SYLink
Free diagnostic
Product catalog
Family Réseau

SYLink Mini

2.5 Gbps · 2,500 IPs · TLS decryption proxy

Mid-range appliance for SMBs and mid-market companies: 2.5 Gbps throughput, up to 2,500 IPs, with IDS, IPS, NIDS, firewall and a certificate-based decryption proxy to inspect internal encrypted flows.

Request a demoSee the diagramSpecifications
The product, in plain words

What it does SYLink Mini

Mid-range appliance for SMBs and mid-market companies: 2.5 Gbps throughput, up to 2,500 IPs, with IDS, IPS, NIDS, firewall and a certificate-based decryption proxy to inspect internal encrypted flows.

Key takeaway

SYLink Mini2.5 Gbps · 2,500 IPs · TLS decryption proxy.

The technical playbook

How to use it

Deep inspection without breaking the SI

SYLink Mini embarque un proxy TLS souverain capable de déchiffrer les flux HTTPS sortants et inter-applicatifs. La CA SYLink est poussée via GPO (Windows), MDM (macOS / mobile) ou Ansible (Linux). Le déchiffrement est sélectif : vous excluez les domaines bancaires, santé et personnels par classe de catégorie.

Le moteur IDS/IPS partage le pipeline avec le proxy, ce qui permet de détecter les charges malveillantes même cachées dans le trafic chiffré, sans repasser par un détour cloud. Tout reste dans la box : aucune copie de flux n'est exfiltrée.

Key capabilities
  • TLS proxy with category exclusions (health, banking, personal)
  • IDS/IPS/NIDS in-pipeline with the proxy
  • Automatic bypass mode on hardware incident
  • Structured logs to the SIEM in real time
Where the product fits in your topology

Network placement

Le SYLink Mini se positionne en cœur de SI ou en périmétrie sur les sites de taille intermédiaire (jusqu'à 2 500 IP). Inline avec votre WAN, il intègre NDR + sonde DPI dans un même appliance et publie ses logs vers votre SOC.

Périmètre InternetInternetSYLink Minipare-feu + IDS/IPS + DPILAN entrepriseSwitch / LANpostes + serveurs + Wi-FiPostesEDRWi-Fi↳ Le produit s'insère en coupure entre votre arrivée Internet et votre LAN
Deployment pipeline

Deployment diagram

Guided rollout starting with CISO scoping, then install by your IT team or a SYLink partner. The critical step is rolling out the SYLink CA on endpoints — automated via GPO / MDM.

  1. 01

    CISO scoping

    Perimeter, decryption exceptions, AD and SIEM integration.

    Step 01
  2. 02

    Hardware install

    Inserted as a gateway (between your router and the LAN) or as a transparent bridge.

    Step 02
  3. 03

    CA rollout

    Deploy the SYLink CA on endpoints via GPO / MDM / Ansible.

    Step 03
  4. 04

    Filtering policy

    Activate IPS rules, exclude sensitive domains, monitor for 7 days.

    Step 04
  5. 05

    Switch to blocking

    Move from monitor-only to active blocking after calibration.

    Step 05

↓ Integration pipeline — step by step, from scoping to production ↓

Prerequisites

  • AD / LDAP / Entra ID directory for authentication
  • Ability to push a CA certificate to endpoints (GPO, MDM or config tool)
  • Connection to the SYLink portal (SaaS) OR dedicated on-premise console
What you concretely gain

Benefits

  • 01

    2.5 Gbps with no compromise

    Three times the SYLink Box capacity, sized for a multi-site SMB with internal servers.

  • 02

    Inspect encrypted traffic

    Certificate-based decryption proxy (CA pushed to endpoints) — you see what travels in outbound HTTPS and between internal servers.

  • 03

    Local IDS + IPS + NIDS + firewall

    On-hardware configuration, no external cloud dependency for inline decisions.

  • 04

    Single multi-site console

    Run several Minis from a single CISO console, with shared rules and centralized alerting.

The full datasheet

Specifications

Performance

Throughput2,5 Gbps inspection complète
CapacityJusqu'à 2 500 IPs
Concurrent sessions~100 000
Added latency< 1 ms

Security

FirewallStateful + application-aware
IDS / IPS / NIDSTous inclus, en série
Proxy déchiffrementPar certificat (CA poussée via GPO / MDM)
Anti-malwareSandbox cloud souveraine

Ports

Ports2× WAN 2.5G + 4× LAN 2.5G + 1× console
Form factorBoîtier rack 1U (option desktop)
PowerAC 100-240 V, redondance optionnelle

Interconnect (SD-WAN)

SD-WAN client VPNIPsec, WireGuard (site-à-site)
TopologyMesh, hub-and-spoke, multi-hub
Débit VPNJusqu'à 1 Gbps chiffré
Remote-work usage⚠️ Utiliser SYLink VPN

Integration

ConsolePortail SaaS ou on-premise
DirectoryAD / LDAP / Entra ID
SIEMSyslog, Splunk, QRadar, Elastic
APIREST + webhooks
Built for

Target customers

  • Multi-site industrial SMB

    One Mini per site, central console, site-to-site VPN, OT/IT flow inspection.

  • Mid-market NIS2 compliance

    Full visibility on outbound flows, court-admissible event logging.

  • Private clinics (HDS)

    Patient / medical IoT / staff segmentation, inspection of non-sensitive medical flows, HDS compliance.

  • Law firm

    Inspect outbound flows to detect exfiltration attempts, while leaving confidential client flows untouched (category exclusions).

Test SYLink Mini on your infrastructure

30-minute guided demo, PoC on a pilot perimeter, support by our French teams based in Clermont-Ferrand, Marseille and Rennes.

Request a demoFree diagnostic (2 min)Cyber emergency