User Tools

Site Tools


about50

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
about50 [2019/02/12 13:10]
root
about50 [2020/07/01 11:15] (current)
zog
Line 1: Line 1:
-====== About ICS CUBE ======+===== About ICS CUBE =====
  
 ICS CUBE is multifunctional network solution equiped with a set of over 80 functions sufficient for keeping network operations safe and sound for a typical enterprise. ICS CUBE is multifunctional network solution equiped with a set of over 80 functions sufficient for keeping network operations safe and sound for a typical enterprise.
Line 6: Line 6:
 ICS CUBE acts as a smart router, plugged between your corporate nertwork and the Internet, leaving you network safe, controlling traffic and enforcing your corporate use and security policy. ​ ICS CUBE acts as a smart router, plugged between your corporate nertwork and the Internet, leaving you network safe, controlling traffic and enforcing your corporate use and security policy. ​
  
 +==== Key functions of ICS CUBE ====
  
-=====Key functions of ICS CUBE===== +|Universal internet gateway|Supports of multiple Internet connection types: Ethernet, Wi-Fi, 3G, PPTP, PPPoE, L2TP. Supports VLANs and DMZ. Works with several ISP at once, supports PPPoE/PPTP VPN for corporate users, tunnels traffic via GRE/IPIP VPN tunnels with IPsek PSK encryption as well as OpenVPN. Supports terminal clients. Routes IP traffic. Provides DNS, DHCP.| 
- +|Access control|User authentication by IP address, MAC, login/​password pair, terminal server user authentication. Authentication via Active Directory, via local software agent, via VPN connections (PPPoE, PPTP) and pre-paid cards. Full Windows network integration. Layer 7 filtering, content filtering, traffic categorization by SkyDNS, Kaspersky ​Webfilter, https filtering.| 
-|Universal internet gateway|Supports of multiple Internet connection types: Ethernet, Wi-Fi, 3G, PPTP, PPPoE, L2TP. Supports VLANs and DMZ. Works with several ISP at once, supports PPPoE/PPTP VPN for corporate users, tunnels traffic via GRE/IPIP VPN tunnels with IPSEC PSK encryption as well as Open VPN. Supports terminal clients. Routes IP traffic. Provides DNS, DHCP.| +|Network security|Network firewall. Built-in antiviruses selection of Kaspersky ​and ClamAV. Incoming and outgoing traffic inspection. ICQ interception,​ Network address and port translation (NATPT), DMZ support. Network intrusion prevention system (NIDS/​NIPS),​ raid-1 support for increased system stability.| 
-|Access control|User authentication by IP address, MAC, login/​password pair, terminal server user authentication. Authentication via Active Directory, via local software agent, via VPN connections (PPPoE, PPTP) and pre-paid cards. Full Windows network integration. Layer 7 filtering, content filtering, traffic categorization by SkyDNS, Kaspersky ​Web Filter, https filtering.| +|Communication and network support|Proxy server, mail server with SPAM filters, DNS, DHCP, Web, FTP, IPsec encryption, multiple remote office secure interconnection via encrypted tunnels.|
-|Network security|Network firewall. Built-in antiviruses selection of Dr.Web, ​KasperskyClamAV. Incoming and outgoing traffic inspection. ​Data loss protection module to keep your confidential information inside, ​ICQ interception,​ Network address and port translation (NATPT), DMZ support. Network intrusion prevention system (NIDS/​NIPS),​ raid-1 support for increased system stability.| +
-|Communication and network support|Proxy server, mail server with SPAM filters, DNS, DHCP, Web, FTP, IPSEC encryption, multiple remote office secure interconnection via encrypted tunnels.|+
 |Traffic accounting and network visibility|Traffic and access accountng by user, user groups, address groups, network interfaces, sites and URLs, files, protocols, MIME-types, timestamp, traffic source. Netflow parsing to obtain traffic statistics from external routers (Cisco, Juniper and more).| ​ |Traffic accounting and network visibility|Traffic and access accountng by user, user groups, address groups, network interfaces, sites and URLs, files, protocols, MIME-types, timestamp, traffic source. Netflow parsing to obtain traffic statistics from external routers (Cisco, Juniper and more).| ​
-|Easy control|All components are easily controlled via web-based protected interface. ICS CUBE keeps track of all links between its components and hides complexity from the user. ICS CUBE supports clustering to build robust and efficient network structures and services with low cost equipment. Administering of any number if ICS CUBEs in remote offices can be done from single interface.|+|Easy control|All components are easily controlled via web-based protected interface. ICS CUBE keeps track of all links between its components and hides complexity from the user. Administering of any number if ICS CUBEs in remote offices can be done from single interface.|
 |File and web servers|File storage with HTTP/FTP access. Windows network neighborhood (CIFS/SMB) access. File storage uses reliable ZFS file system with RAID 0/1 support and fault tolerance. Fully functional web server with PHP support and MySQL database with unlimited number of web sites deployed. DNS server included.| ​ |File and web servers|File storage with HTTP/FTP access. Windows network neighborhood (CIFS/SMB) access. File storage uses reliable ZFS file system with RAID 0/1 support and fault tolerance. Fully functional web server with PHP support and MySQL database with unlimited number of web sites deployed. DNS server included.| ​
 |Proxy server|Allows to obtain precise web usage statistics, allow/deny specific users to specific web sites and URLs within sites. Traffic and channel utilization optimized by 10-30%.| |Proxy server|Allows to obtain precise web usage statistics, allow/deny specific users to specific web sites and URLs within sites. Traffic and channel utilization optimized by 10-30%.|
Line 21: Line 20:
 =====Operation principle===== =====Operation principle=====
  
-ICS CUBE densely integrates precisely-chosen set of solutions on a single platform. It also contains storage for all configuration data, traffic statistics, reports, users, rules, etc. ICS CUBE logically unites all components of the system from operational and control point of view. ICS is designed to address all needs of a typical corporate network connected to the Internet. ICS CUBE turns a general computer into powerful Internet router and gateway supporting all corporate communications. ICS middleware makes all its components operate in concert, minimizing configuration effort to virtually zero, keeping your network operation secure, manageable and visible from convenient graphical interface. ​+ICS CUBE densely integrates precisely-chosen set of solutions on a single platform. It also contains storage for all configuration data, traffic statistics, reports, users, rules, etc. ICS CUBE logically unites all components of the system from operational and control point of view. ICS CUBE is designed to address all needs of a typical corporate network connected to the Internet. ICS CUBE turns a general computer into powerful Internet router and gateway supporting all corporate communications. ICS CUBE middleware makes all its components operate in concert, minimizing configuration effort to virtually zero, keeping your network operation secure, manageable and visible from convenient graphical interface. ​ 
 ICS CUBE is typically installed at an x86 (32 or 64bit) computer with two or more network interfaces. Part of these interfaces is designated as external and connects to ISP equipment, the others are internal and link to corporate network (office LAN switch with connection to other client’s computers in the simplest topology).  ​ ICS CUBE is typically installed at an x86 (32 or 64bit) computer with two or more network interfaces. Part of these interfaces is designated as external and connects to ISP equipment, the others are internal and link to corporate network (office LAN switch with connection to other client’s computers in the simplest topology).  ​
  
Line 29: Line 29:
  
 ICS CUBE can support much more complex topologies, including DMZ, virtual LANs, tunnels between remote offices, multiple ISPs, complex switching and routing in corporate network, etc. ICS CUBE can support much more complex topologies, including DMZ, virtual LANs, tunnels between remote offices, multiple ISPs, complex switching and routing in corporate network, etc.
-Every corporate user should be configured at ICS (or imported from domain controller). Every user is assigned a portion of network resources, addresses and authentication scheme. Various authentication schemes can be used simultaneously. Users can be managed individually or collectively as user groups. IP addresses can be configured statically or delegated via built in DHCP service or by means of automatically configured tunnels with PPTP or PPPoE. Every user can be associated with resource quotas – for resource consumption,​ e-mail addresses, etc. Special rights, like administrator of a particular group can also be delegated to a user.  ​+ 
 +Every corporate user should be configured at ICS CUBE (or imported from domain controller). Every user is assigned a portion of network resources, addresses and authentication scheme. Various authentication schemes can be used simultaneously. Users can be managed individually or collectively as user groups. IP addresses can be configured statically or delegated via built in DHCP service or by means of automatically configured tunnels with PPTP or PPPoE. Every user can be associated with resource quotas – for resource consumption,​ e-mail addresses, etc. Special rights, like administrator of a particular group can also be delegated to a user.  ​
  
  
about50.txt · Last modified: 2020/07/01 11:15 by zog