Lucent Technologies Vpn Firewall Brick 20 Users Manual
VPN Firewall Brick 20 to the manual c999bedc-fa6b-428b-b33d-e5360a6108b6
2015-02-02
: Lucent-Technologies Lucent-Technologies-Vpn-Firewall-Brick-20-Users-Manual-436334 lucent-technologies-vpn-firewall-brick-20-users-manual-436334 lucent-technologies pdf
Open the PDF directly: View PDF 
.
Page Count: 4
| Download | |
| Open PDF In Browser | View PDF |
VPN Firewall Brick® 20 Security, VPN, and QoS Gateway The VPN Firewall Brick® 20 platform offers a readily affordable CPE solution for delivering service level-assured advanced security, IP VPN, and bandwidth management services to small-office and home-office locations. This carrier-class IP services platform stretches investment dollars with low price/performance and total ownership costs and delivers service-enhancing, revenue-building features. Applications • Advanced security services • Site-to-site and remote access VPN services • Bandwidth management services • Mobile data services • Shared Internet connectivity • Secure intranets and extranets Features • Integrates firewall, VPN, QoS, VLAN, and virtual firewall capabilities in one configuration • 140 Mbps firewall performance; 3 Mbps 3 DES performance; 55 simultaneous VPN tunnels; 4,094 VLANs; 20 virtual firewalls • Intrinsically secure, transparent Layer-2 bridge Benefits • Low price/performance — less than the per-Mbps price of major competitors • Low cost of ownership — one configuration supports multiple IP services with no additional or recurring licensing fees; VLAN and virtual firewall support for up to 20 customers at no additional cost; management efficiencies reduce staffing and administrative expenses • Flexible deployment options — premises or networkbased services with shared or dedicated hardware environments • Economical growth path — migrate to advanced security and VPN services with no added infrastructure investments • No-touch CPE — no need for costly network reconfigurations, truck-rolls, or onsite support • Enhanced user experiences — efficient bandwidth management with customer-level, user-level, and • Central staging and secure remote management via server-level QoS control Lucent Security Management Server (LSMS) software; manages thousands of VPN Firewall Brick® units and • Assured business continuity — native high availability, Lucent IPSec Client users from one console carrier-class reliability • Innovative security services: advanced distributed • Scalable, carrier-class management — centrally manage denial of service attack protection; high-speed content up to 1,000 VPN Firewall Brick® units and 10,000 security (command blocking, URL filtering, virus Lucent IPSec Client users scanning); strong authentication; real-time monitoring, logging, and reporting • High-availability architecture — no single point of failure • No advisories or reported vulnerabilities VPN Firewall Brick® Platform 20 Technical Specifications 1.Processor/Memory Rise mP6 120 MHz with 64MB RAM 2.LAN Interfaces (3) 10/100 Base-TX Ethernet (RJ-45) 8.Layer-7 Application Support Application Filter architecture supports Layer-7 protocol inspection for command validation, dynamic channel pinholes and application layer address translation. Application filters include http, ftp, tftp, H.323/H.323 RAS, Oracle SQL*Net, Net BIOS, DHCP Relay, DNS, GTP, SIP 3.Other Ports SVGA video, DB9 serial, external floppy, PS/2 keyboard 9.Firewall Attack Detection and Protection Generalized flood protection extensible to new flood attacks as 4.Performance discovered with patent-pending Intelligent Cache Management SYN flood protection to specifically protect inbound servers, Concurrent sessions – 3,000 e.g. Web servers, from inbound TCP SYN floods New sessions/second – 300 Strict TCP Validation to ensure TCP session state enforcement, Rules – 30,000 (shared among all virtual firewalls) validation of sequence and acknowledgement numbers, Max clear text throughput – 125 Mbps (1518 byte TCP packets) rejection of bad TCP flag combinations 140 Mbps (1518 byte UDP packets) Initial Sequence Number (ISN) rewriting for weak TCP stack Max PPS throughput – 40,000 pps (64 byte UDP packets) implementations Max 3DES throughput with software encryption – 3 Mbps Fragment flood protection with Robust Fragment Reassembly, (1518 byte TCP packets) ensures no partial or overlapping fragments are transmitted Generalized IP Packet Validation including detection of 5.Virtualization malformed packets such as ping of death, land attack, tear drop Maximum number of virtual firewalls – 20 attack. Drops bad IP options as well as source route options Number of VLANs supported – 4,094 VLAN domains – up to 16 per VLAN trunk 10.Content Security VPN Firewall Brick® partitions – allows for virtualization of Lucent Proxy Agent integrates load-shared content security customer IP address range, including support for overlapping services for: IP addresses Application protocol command blocking – HTTP, SMTP, FTP Virus scanning 6.Modes of Operation URL screening Bridging and/or routing on all interfaces Application-layer protocol command recognition and filtering All features supported with bridging Application-layer command line length enforcement IP routing with static routes Unknown protocol command handling 802.1Q VLAN tagging supported inbound and outbound Extensive session-oriented logging for application-layer on any combination of ports commands and replies Layer-2 VLAN bridging Hostile mobile code blocking (Java®, ActiveX™) NAT (Network Address Translation) URL blocking – with 8e6 Technologies’ X-Stop™ Xserver PAT (Port Address Translation) Virus scanning – with Trend Micro’s InterScan™ VirusWall Policy-based NAT and PAT (per rule) Anti-Virus Security Suite Supports virtual IP addresses for both address translation and VPN tunnel endpoints 11.QoS/Bandwidth Management DHCP-assignable interface/VLAN addresses Classified by Physical Port, Virtual Firewall, Firewall Rule, Session DHCP Relay capabilities Bandwidth Guarantees – Into and out of Virtual Firewall, Dynamic registration of mobile VPN Firewall Brick® address allocated in bits/second for centralized remote management Bandwidth Limits - Into and out of Virtual Firewall, allocated in PPPoE bits/second, packets/session, sessions/second 7.Services Supported Bootp, http, irc, netstat, pop3, snmp, tftp, pptp, dns, https, kerberos, nntp, rip, ssh, who, RADIUS, eigrp, ident, ldap, ntp, rip2, syslog, shell, X11, exec, gmp, login, ospf, rlogin, telnet, talk, H.323, ftp, imap, mbone, ping, rsh, traceroute, lotus notes, VoIP, Gopher, IPSec, netbios, pointcast, smtp, sql*net Any IP protocol (user definable) Any IP protocol + layer 4 ports (user definable) Support for non-IP protocols as defined by DSAP/Ethertype 2 ToS/DiffServ marking and matching 12.Firewall User Authentication Browser-based authentication allows authentication of any user protocol Built-in internal database – user limit 10,000 Local passwords, RADIUS, SecurID User assignable RADIUS attributes 13.VPN Maximum number of dedicated VPN tunnels – 55 Manual Key, IKE, PKI (X.509) 3DES (168-bit), DES (56-bit) SHA-1 and MD5 authentication/integrity Replay attack protection Remote access VPN Site-to-site VPN IPSec NAT Traversal (UDP encapsulated IPSec) LZS compression Spliced and nested tunneling 14.VPN Authentication Local passwords, RADIUS, SecurID, X.509 digital certificates with Entrust CA PKI Certificate requests (PKCS 12) Automatic LDAP certificate retrieval 15.High Availability VPN Firewall Brick® platform to VPN Firewall Brick® platform active/passive failover with full synchronization 400 millisecond device failure detection and activation Session protection for firewall and VPN Link failure detection Alarm notification on failover Encryption and authentication of session synchronization traffic Self-healing synchronization links Lucent Proxy Agent load sharing supports high availability for content security services 18.Certifications ICSA V3.0A Firewall Certified, ICSA V1.0B IPSec Certified National Security Agency EAL2 Government Protection Profile Certified, EAL4 in progress 19.Mean Time Between Failure 127,000 Hrs. 20.Dimensions (W x L x H) 6.2” x 8.6” x 1.3” 16 cm x 22 cm x 3 cm 21.Cooling Passive heatsink 22.Operating Altitude Up to 13,123 ft (4,000 m) 23. Environmental Operating Temperature: 0 to 40º C Shock: 2.5g at 15 – 20 ms on any axis Relative Humidity: 5–95% Vibration: 5g at 2 – 200Hz on any axis Non-Operating Temperature: 0 to 70º C Shock: 35g at 15 – 20 ms on any axis Relative Humidity: 5–95% Vibration: 5g at 2 – 200Hz on any axis 24.Power External AC to DC Power Supply: rated 25W Max Switching mode, 100–240V AC, 50–60Hz Consumption: 0.19A typical at 115VAC 16.Diagnostic Tools Out of band debugging and analysis via serial 25.Safety Listings port/modem/terminal server USA – UL® 1950 Centralized, secure remote console to any VPN Firewall Brick® unit supporting Ping, Traceroute, packet trace with filters Canada – CSA 22.2 No. 950 Remote VPN Firewall Brick® platform bootstrapping EU – EN/IEC 60950 Real-time log viewer analysis tool Japan – CB Scheme IEC 60950 17.3-Tier Management Architecture 26.EMC Certifications Centralized, carrier-class, active/active management USA – FCC Part 15, Class B architecture with Lucent Security Management Server Canada – IC-ES003 (LSMS) software EU – EMC Directive ® Secure VPN Firewall Brick platform to LSMS Japan – VCCI communications with Diffie-Helman and 3DES encryption, SHA-1 authentication and integrity and digital certificates for VPN Firewall Brick® platform/LSMS authentication Up to 100 simultaneous administrators securely managing all aspects of up to 1000 VPN Firewall Brick® units Secure, reliable, redundant real-time alarms, logs, reports VPN Firewall Brick® 20 platform – Back Panel 3 Lucent Proxy Agent 1.Software Requirements Solaris™ 8 2.Hardware Requirements Sun® workstation 333 MHz Pentium® Pro processor (minimum) 512 MB system memory (minimum), higher recommended CD-ROM drive 1 Ethernet 10/100 card Ordering Information 1.VPN Firewall Brick® 20 platform Part Number 300323748 2.External 3.25” Floppy Drive Part Number 300318953 3.Lucent Security Management Server See LSMS data sheet for ordering details 4.Lucent Proxy Agent Included in LSMS software 5.Lucent IPSec Client See Lucent IPSec Client data sheet for ordering details To learn more, contact your dedicated Lucent Technologies representative, authorized reseller, or sales agent. You can also visit our Web site at www.lucent.com/security. This document is provided for planning purposes only and does not create, modify, or supplement any warranties which may be made by Lucent Technologies relating to the products and/or services described herein. The publication of information contained in this document does not imply freedom from patent or other protective rights of Lucent Technologies or other third parties. VPN Firewall Brick is a registered trademark of Lucent Technologies Inc. ActiveX is a trademark of Microsoft corporation. InterScan is a registered trademark of Trend Micro, Inc. Java is a trademark of Sun Microsystems, Inc. Pentium is a registered trademark of Intel Corporation. Solaris is a trademark of Sun Microsystems, Inc. Sun is a registered trademark of Sun Microsystems, Inc. UL is a registered trademark of Underwriter's Laboratories. X-Stop is a trademark of Log-On Data Corp. Copyright © 2004 Lucent Technologies Inc. All rights reserved VPN v4.04/04
Source Exif Data:
File Type : PDF File Type Extension : pdf MIME Type : application/pdf PDF Version : 1.3 Linearized : No Page Count : 4 XMP Toolkit : XMP toolkit 2.9.1-13, framework 1.6 About : uuid:03ea224b-b5c4-4901-b511-fe224e7b7cc1 Producer : Acrobat Distiller 6.0.1 (Windows) Creator Tool : QuarkXPress(tm) 5.01 Modify Date : 2004:04:20 14:03:47-04:00 Create Date : 2004:04:20 14:03:47-04:00 Document ID : uuid:bd56e73a-ef89-4bdb-8a84-ca9f835541c1 Format : application/pdf Title : VPN Firewall Brick 20 Creator : Lucent Technologies Inc. Author : Lucent Technologies Inc.EXIF Metadata provided by EXIF.tools