제품/서비스
Products & Services

Next-Generation Security Solution

    Network Expert Group, For your Security
    Next-Generation Firewall

    Next-Generation Firewall

    All-in-One Next Firewall for Secure & Scalable Network

    NexG FW x700 Series: A Next-Generation Security Platform
    for advanced security, performance, and management.

    Features

    An intelligent security platform that integrates the essential functions of traditional firewalls—such as packet filtering and port blocking—with advanced capabilities including application control, user identification, content-based filtering, and threat detection.

    Functions
    • 1 Logical Virtualization

      Provides independent virtualization for VPN and firewall functions on a single device.

    • 2 VPN(Virtual Private Network)

      Provides an IPsec-based tunneling environment and supports multi-tunnel operations while ensuring link availability through KX NexG’s proprietary EIX (EtherIP eXtend) technology.

    • 3 SSL VPN

      Combines next-generation firewall capabilities with SSL VPN, enabling secure remote access anytime, anywhere, while protecting internal business service environments through an integrated security solution.

    • 4 IPv6

      Certified as a TTA Verified IPv6 Router Core, offering IPv6 address-based policies and seamless communication between IPv4 and IPv6 networks.

    • 5 Next-Generation High-Performance Engine

      Provides efficient handling of large-scale data and strong security performance through DDR (Dynamic Distribute RSS) and proprietary load-balancing technology based on Off-Load.

    • 6 7-Tuple

      Features a next-generation firewall engine that builds upon the traditional 5-tuple model (Source IP, Source Port, Destination IP, Destination Port, Protocol) by incorporating additional identifiers, such as user and application, to deliver advanced security capabilities.

    Hardware Specifications

    Branch & Middle Model Line-up
    Registered procurement product
    Category NexG FW 70N NexG FW 710 NexG FW 1700U
    Appearance
    CPU 4 Core 4 Core 4 Core
    Memory 4 GB 4 GB 8 GB
    Storage
    (*SSD option available)     		8 GB 16 GB 256 GB
    512 GB 500 GB 1 TB
    NIC 1GC 6 6 8(max 20)
    1GF - 2 4(max 16)
    10GF - - Option(max 8)
    40GF - - -
    100GF - - -
    Slot - - 2
    MGMT - - -
    Firewall Throughput (MAX) 6 G 8 G 16 G
    Power Adapter Single Redundant
    W x D x H (mm) 232 x 153 x 44 430 x 355 x 45 430 x 426 x 44
    ❖ Specifications and appearance are subject to change for product improvements.
    Enterprise Model Line-up
    Registered procurement product
    Category NexG FW 1700US NexG FW 3700U NexG FW 4700U NexG FW 5700U
    Appearance
    CPU 8 Core 8 Core 8 Core x 2 16 Core x 2
    Memory 16 GB 32 GB 64 GB 64 GB
    Storage
    (*SSD option available)     		256 GB 256 GB 256 GB 256 GB
    2 TB 2 TB 2 TB 2 TB
    NIC 1GC 8(max 20) 8(max 24) 8(max 64) 8(max 64)
    1GF 4(max 16) 6(max 18) 8(max 64) 8(max 64)
    10GF Option(max 8) Option(max 8) 4(max 32) 4(max 32)
    40GF - Option(max 4) Option(max 16) Option(max 16)
    100GF - - - Option(max 4)
    Slot 2 2 8 8
    MGMT - - 2 2
    Firewall Throughput (MAX) 31 G 60 G 110 G 158 G
    Power Redundant Redundant Redundant Redundant
    W x D x H (mm) 430 x 426 x 44 430 x 450 x 44 430 x 562 x 88 430 x 562 x 88
    ❖ Specifications and appearance are subject to change for product improvements.

    Detailed Features

    Firewall
    • Equipped with 7-Tuple (IP/Port/Protocol/Application/User) policy engine
    • Supports policies based on Zone, User, and Application
    • Supports MAC Address, Network, Domain objects, and GeoIP-based policies
    • Supports schedule-based policies
    • Detects unused policies, unused objects, and duplicate policies
    • Policy verification through policy simulation
    • Automatic policy updates based on interface/link status changes
    • Supports user authentication integration (RADIUS, AD, LDAP, TACACS+)
    • Supports user 2FA (Two-Factor Authentication)
    • Supports S-NAT / D-NAT / Double NAT / Excluded NAT, LS-NAT
    • Bridge firewall support without network configuration changes
    Network
    • 802.3ad Link Aggregation, 802.1Q VLAN Trunk
    • RIP, RIPv2, OSPF, OSPFv3, BGP, BGP+
    • PIM-SM/DM, IGMP support
    • Policy-Based Routing, User & Application-Based Routing
    • VoIP support (H.323, SIP)
    • QoS support (guaranteed, limited, priority)
    • VRRP support
    • DHCP, DHCPv6, RA, DNS, Split DNS support
    • IPv6 Tunneling 6to4, ISATAP
    Virtual System
    • Virtualization supported on a single OS without separate VMs
    • Provides independent virtualization for VPN and firewall functions on a single device
    IPsec VPN
    • IKE Version 1 and 2
    • Supports various encryption algorithms (3DES / AES / SEED / ARIA / LEA)
    • Supports various integrity algorithms (SHA1 / SHA256 / SHA384 / SHA512)
    • Policy-based traffic tunneling
    • Flexible VPN environments (A-A, A-S) via multi-tunneling
    • VPN support in network bonding and bridge environments
    • VPN connection support in NAT environments
    • Automatic VPN failover through line failure detection
    Application
    • Application behavior control
    • Application traffic control
    • Instant Messenger control
    • Game, P2P, SNS control
    • Web Mail, Web Hard control
    SSL VPN
    • Supports Full Tunnel and Split Tunnel modes
    • Multi-factor authentication (ID/PWD, Certificate, OTP)
    • SSL VPN client deployment
    • Windows / macOS / Android / iOS / Linux client support
    • Supports IPv6 network environments
    IPS & AV
    • Signature-based protection
    • Behavior-based protection
    • Application and OS vulnerability protection
    • Flooding protection (TCP, UDP, ICMP)
    • Anti-Virus, Anti-Spyware
    • Anti-Evasion
    • User-defined signatures and PCRE support
    • KCC internet illegal content DB blocking and URL filtering DB support
    • Malicious website blocking and URL filtering
    • File control (TYPE, extension, name, size)
    • Detection packet logging
    Monitoring & Management
    • Web UI, CLI / Dashboard
    • Role-based permissions for administrators (Administrator, Login Administrator, Policy Administrator)
    • Supports admin authentication integration (RADIUS, AD, LDAP, TACACS+)
    • Event notification and SNMP v1/2/3 support
    • Log server integration, Syslog transmission, consolidated reporting
    • Policy Export / Import
    • One-click software/firmware backup and restore
    • Supports RESTful OpenAPI integration
    HA
    • Active-Active / Active-Standby without L4, LLCF
    • Synchronization of Session, SA, Configuration, Policy, and Profile