Network Secure Version8.0.95 Technical Training
Network Secure Version8.0.95 Technical Training
95
Technical Training
1 Quality improvements
3 Removed function
Radius authentication handle leaking, LDAP base DN sync fail; SSL VPN username cannot include Boon Siew Honda,
3
“@” Help University, UNIKL
5 CLI update to avoid choice wording and multiple usability issues. HKT
9 Multiple bug fix when Network Secure working with CM/BBC GITN
NSF 8.0.95 will be officially released on middle July. We are looking for appropriate customers for NSF 8.0.95
Solution 2: Upgrade to NSF 8.0.95
Beta package now is available. beta upgrade.
New Feature:
• Block malicious domain on Endpoint Secure Agent
• Contain malicious programs: stop malicious programs execution.
• Block domain, contain malicious programs and terminate malicious process can be done both manually
and automatically.
Integration Enabled
Benefits:
1. Automate the response to malicious activities. Make it easier for security admins.
2. The client is protected even moving away from Network Secure protected network. This is good for BYOD,
WHX users.
3. Avoid malicious access been detected on network level. Avoid compliance issues.
4. Compare to the AV solutions that inspect malicious domain Minimize performance impact on the client side.
Caution:
1. Support Endpoint Secure 6.0.2 version or higher
2. Current Endpoint Secure 6.0.2/6.0.4 only contain & quarantine limited number of malwares via integration,
please check with HQ PMM for the malware samples. After 6.0.10 version, the capability to contain &
quarantine will be more generalized.
• Automatic Fixing
[Specification]
So far it supports “DynDNS”, “No-IP”, “ZoneEdit”, “EasyDns”, “DynAccess”, “DuckDns”, and “FreeDns” provider;
When you set DDNS feature, it is necessary to register firstly in above provider sites, and below is the example for
“No-IP”, in which you can see it updates successfully.
[Theory]
1. NSF will queries appointed IP’s “NetBios Name” and list the number of NICs through specific Windows OS API, so
as to list all active NICs and IP information.
2. By detecting the status of “WWAN” and “WLAN” service on Windows OS, NSF can determined the risky, since
by default, these two services are disabled.
[Precaution]
1. This feature is only applicable to “Windows” endpoints, instead of “Linux”, “Mac”, and “Android”.
2. This feature focus on the potential unauthorized outbound access device, instead of access behavior.
[Precaution]
1. This feature is based on “Asset Discovery” function, and you have to enable that in advance.
2. If NSF is deployed in single-arm bypass mode, and you want to block spoofed behavior endpoint, you have to
turn on “Send a TCP reset message to deny a request”.
[Handling Method]
Open a case, and put out “.data” file in backend, then RnD will generate a new “.data” file to impot. AFter that
INP audit logs function will work.
[Specification]
This feather is applicable to both Sangfor VPN tunnel as well as standard IPSec VPN tunnel.
Before you use this feather, you have to manually turn on “WAN Attribute” for vpntun interface in web-console
after VPN is established, otherwise it will not be displayed in “Link” list.
[Requirement]
Customer required that “PC” in branch access “FTP server” in HQ through Sangfor VPN tunnel should be limited
less than 10 Mbps.
[Configuration Step]
1. Make sure the Sangfor VPN or IPSec VPN has been established successfully.
2. Configure VPN bandwidth link and bandwidth channel respectively.
3. Initiate FTP traffic to verify the outcome.
4. In addition, You are able to observe the general status in “Monitor”.