CDN

Benefits

Powerful Security of the ZTNA

Network concealment powered by the Zero-Trust architecture reduces potential of attacks and security risks with granular and dynamic access authorization.

Better Performance with Quicker Access

Distributed security gateways provide access to nearby nodes and optimal transmission link to improve access speed; security gateway clusters handle concurrencies and removes performance bottleneck of traditional VPNs.

Versatile and Easy to Use

Supporting WEB browser, Windows, MacOS, Android, iOS, Linux and a variety of devices. Integrated office application virtual portal and SSO (single sign-on) for easy access.

Unified Management with Efficient O&M

Configuration takes effect in minutes, eliminating cumbersome operations. Centralized management and control platform supporting monitoring visualization, one-click distribution of global configuration, instant generation of usage reports, etc.

Features

  • Network Concealment

    Through three layers of concealment, enterprise applications are only visible to legitimate users, preventing external malicious scanning and network attacks.

  • Dynamic Authentication

    Continuously evaluate the access behavior of users, and dynamically control and adjust the access of users by detecting abnormal behavior including unauthorized access, risks and device configuration to ensure the security of applications.

    • Abnormal behavior verification: detect remote login, new device login, abnormal login time, password change, and deduct trust points as a result.
    • Unauthorized access verification: attempt to access an unauthorized business system it will be recorded, audited, and trust points deducted.
    • Threat detection: leveraging threat feature library, abnormal IP, malicious domain name, virus attack detection to detect threat and deduct trust points.
    • Inadequate configuration detection: deduct trust points when client version, operating system version, PC/mobile device model and ID do not match settings.
  • Access Control

    Through the layer-by-layer authorization mechanism, only the minimum permissions needed by any personnel are granted, enabling granular access control.

    • Multi-factor identity security authentication, such as time/geo fencing, SMS, domain identity, etc.
    • Application-level access based on the least authorization principle, with customized granular user access policies.
    • Platform-level anti-DDoS, WAF protection, security auditing.
    • Multiple data disclosure prevention technologies such as digital watermarking, controlled document viewing, and device behavior control.
  • Application Access Acceleration and Optimization

    Through protocol optimization, transmission optimization, link optimization, data optimization technology, integrate global high-quality links, improve network access speed and success.

    • Multiple transmission optimization: static data is distributed in the nearest cache, and dynamic data is processed through WAN optimization features such as routing optimization and protocol optimization to accelerate return to source interactions.
    • High availability: a large number of high-quality nodes, expanded coverage, multi-source load balancing, 0 delay switchover and other technologies to ensure the highly stable operation of systems.
    • Performance optimization: distributed security gateway cluster deployment, excellent concurrency handling, effectively eliminating the performance bottleneck of traditional VPNs.
  • Multi-platform and Multi-device Access

    Easy access for smartphone/PC/tablets. The client supports mainstream operating systems such as Android, iOS, Windows, macOS, Linux, and browser based access (no plug-ins needed) to provide users with secure connections anytime, anywhere.

  • Unified Management

    Dedicated enterprise platform, unified internal and external network access, portals, remote management.

    • Integrated SSO single sign-on: users are only required to authenticate once when logging in using SecureLink, and the subsequent authorized application in the virtual portal does not need to be authenticated again.
    • Unified access to internal and external networks: users are not required to switch accounts.
      Providing seamlessly access to intranet applications, public network applications, cloud applications, SaaS applications, etc., fundamentally eliminating the hassle of switching between intranet and public network.
    • Unified remote management: unified setting of compatibility, configuration of personalized portals, and configuration distribution through the security management and control platform
  • Situational Awareness

    Multi-dimensional application accesses of dashboards, intuitive and visible presentation, detecting and abnormalities in real time.

    • Detection of employee access behavior, real-time visibility of the number of online users, blocked access, etc.
    • Application operation status awareness, intuitive understanding of enterprise business application access:
    • Internal risk awareness, accurate detection of events, assist operators to quickly deal with devices at risk.
    • System abnormality perception, rapidly detect ant abnormalities of business applications and warnings from Zero-Trust product components.

Product Architecture

Product Architecture

Scenarios

  • Telecommuting
  • Branch Access
  • Enterprise Intranet Security
  • Supplier Secure Access
  • Video Conference Optimization
  • SaaS Access Optimization

Offsite employees are required to remotely access the enterprise’s intranet system through smart phones, tablets and other devices. Traditional VPNs are often unstable, and difficult to control user access, hence enterprise intranet can be easily penetrated, resulting in certain external attack risks:

  • SecureLink operates on the principle of minimum authorization, which restricts the access and operation of uncontrollable personnel to important systems.
  • Through user behavior audit and operation control, implement multi-dimensional and multi-level protection of enterprise sensitive data assets.
  • Support a large number of users to access, ensure security, speed, and stability.

Enterprises with multiple stores and outlets often have dozens of internal business systems and lack a unified approach to integrate various businesses, multiple systems face issues of authentication and compatibility, poor user experience and low efficiency:

  • SecureLink provides customized enterprise office platform, integrated single sign-on with instant access, enabling fast and stable operations.
  • Granular security control policy, which only allows application-level access and does not expose enterprise business resources.
  • Through the situation awareness dashboard, users can analyze the access data from multiple dimensions, interpret access behaviors of the business system in real time, and detect security threats in time.

In response to the challenge of attack and defense exercises, enterprises need to prevent exposed ports and IP addresses from being attacked by scanning techniques. At the same time, the security protection level 2.0 standard clearly requires that if an enterprise’s telecommuting system fails to pass the evaluation, relevant authorities must be notified and issues be rectified:

  • SecureLink provides a secure gateway to conceal the business system, so that the server address and port cannot be detected by external scanning tools and attack sources.
  • Unified security control at the application level, improve terminal security, and reduce the risk of unintended disclosure and the cost of operation and maintenance.
  • Meet the security requirements of security protection level 2.0 for perimeter protection, intrusion prevention, network architecture and other security requirements, and comprehensively enhance compliance for enterprises.

In order to facilitate remote access to related businesses by upstream and downstream partners, enterprises often expose the supplier portal system on the public network, and the business system may face unknown security threats from external sources, such as database hacking, and data disclosure:

  • SecureLink provides a secure gateway to conceal enterprise applications from the network, therefore hackers are unable to attack enterprise resources.
  • Multi-factor authentication such as device binding, SMS verification and scan verification are supported to make authentication more secure.
  • Situational awareness dashboard shows the overall situation and security threats, comprehensively tracks the trajectory of user behavior, and accurately detects suspicious behavior.

Video conferencing is an important tool for communication within enterprises. Video conference transmission is highly sensitive to network latency and stability. High network latency and instability will lead to video conference disruptions, blurred images, audio and video out of sync and so on. It seriously affects the efficiency of internal communication, and greatly increases the labor cost of internal communication.

  • Based on the global accelerated transmission network, SecureLink greatly improves transmission latency, stability and quality of long-distance video conferences.
  • Through the private protocol optimization technology, the reliability of data transmission is improved, and frame loss caused by packet loss of video data can be avoided.

SaaS cloud office systems (such as salesforce and office365) are independent of proprietary enterprise management office systems. As most SaaS cloud office systems are based on overseas clouds, employees often encounter issues such as slow speed and long loading times, and employees usually have to switch manually when using proprietary office systems and SaaS office systems, resulting in poor user experience. In addition, cloud office systems are often solely reliant on account login management for security.

  • SecureLink provides an integrated virtual portal, which can integrate internal proprietary applications and SaaS applications, making it easier for employees to access.
  • In addition to the security of SaaS cloud office systems, it provides comprehensive security solutions such as extra security access, concealment and Zero-Trust.
  • Based on the global accelerated transmission network, efficiently improve the access speed of the cloud office system.