[Ended] Round 7 | Technical Document Scavenger Hunt

views: 116 | comments: 13 | added to Favorites 0

Lights on | 提示：支持键盘翻页<-左右->

Topic

Sangfor Jojo last was moved down 2024-Oct-29 14:50

Sangfor Jojo

Created: 2024-Oct-22 09:06

Summary:

Reply

ND Posted 2024-Oct-24 15:27

Q1: 1 Check HCI System Status, 2 Check Database Server VM Configuration, 3 Optimize the SQL Tables, 4 Obtain and Analyze AWR Report, 5 Escalation to the Database Specialist
Q2: 1. Guest OS type and version. 2. Database version. 3. Slow SQL statement. 4. SQL_ID. 5. AWR report during the incident. 6. SQL execution time. 7. See whether it affects the production. 8. Incident description.
Q3: Source Network Address Translation (SNAT). It is a method used in computer networking to map and translate private IP addresses within a local network to a single public IP address. It allows multiple devices within the local network to share a common public IP address when accessing resources on the Internet.
Q4: Step 1. Verify whether the LAN users can access the Internet. Step 2. A hit count will be recorded when traffic passes through the policy, indicating that the NAT policy is functioning.
Q5: Navigate to Policies > Access Control > Application Control > Policies, click Edit on the respective policy, click Settings next to Advanced, check the Log events checkbox, and click Save.
Q6: Go to Policies > Access Control > Application Control > More > Settings to enable the Check Policy Validity in Real Time.

Dwi Nur Posted 2024-Oct-22 19:16

Q1: Check HCI System Status, Check Database Server VM Configuration, Optimize the SQL Tables, Obtain and Analyze AWR Report, Escalation to the Database Specialist.
Q2: Guest OS type and version, Database version, Slow SQL statement, SQL_ID, AWR report during the incident, SQL execution time, See whether it affects the production, Incident description.
Q3: It is a method used in computer networking to map and translate private IP addresses within a local network to a single public IP address. It allows multiple devices within the local network to share a common public IP address when accessing resources on the Internet.
Q4: Step 1. Verify whether the LAN users can access the Internet. Step 2. A hit count will be recorded when traffic passes through the policy, indicating that the NAT policy is functioning.
Q5: Navigate to Policies > Access Control > Application Control > Policies, click Edit on the respective policy, click Settings next to Advanced, check the Log events checkbox, and click Save.
Q6: Go to Policies > Access Control > Application Control > More > Settings to enable the Check Policy Validity and Check Policy Conflict in Real Time.

pmateus Posted 2024-Oct-22 17:59

Q1:Check HCI System Status, Check Database Server VM, Optimize the SQL Tables, Obtain and Analyze AWR Report, Escalation to the Database Specialist
Q2:Guest OS type and version, Database version, Slow SQL statement, SQL_ID, AWR report during the incident, SQL execution time, See whether it affects the production, Incident description
Q3:It is a method used in computer networking to map and translate private IP addresses within a local network to a single public IP address. It allows multiple devices within the local network to share a common public IP address when accessing resources on the Internet.
Q4:Step 1. Verify whether the LAN users can access the Internet. Step 2. A hit count will be recorded when traffic passes through the policy, indicating that the NAT policy is functioning.
Q5: Navigate to Policies > Access Control > Application Control > Policies, click Edit on the respective policy, click Settings next to Advanced, check the Log events checkbox, and click Save.
Q6: Go to Policies > Access Control > Application Control > More > Settings to enable the Check Policy Validity and Check Policy Conflict in Real Time.

CLELUQMAN Posted 2024-Oct-22 17:30

Q1:
1. Check HCI System Status
2. Check Database Server VM Configuration
3. Optimize SQL Tables
4. Obtain and Analyze AWR Report
5. Escalation to the Database Specialist

Q2:
1. Guest OS type and version.
2. Database version.
3. Slow SQL statement.
4. SQL_ID.
5. AWR report during the incident.
6. SQL execution time.
7. See whether it affects the production.
8. Incident description.

Q3:Source Network Address Translation (SNAT),a method used in computer networking to map and translate private IP addresses within a local network to a single public IP address.

Q4:
Step 1. Verify whether the LAN users can access the Internet.
Step 2. A hit count will be recorded when traffic passes through the policy, indicating that the NAT policy is functioning.

Q5:Navigate to Policies > Access Control > Application Control > Policies, click Edit on the respective policy, click Settings next to Advanced, check the Log events checkbox, and click Save.

Q6:Go to Policies > Access Control > Application Control > More > Settings to enable the Check Policy Validity and Check Policy Conflict in Real Time.

Enrico Vanzetto Posted 2024-Oct-22 15:39

Q1:The five troubleshooting ideas described here are: Check HCI System Status, Check Database Server VM Configuration, Optimize the SQL Tables, Obtain and Analyze AWR Report, Escalation to the Database Specialist
Q2:kindly collect the following information before escalating to the specialist. 1.Guest OS type and version. 2.Database version. 3.Slow SQL statement. 4.SQL_ID. 5.AWR report during the incident. 6.SQL execution time. 7.See whether it affects the production. 8.Incident description.
Q3:SNAT is a method used in computer networking to map and translate private IP addresses within a local network to a single public IP address. It allows multiple devices within the local network to share a common public IP address when accessing resources on the Internet
Q4:Step 1. Verify whether the LAN users can access the Internet. Step 2. A hit count will be recorded when traffic passes through the policy, indicating that the NAT policy is functioning.
Q5:Configuration path: Navigate to Policies > Access Control > Application Control > Policies, click Edit on the respective policy, click Settings next to Advanced, check the Log events checkbox, and click Save.
Q6:Go to Policies > Access Control > Application Control > More > Settings to enable the Check Policy Validity and Check Policy Conflict in Real Time.

Clarence Roque Posted 2024-Oct-22 15:36

Q1: Check HCI System Status, Check Database Server VM Configuration, Optimize the SQL Tables, Obtain and Analyze AWR Report, Escalation to the Database Specialist.
Q2: Guest OS type and version, Database version, Slow SQL statement, SQL_ID, AWR report during the incident, SQL execution time, See whether it affects the production, Incident description.
Q3: Source Network Address Translation (SNAT)
It is a method used in computer networking to map and translate private IP addresses within a local network to a single public IP address. It allows multiple devices within the local network to share a common public IP address when accessing resources on the Internet.
Q4: 1. Verify whether the LAN users can access the Internet, 2. A hit count will be recorded when traffic passes through the policy, indicating that the NAT policy is functioning.
Q5: Navigate to Policies > Access Control > Application Control > Policies, click Edit on the respective policy, click Settings next to Advanced, check the Log events checkbox, and click Save.
Q6: Go to Policies > Access Control > Application Control > More > Settings to enable the Check Policy Validity and Check Policy Conflict in Real Time.

ilham Posted 2024-Oct-22 14:50

Q1 : - check HCI system status - check database server VM configuration - optimize the SQL tables - obtain & analyze AWR report - escalation to the database specialist
Q2 : Guest OS type & version, database version, slow SQL statement, SQL_ID, AWR report during the incident, SQL execution time, see whether it affects the production, incident description
Q3 : It is a method used in computer networking to map and translate private IP addresses within a local network to a single public IP address
Q4 : Step 1.) Verify whether the LAN users can access the Internet
Step 2.) A hit count will be recorded when traffic passes through the policy, indicating that the NAT policy is functioning.
Q5 : Configuration path: Navigate to Policies > Access Control > Application Control > Policies, click Edit on the respective policy,
click Settings next to Advanced, check the Log events checkbox, and click Save.
Q6 : Go to Policies > Access Control > Application Control > More > Settings to enable the Check Policy Validity and Check Policy Conflict in Real Time.

Rotring Posted 2024-Oct-22 14:46

Q1: What are the five types of troubleshooting ideas described in this document?

1.Isolation and Testing

2.Log Analysis

3.Monitoring and Performance Metrics

4.Configuration Reviews

5.User Feedback and Reports

Q2: What information should be collected before escalating to the specialist?

1.Detailed Problem Description

2.Environment and System Information

3.Logs and Error Messages

4.Troubleshooting Steps Taken

5.Impact and Scope of the Issue

6.Network or System Configuration Changes

7.Screenshots, Diagrams, and Visual Aids

8.User or Device Information

9.Service-Level Agreements (SLAs)

10.Ticket or Case History

Q3: What is SNAT?

SNAT (Source Network Address Translation) is a type of Network Address Translation (NAT) that changes the source IP address of outgoing traffic as it leaves a private network to communicate with external networks like the internet. SNAT is commonly used to allow devices on a private internal network (with private IP addresses) to communicate with the outside world, typically through a single or limited set of public IP addresses.

Q4: What are the two steps to verify that SNAT is configured successfully?

1.Check the NAT Translation Table (on the Firewall/Router)

2.Test External Connectivity and Source IP (from the Client Device)

Q5: How to configure the application control log event?

Steps to Configure Application Control Log Events on Sangfor NGAF:

1. Log in to the Sangfor NGAF Web Interface

Open a web browser and access the Sangfor NGAF management console using the firewall’s IP address.

Enter your username and password to log in to the system.

2. Enable Application Control

Once logged in, navigate to the Policy Configuration or Security section.

Find the Application Control feature under Security Features.

Make sure Application Control is enabled. This will allow the firewall to detect and monitor applications on the network.

3. Create or Modify an Application Control Policy

Navigate to the Policy section where you can create or modify existing firewall policies.

To create a new policy:

Click on Add New Policy.

Define the source and destination zones, IP addresses, or networks.

Under the Service field, select Application Control.

Choose the applications or application categories that you want to monitor or control. Sangfor NGAF offers predefined categories like "Social Media," "Streaming," "File Sharing," etc.

Define the action (e.g., Allow, Deny, Monitor).

Logging Settings:

Enable logging for this policy by selecting the Log Allowed Traffic or Log Denied Traffic options.

Sangfor allows you to specify if you want to log both allowed and blocked applications or only certain types of traffic.

4. Configure Application Control Logging Settings

Navigate to the Log Settings section to enable Application Control logging if it's not enabled by default.

Go to Log & Report > Log Settings.

Find the section related to Application Control.

Make sure logging for Application Control events is enabled.

You can also choose to send logs to an external Syslog server or a SIEM (Security Information and Event Management) system for centralized log storage and analysis.

5. Set Up Event Notifications (Optional)

If you want to receive notifications about specific Application Control events (e.g., when certain applications are blocked), you can configure alert settings.

Go to System Configuration > Notifications.

Set up email notifications, SMS alerts, or SNMP traps to be notified when specific application control events occur.

6. Test Application Control Policy

To verify that your policy is working, test the Application Control rules by trying to access an application or website that the policy is meant to control (e.g., social media, video streaming).

Use a device within the policy’s source network and try to access an application that is blocked, restricted, or monitored by the policy.

7. Check the Logs for Application Control Events

After configuring the policy and logging, go to the Log Center to check for Application Control log entries.

Go to Log & Report > Log Center.

Look for logs related to Application Control.

Here, you should see events showing the usage of different applications, including details such as:

Source IP of the traffic.

Application name.

Action taken (e.g., allowed, denied).

Timestamp of the event.

You can filter the logs by application, IP address, user, or time to quickly locate specific entries.

8. Optimize Logging and Reporting (Optional)

Log Retention: Depending on your storage requirements, you can configure how long logs are retained on the device or sent to external storage.

Go to Log Settings > Log Retention and configure the retention period based on your compliance or auditing needs.

Scheduled Reports: You can also configure scheduled reports that include information from the Application Control logs to get regular insights into application usage trends and security events.

Go to Log & Report > Report Center and configure custom reports to include application control data.

Q6: Please find the position to enable the Check Policy Validity in Real Time.

To enable "Check Policy Validity in Real Time" in Sangfor NGAF, you can typically find this setting under the policy or security configuration section within the NGAF's management interface. It allows real-time checks to ensure policies are being enforced promptly, improving the firewall's response to changes in the network environment.

If you're using the Sangfor NGAF system, look for options related to policy monitoring or real-time validation within the security policies tab of your administrator dashboard.

mdamores Posted 2024-Oct-22 14:20

can be used as SSL VPN

Beru Posted 2024-Oct-22 13:30

Q1:
1. Check HCI System Status
2. Check Database Server VM Configuration
3. Optimize the SQL Tables
4. Obtain and Analyze AWR Report
5. Escalation to the Database Specialist

Q2: the following information should be collected:
1. Guest OS type and version
2. Database version
3. Slow SQL statement
4. SQL_ID
5. AWR report during the incident
6. SQL execution time
7. Information on whether it affects production
8. Incident description

Q3: SNAT stands for Source Network Address Translation. It is a method used in computer networking to map and translate private IP addresses within a local network to a single public IP address. This allows multiple devices within the local network to share a common public IP address when accessing resources on the Internet.

Q4: To verify that SNAT is configured successfully :
1. Verify whether the LAN users can access the Internet.
2. Check if a hit count is recorded when traffic passes through the policy. The presence of a hit count indicates that the NAT policy is functioning.

Q5: To configure the application control log event:
1. Navigate to Policies > Access Control > Application Control > Policies
2. Click Edit on the respective policy
3. Click Settings next to Advanced
4. Check the Log events checkbox
5. Click Save

Q6:
1. Go to Policies > Access Control > Application Control > More > Settings
2. Enable the "Check Policy Validity and Check Policy Conflict in Real Time" option
This setting is found in the Application Control settings menu, under the "More" submenu.

Sangfor Community Terms of Use

Last updated: July 2020

Sangfor Technologies ("Sangfor") welcomes you.

The Sangfor Community ("Community"), developed by Sangfor, is provided to enable users to share knowledge, exchange comments and suggestions on Sangfor products.

This Terms of Use is an agreement between you and Sangfor Community on requirements for users during access to the Community and on liability held by Sangfor on managing user's access. Please read the Terms of Use carefully. If you do not agree to all the terms, you may not access the Community. By registering on the Community site, using or visiting the Community, you agree to all the terms in this Terms of Use.

Requirements for Posting Topic

1. Topic Title is Clear
You are expected to write a topic title clearly to make it easy to understand, rather than offering a meaningless or ambiguous title.
2. Question is Specific
The content is specific and detailed when you are posting a topic or reply. The more detailed the topic, the more easily and accurately others can understand.
3. Such a Topic Does Not Exist
Before posting a question or suggestion topic, check whether similar topic already exists. You may post a second one if the existing answers are unsatisfying.
4. Topic Category is Accurate
Check whether the topic is categorized correctly. Choosing a correct category can help you receive a satisfying answer more quickly.
5. Choose A Best Answer
If there is any answer that you think is the best, choose one.
6. Show Gratitude
You are expected to show gratitude to the members who have replied to your question. Pick a best answer and make positive comments on other replies to show your respect for their help.
7. Mutual Respect
Post a topic in a friendly tone, instead of in a blaming or reproaching tone. You may not mock or look down upon repliers but appreciate them in writing answers sincerely.

Contents Approval and Block

1. Blocked Contents
Topics or replies containing any item listed below will be blocked:
a) Content related to product price and specification that are offered through presale hotline or other where online. i.e., How much is an IAM-1200 unit? How high a bandwidth is supported?
b) Contact information, i.e., contact me through QQ account 12345678.
c) Tendency to sell, resell, buy commodities or give gifts, i.e., Any one wants to buy a second-hand device?
d) Misleading or derogatory remarks related to ethnic minorities.
e) Duplicate contents submitted in a short period of time.
f) Job recruitment or hunting contents.
g) Real product information such as customer name, IP address of device, etc. i.e., Customer: XXX Company, Device IP address: 1.1.1.1

2. Prohibited Contents
Postings (topics, posts, comments and articles) containing any items of the following are prohibited and will be deleted.
a) Contents involving pornography, violence or terror, including:
Any content that describes sex organs, behaviors or psychology in detail.
Any content that propagates pornographic images or materials.
Any content that describes violent behaviors, experience and feelings in detail.
Any content that describes terrorist incidents and subjective opinions in detail.
Any content that induces others to meet face to face and have sex or to engage in prostitution.
Any content that tries to hire or induce others to engage in violent activities.
Any content that threatens others.
Any hyperlink linked to any item above.

b) Advertising, massive or duplicate contents linked to a same website, with any of the following purposes:
Boosting web traffic by guiding others to visit certain website or forum.
Engaging in transactions of any item (including virtual commodity, currency, etc.) in the name of certain profit organization or individual.
Advertising or organizing pyramid selling.
Any hyperlink linked to any item above.

c) Reactionary contents, including:
Any content that shows negative views on the current laws and regulations governing the nation.
Any content that disturbs public order or provokes dispute against a nationality, race, religion, region, etc.
Any content that attacks government sectors and officials, propagates feudal superstition and evil cults.
Any hyperlink linked to any item above.

d) Content involves personal attack, defamatory and fraudulent information, including:
Any content that infringes on legal rights of others such as rights of portrait and privacy, humiliates others and cause physical and mental harm to them.
Any content that impairs the reputation of social communities or organizations.
Any hyperlink linked to any item above.

e) Content violates ethics rules, including:
Any content that violates ethics rules and propagates negative values.
Any content that induces others to commit suicide or describes methods of committing suicide in detail.
Any content that discriminates against and disparages the weak, such as the disabled, the elderly and the poor.
Any content that teaches others how to infringe on other's rights, for example, how to hack others' computers, how to cheat others.
Any content that propagates or encourages unethical acts such as teacher-student love affairs, extramarital affairs, incest, etc.
Any content that makes others repulsive or unpleasant.
Any hyperlink linked to any item above.

f) Malicious, meaningless, irrelevant contents, including:
Malicious, meaningless or irrelevant discussion topics.
Replies contain contents or format of contents that make others unable to browse posts.
Duplicate question topics posted in a short period of time.
Duplicate replies to different question topics, which are irrelevant.
Meaningless questions or answers.
Repetitive and valueless coin transfers from one ID to another.
Other irrelevant and meaningless contents.

g) Content involves crime and violation of laws or propagates criminal offenses, including:
Any content that induces or gathers others to engage in gambling activities or propagates bribery.
Any content that contains fraudulent information.
Any content that goes against laws or regulations of the People's Republic of China.
Any hyperlink linked to any item above.

h) Other contents that may violate any law or regulation
Such as content that violates regulations prescribed in Measures for Security Protection Administration of the International Networking of Computer Information Networks, Administrative Measures for Internet Information Services, Management Provisions on Electronic Bulletin Services in Internet, Decision of Preserving Computer Network Security, Administrative Provisions for the Internet News Information Services, or disseminate, spread or transmit any kinds of the following information by other means, including:
Any content that is against the basic principles prescribed and set by the Constitution in the People's Republic of China.
Any content that undermines state security, discloses state secret, subverts government or impairs national unity.
Any content that harms the reputation and interests of the nation.
Any content that incites ethnic hatred or ethnic discrimination or harms the national unity.
Any content that destructs the state's religious policies or propagates evil cult and feudal superstition.
Any content that spreads rumors, disrupts public order, or endangers social stability.
Any content that spreads obscenity, pornography, gambling, violence, murder and terror, or instigates others to commit any crime.
Any content that insults or slanders others or infringes upon legal rights of others.
Any content that incites unlawful assembly, association, procession, demonstration, or gather crowds to disturb public order.
Any act of participating in or organizing activities in the name of unlawful non-government organizations.
Any fraudulent, harmful, threatening, harassing, slandering, vulgar, obscene, or repulsive content.
Other contents restricted or prohibited by any or applicable laws or regulations and effective conventions in the People's Republic of China.

i) Other improper contents

Account Management

Sangfor reserves the right to delete accounts with which users conduct any of the following inappropriate acts:
1. Posting topic or reply that contains any item listed in Blocked Contents or in Prohibited Contents.
2. Discourteous acts, including but not limited to copying, personal attack, disguising as administrator or damaging administrator's reputation, disguising as other members or stealing others' accounts, or using others' signatures, or contents or format of contents in post that make others unable to browse posts properly, or other acts that disturb public order.

Criticisms and Suggestions

Sangfor strives to create an open and integrated platform with joint efforts of all the members and welcomes valuable suggestions and advice, as well as criticisms on Sangfor and Sangfor products. Your feedback in the Community will be replied in time and forwarded to specific department of Sangfor and be solved as soon as possible. However, prohibited contents of deliberate attack against Sangfor and Sangfor products, once discovered, will be deleted immediately.

1. Constructive Suggestions and Criticisms
a) Point out existing bugs or issues of a certain product.
b) List strengths and weaknesses of Sangfor product by comparing with other vendors' products and give rational comments or suggestions.
c) File complaints against Sangfor products.
d) Describe emotional disappointment on Sangfor product because of issues or defects in that product.
2. Non-constructive Suggestions and Criticisms
a) Valueless and subjective attacks against Sangfor and Sangfor products.
b) Compare Sangfor products with those of other vendors in an unfair, unjust and unopen manner, with a purpose of deliberately denigrating Sangfor and Sangfor products or promoting other vendors' products.
c) Attack Sangfor and Sangfor products for other commercial purposes.

Privacy Policy

Sangfor Technologies (Hong Kong) Limited (collectively, "We" and "our") attaches great importance to the security of your personal data seriously. Collecting, using, sharing or transferring of your personal data may be conducted upon you visit our website, use our products and/or services based on your consent, contract relationship or any applicable legal ground.

SANGFOR Privacy Policy (hereinafter referred to as "this Policy") represents how we collect, use, store, transfer your personal data as well as your legitimate rights to access, update, delete, and protect your personal data.

You are required to get fully understanding of this Policy before submitting your personal data to SANGFOR. This Policy applies to SANGFOR websites, products, services that display or provide links to this Policy.

SANGFOR will ensure that any personal data we collect about you will be held and processed strictly in accordance with the European General Data Protection Regulation (GDPR) which become effective on 25th May 2018.

Considering SANGFOR provides various kinds of products and services, this Policy may not cover all possible scenarios for personal data processing. Any specific data relating to the processing of personal data in the context of SANGFOR's products or services may be described in the privacy policy of related products or services or may be released in any notice that is given during the collection of data.

1. Collection and use your personal data.

"Personal data" means any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

The aforementioned personal data maybe be collected by your behavior of using of our products, services, or when you interact with us, such as visiting our website, registering relevant accounts, participating in our events. Besides, by using cookie and other similar technologies, our websites may indirectly record your personal data. When you use SANGFOR website, we may collect certain data automatically from your computers or devices (including mobile devices). The data we collect automatically may include your IP address, device type, operating system, unique device identifiers, browser-type, browser language, geographic location and other technical information. We may also collect data about how your device has communicated with SANGFOR Website, including the pages viewed, the links clicked, the amount of time spent on particular pages, mouse hovers, the date and time of the interaction, error logs, referring and exit pages and URLs, and similar information. We use this information only for our analytical purposes, and to improve the quality, relevance, and security of SANGFOR website.

Our website collects and uses personal data through the following methods:

1) Tracking

Our website uses analytics tool such as Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how you found us, how you are using our website and to see the journey you took through the website. All of these are used only in the purpose of improving our website to provide you with the best user experience. Disabling cookies on your internet browser will stop Google Analytics from tracking any part of your visit to pages within this website.

2) Registration Form

When you choose to use SANGFOR community rather than just browsing, you are required to fill in a registration form to create a community account, the data that you supply includes names, usernames, phone numbers, email addresses and region information associated with your account, will be submitted to our database on AWS and under full protection of AWS encryption. AWS is based in the USA and is EU-US Privacy Shield compliant. A backup server of SANGFOR Community is based in Hong Kong only for the sake of disaster recovery.
AWS (Privacy Policy)

3) Email Newsletters

If you choose to join our email newsletter or if provided with your email during an event or other circumstances, the email address that you submit to us will be forwarded and stored in MailChimp which provide us with email marketing services. The email address that you submit will not be stored within this website's own database or in any of our internal computer systems, except for the purpose of importing the data into Mailchimp.

Your email address will remain within MailChimp's database for as long as we continue to use MailChimp's services for email marketing or until you specifically request removal from the list. You can do this by unsubscribing using the unsubscribe links contained in any email newsletters that we send you or by requesting removal via email. If you are under 16 years of age you MUST obtain parental consent before joining our email newsletter. While your email address remains within the MailChimp database, you may receive periodic newsletter emails from us.

We use several third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the GDPR legislation. All two of these third parties are based in the USA and are EU-US Privacy Shield compliant.
1) Mailchimp (Privacy policy)
2) SurveyMonkey (Privacy policy)

We may collect your personal data for the business purposes such as sending solicited information about a specific item or information about products or Company, perform market research & analytics to improve our services & product offerings. Besides, we may supply such above personal data to third parties for business purposes or marketing based on your consent.

Should the purposes of using your personal data are not included in this Policy, we will obtain your prior consent before we implementing the relevant purpose. Moreover, you are entitled to withdraw your consent at any time in compliance with the laws and regulations, but this maybe cause the function limitation of the website, product or service.

Please be fully noted that we are entitled to collect and use your personal data without your prior consent under any of the corresponding circumstances in compliance with any applicable laws and regulations.

2. Cookies and Other Similar Technologies

Like most sites, we use technologies that are essentially small data files placed on your computer, tablet, mobile phone, or other devices (referred to collectively as a "device") that allow us to record certain pieces of data whenever you visit or interact with our sites, services, applications, messaging, and tools, and to recognize you across devices.

The specific names and types of the cookies, unique identifiers, and similar technologies we use to collect data (e.g. about the pages you view, the links you click, and other actions you take on our Services, within our advertising or e-mail content) may change from time to time. To help you better understand this Policy and our use of such technologies we have provided the following limited terminology and definitions:

Cookies - Small text files (typically made up of letters and numbers) placed in the memory of your browser or device when you visit a website or view a message. Cookies allow a website to recognize a particular device or browser.

Similar technologies - Technologies that store personal data in your browser or device utilizing local shared objects or local storage, such as flash cookies, HTML 5 cookies, and other web application software methods. These technologies can operate across all your browsers, and in some instances may not be fully managed by your browser and may require management directly through your installed applications or device. We do not use these technologies for storing personal data to target advertising to you on or off our sites.

We may use the terms "cookies" or "similar technologies" interchangeably in our policies to refer to all technologies that we may use to store data in your browser or device or that collect data or help us identify you in the manners described above.

3. Rights to your personal data

If you submit your personal data to us, please ensure the accuracy of such data. If your personal data has changed (for instance, your address has been changed), you are obliged to update your personal data in a timely manner.

For requirements by applicable laws, you may: (1) have access to your personal data we have held; (2) update or correct any of your inaccurate personal data; (3) restrict or object to allow us to process your personal data; and (4) require us to erase your personal data, and (5) require us to comply with your request for data portability (6) withdraw your consent at any time which will not affect the lawfulness of processing based on consent before (7) lodge a complaint with the corresponding supervisory authority.

When you claim the said rights, we may require you to submit a written request and may verify your identity. Usually, we do not charge anything for such processes unless your request goes beyond the limit of conventional requirements.

4. Protection and Storage of Personal data

We recognize the need to ensure that personal information gathered via this website remains secure. Our site has security measures in place to protect against the loss, misuse, and alteration of the personal information under our control. Our security measures include the use of a hardware firewall to prevent unauthorized access. You acknowledge that although we exercise adequate care and security, there remains a risk that information transmitted over the Internet and stored by computer may be intercepted or accessed by an unauthorized third-party.

Your Personal Data will be stored on our database as long as you continuing use your community account. With your consent, any data we use for lawful purpose(s) for which it was obtained will be kept with us until you notify us that you no longer wish to use the functions of SANGFOR community and would like to delete your account permanently.

5. Cross-border Transfer of Personal data

Generally, we will process your personal data in the country/region where you use our products or services. However, we may transfer your personal data to Hong Kong China, Malaysia and USA that may have different laws for the protection of personal data.

6. Breach Notification

In line with the GDPR, where a breach is known to have occurred which is likely to result in a risk to the rights and freedoms of individuals, the relevant Data Protection Authority (DPA) will be informed within 72 hours, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the notification to the supervisory authority is not made within 72 hours, Sangfor informs the supervisory authority of the reasons for the delay. This will be managed in accordance with our Information Security Incident Response Procedure which sets out the overall process of handling information security incidents.

7. Update of this Policy

This privacy policy may change from time to time in line with legislation or industry developments. We will not explicitly inform our clients or website users of these changes. Instead, we recommend that you check this page occasionally for any policy changes.

8. Contact Us
If you have any question about this Policy or have any request or query for your personal data, please send an email to community@sangfor.com to contact us.