About Sundray  >  News  >  Product News

With this networking architecture, it is easier to manage multi-branch scenarios with wired networks!


​At present, most enterprise-level users have more branches and corresponding branch access requirements. How to weigh the network access requirements of branch offices and the security of enterprise-level networks is a common concern of network managers. The following wired network problems have also plagued network engineers:

1. How to solve the different access requirements of branch wired users?

2. Branches usually do not have a dedicated network administrator, so how to ensure the security of the access terminal?

3. How is the network of many branches managed?


The Sundray network controller cluster deployment architecture can easily solve the problem of remote authentication and management of branch wired networks. In the controller cluster deployment, the controllers are deployed on the headquarters and branches to implement centralized control of the branch network, including configuration, management, operation, and authentication.

Convenient branch office wired network management

The centralized controller upgrades the unified system software of the branch switch and delivers the policy in a centralized manner. When the branch office is connected to the Internet through dial-up or NAT, the public network management system cannot be managed because the IP address of the public network is not fixed. The centralized controller can break through the restrictions of the common network management software to implement unified deployment of the entire network device. Real-time monitoring of the tunnel, the first time to understand the user access status, traffic distribution, port status, and so on.


Wired terminal security access guarantee

For the access of wired devices such as PCs and notebooks, remote authentication-free login is possible. For dumb terminals such as IP phones and printers, you can ensure terminal access security by configuring MAC whitelist and IP/MAC/terminal type/terminal location binding.


Low cost remote secure access

As a VPN gateway, the branch controller supports both standard IPSecVPN and SANGFOR private VPN. The branch controller's wireless controller can establish a VPN encryption tunnel with the headquarters controller or the device supporting IPSecVPN/SANGFOR VPN. In the case of a branch without a VPN device, the controller can help the wired user to establish an encrypted communication tunnel with the controller, realize intranet resource sharing, and reduce network construction cost.


 Vertical backup ensures high network reliability

Through the vertical backup of the controller 1+1, if the control network of the branch suddenly crashes, the control network of the headquarters will take over the task of the branch control network. The old users can still access the Internet normally, and the new users access the normal authentication without affecting the service. Network reliability.


Through the controller cluster deployment mode, the secure access and unified management of wired devices can be solved. Each branch does not need to be configured with a separate policy. The remote access does not need to be repeatedly authenticated, which brings convenience to users and network administrators. This program is mainly for the deployment of multi-branch wired networks such as education metropolitan area network (Education Bureau to primary and secondary schools), large enterprises (multi-branch offices), and business halls.