VPN Firewall AT-AR2050V



Similar documents
Next-Generation Firewalls

AlliedWare Plus NEXT-GENERATION FIREWALL OVERVIEW

Cisco RV 120W Wireless-N VPN Firewall

Cisco RV082 Dual WAN VPN Router Cisco Small Business Routers

Gigabit Multi-Homing VPN Security Router

Cisco SR 520-T1 Secure Router

Datasheet. Advanced Network Routers. Models: ERPro-8, ER-8, ERPoe-5, ERLite-3. Sophisticated Routing Features

Unified Services Routers

Solutions Guide. Secure Remote Access. Allied Telesis provides comprehensive solutions for secure remote access.

Gigabit Multi-Homing VPN Security Router

Cisco RV180 VPN Router

EdgeRouter Lite 3-Port Router. Datasheet. Model: ERLite-3. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

Unified Services Routers

AlliedWare Operating System

20 GE + 4 GE Combo SFP G Slots L3 Managed Stackable Switch

Cisco RV215W Wireless-N VPN Router

Cisco RV110W Wireless-N VPN Firewall

How To Set Up A Cisco Rv110W Wireless N Vpn Network Device With A Wireless Network (Wired) And A Wireless Nvv (Wireless) Network (Wireline) For A Small Business (Small Business) Or Remote Worker

INDIAN INSTITUTE OF TECHNOLOGY BOMBAY MATERIALS MANAGEMENT DIVISION : (+91 22) (DR)

Datasheet. Advanced Gigabit Ethernet Routers. Models: ER-X, ER-X-SFP. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

Gigabit SSL VPN Security Router

Gigabit Content Security Router

Cisco RV110W Wireless-N VPN Firewall

Cisco RV220W Network Security Firewall

Unified Services Routers

Introduction of Quidway SecPath 1000 Security Gateway

EX 3500 ETHERNET SWITCH

EdgeMarc 4508T4/4508T4W Converged Networking Router

High Performance 10Gigabit Ethernet Switch

Network Security Firewall

Cisco VPN 3000 Concentrator Series

How To Use A Cisco Wvvvdns4400N Wireless-N Gigabit Security Router For Small Businesses

Cisco RV220W Network Security Firewall

ENHWI-N n Wireless Router

Quidway AR 18-1X Series Router Datasheet

Cradlepoint COR IBR350 Specifications

Datasheet. Managed PoE+ Gigabit Switches with SFP. Models: ES W, ES W, ES W, ES W

CradlepointCOR IBR350Specifications

RuggedCom Solutions for

TP-LINK. JetStream 28-Port Gigabit Stackable L3 Managed Switch. Overview. Datasheet T3700G-28TQ.

Advanced Network Routers. Datasheet. Model: ERLite-3, ERPoe-5. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

Barracuda Link Balancer

NR50. Niveo Professional Multi WAN load balancing VPN router

Cisco WRVS4400N Wireless-N Gigabit Security Router: Cisco Small Business Routers

The top 3 network management challenges

Load Balance Router R258V

NLoad Balancing Stackable Switch

DCRS-5650 Dual Stack Ethernet Switch Datasheet

48 GE PoE-Plus + 2 GE SFP L2 Managed Switch, 375W

24 GE + 2 GE SFP L2 Managed Switch

UTT Technologies offers an effective solution to protect the network against 80 percent of internal attacks:

Solution Profile. Branch in a Box

Avaya Secure Router 1000 Series

Wireless Controller DWC-1000

WATCHGUARD FIREBOX VCLASS

TP-LINK. 24-Port 10/100Mbps + 4-Port Gigabit L2 Managed Switch. Overview. Datasheet TL-SL5428E.

ALLNET ALL8944WMP Layer 2 Management 24 Port Giga PoE Current Sharing Switch

AC Wireless Dual Band ADSL2+ Modem Router. Highlights

Enterprise Wireless LAN. Key Features. Benefits. Hotspot/Service Gateway Series

DCRS-5960 Dual Stack 10G Routing Switch Datasheet

Datasheet. Enterprise Gateway Router with Gigabit Ethernet. Models: USG, USG-PRO-4. Advanced Security, Monitoring, and Management

Solutions Guide. Resilient Networking with EPSR

Firewall Defaults and Some Basic Rules

TP-LINK. 24-Port 10/100Mbps + 4-Port Gigabit L2 Managed Switch. Overview. Datasheet TL-SL

TP-LINK L2 Managed Switch

DCRS-5960F Dual Stack 10G Ethernet Optical Routing Switch

ESR b/g/n SOHO Router

Total solution for your network security. Provide policy-based firewall on scheduled time. Prevent many known DoS and DDoS attack

Ethernet Link SGI-4844F

Cisco RV180W Multifunction VPN Router

Ethernet Link SGI-2424

Emerson Smart Firewall

Public Internet Access Done the Right Way

ECB1220R. Wireless SOHO Router/Client Bridge

AC 750. Wireless Dual Band ADSL2+ Modem Router. Highlights

Solutions Guide. Ethernet-based Network Virtualization for the Enterprise

Datasheet. Managed Gigabit Fiber Switch. Model: ES-12F. Non-Blocking Throughput Switching. High Performance and Low Latency

ESR b/g/n SOHO Router

HP VSR1000 Virtual Services Router Series

Uniport appliances For corporate networks and operators

VPN Solution Guide Peplink Balance Series. Peplink Balance. VPN Solution Guide Copyright 2015 Peplink

Vyatta Network OS for Network Virtualization

NO SPECIFICATION SPECIFICATION COMPLIANCE RESPOND PROPOSED BY VENDOR

802.11b/g/n SOHO Router 2.4GHz 150Mbps 11N AP/Router

ALLNET ALL-SG8926PM Layer 2 FULL Management 24 Port Giga PoE Current Sharing Switch IEEE802.3at/af

VCStack - Powerful Simplicity. Network Virtualization for Today's Business

Management Software. Web Browser User s Guide AT-S106. For the AT-GS950/48 Gigabit Ethernet Smart Switch. Version Rev.

ANNEX III BUDGET PROPOSAL AS PER LOTS LOT 1

Cisco SLM Port Gigabit Smart Switch Cisco Small Business Smart Switches

JetNet 6524G / 6524G-DC24 / 6524G-DC48

TP-LINK. 24-Port Gigabit L2 Managed Switch with 4 SFP Slots. Overview. Datasheet TL-SG

TP-LINK. Gigabit L2 Managed Switch. Overview. Datasheet TL-SG3216 / TL-SG

APV9650. Application Delivery Controller

Increase Simplicity and Improve Reliability with VPLS on the MX Series Routers

St Mary MacKillop College

About Firewall Protection

DCS C Fast Ethernet Intelligent Access Switch Datasheet

Magnum Network Software DX

Transcription:

Security Appliances Product Information VPN Firewall AT-AR2050V Allied Telesis Virtual Private Network (VPN) Firewalls are the ideal secure gateway for modern businesses. Powerful VPN functionality is combined with comprehensive routing and switching, providing an innovative high performance solution that is easy to use and very secure. As businesses adapt to faster paced operations, with increasing amounts of data, and the need to access company resources from outside the office, the demand for high performance VPN connectivity becomes more urgent. The AT-AR2050V features comprehensive security and advanced networking capabilities, meeting the demands of distributed businesses that require multi-site VPNs. High performance Harnessing the power of multi-core processors and hardware acceleration engines guarantees high performance, by dramatically increasing throughput and enabling sustained low latency traffic inspection. Powerful firewall The firewall on the AT-AR2050V inspects every packet passing through it, so different traffic types can be managed in line with business security policies. Allied Telesis VPN Firewalls are the ideal solution for enterprise and branch offices requiring secure online connectivity. Intrusion Detection and Prevention System (IDS/IPS) IDS/IPS is an intrusion detection and prevention system that protects your network from malicious traffic. IDS/IPS monitors inbound and outbound traffic, and identifies threats which may not be detected by the firewall alone. Secure Remote VPNs The Allied Telesis VPN Firewall supports IPSec site-to-site VPN connectivity to connect one or more branch offices to a central office, providing employees company-wide with consistent access to the corporate network. Remote workers can utilize an SSL VPN connection to encrypt their business data over the Internet, allowing them to utilize all their business resources when working from home, travelling, or otherwise away from the company premises. Comprehensive routing support The security features of the VPN Firewall are complemented by advanced routing and switching capability. Full IPv6 routing and protocol implementation ensures today s networks are fully connectable, both internally and externally with other leading edge equipment. Powerful multicasting features support streaming video and voice traffic in modern converged networks. High availability When online connectivity is critical, the VPN Firewall has a bypass port to allow a link to another device as a passive backup. Automated failover immediately transmits Internet-bound traffic to the backup device, to maximize the availability of external connectivity, and ensure no loss of business productivity. Easy to manage The AT-AR2050V runs the advanced AlliedWare Plus fully featured operating system, with an industry standard CLI. Full support for Allied Telesis Management Framework TM (AMF) allows the Allied Telesis VPN Firewall to integrate with Allied Telesis switching products, forming a network that can be managed as a single virtual entity. A full suite of automated tools ensures that the firewall is fully backed up and recoverable without user intervention, maximizing the availability of online services. Performance Firewall throughput 750 Mbps Concurrent sessions 100,000 New sessions per second 3,600 IPS throughput 200 Mbps VPN throughput 400 Mbps alliedtelesis.com

DPI FIREWALL ENGINE Stateful packet inspection DoS attack protection IPv6 support IDS/IPS VIRTUAL PRIVATE NETWORKING (VPN) IPSec VPN for site-to-site connectivity SSL/TLS VPN for secure remote access VPN pass-through Redundant VPN gateway Dynamic routing through VPN tunnels RESILIENCY High availability bypass port VRRP triggers for bypass port failover QUALITY OF SERVICE (QOS) Traffic shaping Bandwidth management NETWORKING 3G/4G/LTE USB modem Layer 2 Tunnelling Protocol (L2TP) Dual Stack Policy-based routing AMF management AMF backup/recovery Flexible deployment options All traffic passing through the firewall is inspected and categorized, so it can be managed in line with business policies. Protection against Denial of Service (DoS) attacks, which are designed to consume resources and therefore deny users network and application access. Full support for IPv6 routing, multicasting and security is provided. IDS/IPS provides monitoring, analysis and logging of suspicious events that occur on a network. It can also perform a variety of actions to prevent attacks. High-performance IPSec VPN allows the Allied Telesis VPN Firewall to connect branch offices and other large sites, for secure sharing of business information. Users simply utilize the OpenVPN client on their computer, tablet, or other mobile device for easy access to email, files, and other corporate digital resources when away from the office. Pass-through enables VPN clients to make outbound connections using L2TP, PPTP or IPsec. Primary and secondary VPNs can be configured when using multiple WAN connections, for seamless failover of VPN connectivity to a remote site. Dynamic routing over VPN links ensures no loss of connectivity, as traffic is routed through an alternate link in the event of a tunnel failure. The bypass port allows a backup link to be formed to another device, to act as a passive backup. In the event of a power failure, the WAN traffic is immediately transmitted to the backup device for automatic failover of the WAN connection. The Allied Telesis VPN Firewall supports event-based triggers to automatically change VRRP mastership if a bypass port is activated. This simplifies WAN failover and reduces disruption to other network devices. Traffic shaping allows the amount of bandwidth to be restricted for different traffic classes. Protect your business-critical traffic by limiting the bandwidth available to non-essential traffic. During peak times, non-essential traffic is limited, allowing critical traffic to flow freely. A 3G/4G/LTE USB modem offers an additional secure data connection for critical services, which can automatically switch to a mobile network whenever a primary data connection becomes unavailable. L2TP provides site-to-site connectivity, which can also be protected by IPSec encryption. Dual Stack enables IPv4 and IPv6 traffic to be processed simultaneously. Policy-based routing enables traffic forwarding decisions to be based on where the traffic is coming from, rather than where it is going to. AMF enables new devices to be pre-provisioned for zero-touch deployment. This simplifies installation, guarantees consistent configuration, and reduces setup time and cost. As an AMF member, the VPN Firewall is automatically backed up, and can be recovered with plug-and-play simplicity. Allied Telesis VPN Firewalls can be deployed in traditional NAT, Layer 2 Bridge, Wire Mode and Network Tap modes. 2 AT-AR2050V

Key solution Master Home worker Branch office AR2050V Head office Internet Members AR2050V Branch office Remote worker AR2050V Members SSL VPN IPSec VPN Branch office Multi-site VPN connectivity Allied Telesis VPN Firewalls are the ideal integrated security platform for modern businesses. The powerful combination of VPN connectivity, secure remote access, and routing and switching, provides a single platform to connect and protect corporate data. This example shows how the AT-AR2050V can provide multi-site connectivity back to a head office. IPSec VPNs to an Allied Telesis Next-Generation Firewall (NGFW) ensure that all staff have full access to digital resources. SSL VPN access provides secure access for workers when travelling, at home, or otherwise away from the office. Automated network management In addition to protecting and connecting modern networks, the VPN Firewalls are fully supported by AMF. AMF is a sophisticated suite of management tools that automate and simplify many day-to-day network administration tasks. Powerful features like centralized management, auto-backup, auto-upgrade, autoprovisioning and auto-recovery ensure streamlined networking. Growing the network can be accomplished with plug-and-play simplicity, and network node recovery is fully zero-touch. As part of an AMF network, along with all of the network switches, the VPN Firewalls are automatically backed up, ensuring seamless recovery if required. AT-AR2050V 3

Features Firewall Multi zone firewall with stateful inspection ۼۼ H.323 Application Layer Gateway (ALG) for FTP, SIP and ۼۼ Application layer proxies for SMTP and HTTP ۼۼ Bandwidth limiting control ۼۼ Bridging between LAN and WAN interfaces ۼۼ (IDS/IPS) Intrusion Detection and Prevention System ۼۼ DoS and DDoS attack detection and protection ۼۼ Maximum and guaranteed bandwidth control ۼۼ forwarding) Static NAT (port ۼۼ NAT) Masquerading (outbound ۼۼ dynamic) Enhanced NAT (static and ۼۼ Security for IPv6 traffic ۼۼ Networking Routing mode / bridging mode / mixed mode ۼۼ Static unicast and multicast routing for IPv4 and IPv6 ۼۼ Dynamic routing (RIP, OSPF and BGP) for IPv4 and IPv6 ۼۼ Flow-based Equal Cost Multi Path (ECMP) routing ۼۼ Dynamic multicasting support by IGMP and PIM ۼۼ RIP) Route maps and route redistribution (OSPF, BGP, ۼۼ Traffic shaping for bandwidth control ۼۼ Policy-based routing ۼۼ PPPoE client ۼۼ DHCP client, relay and server for IPv4 and IPv6 ۼۼ DNS client and relay for IPv4 and IPv6 ۼۼ IPv4 and IPv6 dual stack ۼۼ Device management over IPv6 networks with SNMPv6, Telnetv6 and SSHv6 ۼۼ Logging to IPv6 hosts with Syslog v6 ۼۼ Management Allied Telesis Management Framework (AMF) enables powerful centralized ۼۼ management and zero-touch device installation and recovery Web-based GUI for quick-start configuration and easy monitoring ۼۼ Industry-standard CLI with context-sensitive help ۼۼ Role-based administration with multiple CLI security levels ۼۼ Built-in text editor and powerful CLI scripting engine ۼۼ Comprehensive SNMPv2c/v3 support for standards-based device management ۼۼ Event-based triggers allow user-defined scripts to be executed upon selected ۼۼ system events Comprehensive logging to local memory and syslog ۼۼ Console management port on the front panel for ease of access ۼۼ USB interface allows software release files, configurations and other files to be ۼۼ stored for backup and distribution to other devices Resiliency Policy-based storm protection ۼۼ Link Aggregation Control Protocol (LACP) on LAN ports ۼۼ Spanning Tree Protocol (STP, RSTP) with root guard ۼۼ (VRRPv2/v3) Virtual Router Redundancy Protocol ۼۼ Diagnostic Tools Automatic link flap detection and port shutdown ۼۼ (DDM) Optical Digital Diagnostic Monitoring ۼۼ Ping polling for IPv4 and IPv6 ۼۼ Port mirroring ۼۼ TraceRoute for IPv4 and IPv6 ۼۼ Authentication (AAA) Authentication, Authorization and Accounting ۼۼ RADIUS and TACACS+ authentication and accounting ۼۼ Local or server-based RADIUS user database ۼۼ Strong password security and encryption ۼۼ VPN Tunneling Diffie-Hellman key exchange ۼۼ Secure encryption algorithms: AES and 3DES ۼۼ SHA-256 Secure authentication: SHA-1 and ۼۼ IKEv2 key management ۼۼ (DPD) IPsec Dead Peer Detection ۼۼ IPsec NAT traversal ۼۼ IPsec VPN for site-to-site connectivity ۼۼ VPN pass-through ۼۼ BGP) Dynamic routing through VPN tunnels (RIP, OSPF, ۼۼ Generic Routing Encapsulation (GRE) over IPv6 ۼۼ Redundant VPN gateway ۼۼ SSL/TLS VPN for secure remote access ۼۼ AT-AR2050V VPN FIREWALL 1 x 10/100/1000T bypass port 1 x 10/100/1000T WAN port USB retainer slot Power switch Kensington lock hole 4 x 10/100/1000T LAN ports Status LEDs Console port Reset button USB port AC power inlet 4 AT-AR2050V

Performance and specifications Processor & memory Security processor Memory (RAM) Memory (Flash) AT-AR2050V 800MHz dual-core 512MB 4GB Security features Firewall Application proxies Threat protection Stateful multi-zone packet inspection firewall FTP, TFTP, SIP DoS attacks, fragmented & malformed packets, blended threats & more Tunneling & encryption IPsec site-to-site VPN tunnels 50 SSL VPN users 100 Encrypted VPN IPsec, SHA-1, SHA-256, IKEv2, SSL/TLS VPN Encryption 3DES, AES-128, AES-192, AES-256 Key exchange Diffie-Hellman groups 2, 5, 14, 15, 16, 18 Dynamic routed VPN RIP, OSPF, BGP, RIPng, OSPFv3, BGP4+ Point to point Static PPP, L2TPv3 Ethernet pseudo-wires Encapsulation GRE for IPv4 and IPv6 Management & authentication Logging & notifications User interfaces Secure management Management User authentication Syslog & Syslog v6, SNMPv2 & v3 Web-based GUI, scriptable industry-standard CLI SSHv1/v2, strong passwords Allied Telesis Management Framework TM (AMF) RADIUS, TACACS+, internal user database, Web authentication Networking Routing (IPv4) Routing (IPv6) Multicasting Resiliency High availability Traffic shaping IP address management NAT Link aggregation VLANs Reliability features Static, Dynamic (BGP4, OSPF, RIPv1/v2), source-based routing, policy-based routing Static, Dynamic (BGP4+, OSPFv3, RIPng), policy-based routing IGMPv1/v2/v3, PIM-SM, PIM-DM, PIM-SSM, PIMv6 STP, RSTP VRRP, VRRPv3, hardware controlled bypass port 8 priority queues, DiffServ, HTB scheduling Static v4/v6, DHCP v4/v6 (server, relay, client), PPPoE Static, IPsec traversal, Dynamic NAPT 802.3ad static and dynamic (LACP) 802.1Q tagging Modular AlliedWare Plus operating system Full environmental monitoring of PSU, fan, temperature and internal voltages. SNMP traps alert network managers in case of any failure Variable fan speed control AT-AR2050V 5

AT-AR2050V Hardware characteristics Input power Max power consumption LAN ports WAN ports High Availability bypass ports Other ports Product dimensions (H x W x D) Product weight 90 to 260V AC (auto-ranging), 47 to 63Hz 14W 4 x 10/100/1000T RJ-45 1 x 10/100/1000T RJ-45 1 x 10/100/1000T RJ-45 1 x USB, 1 x RJ-45 console 42.5mm (1.67 in) x 210mm (8.26 in) x 220mm (8.66 in) 1.8 kg (4.0 lb) Environmental specifications Operating temperature range Storage temperature range Operating relative humidity range Storage relative humidity range Operating altitude 0 C to 50 C (32 F to 122 F). Derated by 1 C per 305 meters (1,000 ft) -25 C to 70 C (-13 F to 158 F) 5% to 80% non-condensing 5% to 95% non-condensing 2,000 meters maximum (6,600 ft) Regulations and compliances EMC Immunity EN55022 class A, FCC class A, VCCI class A EN55024, EN61000-3-levels 2 (Harmonics), and 3 (Flicker) Safety Standards UL60950-1, CAN/CSA-C22.2 No. 60950-1-03, EN60950-1, EN60825-1, AS/NZS 60950.1 Safety Certifications UL, cul, TuV RoHS Compliance EU RoHS6 compliant, China RoHS compliant Country of origin China Ordering information AT-AR2050V-xx 1 x GE WAN and 4 x 10/100/1000 LAN AT-RKMT-J15 Rackmount shelf AT-RKMT-J14 Rackmount brackets Where xx = 10 for US power cord 20 for no power cord 30 for UK power cord 40 for Australian power cord 50 for European power cord 51 for encryption not enabled 3G/4G USB Modems For a list of supported USB modems visit http://alliedtelesis.com/securityapps/ar2050v North America Headquarters 19800 North Creek Parkway Suite 100 Bothell WA 98011 USA T: +1 800 424 4284 F: +1 425 481 3895 Asia-Pacific Headquarters 11 Tai Seng Link Singapore 534182 T: +65 6383 3832 F: +65 6383 3830 EMEA & CSA Operations Incheonweg 7 1437 EK Rozenburg The Netherlands T: +31 20 7950020 F: +31 20 7950021 alliedtelesis.com 2016 Allied Telesis, Inc. All rights reserved. Information in this document is subject to change without notice. All company names, logos, and product designs that are trademarks or registered trademarks are the property of their respective owners. 617-000572 RevB

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information