The SnapGear SG720 supports three 10/100 Fast Ethernet (FE) segments and two 10/100/1000 Gigabit Ethernet segments. Central and remote networks can connect to the Internet through a variety of broadband (ADSL, SHDSL and cable) or dedicated high-speed copper (T-1, T-2, fractional T-3 and full T-3) or fiber circuits (OC-1 to OC-3).
The SG720 improves available Internet bandwidth and connection uptime by providing traffic load balancing across dual WAN links while an embedded Web proxy cache, based on Squid, further accelerates Web page downloads. This makes the SG720 an excellent solution for organizations that are power Web users or have many remote offices accessing corporate intranets. Bandwidth can be further optimized through traffic shaping controls. Customers wishing to protect against access to inappropriate Web material can purchase an URL content filtering (UCF) subscription service. This works in conjunction with the URL proxy embedded in the SG720 to increase productivity and available bandwidth. The combination supports blocking, monitoring, rating and optional reporting without the need for an on-site URL database.

Although all SnapGear firewall/VPN appliances defend against Denial of Service and other common attacks, the SG720 raises the bar by detecting "suspicious" activity before it escalates into a full-blown network intrusion.

The SG720 incorporates a powerful Web proxy cache to improve Web page response time and reduce link loads. Designed to integrate seamlessly with upstream proxy caches provided by ISPs, the SG720 allows complete tuning of the service using the management console GUI and command-line interface.

Increase uptime and boost performance by connecting separate ports on the SG720 to two different Internet providers, and then combining these into a single "virtualized" high performance connection. A network outage on either link will automatically switch traffic to the operational link via the built-in link failover features. The resulting network redundancy makes it possible to reduce by half the number of security appliances required to protect a network while preserving maximum throughout and uptime. The traffic load-balancing feature also boosts the performance of Web transfers and the stability of a company network connected by DSL to the Internet.

Administrators can improve on-site and remote employee productivity without compromising security by creating DMZs that segment the network into private and public security zones. Typically, the private network will be used to secure "internal" data while the DMZ permits access to e-mail servers, Web servers, and other "public" applications and content.

• 1RU rack mount case for server room/wiring closet
• Secure IPsec VPN with DES, 3DES and AES
• IDS for proactive detection and mitigation of network threats
• Session load balancing and Web proxy cache to optimise Internet traffic
• DMZ support to implement a public server infrastructure
• Unrestricted, unlimited user license
• No third-party client software required
• Web console for configuration and management
• Central management with Global Command Center
• Fully interoperable with Secure Computing Corporation appliances and other standards-based security devices

• Mid to large-sized enterprise branch offices requiring a fully integrated firewall/VPN/IDS solution
• Sites needing a ICSA-certified stateful inspection firewall supporting xDSL, T-1, T-3, OC-1 & OC-3 network configurations
• Mid-sized, multi-site networks needing a central VPN appliance to connect branch offices and mobile workers
• Sites requiring a DMZ or the capability to segment a network into separate workgroup or departmental security zones
• High bandwidth Internet and remote intranet environments
datasheet (pdf)