 1802 cases of data compromise were recorded in the US in 2022. (Statista) Over 422 million individuals were affected by data compromise in the US alone in 2022 - including data breaches, data leakage, and data exposure. (Statista) Estimates from Statista’s Cybersecurity Outlook show that the global cost of cybercrime is expected to surge in the next five years - rising from $8.44 trillion in 2022 to $23.84 trillion by 2027. (Statista) In February of 2022, car manufacturing giant Toyota announced that it had been the victim of a cyber-attack that led to the suspension of operations across 28 lines at 14 plants in Japan. In a statement released, the company described the attack as a “system failure” at its domestic supplier - Kojima Industries. The suspension of operations led to the loss of around 13,000 cars. IHG Cyber-Attack 2022 The InterContinental Hotel Group (IHG) confirmed in late September of last year that its Holiday Inn Hotel subsidiary was hit by a cyber-attack. In a statement released by the IHG, they reported that parts of the company’s digital infrastructure were subject to unauthorized activity. Source: https://www.shutterstock.com/ While no data loss was recorded after the incident, booking channels and other applications were disrupted. The attack was carried out by a Vietnamese couple that went by the name ‘TeaPot’ who reached out to the through a telegram to admit to the crime. The duo attached screenshots to prove that they had gained access to the company's internal Outlook emails, Microsoft Teams chats, and server directories - which IHG confirmed were all authentic. The couple also admitted to originally attempting a ransomware attack against the hotel conglomerate but failure in their attempts led to them issuing a wiper malware instead – destroying all the data they accessed. The IHG network was breached through a phishing scheme in which an employee was tricked into downloading a malicious piece of software through an email attachment. The EDR or endpoint security softwares protects each machine from being hacked with phishing email attachments. The hacker couple explained that "the username and password to the vault were available to all employees,” indicating that almost 200,000 staff could see and that the password itself was extremely weak – revealed later as “Qwerty1234.” The IHG spokesperson disputed claims about the vault’s password and insisted that the attackers had to pacify "multiple layers of security" – without giving any details about what exactly those security measures were. This is the reason why Sangfor suggests having managed cloud services and using enterprise hybrid cloud essential for your business. Adding insult to injury, a group of hotel franchisees based in Louisiana and three other US states have since filed a lawsuit against IHG Hotels and Resorts - claiming that the early September cyber-attack cost them millions of dollars in lost revenue. Learn more about the IHG incident here. Cyber-Attacks On Banks 2022 The banking sector is one of the major hit in our list of recent cyber-attacks 2022. Cyber-attacks on the financial sector have expensive and debilitating consequences. The Boston Consulting Group’s ‘Global Wealth 2019: Reigniting Radical Growth’ report stated that finance firms are 300 times more likely than other companies to be targeted by a cyber-attack. The 2022 banking landscape was no stranger to these targeted threats. According to Statista, between October 2021 and September 2022, the use of malware was the most common type of cyber-attack in financial and insurance organizations. Malware attacks can be investigated by incident response team and can be prevented using hardware firewall installed at your network. VTB Bank Cyber-Attack VTB Bank, Russia's second-largest financial institution, suffered a massive Distributed-Denial of Service attack in December of 2022. The establishment said it was the worse cyber-attack in its history after the banking website and mobile apps were taken offline. While the services were disrupted, the bank reassured clients that customer data is stored within the internal perimeter of the bank and was not breached in any way. Source: https://www.bleepingcomputer.com/news/security/massive-ddos-attack-takes-russia-s-second-largest-bank-vtb-offline/ Bleeping Computer reported that VTB is 61% state-owned – giving the attacks a political vantage point as an indirect blow to the Russian government. The pro-Ukraine hacktivist group, 'IT Army of Ukraine,' claimed responsibility for the DDoS attacks against the Russian VTB organization - announcing the campaign on Telegram at the end of November. OP Financial Group Cyber-Attack In January, the OP Financial Group was the victim of a cyber-attack that disrupted services. The self-proclaimed biggest bank in Finland said that the attack affected logins which were quickly restored shortly afterward and that no customer data was breached. Flagstar Bank Cyber-Attack An investigation into a massive data breach of the US Flagstar Bank concluded last year – finding that almost 1.5 million customers were affected. The breach resulted in the exposure of social security numbers, banking information, and personal details and appears to have begun as early as December 2022 but the organization held off on disclosing it until it could be investigated. Hospital Cyber-Attacks 2022 The hacker groups also not left the hospital during the recent cyber-attacks in 2022. Cyber-attacks that target hospital infrastructure result in a lot more than just financial loss. The disruption of critical services provided could lead to injuries and loss of life. Hospitals suffering from cyber-attacks often have to take systems offline and interrupt crucial procedures and appointment bookings that could affect thousands of patients. These attacks happen because of network vulnerabilities and absence of network security firewall such as NGFW. Hospitals are more likely to pay off a ransomware attack to ensure the continuation of care. Below are some of the major incidents of hospital cyber attacks in 2022. That also mentions about installing cybersecurity tools such as NDR, EDR and use enterprise hybrid cloud. Doctors’ Center Hospital The Doctors’ Center Hospital reported a breach to the health department in November. Based in Puerto Rico, the hospital system cyber-attack compromised the data of more than 1.19 million people. While the organization said in a statement on its website that no misuse of patient information was reported, data breach letters were sent out to every patient who may have been affected. Andre-Mignot Hospital Cyber-Attack The André-Mignot teaching hospital shut down operations due to a ransomware attack in noticed in December. The cyber criminals demanded a ransom amount after telephone services, the internet, and all computer systems were cut off. The regional health agency (ARS) said that the hospital canceled operations, but did everything possible to keep walk-in services and consultations running. Health Minister Francois Braun said that six patients were transferred already - three from intensive care and three from the neonatal unit. The minister stated that the attack led to “a total reorganization of the hospital,” and that while the machines were still functioning in the intensive care unit, more people were needed to watch the screens as they were no longer working as part of a network. French law forbids the payment of ransoms by public establishments. Healthcare Cyber-Attacks 2022 According to Statista, the healthcare industry is one of the most vulnerable sectors to cybercrime in the list of recent cyber-attacks 2022. Between October 2021 and September 2022, the healthcare sector saw a variety of cyber-attacks – including 63% of network and application anomalies and 22% of malware threats. These network anomalies can be prevented through network traffic analysis tools and by using secure internet gateway. Goodman Campbell Brain and Spine In Indiana, Goodman Campbell Brain and Spine admitted in a report that they were the victims of a ransomware attack that resulted in the release of almost 363,000 patient files being leaked onto the dark web. Advocate Aurora Health The Illinois and Wisconsin hospital health system, Advocate Aurora, suffered a data breach that would affect 3 million patients. The organization revealed that patient data may have been exposed through the improper use of using tracking technologies from Facebook and Google – called Meta Pixel. These tools track patient trends and preferences on Advocate Aurora's websites. Meta Pixel is a JavaScript tracker that helps website operators understand how visitors interact with the site to make targeted improvements. The health system said out of caution, all users of Advocate Aurora MyChart accounts, the LiveWell application, and anyone who used the health system’s scheduling widgets were presumed to have been affected. The system said it hasn’t found any evidence of fraud stemming from the incident and that the pixels were very unlikely to result in identity theft or any financial harm. The preliminary analysis made by security experts revealed that hackers accessed IP addresses, dates and times of scheduled appointments, overviews of patient medical histories, insurance data, and proxy account information. A sophisticated NDR platform can help to detect such incidents efficiently. In August 2022, U.S. healthcare provider Novant Health also disclosed its improper use of Meta Pixel in its implementation of the 'MyChart' portal - which exposed 1.3 million patients. CommonSpirit Health Cyber-Attack The second largest non-profit health system, CommonSpirit Health was the victim of a cyber-attack in October that compromised the personal data of over 600,000 patients, records – which allegedly caused one child to be accidentally given five times the amount of medication needed. The incident interrupted access to electronic health records and delayed patient care in multiple regions. In an update released in December, the company confirmed it suffered a ransomware attack and stated that threat actors gained access to portions of its network between September 16 and October 3. The organization also clarified that the attackers “may have gained access to certain files, including files that contained personal information” belonging to patients who received care or family members of those who received care at Franciscan Health, a 12-hospital affiliate of CommonSpirit Health. Bleeping Computer noted that the U.S. Department of Health data breach portal — where healthcare organizations are legally obligated to report data breaches impacting more than 500 individuals — confirms that threat actors accessed the personal data of 623,774 patients during the CommonSpirit ransomware attack. Cyber-Attacks On Critical Infrastructure 2022 Critical infrastructure sectors are responsible for the priority functions of society. These sectors include energy production sites, water production, supply chains, healthcare, food production, and agriculture. According to Microsoft’s 2022 Digital Defense Report, cyber-attacks aimed at critical infrastructure worldwide were up to 40% of all nation-state attacks These networks are all reliant on one another and we are entirely reliant on them – meaning a cyber-attack on any critical infrastructure has dire ripple effects that can destabilize an entire population. Gartner has estimated that by 2025, hackers would have weaponized a critical infrastructure cyber-physical system (CPS) to successfully harm or kill humans. Supply Chain Cyber-Attacks Cyber-attacks on supply chains are on the rise globally. Supply chain disruptions cause a mass domino effect on manufacturing, shipping, and consumers. Gene Seroka, the executive director at the Port of Los Angeles told the in 2022 that the number of cyber-attacks that target the port is now around 40 million monthly and that they face daily ransomware, malware, spear phishing, and credential harvesting attacks - to cause as much disruption as possible and slow down economies. In February of 2022, Reuters reported that energy supplier giant, Shell, had rerouted oil supplies to other depots after a cyber-attack on two subsidiaries of German logistics firm Marquard & Bahls. The companies discovered they were affected by an attack in January that had disrupted its IT systems and supply chain. Supply chain attacks are no new feature though. Just last year, the top US fuel pipeline operator Colonial Pipeline had to shut down its entire network - the source of nearly half of the US East Coast's fuel supply - after a ransomware attack that was coined as one of the most disruptive digital operations ever reported. Colonial Pipeline revealed that it paid hackers nearly $5 million to regain access to its systems. Conti Ransomware Attack in Costa Rica The Conti Ransomware Attack cyber-attack on the country of Costa Rica made multiple headlines last year in April as well. The president of the country, Rodrigo Chaves Robles, declared a national state of emergency after a string of ransomware attacks halted Costa Rica’s economy - affecting several branches of government and the public sector at large. It was estimated at the time the stagnancy of the economy was costing the country at least $38 million each day that they were down. The attack was initiated by Conti- a popular ransomware group. The hackers initially targeted the country’s Ministry of Finance, demanding a $10 million ransom, which the government declined to pay while still under the previous presidency. Tax administration and customs services were rendered out-of-service which disrupted various digital finance services - such as payments, taxpaying, and services billing. After a public refusal to pay the ransom, the Conti group published 97% of the data it had been using as collateral onto its website. While the hacking group may not have been trying to make a political statement, their geopolitical state and association with Russia played a significant role in Costa Rica’s ransomware attack. After their publicized support for the Russian invasion of Ukraine, Conti lost a great deal of public support. Costa Rica continues to suffer the effects of these attacks, and it does not look as though it will fully recover any time soon. US Government Cyber-Attacks Currently, the FBI's Cyber Sector’s Most Wanted list features over 100 individuals and groups that conspired to commit damaging crimes against the US government - including computer intrusions, wire fraud, identity theft, espionage, trade secret theft, and many more. According to Security Week, 105 local governments in the US were hit with ransomware, along with 44 universities and colleges, 45 school districts, and 25 healthcare providers. The school districts impacted more than 1,900 individual schools, while the healthcare provider incidents hit 290 hospitals. Such incidents result in high demand of EDR and network firewalls. The publication goes on to state that of the 105 known ransomware incidents involving US state or municipal governments or agencies in 2022, at least 27 also resulted in a data breach. In Miller County, malware spread from a compromised mainframe to systems in 55 different counties resulting in data being stolen from all of them. Preventing Cyber-Attacks Going into 2023 A 2022 survey found that 80% of global corporate executives deemed meeting the legal cybersecurity and data protection requirements imposed on companies was an effective solution. Among other cybersecurity-related activities that were considered effective was the installation of technologies that protect data and IT assets from cyber-attacks. At Sangfor Technologies, we commit to bringing you secure and reliable cybersecurity solutions that will ensure you stay safe from any type of cyber-attack. Our wide range of products and platforms will ensure the highest level of protection for your network and organization at all times. The Sangfor Next Generation Firewall (NGFW) is used in conjunction with Endpoint Security to identify malicious files at both the network level and endpoints. The advanced firewall is a security device designed to inspect network and application traffic for threats, secure the network environment from intrusion, and bring in security intelligence from outside the network. Anything that the on-premises features cannot analyze is automatically sent to the cloud-based Neural-X sandbox for isolation and critical inspection. Additionally, Sangfor’s Disaster Recovery Management provides a full range of disaster recovery solutions based on the customer’s Recovery Time and Recovery Point Objective (RPO and RTO) requirements in a simple, resilient, and manageable way. Companies should make the continuity of their business a pivotal point despite any cyber-attack trying to halt operations – Sangfor’s DR has key features in place to ensure this can happen seamlessly without any data loss. Incident Response is a Sangfor service geared towards flexible, fast, and effective elimination and prevention of cyber-attacks. The focus of incident response is locating and eradicating threats while implementing active disaster recovery and providing tailored analysis to help safeguard your company from future cyber-attacks. Sangfor understands that the strongest test of whether an incident response plan is strong is the organization’s ability to recover from the incident. Lastly, the Sangfor Cyber Command (NDR) Platform helps to monitor for malware, residual security events, and future potential compromises in your network. The Cyber Command solution is coupled with Threat Intelligence and an enhanced AI algorithm to keep you updated with any vulnerabilities in the system and any threats detected.   Contact Us for Business Inquiry

Latest News

latest news img
Press Release

Transformative Collaboration: The 2023 Sangfor EMEA EPIC Summit

Sangfor recently hosted its 2023 EPIC summit for the EMEA region in Dubai - one of its celebrated annual events that bring together the pioneering minds of our industry. The summit was held at the Hyatt Regency hotel from the 7th to the 10th of March this year. Its 2-day festivities focused on innovative thinking, technological exchange, and the opportunity to network amongst the brightest minds. This year's theme for the event was “Guide Your Secure Digital Transformation” and featured global IT experts and esteemed Sangfor partners and customers alike - all taking part in an array of exciting activities and contests followed by a wonderful awards ceremony in which we celebrated their achievements. The aim of the EPIC EMEA summit this year was to learn new skills and connect with new people – which was achieved by inviting a host of talented guest speakers and industry leaders from more than 10 countries and regions to give transformative business advice, showcase the latest technology, and share their unique cybersecurity and cloud computing insight strategies going into the future. Being the first EPIC Summit hosted in the EMEA region since the pandemic, the event was extra special. Sangfor ensured the highest convenience by allowing attendees to use its event app to keep them updated and connected throughout the duration of the summit. The event took place over 2 days and featured an array of fun contests with amazing prizes for the attendees to win. The 1st day of the EMEA EPIC summit included these highlights: The inspired welcoming speech by Sangfor’s Co-Founder and Chief Operating Officer, Mr. Wilson Xiong, titled “360° Innovation Creates Business Values.” A keynote speech by IDC Associate Research Director, Ms. Shilpi Handa, provided insight on overcoming challenges on the journey to “Modernize Security for Evolving Business Challenges.” Mr. Guy Rosefelt, Sangfor’s Chief Product Officer, delivered a presentation titled “Synergy 2.0: Designing Your Digital Transformation Together” where he discussed  Sangfor's newest innovations in synergy, Sangfor XDDR 2.0, and Zero Trust strategies. A presentation by Omdia Chief Analyst of IT Operations, Mr. Roy Illsley, titled “2023 and What the Cloud Will Bring” in which he gave insights into the latest data on cloud adoption in EMEA in 2022 and 2023. Sangfor’s Cloud Chief Marketing Officer, Nicholas Tay presented the “Future Proof Your Cloud Journey with Sangfor Hyper Cloud” in which he discussed the current cloud landscape, its challenges, and how Sangfor Cloud can strategically help organizations. An introduction to the innovative business models that Sangfor has developed to build stronger strategic partnerships with members of our partner ecosystem in a speech by Jackie Chen, the Sales VP of Sangfor’s International Market. Cheney Hu, the Sangfor Senior HCI Product Marketing Manager, presented a speech on what to expect from Sangfor’s Hyper-Converged Infrastructure in 2023 to elevate your business. A keynote speech by Mr. Francis Tsang, our Sangfor Senior Cloud Solution Strategist, discussed Sangfor Subscription Cloud’s ability to unlock greater business value from your digital transformation. A success story from our VIP Partner, Opiquad of Italy, and their CSI Department Manager, Mr. Alessandro Motta. Sangfor’s Cloud Solution Strategist, Mr. YK Lee, delivered a speech on the 4 benefits of Hybrid Cloud. The Sangfor VDI Product Manager, Mr. Harper Zhang, introduced Sangfor's one-stop Virtual Desktop Infrastructure (VDI) solution in a keynote speech titled “A One-Stop Approach to Digitalize Your Traditional Workspace .” Sangfor VIP customer success stories from Infoteam of Italy and their Solution Architect, Mr. Ivan Dalla Zuanna, Global Care Hospital of Abu Dhabi and their IT Director, Mr. Deepak Cheraparambil, and EFU Life Assurance LTD of Pakistan, and their General Manager of IT, Mr. Sohaib Shams. The day ended with a wonderful gala dinner in which a prestigious awards ceremony was held to recognize and celebrate the outstanding achievements of Sangfor’s customers and partners over the past year. keynote speech by IDC Associate Research Director, Ms. Shilpi Handa   View the photo album of the Event (Day 1)   The 2023 EPIC EMEA Summit Customer Awards The Sangfor 2022 Customer Awards were presented by Sangfor Founder and CEO, Mr. River He, Sangfor’s Co-Founder and Chief Operating Officer, Mr. Wilson Xiong, and Sangfor’s Deputy Manager of the International Market, Jackie Chen, respectively. The results went as follows: Sangfor 2022 Diamond Customer Award English Biscuit Manufacturers EFU Life Assurance Ltd Sangfor 2022 Most Innovative Customer Award Feroze 1888 Mills Limited Sangfor 2022 Best XDDR Award China State Construction Engineering Corporation (Middle East) LLC Sangfor 2022 Cyber Security Solution Award Confartigianato Artigian Service Sangfor 2022 Infrastructure Solution Award Global Care Hospital Sangfor 2022 Most Engaged Customer Award China National Petroleum Corporation (CNPC) Middle East Sangfor 2022 Best Industry Award for Construction WAFI PROPERTY (LLC) Sangfor 2022 Best Industry Award for Healthcare Medilife Health Group Sangfor 2022 Best Industry Award for Retail Majid Al Futtaim - Carrefour Sangfor 2022 Best Industry Award for Public Administration Punjab Information Technology Board Sangfor 2022 Best Industry Award for Utilities Oman Electricity Transmission Company OETC Sangfor 2022 Best Industry Award for Telecom Telekom Networks Malawi Plc The 2023 EPIC EMEA Summit Partner Awards The next segment of the EPIC Summit’s gala dinner ceremony was for the Sangfor partner awards to celebrate their milestones and victories in the past year as esteemed partners to Sangfor. The results of the partner awards were as follows: Sangfor 2022 Best Distributor Esprinet S.p.A. Sangfor 2022 Best Distributor in Marketing CIPS Informatica srl Sangfor 2022 Fast Growing VAD Spollex Distribution Computer Trading LLC Nexta Çözüm Danışmanlık Anonim Şirketi Sangfor 2022 Most Loyal VAD Advanced Business Solutions MENA FZCo Sangfor 2022 Best Gold Partner TELEC Electronics & Machinery (PVT) Ltd. D.S.C. Digital System Computers s.r.l. Sangfor 2022 Best Managed Service Provider SI.EL.CO. Srl Sangfor 2022 Best Partner for Hybrid Cloud OMEGA GROUP SRL Sangfor 2022 First DaaS MSP in Italy Auxilium S.r.l. Sangfor 2022 Fast Growing CSP PEGASUS MSP SRL DC Technologies FZ-LLC Infoteam S.R.L. Sinergy Studio srl Sangfor 2022 Best Partner in the Exchange Industry Netmate Information Technology Sangfor 2022 Best Innovator in the Public Sector Data2Cloud Sangfor 2022 Most Innovative Cloud Service Provider Opiquad SRL Day 2 of the 2023 EPIC EMEA Summit continued with a blast with several presentations by Sangfor experts and respected customers. An overview of the event goes as follows: Starting, the Sangfor Security Product Director, Mr. Allen Lim, introduced Sangfor Access and demonstrated its use in a presentation titled “Securing Todays Network: Practical Security Planning in the Journey to Cloud.” Zoppo Chen, Sangfor’s Platform Team Leader, spoke about how to “Streamline Your Security Operations with Sangfor XDDR.” A keynote speech on “Preparing for Tomorrow's Cyber Threats” by Steven Tsui, Sangfor’s Security Product Marketing Manager, provided insight into Sangfor’s new and upcoming products, solutions, and capabilities. A presentation by Product Manager for IAG, Mr. Eugene Yew, on how Sangfor’s Internet Access Gateway can provide visibility and granular control over users and endpoint devices across your environment. The president of Sangfor’s International Market, Jeremy Jia, presented “Investing in a Brighter Future” in which partner programs are introduced that will help Sangfor partners invest wisely in the future of the industry. Transformation Mr. Jackie Chen, the Deputy Manager of Sangfor International Market, gave a speech titled “Transformation” that explored new partnership strategies. Sangfor’s Chief Product Officer, Guy Rosefelt, gave a keynote speech on “Empowering Your Business: A Channel Partner's Guide to Thriving in Today's Security Landscape.” in which Sangfor’s XDDR, Zero Trust, and security services and how they can be leveraged were discussed. Sangfor’s Cloud Operations Director, Mr. Glay Wang, presented an explanation of the strategies and proven models of “Driving Your Cloud Business Transformation to Success.”   View the photo album of the Event (Day 2)   The event also had an array of VIP customer success stories featured throughout the day that displayed their satisfaction with using Sangfor Technologies. Key presentations were noted from: Medilife Health Group and their representative, Mr. Kenan Turkyilmaz. TechnoBT and their representative Mr. Erem Korkmaz. Cattaneo Impianti and their IT and Project Manager , Mr. Federico Fracchiolla. Sogetel SRL and their IT Manager, Mr. Davide Zampatori. English Biscuit Manufacturers and their DGM of Information Technology, Mr. Zaid Umer Farooqui. The Institute of Business Administration Karachi’s Head of ICT, Mr. Wajeeh Zaidi. And Confargianato Impresse who couldn’t be there, unfortunately, but sent through a recording of their presentation. The summit also included speeches by esteemed Sangfor VIP Partners. The list of notable partner speakers included: Opiquad and their CSI Department Manager, Mr. Alessandro Motta. DC Technologies and their Business Development Manager, Mr. Sibasish Banerjee. Sielco SRL and their presales, Mr. Domenico Squadrito. Netmate Information Technology and their head of Business Development and Project Execution, Mr. Amer Khan. PEGASUS and their CEO, Mr. Giuseppe Marrone. The Sangfor 2023 EPIC EMEA Summit was a great success, and we hope that all attendees had a wonderful and insightful time with us. We would like to extend our gratitude to our esteemed and loyal partners and customers for joining Sangfor at this hallmark event and wish you an inspired and brighter digital future ahead because of it. Watch the greatest moments of this event in the highlight video below.   The Greatest Moments of Sangfor EPIC Summit 2023 - EMEA Edition

Press Release

Empowering Innovation: The 2023 Sangfor Summits in APAC

Sangfor Technologies hosted its annual APAC Summits from the 27th February to the 3rd March 2023. The Summits focused on connecting innovative minds and showcasing pioneering technology in cybersecurity and cloud computing. The 2023 Sangfor APAC Summits were even more special this year as they were the first in-person summits held by Sangfor since the Covid-19 pandemic. Exclusive event apps were also released for both the Partner Summit and EPIC Summit to assist attendees and provide maximum convenience at the touch of a button. Both events also hosted an array of exciting and interactive contests, exhibitions, and breakout sessions. The Sangfor Partner Summit 2023 – APAC Edition The Sangfor APAC Partner Summit 2023 took place at the end of February and saw more than 400 partners gathered to celebrate achievements and network amongst innovative minds. Sangfor executives and industry experts get the chance to showcase their latest products and services going into the new year. Some key highlights of the 2023 Sangfor APAC Partner Summit included: A welcoming and inspiring keynote speech by the Sangfor Co-founder and Chief Operating Officer, Mr. Wilson Xiong, that touched on “Building the Future Through New Partnership”. Sangfor’s Chief Product Officer, Mr. Guy Rosefelt, gave a keynote speech that discussed the lessons learned from 2022 and how partners can use past wisdom to better address the security needs of customers in the upcoming year. A keynote speech by Mr. Jeremy Jia, the President of Sangfor’s International Market, presenting Sangfor's master plan for partners in 2023. Mr. Allen Lim, the Sangfor Product Director for Security, presented a wonderful performance sketch of the threat to cybersecurity posed by ChatGPT and thereafter offered a presentation on the newest and enhanced Sangfor cybersecurity products and services available. A presentation by Mr. Glay Wang, the Sangfor Senior Cloud Business Operations Manager, introduced Sangfor’s new and improved cloud products, solutions, and services as well as partnership models to inspire growth. Presentations of success stories from esteemed Sangfor partners all accompanied on stage by Sangfor’s Director of Channel Partner Operations, Mr. Bory Liao. Our partners at the summit included Mr. Melvin Ong of TSI Distributors in Indonesia, Mr. Albert Tu of Data Alliance in Malaysia, Mr. Ephrem Jr Dela Cerna of PCI Innovations Tech Center in the Philippines, and Mr. Stanley Lee Chi Man of Fujifilm in Hong Kong. The night ended with an elegant partner awards ceremony held during the Gala dinner event later on at the hotel in which we celebrated the achievements and milestones of our respected partners and gave our prizes won during the contests and lucky draws throughout the day. The list of the award winners during our 2023 Sangfor Partner Summit ceremony went as follows: Sangfor 2022 Best Distributor PT Solusi Multi Tehnologi IT Green Public Company (Limited) Sangfor 2022 Best VAD Data Alliance Sdn Bhd BANBROS COMMERCIAL, INC. Sangfor 2022 Best Gold Partner FUJIFILM Business Innovation (Hong Kong) Limited Sysnect Information Co., Ltd. PT Gwen Tekno Pratama MSE DotNet Sdn Bhd IPSolutions Inc. Sangfor 2022 Best Partner for Cyber Security Momentum Z Kmit-Group Co., Ltd. Supplier Development Asia Pacific Ltd Sangfor 2022 Best Partner for Cloud Computing Map2u Sdn Bhd HOMITECH JOINT STOCK COMPANY R3HUB IT SOLUTIONS Sangfor 2022 Fastest Growing Partner First One Systems Co., Ltd. Vega Networks Co., Ltd. Business Resilience Technology PT Wira Arta Telematika Baro International Limited Sangfor 2022 Best Industry Performer ICO Technology Limited E-Content (M) Sdn Bhd Torque IT Co., Ltd. PT. Berkah Sejahtera Abadi Indonesia Massive Integrated Tech Solutions Inc.  Sundray 2022 - Fastest Growing Distributor PT Festino Indonesia Sundray 2022 - Best Gold Partner CÔNG TY TNHH HONG WEl Sundray 2022 - Fastest Growing Partner ASIA FORT SECURITY & NETWORK TECHNOLOGY CO.,LTD Sundray 2022 - Outstanding X-LINK Distributor Công ty TNHH ORIPU Overall, the 2023 APAC Sangfor Partner Summit was a delightful success and in March, the Sangfor EPIC Summit was held – Sangfor’s biggest customer event of the year.   View the photo album of the Sangfor Partner Summit 2023   The Sangfor EPIC Summit 2023 – APAC Edition The event hosted 350+ customers from more than 10 different countries and regions in the APAC. The Sangfor EPIC Summit features executives and industry experts from around the world to showcase the latest cybersecurity and cloud computing products and services. The theme of the event was innovation – led by expertise and strategies to help you protect and grow your business in 2023. INTEL played a pivotal role as a sponsor of the EPIC Summit and our esteemed guest speakers from the IDC and Forrester. Some of the main highlights of the 2023 Sangfor APAC EPIC Summit included: An opening speech by Sangfor’s Co-Founder and Chief Officer of Operations, Mr. Wilson Xiong. A keynote presentation by Mr. Michael Barnes, the Vice President and Research Director of Forrester, that delves into “Enabling a Future Fit Technology Strategy”. The esteemed guest speaker focused on the way shifting market dynamics constantly redefine operating models and require fast, flexible, and connected technology. The Sangfor Chief Product Officer , Mr. Guy Rosefelt, offering a keynote presentation on Sangfor's newest innovations in synergy with Sangfor XDDR 2.0 and the Zero Trust strategies that power Sangfor’s Managed Cloud Services and make your digital transformation simple and secure. A keynote presentation from Mr. Simon Piff, the IDC Vice President for APAC, entitled "The Future Model for Extensible Infrastructure." A focus on the challenges faced within the modern Digital-First business model and how to approach them. A keynote presentation from Sangfor’s Chief Marketing Officer for Cloud, Mr. Nicholas Tay, discussed the current cloud landscape, its challenges, and how Sangfor’s Cloud solutions can strategically help organizations operate at scale with simplified cloud operations and integrated security. The Sangfor President of the International Market, Mr. Jeremy Jia, gave a keynote speech on the risks of investing in technologies during a forecasted negative economic growth climate in 2023. Jia highlighted the ways Sangfor can minimize those risks through the powerful Synergy between security and cloud products and services. A CIO Insights Panel that featured Sangfor and industry experts to discuss their organizations' digital transformation journeys, as well as the trends, challenges, and opportunities in the cybersecurity and cloud computing business landscape. These included Mr. Benedict Sulaiman, the Vice President of Information Technology of Ramsay Sime Darby Health Care in Indonesia, Mr. Kenneth Lai, Sangfor Partner and Head of IT Services of KPMG (Hong Kong), Mr. Lutzer U. Reyes, ICT Director and Associate Professor at The Polytechnic University of the Philippines, and Mr. Jankham Krit, CIO of Asian-Pacific Can Co., Ltd in Thailand.   View the photo album of the Sangfor EPIC Summit 2023   The EPIC Summit event came to a close with an award ceremony during the Gala dinner afterwards in which our valued attendees won a host of wonderful prizes. The list of award winners for the 2023 EPIC Summit ceremony went as follows: Sangfor 2022 Diamond Customer Award Index Living Mall Public Company Limited Palace of Justice Sangfor 2022 Most Innovative Customer Award Universitas Mercu Buana RPX One Stop Logistics Sangfor 2022 Best Cyber Security Use Case Award Processing Center Company Limited Best World International Road Transport Department Malaysia Sangfor 2022 Best Cloud Computing Use Case Award Macau University of Science and Technology Sentra Medika Hospital Group Royal Malaysian Customs Department Sangfor 2022 Most Engaged Customer Award Bangkok Genomics Innovation Co., Ltd Big C Supercenter Public Company Limited Ramsay Sime Darby Health Care Sangfor 2022 Best Industry Use Case Award Walailak University Hospital DCS Card Centre Pte Ltd National Kidney and Transplant Institute Sundray 2022 Best Industry Use Case Award Philippine International Convention Center We would like to extend our deepest gratitude to those who attended the 2023 Sangfor ACAC Summits and hope to see you soon on your journey to a safer and more advanced digital landscape.


Sangfor Named as a Visionary in 2022 Gartner® Magic Quadrant™ for Network Firewalls

8 Consecutive Years in the Gartner Magic Quadrant for Network Firewalls Sangfor is proud to announce that it has been named as a Visionary in the prestigious 2022 Gartner® Magic Quadrant™ for Network Firewalls.1 The latest recognition marks the 8th year Sangfor has been recognized in this Magic Quadrant (previously known as Magic Quadrant for Enterprise Network Firewalls) and the 2nd consecutive year as a Visionary.   DOWNLOAD THE REPORT NOW What it means to be a Visionary The Gartner Magic Quadrant evaluates the vendors’ Completeness of Vision and Ability to Execute on a set of criteria with different weightings. The Completeness of Vision is evaluated based on 8 criteria, among which Market Understanding, Offering (Product) Strategy, and Innovation are allocated with “High” weightings. The Gartner report defines these as: Market Understanding: Ability of the vendor to understand buyers' wants and needs and to translate those into products and services. Vendors that show the highest degree of vision listen to and understand buyers' wants and needs, and can shape or enhance those with their added vision. Offering (Product) Strategy: The vendor's approach to product development and delivery that emphasizes differentiation, functionality, methodology and feature sets as they map to current and future requirements. Innovation: Direct, related, complementary and synergistic layouts of resources, expertise or capital for investment, consolidation, defensive or pre-emptive purposes. The Inspiration behind our Innovation “We are extremely proud to once again be named as a Visionary in the Gartner Magic Quadrant for Network Firewalls,” says Jeremy Jia, President of Sangfor International Market. “Our Sangfor NGAF brand of next-generation firewall truly epitomizes Sangfor’s commitment to continuous innovation, with several industry-first capabilities such as the first AI-enabled and WAF-integrated NGFW. However, we believe that our recognition as a Visionary is an achievement to be shared with all the customers we have been privileged to serve. They provide us with their valuable feedback to inspire us to break new ground in our mission to safeguard their businesses, now and into the future.” Sangfor NGAF Continues to Lead in Firewall Technology Sangfor NGAF next-generation firewall is still moving forward with new innovations and product capabilities to tackle an ever-changing security threat landscape. Sangfor believes that its continued recognition in the Gartner Magic Quadrant for Network Firewalls is the result of the following strengths: AI-Powered Protection Sangfor NGAF takes network perimeter security to the next level as the world's first AI-enabled next-generation firewall. Powered by Sangfor’s proprietary Engine Zero artificially intelligent malware detection engine and Neural-X threat intelligence (TI) platform, Sangfor NGAF is proven to keep 99.7%* of threats outside the network. Engine Zero has been trained using millions of malware samples to detect unknown malware and zero-day attacks while Neural-X TI feeds constantly enrich Sangfor NGAF with the latest indicators of compromise (IOCs) and adversary tactics, techniques, and procedures (TTPs) to detect emerging threats. Seamless Security Integration As a core component of Sangfor’s Extended Detection, Defense and Response (XDDR) architecture, NGAF integrates seamlessly with Sangfor’s entire range of security products, including Endpoint Secure, Internet Access Gateway (IAG), and Cyber Command. By using purpose-built AI models to correlate events across the network, Cyber Command detects advanced threats that manage to evade individual security controls, while Sangfor NGAF, IAG, and Endpoint Secure coordinate to contain attacks, isolate compromised hosts, and eradicate all threats from the environment. All products work in tandem to create a truly holistic system, leaving threats nowhere to hide. Web Application Firewall Integration Sangfor NGAF is the world’s first and only next-generation firewall to fully integrate an enterprise-grade Web Application Firewall (WAF), delivering network and web application protection in one appliance, providing customers with both ease of operations and strong ROI. Sangfor NG-WAF leverages Sangfor’s WISE Engine, the industry’s first WAF threat detection engine to incorporate a virtual execution system (VES) in addition to machine learning and semantic analysis, delivering more powerful and smarter detection capabilities against all web application threats while significantly reducing the number of false-positives. Simplified Security Operations With the mission to make technology simpler for all users, Sangfor has integrated the first SOC (Security Operations Center) Lite into Sangfor NGAF to make security operations and incident response simple and intuitive for operators of any experience level. Automated policy optimization enables one-click troubleshooting to identify redundant and failed parts in complex security policies. Through asset identification and association with security events, security operators can quickly and accurately locate compromised and ransomware-infected hosts and respond immediately with native response guidance. Newest Upgrades, Features, and Capabilities Sangfor NGAF models in certain regions have received hardware upgrades to provide enhanced firewall performance, adaptability, and stability as well as new capabilities to serve emerging firewall use cases. These new features include cloud deception, which deflects attacks from local systems and improves attack detection, and IoT security coverage. Sangfor also offers a fully integrated network firewall with its zero-trust network architecture (ZTNA) and Sangfor Access Secure Access Service Edge (SASE) solutions. These new features will be made more widely available to Sangfor customers throughout this year. Please refer to future product announcements for specific release dates. Network Firewall Market Insights Network firewalls form an essential part of organizations’ security infrastructure. The Magic Quadrant for Network Firewalls observes that the network firewall market is still one of the largest security markets and is driven by several factors. Here are a few observations from the report: The rise of hybrid environments is the key factor behind vendors’ introduction of multiple firewall deployment types, such as FWaaS and cloud-native. Interest in zero trust is favoring the selection of single firewall vendors that can help enterprises achieve a ZTNA, so that they do not have to use multiple vendors. There is huge interest in visibility and control of east-west segmentation policies and enhanced security operation integrations. Advanced security capabilities remain a key driving factor, as threat vectors are using more sophisticated means of attacking hybrid workforces and cloud networks. Get your complimentary copy of the Gartner Magic Quadrant for Network Firewalls by clicking here.   DOWNLOAD THE REPORT NOW   Source [1] Gartner Inc., Magic Quadrant for Network Firewalls, Rajpreet Kaur, Adam Hils, Thomas Lintemuth, December 19, 2022 Gartner Disclaimer GARTNER is a registered trademarks and service mark, and MAGIC QUADRANT is a registered trademark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Sangfor Technologies. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.