IoT Security Access Gateway System

TopISG products using distributed deployment, centralized management, decentralized domain, highly visual flexible management mode, through the security management platform for integrated management, TopISG can realize equipment plug and play, without configuration can access to the cloud, the Internet of virtual private network, eliminate the traditional VPN access configuration complexity, greatly reduce the implementation of human cost and time cost.

TopISG products help IoT customers quickly build safe and efficient business information private network, through the Internet of things virtual private network technology, the Internet perception layer equipment provide network analysis, scheduling, optimization and encryption, meet the user of Internet decentralization domain management requirements and a variety of differentiated networking scheme, to ensure the security of the Internet perception layer equipment interconnection.

According to the traffic characteristics of Internet of Things terminals, the application of Internet of Things terminal traffic is identified to provide a basis for application statistics, risk discovery and fault debugging. Terminal devices that access the iot private network, Internet channel, or leased channel and upload traffic to the server can be identified based on their traffic characteristics and device information, including but not limited to device IP address, device computer name, device type, and operating system type and version.

TopISG provides a virtual container-based edge computing gateway virtualization method. The gateway edge computing service is constructed through virtual container automation, and user business applications are encapsulated, distributed and run through container technology, providing customers with a stable, flexible, safe and universal edge computing capability. After users upload the generated image of edge computing service applications to TopISG, they start customers' edge computing service applications to realize rapid edge processing of service applications.

Pre-binding and access control are supported for the information of Internet of Things devices in network access and physical port access. Only pre-binding and confirmed information can be allowed to access and authenticate communication in cooperation with network devices. Based on the judgment and action of port access and network blocking, the gateway automatically combines the access rules and corresponding network resource restrictions to form network policies, which can be applied synchronously horizontally and reinforced vertically.

TopISG integrates firewall function technology, and provides original end-to-end security protection and isolation function for the network through centralized policy arrangement. Once the edge node is attacked, such as the sensor is implanted by Trojan horse, the enterprise can quickly locate the device through the cloud, and implement security isolation and removal. TopISG can also continuously monitor the types of traffic on the network, identify the business types of sensors, conduct security behavior analysis, label devices, and quickly detect real-time network attacks.

The hardware design is modular and compact, matching different hardware solutions according to service scenarios, supporting a variety of access solutions, and fully meeting the characteristics of the Internet of Things fragmentation. Supports multiple uplink access modes such as Ethernet and 4G/5G, providing users with flexible choices in complex network deployment. The IoT security access gateway can collect statistics on the number of online IoT terminals by device type, device region, and device ownership. The IoT terminals with risks can collect statistics by risk type, terminal type, risk quantity, and risk level.