Dream Series Secure Optical GatewayDual Protection for Hotel Cybersecurity and Real-Name Compliance

AINOPOL – Provider of All-Optical Converged Solutions.

Real-name authentication identifies who is accessing the network, while the triple security engine prevents malicious activities.One Dream Series device guards both lines of defense, protecting against intrusion, viruses and unauthorized private router access.

Hotel networks need real-name authentication to meet compliance requirements, while also defending against hackers, viruses and guests’ unauthorized personal router connections.Traditional solutions require separate procurement of authentication gateways and firewalls, leading to higher costs and poor collaborative linkage.

The AINOPOL Dream Series Secure Optical Gateway integrates PMS-based real-name authentication, 180-day log retention, and IPS/AV/WAF triple security engines in one device. It also supports all-optical network, Passive Optical Network (POL), and fiber-to-room architectures.One device, double protection.

Compliance and Security: The Two Pillars of Hotel Networks

Article 6 of the Provisions on Internet Security Protection Technical Measures (MPS Decree No.82) stipulates that internet security protection technical measures shall comply with national standards.Article 8 mandates security audit functions to record and track network operation status, as well as monitor and log cybersecurity incidents.

This sets requirements not only for real-name authentication and log retention, but also for network security defense capabilities.

Hotel networks must guard against external attacks such as hacker scanning and vulnerability exploitation, as well as internal access by illegal devices including private routers and pinhole cameras.The April 2026 official notice in Dezhou also clearly requires technical measures to defend against computer viruses, network attacks and network intrusion.

Therefore, implementing only authentication without security defense is also deemed non-compliant and will result in direct failure during official inspections.

Having authentication without log retention means the hotel follows a real-name process but cannot prove the data is authentic and tamper-proof.Having authentication without security defense is equivalent to leaving the network door wide open for attackers.

Three-in-One Integration to Eliminate Security Weaknesses

Hotel networks have three critical lines of defense:The first controls who accesses the network via real-name authentication;The second ensures safe internet behavior through security protection;The third governs log storage and traceability.

Traditional solutions usually focus only on the first line of defense, resulting in either inspection failure due to missing security audit logs, or data leakage caused by attacks due to lack of intrusion prevention.

The Dream Series secures all three lines of defense at once, making compliance and security inseparable.

Real Security Threats Facing Hotels

How the Dream Series Delivers Dual Protection

First Line of Defense: Real-Name Authentication — Identify Who Is Accessing the Network

PMS Integration: Guest identity information (ID card, passport, Mainland Travel Permit for Hong Kong, Macao and Taiwan) is automatically synchronized upon check-in. Guests complete identity consistency authentication simply by entering their room number or mobile phone number when connecting to Wi-Fi.

It supports 18 authentication methods, including SMS verification, WeChat authorization, and room number + ID document verification. For hotels without a PMS system, guests can scan their ID documents with local OCR recognition. The entire process is processed inside the optical gateway, keeping all data stored on-premises without leaving the hotel.

Each authentication generates complete logs containing authenticated account, MAC address and timestamp, which are strongly associated with subsequent internet behavior records.

Second Line of Defense: Security Protection — Prevent Malicious Behaviors

Self-developed Protocol StackAbandoning the traditional Linux kernel, the user-mode driver reduces context switching by over 80%. It delivers wire-speed forwarding of 10Gbps per single core, with latency of less than 5 microseconds for 128-byte small packets. It ensures smooth, stable Wi-Fi access in guest rooms, conference rooms and peak-hour scenarios without disconnection.

Triple Security Protection EngineIntegrated with IPS Intrusion Prevention, AV Antivirus and WAF Web Application Firewall, equipped with over 10,000 intrusion prevention rules and a 4-million-signature virus database. It effectively defends against Trojans, ransomware and SQL injection, building a comprehensive in-depth defense system.

Third Line of Defense: Log Storage — Retain Complete Internet Traces

Merely enabling authentication without log retention means a hotel has a real-name process in name only, with no way to prove the authenticity, integrity and non-tamperability of data or retrieve records anytime. Even with an authentication system in place, failure to produce complete logs during inspections will still result in rectification orders.

AINOPOL ensures full log field integrity and 180-day rolling storage. Dream Series mandatory log fields include:MAC address, IP address, authenticated account (linked to ID number), Session ID, protocol type, destination IP/port, accessed domain name, start & end timestamp, and traffic byte count.

Network Infrastructure Guarantee

The Dream Series supports all-optical network and Passive Optical Network (POL) with fiber-to-room deployment. Fewer intermediate active nodes reduce physical intrusion risks — no need to deploy switches in weak current closets, cutting potential points of man-made damage.

The low-threshold all-optical solution is compatible with existing network cables, enabling old hotels to obtain full security capabilities during renovation. Via the EAAS cloud platform, hotel chain headquarters can remotely view security event logs, IPS alarm statistics and illegal device blocking records across all stores, realizing centralized security management.

The Dream Series Secure Optical Gateway eliminates the need for hotels to purchase separate authentication devices and firewalls.One device fulfills multiple functions: PMS-linked real-name authentication, 180-day log retention, IPS/AV/WAF security defense, illegal device blocking, and anti-phishing call protection.

Paired with full-optical hotel architecture or low-threshold all-optical renovation, hotels can smoothly pass public security inspections with complete authentication and logs, while maintaining network security against attacks, viruses and unauthorized private network access.

After deploying the Dream Series, a resort hotel recorded zero network security incidents within half a year, passed public security inspections at one attempt, and saw a drop in negative guest Wi-Fi reviews.

FAQ

Q: Will the security engine affect Wi-Fi speed?A: No. The Dream Series adopts a self-developed protocol stack and user-mode driver, cutting context switching by over 80%. With hardware-accelerated forwarding, the latency for 128-byte small packets is less than 5 microseconds, bringing zero perceived impact to guests.

Q: Can it block access to inappropriate websites?A: Yes. The gateway supports flexible URL filtering policies. Administrators can configure blacklists and whitelists, or restrict access to specific website categories by time period.

Q: Will the security protection capability be weakened when old hotels keep original network cables?A: No. Security policies are uniformly executed on the optical gateway side, independent of physical transmission media (network cable or optical fiber). The low-threshold solution retains full IPS/AV/WAF security capabilities.

In accordance with the Announcement on Strengthening Cybersecurity Governance of Public Wireless Internet Access Venues issued by Lingcheng Branch of Dezhou Public Security Bureau in April 2026, public Wi-Fi venues must legally implement security technical measures including internet real-name authentication, behavior auditing and log retention for no less than six months. All deployed equipment must meet mandatory national and public security industry standards and be filed with the Ministry of Public Security.

Under Article 21, 24 and 59 of the Cybersecurity Law of the People’s Republic of China, together with MPS Decree No.82 and No.151, public security authorities may issue warnings, impose fines, suspend network access or order business rectification for venues failing to implement real-name authentication and complete log retention.

Real cases prove that hotels lacking proper security defenses face multiple risks including data leakage, ransomware attacks and professional compensation claims. Achieving dual guarantees of compliance and network security is essential for hotels to avoid legal risks and protect guest privacy.