NetScreen Security Appliances



Similar documents
NetScreen Security Appliances

Juniper Networks NetScreen-5000 Series

NetScreen Series Security Systems

Network Security Firewall

Introduction of Quidway SecPath 1000 Security Gateway

Unified Services Routers

ISG Series Integrated Security Gateways

Unified Services Routers

Unified Services Routers

Gigabit SSL VPN Security Router

NetScreen-5GT Announcement Frequently Asked Questions (FAQ)

TABLE OF CONTENTS NETWORK SECURITY 2...1

Load Balance Router R258V

EdgeMarc 4508T4/4508T4W Converged Networking Router

Cisco VPN 3000 Concentrator Series

Network Security Fundamentals

SonicOS 5.9 / / 6.2 Log Events Reference Guide with Enhanced Logging

SSG500 Line of Secure Services Gateways

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

SSG320M and SSG350M Secure Services Gateways

(d-5273) CCIE Security v3.0 Written Exam Topics

SSG320M and SSG350M Secure

Juniper Networks SSG 5 and SSG 20

Professional Integrated SSL-VPN Appliance for Small and Medium-sized businesses

Alcatel-Lucent VPN Firewall Brick 50 Security Appliance V P N F I R E W A L L, V o I P, A N D Q o S S E C U R I T Y G A T E W AY

UTT Technologies offers an effective solution to protect the network against 80 percent of internal attacks:

Foreword Introduction Product Overview Introduction to Network Security Firewall Technologies Network Firewalls Packet-Filtering Techniques

WATCHGUARD FIREBOX VCLASS

ProSecure Unified Threat. UTM Series. Unified Gateway Security for Smart IT Networks Without Compromise

Datasheet. Advanced Network Routers. Models: ERPro-8, ER-8, ERPoe-5, ERLite-3. Sophisticated Routing Features

Gigabit Multi-Homing VPN Security Router

NetDefend UTM Firewall Series

Gigabit Multi-Homing VPN Security Router

Wireless Controller DWC-1000

Juniper Networks ISG Series

NETSCREEN-5GT USER S GUIDE. Version P/N Rev. B

SSG5 AND SSG20 SECURE SERVICES GATEWAYS

UTM FIREWALL SPECS HARDWARE SPECIFICATIONS

Ultra-fast Performance for Tomorrow s VPN Deployments

NetDefend UTM Firewall Series

ProSAFE VPN Firewall Series

High Availability. FortiOS Handbook v3 for FortiOS 4.0 MR3

CCIE Security Written Exam ( ) version 4.0

Fireware How To VPN. Introduction. Is there anything I need to know before I start? Configuring a BOVPN Gateway

IBM Proventia Network Multi-Function Security MX3006 and MX4006

Cisco Cisco 3845 X X X X X X X X X X X X X X X X X X

Cisco RV082 Dual WAN VPN Router Cisco Small Business Routers

Integrated Services Router with the "AIM-VPN/SSL" Module

Create a VPN on your ipad, iphone or ipod Touch and SonicWALL NSA UTM firewall - Part 1: SonicWALL NSA Appliance

Advanced Network Routers. Datasheet. Model: ERLite-3, ERPoe-5. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

Alcatel-Lucent VPN Firewall Brick 700 Security Appliance V P N F I R E W A L L, V o I P, A N D Q o S S E C U R I T Y G A T E W AY

Understanding the Cisco VPN Client

/ /Res Dated INVITATION FOR BIDS

Contents. Features Major Functions. Detailed Specifications. c SAMSUNG Electronics Co.,Ltd.

How To Connect A Network To A Network With A Network Card (Netgear) For Business (Netgear) For A Small Business (Vlan) Or For A Large Business (Ivlan) (Vlane) (Netgage

High Availability Solutions & Technology for NetScreen s Security Systems

Government of Canada Managed Security Service (GCMSS) Annex A-1: Statement of Work - Firewall

EdgeRouter Lite 3-Port Router. Datasheet. Model: ERLite-3. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

NetDefend UTM Firewall Series

SSG140 SECURE SERVICES GATEWAY

Integrated Services Router with the "AIM-VPN/SSL" Module

Securing Networks with PIX and ASA

NR50. Niveo Professional Multi WAN load balancing VPN router

QuickSpecs. Models HP U200-A UTM Appliance

ACCESS POINTS. Configuration Specifications

Release Notes. NCP Secure Client Juniper Edition. 1. New Features and Enhancements. 2. Problems Resolved

Eudemon8000E Series 10-Gigabits IPS security gateway

Models HP U200-A UTM Appliance

Cisco ASA, PIX, and FWSM Firewall Handbook

Link Controller ENSURES RELIABLE NETWORK CONNECTIVITY

Security Gateway 10er Serie

The All-in-One, Intelligent NXC Controller

The All-in-One, Intelligent WLAN Controller

Gigabit Content Security Router

NetDefend UTM Firewall Series

ITU G Annex A (G.dmt.bis) ITU G Annex A (G.lite.bis) Maximum Rate: 12 Mbps for downstream and 1.5 Mbps for upstream

NLoad Balancing Stackable Switch

Securing Cisco Network Devices (SND)

Juniper Networks Integrated Firewall and IPSec VPN Evaluators Guide

NetScreen ScreenOS Migration Guide. ScreenOS P/N Rev B

APNIC elearning: IPSec Basics. Contact: esec03_v1.0

Juniper Networks SRX 5000 Services Gateways

NetScreen Concepts & Examples

FortiOS Handbook IPsec VPN for FortiOS 5.0

Table of Contents. 1 Overview 1-1 Introduction 1-1 Product Design 1-1 Appearance 1-2

Panorama PANORAMA. Panorama provides centralized policy and device management over a network of Palo Alto Networks next-generation firewalls.

Cisco CCNP Implementing Secure Converged Wide Area Networks (ISCW)

Datasheet. Advanced Gigabit Ethernet Routers. Models: ER-X, ER-X-SFP. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

SonicOS Enhanced Release Notes

How To Configure The Fortigate Cluster Protocol In A Cluster Of Three (Fcfc) On A Microsoft Ipo (For A Powerpoint) On An Ipo 2.5 (For An Ipos 2.2.5)

Aker Firewall UTM. Maximum protection and security for network connections.

FortiGate High Availability Overview Technical Note

HIGH DENSITY ACCESS POINT

Transcription:

Security Appliances GigaScreen ASIC stateful( ) mitigation ( ) IPSec Technologies (Virtual Private Networking; ) (Denial of Service; ) (mitigation) ASIC IPSec GigaScreen ASIC CPU ASIC ScreenOS ASIC Global PRO WebUI - ASIC ScreenOS ScreenOS ScreenOS -Global PRO ICSA FIPS 140 ICSA IPSec

-200-5XT -208-5XT -204-200 -204-208 10/ 100-5XT 2 10/100-5XT 10/100-200 10/100 Base-T -208 550-Mbps -204 400-Mbps 3DES AES 200-Mbps -200 VLAN -5XT dial-backup -5XT 10-user (Elite) 70-Mbps 20-Mbps 3DES AES 2,000 session 10-5XP -50-25 -50-5XP -5XP -25-50 -25 10/100 Base-T DMZ LAN -50 170-Mbps 50- Mbps 3DES AES 32,000 session 100 site-to-site 400-25 100- Mbps 20-Mbps 3DES AES 8,000 session 25 site-to-site 100 10 BaseT -5XP -5XP 10-user (Elite) 20-Mbps 13-Mbps 3DES 2,000 session 10

-5XT ( ) stateful software-based SYN ICMP flood Port Scan (NAT) (PAT) - non-routable IP - IP Common Crite- ScreenOS ria ICSA stateful Layer 2 IP IPSec NAT NAT (mesh) (hub and spoke) - ICSA C IPSec RADIUS SecurID LDAP Untrust 10/100 Service; D) (Distributed Denial of session Web-based - XAUTH - IPSec ( ) D session IPSec IPSec (fail-over) -200 (virtualization key) (VLAN) IPSec IPSec 802.1Q VLAN tags IP (PKI X.509) IKE auto-key IP extranet manual key 3DES DES AES SHA-1 MD5 IPSec ( )

-50-200 (HA) session HA pair -200 Active/Active Active/Active Active/Passive Full mesh (-208) (uptime) (leaderless) 16 IP upstream downstream DHCP PPPoE client Untrusted IP DSL DHCP IP (WebUI) HTTP HTTPS (SSL) WebUI ScreenOS 4.0 WebUI Dynamic HTML Java-based HTTP HTTPS (SSL) IP Web DiffServ QoS OSPF BGP (dynamic routing) ISP -5XP OSPF BGP

(Command Line Interface; CLI) SSH Telnet CLI WebUI -Global PRO Global PRO Express - -Global PRO -Global PRO -Global PRO NAT IP Express - Global PRO Multi-administrator/multi- Network Operation Center (NOC) ( DMZ ) NAT -Global PRO ( LAN ) (transparent mode) SLA Layer 2 IP (uptime)

-200-50 -25-5XT (3) -5XP (comcurrent sessions) 128,000 32,000 8,000 2,000 2,000 13,000 7,000 7,000 2,000 2,000 400 550 Mbps 170 Mbps 100 Mbps 70 Mbps 20 Mbps 3DES (168 bit) 200 Mbps 50 Mbps 20 Mbps 20 Mbps 13 Mbps 4,000 1,000 500 100 100 4 8 10/100 Base-T 4 10/100 Base-T 4 10/100 Base-T 1 10/100 Base-T 1 10 Base-T 4 10/100 Base-T 1 10 Base-T 8 18 4 4 2 3 2 2 7 2 2 2 2 VLAN 32 0 0 0 0 NAT PAT NAT IP 4 2 2 1 1 IP 4,000 1,000 500 32 32 Trusted 10 10 OSPF/BGP 2 2 2 2 4,000 2,000 2,000 1,000 1,000 DHCP client Untrusted Untrusted Untrusted Untrusted Untrusted PPPoE client Untrusted Untrusted Untrusted Untrusted Untrusted DHCP Untrusted Untrusted Untrusted Untrusted Untrusted DHCP 31 31 31 31 31 D TCP ScreenOS 4.0.1 URL Site-to-site 1,000 100 25 10 10 1,000 400 100 10 10 Manual Key,IKE,PKI (X.509) DES (56bit) 3DES (168bit) AES Perfect Forward Secredy (DH Groups) 1,2,5 1,2,5 1,2,5 1,2,5 1,2,5 L2TP Within IPSec Star (hub and spoke) IPSec NAT traversal 256 100 25 8 8 SHA-1 MD5 PKI (PKCS 7 PKCS 10) (SCEP) (OCSP) VeriSign CA Entrust CA Microsoft CA RSA Keon CA iplanet (Netscape) CA Baltimore CA DOD PKI CA

-200-50 -25-5XT (3) -5XP RADIUS RSA SecurID LDAP RADIUS XAUTH Web-based 1,500 500 250 100 100 DiffServ stamp (HA) Active/Active Active/Passive HA (NSRPv2) session Active/Passive Dial Backup &Dual Untrust HA HA fail-over -Global PRO 4 -Global PRO Express WebUI (HTTP and HTTPS) (telnet) Secure Command Shell SSH v1.5 SNMP MIB 20 20 20 20 20 RADIUS/LDAP/ RADIUS/LDAP/ RADIUS/LDAP/ RADIUS/LDAP/ RADIUS/LDAP/ SecurID SecurID SecurID SecurID SecurID 6 6 6 6 6 only user TFTP/WebUI/ TFTP/WebUI/ TFTP/WebUI/ TFTP/WebUI/ TFTP/WebUI/ Global Global Global Global Global 256 256 256 256 256 2 NetIQ WebTrends SNMP Traceroute Websense URL External Flash CompactFlash 96 512 MB 96 512 MB 96 512 MB PCMCIA Flash ScreenOS 1.73 1.73 1.73 1.25 1.25 17.5 17.5 17.5 8 6 10.8 10.8 10.8 5 5 8 8 8 1.5 1 (AC) 90 to 264 VAC 45W 90 to 264 VAC 45W 90 to 264 VAC 45W 12 VDC 12W 5 VDC 7.5W 90 to 264 VAC 90 to 264 VAC to power supply to power supply (DC) -36 to -72 VDC 50W -36 to -72 VDC 50W -36 to -72 VDC 50W N/A N/A 1 ScreenOS 4.0.2r1 ScreenOS 2 ScreenOS 4.0.2r1 ScreenOS 3 ScreenOS 4.0.0-DIAL.r1 ScreenOS 4 -Global PRO -Global PRO Express ScreenOS 4.0

ARP TCP/IP UDP ICMP HTTP RADIUS LDAP SecurID IPSec (ESP, AH) MD5 SHA-1 AES DES 3DES L2TP IKE (ISAKMP) TFTP (client) SNMP X.509v3 DHCP PPPoE SCEP OCSP 802.1Q UL CUL CSA CB NEBS Level 3** **-208 EMC -5XP -5XT FCC class B BSMI CE class B C- Tick VCCI class B -25-50 -200 FCC class A BSMI CE class A C- Tick VCCI class A 23 to122-5 to 50-4 to158-20 to70 10-90% MTBF (Bellcore ) -5XP: 8.8-5XT: 8.5-25 : 8.1-50 : 8.1-204: 6.8-208: 6.5-208 w/ac -208 NS-208-001 -208 NS-208-003 -208 NS-208-005 -208 NS-208-007 -208 w/dc -208 NS-208-001-DC -204 w/ac -204 NS-204-001 -204f* NS-204-101 -204 NS-204-003 -204f* NS-204-103 -204 NS-204-005 -204f* NS-204-105 -204 NS-204-007 -204f* NS-204-107 -204 w/dc -204 NS-204-001-DC -200-200 NS-200-VIRT (Virtualization Key) Virtualization Key 32 VLAN 5 10-50 w/dc -50 NS-050-001-DC -25-25 NS-025-001 -25 NS-025-003 -25 NS-025-005 -25 NS-025-007 * f -5XT 10 -user -5XT NS-5XT-001-5XT NS-5XT-003-5XT NS-5XT-005-5XT NS-5XT-007-5XT 10-user -5XT Elite NS-5XT-ELU -5XT Elite -5XT Elite NS-5XT-101-5XT Elite NS-5XT-103-5XT Elite NS-5XT-105-5XT Elite NS-5XT-107 2-5XT NS-5XT-RMK -5XP 10 -user -5XP NS-5XP-001-5XP NS-5XP-003-5XP NS-5XP-005-5XP NS-5XP-007-5XP10 -user -5XP NS-5XP-ELU -5XP Elite -5XP Elite NS-5XP-101-5XP Elite NS-5XP-103-5XP Elite NS-5XP-105-5XP Elite NS-5XP-107 2-5XP NS-5XP-RMK -50 w/ac -50 NS-050-001 -50f* -50 NS-050-101 NS-050-003 90-50f* -50 NS-050-103 NS-050-005 -50f* NS-050-105 -50-50f* NS-050-007 NS-050-107 106 216 9 A2 886-2-8733-3577 886-2-8733-3576 www.netscreen.com Copyright (c) 1998-2003 Technologies, Inc., Technologies, and the logo are registered trademarks of Technologies, Inc. IDP, MMD, -5XP, -5XT, -25, -50, -204, -208, -500, - 5200, -5400, -IDP 100, -IDP 500, -Global PRO, -Global PRO Express, -Remote, GigaScreen ASIC, GigaScreen-II ASIC and ScreenOS, and Stateful Signature are trademarks of Technologies, Inc. All other trademarks and registered trademarks are the property of their respective companies. Part Number: 2003.1.20.4.aps.TC www.netscreen.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information