Scribd Logo
Upload

Welcome to Scribd!

  • SangforNGAF8.0.35VersionReleaseTraining Rev3 20210330

    Uploaded by

    Ara Fajardo
    19 views27 pages
    This document provides an overview and training on the Sangfor NGAF v8.0.35 release. It discusses key updates such as refreshing the web UI design for improved usability, opening the structure through new RESTful APIs and CLI for third party integration, and enhancing security protections. The training covers cautions for upgrading, a beta customer recruitment program, and previews for upcoming automated PoC reporting through the Platform-X system and centralized security logging. It aims to educate customers and partners on the new capabilities and gather feedback to improve future releases.

    Original Description:

    Original Title

    SangforNGAF8.0.35VersionReleaseTraining_Rev3_20210330.pptx

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides an overview and training on the Sangfor NGAF v8.0.35 release. It discusses key updates such as refreshing the web UI design for improved usability, opening the structure through new RESTful APIs and CLI for third party integration, and enhancing security protections. The training covers cautions for upgrading, a beta customer recruitment program, and previews for upcoming automated PoC reporting through the Platform-X system and centralized security logging. It aims to educate customers and partners on the new capabilities and gather feedback to improve future releases.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    19 views27 pages

    SangforNGAF8.0.35VersionReleaseTraining Rev3 20210330

    Uploaded by

    Ara Fajardo
    This document provides an overview and training on the Sangfor NGAF v8.0.35 release. It discusses key updates such as refreshing the web UI design for improved usability, opening the structure through new RESTful APIs and CLI for third party integration, and enhancing security protections. The training covers cautions for upgrading, a beta customer recruitment program, and previews for upcoming automated PoC reporting through the Platform-X system and centralized security logging. It aims to educate customers and partners on the new capabilities and gather feedback to improve future releases.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 27

    Sangfor NGAF v8.0.

    35
    Release Training

    Steven Tsui
    NGAF Product Manager
    Sangfor Security Team

    1
    Agenda

    01 Key Updates , Changes and Values

    02 Cautions

    03 Beta Customer Recruit Program

    04 Coming Updates

    05 Q&A

    Sangfor Technologies CONFIDENTIAL 2


    PART 1 Key Updates , Changes and Values

    Sangfor Technologies CONFIDENTIAL 3


    NGAF 8.0.35 Version Value

    Refresh the UI Appearance

    Open Structure by API & CLI

    Protection Enhancement

    Sangfor Technologies CONFIDENTIAL 4


    Key Updates | WebUI Refresh
    These complaints you may heard of
    NGAF UI too legacy NGAF UI Slow NGAF Hard to Config

    Modern design UI, Fast respond speed and Optimize the configuration logic

    Sangfor Technologies CONFIDENTIAL 5


    Key Updates | WebUI Refresh | Example NAT

    Sangfor Technologies CONFIDENTIAL 6


    Key Updates | WebUI Refresh | Other Examples

    Quick Links

    Menu Search

    Quick Tabs
    (Customizable)

    More for you to explore….

    Sangfor Technologies CONFIDENTIAL 7


    New UI Quick Demo

    Sangfor Technologies
    CONFIDENTIAL 8
    Key Updates | API

     The first version officially support Restful API. The API will provide capability for 3 rd party to control
    NGAF.
     Manage objects.
     Create ACL, DDOS, NAT, Authentication policy
     Create blacklist/whitelist
     Modify interface, routing etc.
     etc.

    Get the API from WebUI and learn more

    Sangfor Technologies CONFIDENTIAL 9


    Key Updates | API Security
    1. HTTPS supported, ensure the connection secured.
    2. All API access will be filtered by “sangfor_waf” the self-protection module.
    3. Only authorized admin user can use API access
     Can set which user can access API
     API access privilege can be controlled
    4. API authorization have a timeout setting
     If API access idle 10 minutes, connection will be drop
     Every 24 hours ,API access need to re-authen
    5. All the API operation will keep log in NGAF

    Sangfor Technologies CONFIDENTIAL 10


    Key Updates | CLI

     Support admin using command line to configure network & policy


     Support config network, ACL, NAT
     Trouble shooting through CLI
     “Cisco” like command style

    Sangfor Technologies CONFIDENTIAL 11


    Key Updates | CLI Security

    1. Only authorized admin can access CLI.


    2. User privilege can be controlled, e.g. you create read-only admin, When the admin access CLI, it cannot
    create policy
    3. All the CLI operation will keep log in NGAF
    4. Inactive CLI access will be timeout.

    Sangfor Technologies CONFIDENTIAL 12


    Key Update | Account Protection

    Many of the attacks are start from an account abuse, hackers may brute-force, abnormally login your system and
    continues do bad things. Be able to detect these abnormal behavior will help customer to identify the risk in advance
    or trace the root cause more easily.

    The “Account Protection” feature will help to detect


     Brute-force attack
     Weak password login
     Privileged Account abnormally login
     Support 58 protocols, 45 common website components.
     Can work together with decryption feature

    Sangfor Technologies CONFIDENTIAL 13


    Key Update | Account Protection

     Support 50+ protocols and 40+ web components


     Support work with decryption feature

    Sangfor Technologies CONFIDENTIAL 14


    Key Update | Account Protection

    Supported Protocols/Applications:
    POP3, IMAP, SMTP, PostgreSQL, MySQL, MongoDB, Oracle, MSSQL, Jboss, Weblogic, Tomcat, Joomla,
    Redis, SMB, NTLM RDP, SSH, TELNET, VNC, RLOGIN, Zabbix, SIP etc.

    Supported Web Components:


    DedeCMS, phpcms, joomla, IIS, Jenkins, wordpress, Spring, nzCMS, ColdFusion, Apache, nginx
    ExpressionEngine, Elxis, ecshop, EYouCMS etc.

    Sangfor Technologies CONFIDENTIAL 16


    Other Updates
     Hacker IP Database: similar to “IP Reputation” update the malicious IP address from NX

     Quick CVE vulnerability search, find the ready protection

    Sangfor Technologies CONFIDENTIAL 17


    PART 2 Cautions

    Sangfor Technologies CONFIDENTIAL 18


    Cautions

    1. Only support upgrade from 8.0.26 official version, if customer using other versions, please

    upgrade to 8.0.26 first.

    2. Upgrade will have limitations and TAC will give detailed precheck packages.

    3. vAF on HCI NOT ALLOWED to upgrade to 8.0.35 yet, wait for further version plan.

    4. Web Scanner feature has been removed from this version.

    5. Risk Assessment and Real-time Vulnerability assessment still exists.

    Sangfor Technologies CONFIDENTIAL 19


    PART 3 Beta Customer Recruit Program

    Sangfor Technologies CONFIDENTIAL 20


    Beta is Needed!

    1. Every Sangfor office, you need to upgrade your at least 1 demo or gateway device to 8.0.35, for demo or
    learning purpose.
    2. Targeted Beta customer or partner, please register to Steven
     Customer who have issues that can be solved by in this version, e.g. need to optimize the UI experience,
    need API to integrate with 3rd party
     Workshop or PoC to improve customer/partner acceptance.
     Customer/Partner who interested to do a trial.
    3. Reward program will launch soon.
    4. If you have customer interested, contact Steven.

    Sangfor Technologies CONFIDENTIAL 21


    PART 4 Coming Updates

    Sangfor Technologies CONFIDENTIAL 22


    Coming Updates | Auto PoC Report Platform-X

    Key Strategy Key Action Key Result/Prove

    Convince Customer by
    PoC/Health
    NGAF Security Summarize Good Report
    Check/Workshop
    Capability

    The Saviour: NGAF x Platform-X Auto PoC Reporting


    Simple but Professional

    Sangfor Technologies CONFIDENTIAL 23


    Coming Updates | Auto PoC Report Platform-X
    Simplify Your PoC to 3 Steps

    1. Configure security policy template on PX


    2. Join NGAF to Platform-X
    3. Wait 2 weeks and download your ready report.

    Sangfor Technologies CONFIDENTIAL 24


    Coming Updates | Centralized Security Log on PX

    All devices managed by PX will centralized the security log, as a MSS provider you can inquiry the last 7 days
    security log from PX directly

    Sangfor Technologies CONFIDENTIAL 25


    Coming Updates | Next Version

    Next NGAF version release preview


     End of April or early May: VMware official support (based on 8.0.35 )
     Q2: anti-proxy version(Integrate with ES)

    Sangfor Technologies CONFIDENTIAL 26


    Q&A

    Sangfor Technologies
    CONFIDENTIAL 27
    Thanks!

    Steven Tsui
    NGAF Product Manager
    Sangfor Security Team

    Sangfor Technologies
    CONFIDENTIAL 28

    You might also like