■ Firewall

UR-938+ SPI (Stateful Packet Inspection) provides DoS detection and prevention against some popular attack modes, such as SYN flooding, port scans, and packet injection. When the unusually high rates of new connection are detected, the system will issue an alert notification or block anomalous session. In addition, UR-938+ SPI protects against packet-injection attacks by checking several components of TCP and UDP sessions.

■ IP V4 / V6 Dual Mode

IPv4 address exhaustion has occurred sooner than being predicted. To cope with IPv4 depletion, UR-938+ provides a solution that covers both IPv4 and IPv6 network and can be configured for IPv4 only, IPv6 only, or to support both protocols simultaneously. Also, UR-938+ has been certificated with “IPv6 Ready” logo by the IPv6 forum.

■ Content Filtering

IT administrator can remove specific undesirable objects from HTTP traffic, such as ActiveX objects or Java applets that may pose a security threat in certain situations. In addition, UR-938+ will block vicious websites which may cause damage to PCs according to the Black-list. IT administrator can also add both keywords and URLs of specified websites or webpages to Blacklist and Whitelist.

■ URL Database

The database collect almost 1, 000, 000 URLs and updates every period of time without additional charge. All these URLs and their contents were analyzed and classified into 12 categories, including Aggressive, Audio-Video, Drugs, Gambling, Hacking, Porn, Proxy, Redirector, Spyware, Suspect, Violence, and Warez. To ensure regulatory compliance, IT administrator is able to block any category in the database.

■ Load Balance

UR-938+ provides outbound / inbound load balancing, which distribute the traffic across available links. When one of the links is down, the other link will take over the work and handle the traffic until troubled link returns to normal, in manual or auto mode.

■ QoS

UR-938+ provides Smart QoS solution, offering more agile bandwidth management for industries and organizations. All the servers and users can be configured their minimum and maximum bandwidth; the remaining bandwidth will be allotted to the other users according to their configuration.

■ Application Access Control

To prevent data leakage and ensure regulatory compliance, the access to applications which unrelated to work should be controlled during working hours. UR-938+ can block file sharing via P2P applications in addition to IM access controls, preventing data leakage and helping organizations and industries meet the requirements of regulatory compliance.

■ Authentication

In most industries and organizations, internet access control is indispensable for defending network security. UR-938+ offers the best security protection that manages and controls users who try to access internet. When a user first opens a web browser and begins to access an internet site they will be prompted to authenticate before using internet service. UR-938+ offers two authentication methods: Active Directive (AD), and POP3.

■ Anti-Virus

UR-938+ offers Clam AV for virus scanning which can detect over 800,000 kinds of viruses, worms, and Trojans. Its utilities include a command line scanner, automatic database updater and a scalable multi-threaded daemon, running on an anti-virus engine from a shared library. ShareTech UR-938+ can be configured as a proxy for SMTP and POP3 servers. Once suspicious emails are detected, the administrator can decide to delete or block them. Moreover, virus scanning is offered for website and FTP so that all the packages will be scanned once the function of anti-virus is enabled in policy.

■ Anti-Spam

UR-938+ employs 6 solutions: Fingerprinting, Bayesian Filtering, ST-PIC multi-dimensional; graphics pattern recognition, Auto learning, personal Blacklist / Whitelist and Spam characteristics filtering. The functions help industries to update the latest spam and create their own database. In addition, the actions to the spam mails could be deleted, quarantined, and non-filtered. Spam-filtering mechanism serves as the defense line to blocks 95% spam.

■ Intrusion Detection and Prevention (IDP)

Built-in IDP (IDS+IPS) inspects the packets from OSI layer 4 (transport layer) to OSI layer 7 (application layer) by using Deep Packet Inspection (DPI), and block concealed malicious code, such as worms and buffer overflow attacks. As soon as an attack is suspected, UR-938+ will immediately notify the IT administrator and later an extensive range of reports is available for the IT administrator to analyze. Moreover, integrated IDP system with automatic attack-signature database updates capability.

■ BotNet Co-Defense

UR-938+ provides BotNet with NAT which enables a company to use more internal IP addresses. The detecting appliance can explicitly point out which is the real attack running hidden while internal users mailing spam through the mail server. Though BotNet is blocked, the malicious computer keeps infecting ordinary users’ computers. To ensure CPU recourse not being wasted on the same matter, administrator can enable BotNet Co-Defense and directly shut down switch port of infected computers. It not only saves recourses but also suspense malicious software spreading in the internal network.

■ ARP Spoofing Defense

It has been the most difficult for UTM to detect broadcast package sent out on the local network such as ARP spoofing and private DHCP server because of congenital defects of communication protocols. UR-938+ detecting appliances can effectively defect who is the man-in-the-middle attack. With a Co-defense switch, physical IP destination can be marked.

■ Anomalous IP Analysis

UR-938+ provides the excellent function of anomaly traffic detection because the appliances can detect outgoing / incoming concurrent sessions, upload flow and download flow. If employee are violating the rules and exceeding more downloading flow, they will be logged and blocked. In addition, IT administrator is allowed to define the trusted IP list. If an IP address is added to the trusted IP list, then it will not be detected, and the selected action will not be implemented to that IP address as well.

■ Co-Defense SNMP

An advanced protection of UTM, CO-Defense SNMP, is used in network management systems to monitor network-attached devices for conditions that warrant administrative attention. When anomalous flow occurs, it will be blocked and the administrator will be notified and assisted to this abnormal situation. Defects can be known on which computer and which switch port at the earliest possible time which prevents business network from failure. UR-938+ Co-Defense makes network management fairly easy because it does not need any change from network structure, habits of individual user, buying expensive Switch (with Layer 2), and extra detecting appliances.

■ WEB, FTP, MSN, Mail Records

UR-938+ can monitor HTTP, FTP, IM (MSN, Yahoo, ICQ, ICR, Google),etc. It records browsed websites’ contents (with HTTP) and attachments, files transferred by FTP, IM chatting contents.


VPN, Virtual Private Network, supplies private connectivity over public lines. Deploying VPNs enables businesses of any size to deliver secured connectivity for mobile employees, branch offices, and clients.

1.PSec VPN

IPsec VPN securing the site-to-site connections allows the head quarter and its branch offices on the same network and sharing resources among offices. For industries, IPSec is the best way to connect for transmitting encrypted data over the network.


PPTP VPN offers point to point connection for employee at home. PPTP VPN enables employee get access to industry’s network securely and easily.


Web VPN ( or SSL VPN ) offers you an easy VPN access to your headquarters simply through a web browser. Offsite users may create VPN connections at anytime from anywhere with ease.

■ Diagnostic Tool

UR-938+ provides diagnostic tools that help IT administrator find out network problem without wasting time, including Ping, Traceroute, DNS Query, Server link, etc.

■ Log

UR-938+ records mail with attachments through mail server and gateway. The server supports eml documental storage which is easy to be read or searched in any operating system.

■ Lan Bypass

It is a fault-tolerance feature that protects your essential communications in the event of power outage. WAN1 and LAN1 ports will be bridged together when the power runs out. When used with Drop-in Mode, such failure would be completely transparent to the network. Therefore, the network connectivity is fully protected.


CMS (Central Management System) provides a useful management and monitoring solution, which allows industries to manage distributed appliances installation across remote offices and clients.

Interested ? Buy Now !!!
Buy Now