490 likes | 667 Views
Preliminary. NS1000 V3.0 - Maintenance Features Enhancement -. Rev0.7 22 July., 2013. Table of Contents. 1. Overview 2. Features 3. How to program Appendix. Chapter 1 Overview. 1. Overview. Solution. Easy to install and maintenance. * Features New for V3.
E N D
Preliminary NS1000 V3.0- Maintenance Features Enhancement - Rev0.7 22 July., 2013
Table of Contents 1. Overview 2. Features 3. How to program Appendix
Chapter 1 Overview
1. Overview Solution Easy to install and maintenance * Features New for V3 Features and Benefits >> Built in Router for easy network connection set up * Built in Router can be used as IP Trunk access router and VPN for easy network connection. User Profile setting enhancement * -Addfirst and last name in User Profile as same as UM - Can set contact and E-Mail information in User Profile menu PBX and UM part programming unification * PBX and UM parameter unified as follow - Synchronize extension and mailbox number automatically - Unify PBX and UM setting for same criteria such as Holiday Table, Operator Settingsand Class of Service Improve Easy Setup Wizard* User can set up IP related function by wizard by entering basic information
Chapter 2 Features
2. Features 2-1 Built in Router - Function Overview - Main purposes of Built in Router are 1. Provide Access router functionality - No need to install extra Router - No complicated setting is needed 2. VPN functionality - Easy configuration for remote worker - Easy SIP Softphone integration with Smartphone environment Note: Maximum 32 sessions of VPN connection can be established at same time. NS1000 (+built in Router) ITSP SIP Trunk Router IPsec VPN VPN VPN VPN Cellular NW Internet H.323 QSIG Router VPN NS1000 (+built in Router) Router SIP Soft phone Integration NS1000 (+built in Router) AK is required to use Built in Router. Also other additional AK is required to VPN connection separately. No additional hardware is required.
2. Features 2-1 Built in Router - Function Overview - • The built-in router feature has following characteristic. • IPv4 Access router • Ethernetto WAN interfacewithagigabit, itisanaccessrouterthathastheabilityto • connecttobroadband, suchasPPPoE. TherouterwithseparationVoice / DATAisan • object, buthasasimplefunctionfordatacommunicationterminalsaccommodated. • Featured VPN • TherouterhasthefeatureofIPsecVPN. Targetconnectionsupportsconnections • betweenroutersinternalconnectiononeachsites, andthesmartphone. • Theconnectiontoothervenderrouterisoutoffocus. • Function of Firewall • TherouterhasthefeatureofFirewall. Ithasafilteringfeatureofanaccesslistfiltering • ofIPpacketlevel. Alsofeaturesofabnormalpacketfiltering, suchasSPI (Stateful • packetInspection) issupported. • Easy setup • Takingadvantageofthebuilt-infeatures, suchasopen / closeTCP / UDPportsonthe • WANsidehasafunctionofsettinginconjunctionwiththeNS1000.
2. Features 2-1 Built in Router – Feature Specification - Following table shows Built in Router specification
2. Features 2-2 User profile setting enhancement - Function overview - Duplicated Data of User Profile and UM are unified as same settingas follow. <User Info> <PBX Configuration> Copy to Extension Name field as “First Name” + “Space” + “Last Name” Note) Due to the maximum number of digits is 20, If the number of digits in User Profile is over 21 digits, the data is copied with deleting overflowed digits from last digit. <UM Configuration> The First Name is copied to First Name field and the Last Name is copied to Last Name field as same as current version.
2. Features 2-2 User profile setting enhancement - Function overview - Duplicated Data of User Profile and UM are unified as same settingas follow. <User info - Contact> <UM> Extension PIN is copied to Mailbox Password automatically. Note) Should be assigned the mailbox number in Unified Message tab before check the check box of “Automatic copy to Mailbox Password”.
2. Features 2-2 User profile setting enhancement - Function overview - Duplicated Data of User Profile and UM are unified as same settingas follow. <User info - Contact> <UM> Copy as below Email1 -> Device No.1 Email2 -> Device No.2 Email3 -> Device No.3 Note) 1. Should be assigned the mailbox number in Unified Message tab before check the check box of “Automatic copy to Mailbox Password”. 2. Activation Key (KX-NSU2xx) “Unified Messaging E-mail Notification” is required for this feature.
2. Features 2-3 PBX and UM part programming unification - Function Overview - There was similar program items between PBX and UM configuration. From V3.0, these settings are unified.
2. Features 2-3 PBX and UM part programming unification - Function Details - 1. Integration of settings between PBX and UM configuration Following settings are combined into one screen in PBX setting. - Holiday Table - Operator Settings <UMSetting> <PBXSetting> The setting is copied to PBX side/UM side automatically except time setting.
2. Features 2-3 PBX and UM part programming unification - Function Details - • 2. Synchronization of database between extension number of PBX side and • extension/mailbox number of UM side • When extension number of PBX side are changed, extension number and mailbox • number (which is same as extension number) of UM side are changed automatically. • After create the mailbox in UM configuration, the pair can be assigned to user profile. User Profile Extension No. 101→1001 101 Mailbox No. 101→1001 101 PBX Configuration Extension No. 101→1001 UM Configuration 101 Extension No. 101→1001 101 Mailbox No. 101→1001
2. Features 2-3 PBX and UM part programming unification - Function Details - 3. Automatic Fax Configurations When Fax interface card is installed, the system is configured automatically to detect incoming fax calls and receive faxes into General Delivery Mailbox (Message Manager Mailbox). UM Configuration - 5.System Parameters - 4.Parameters - Fax Management Automatic Transfer of Incoming Fax Call -> Receive Fax Mailbox Number -> 998 Mailbox for Fax Receiving -> 998 DISA Message - Fax Extension -> 500
2. Features 2-3 PBX and UM part programming unification - Function Details - 4. Two types of Automatic Mailbox Configuration Followings are improved from Ver3.0 - User Profiles – Multiple Users The restriction number of creating multiple users at once (current maximum number is 500) will be removed, and users and mailboxes for all existing extensions can be created at one time. - UM Configuration – Auto Configuration Mailboxes for ICDG extensions can be created by using this auto configuration.
2. Features 2-4 Improve Easy Set up Wizard - Function Overview - Easy setup wizard is enhanced for installing IP-Trunk, SIP-Trunk and IP-Extension. It will help installer to set up IP related setting. When set up this data, Virtual card will be installed automatically. This feature is allowed only for Mater Unit.
Chapter 3 How to program
3. How to program 3-1 Setting of WAN • Connection Setting This area is changed depend on selecting the Connection Mode
3. How to program 3-1 Setting of WAN • Network Monitor The result is remained to Syslog file.
3. How to program 3-1 Setting of WAN • Protocol Bridge
3. How to program 3-1 Setting of WAN • Dynamic DNS
3. How to program 3-2 Setting of LAN • IPv4
3. How to program 3-2 Setting of LAN • DNS Server
3. How to program 3-3 Setting of Routing • Routing
3. How to program 3-4 Setting of DMZ • DMZ
3. How to program 3-4 Setting of MAC Address • MAC Address
3. How to program 3-5 Setting of Firewall • One Touch Security
3. How to program 3-5 Setting of Firewall • Packet Filtering
3. How to program 3-6 Setting of VPN • VPSS
3. How to program 3-6 Setting of VPN • IPSec
3. How to program 3-6 Setting of VPN • Pass Through
3. How to program 3-7 Setting of QoS • QoS Setting
Appendix - Built in Router - • WAN interface • Built-in router has 1-port Ethernet for a WAN port, and maintains a single IP address • 1) Link control • Built-in router manages link status of LAN port and WAN port. • 2) QoS control • <Priority control> • The ability to provide preferential treatment to a particular frame in WAN interface. • (Not available for LAN interface) NS1000 supports only PQ (Priority Queuing). • <Bandwidth control> • Ability to bandwidth allocation / limitation for each priority on WAN interface. • That each distributed priority based on an access list, such as ToS field, of priority control, • bandwidth control can be performed. • 3) MAC address clone • The router has the feature changing MAC address of WAN interface.
Appendix - Built in Router - • WAN interface Layer3 • As a communication method in WAN port has the following functions 1) IPoE (IP over Ethernet) As Layer 2 protocol that can be sent and received at the WAN interface, the router supports an Ethernet, to communicate to encapsulate the IP packet in Ethernet frame. As a method of controlling the address of IpoE at WAN interface, the router has static IP configuration and DHCP client function. <Static IP configuration> Ability to set static IP address at WAN interface. The router has the feature changing MAC address of WAN interface. <DHCP Client> The router gets an IP address dynamically from DHCP server by the DHCP client function to set at WAN interface. 2) PPPoE client The router builds a relationship of PPP (Point-to-Point Protocol) on internet and gets an IP address dynamically from PPPoE server by PPPoE client function.
Appendix - Built in Router - • WAN interface Layer3 3) Pass through (Bridge) The router can work as a bridge to protocols with following ether type. - IPv6(0x86dd) - PPPoE(0x8863,0x8864) Ability to select Enable /Disable for Pass through to each type. <IPv6 Pass through> Ability to bridge IPv6 frame to WAN through LAN or LAN through WAN <PPPoE Pass through> Ability to bridge PPPoE frame to WAN through LAN or LAN through WAN. 4) Dynamic DNS Ability to notify the IP address gotten dynamically to DNS server and update the DNS record for each connection. At last the router can be connected by a unique host name even if a new IP address is assigned to every connection / disconnection to the network.
Appendix - Built in Router - • LAN interface • NS1000 maintains an address at LAN interface and has following feature for it. • - Static IP configuration • And it has following features as network functions. • - DHCP server feature • - DHCP Relay agent feature • - DNS server (DNS Relay) feature • 1) Static IP configuration • A single IP address can be assigned as static IP address for LAN interface • 2) DHCP Relay agent • With the ability to receive on behalf of request from DHCP client that is broadcast on the network, • and then forwarded to the DHCP server on another network. • 3) DNS server (DNS Relay) • The router relays the correspondence of the domain name and IP address to Content server or • DNS server.
Appendix - Built in Router - • Basic Network Feature • 1) TCP/IP • The router supports the following RFC for IPv4 It also supports TCP / UDP as the upper layer protocol.TCP / UDP support the following RFC 2) ARP The router supports ARP, and resolves address from Layer3 to Layer2. ARP supports the following RFC * RARP is not supported.
Appendix - Built in Router - • Basic Network Feature • 3) Gratuitous ARP • The router supports the Gratuitous ARP, it is sent when starting NS1000 or changing IP address. • 4) ICMP • The router supports ICMP. • The following RFC are supported. 5) IGMP The router supports protocol for controlling a group of hosts that are configured to receive the delivery with IP multicast.It supports IGMPv2 and IGMPv3. IGMP supports the following RFC. 6) MSS Clamp The router has the ability to automatically optimize the value (Maximum Segment Size) MSS of the TCP packet.
Appendix - Built in Router - • Routing • The router supports IPv4 routing between WAN I/F-LAN I/F. • The basic specifications for operating as a router are subject to the RFC below. 1) Static routing The router supports Static routing.Route information can be manually set for Static routing, and the routing table entry supports 64. 2) Dynamic routing Dynamic routing is not supported.
Appendix - Built in Router - • Firewall • The router has the ability to monitor the data flowing between WAN and LAN and detect / shut off • unauthorized access. In addition, it is possible to detect as well as DoS attacks and unauthorized • access to this system, make the appropriate defense, to operate more safely. • The router supports the following two Firewall features roughly. 1) IPv4 Packet filtering The router has a function of filtering IP data packet addressed to the own device and the user IP data. In the packet to perform IP routing, this filtering of target, must also be encapsulated data flows inside the tunnel, such as I Psec. The target in this function is the packet to perform IP routing, and the data encapsulated inside the tunnel flows, such as IPsec, is also included.
Appendix - Built in Router - • Firewall • 2) One touch security • The router has the following features, and user can set Enable/Disable for them. • In addition, Log for following features can be collected, and user can set Enable/Disable for them.
Appendix - Built in Router - • NAT/NAPT • The router supports Dynamic NAPT (IP masquerade) and Static NAPT (Port mapping /Static IP • masquerade). And Static NAT and Dynamic NAT are not supported. • In NAPT, TCP / UDP port number can be changed in addition to the IP address. • 1) Dynamic NAPT (IP masquerade/PAT) • IP address of local network (LAN) is changed to IP address of Internet (WAN) with mapping • as n:1 dynamically. • 2) Static NAPT (Static IP masquerade) • The router supports Static NAPT (Static IP masquerade). • Received data from specified port can be transferred to specified IP address and port. • 3) Simplified DMZ (DeMilitarized Zone) • Since the router does not have interface for DMZ, it supports simplified DMZ which can specify • the Client as a simple DMZ to allow access from the outside at all protocol. • 4) Pass through • Static NAPT Settings prepared as pass through feature. With decide the combination of terminal • and the local network port number, and No conversion of ports at both transmits and receive to • the corresponding packet, the router realizes to ease of configuration by GUI. • The pass through feature is applied to the protocol shown in the table below
Appendix - Built in Router - • VPN • NS1000 can be combined as a single system NS1000 placed in different locations • by VPN. IPsec is used as Method of VPN to connect between NS1000s. • Ability to build a VPN for up to a maximum of 16 sites • Have a feature of ease to setup for connecting between NS1000s • Provide cooperation with Smartphone application, which is planed by PSN, to connect to • Smartphone.
Appendix - Built in Router - • VPN • 1) IPsec • IPsec is a protocol to ensure the security of data flowing over IP network. • The router supports IPsec version2. • 2) Mode • The router supports 2modes of "Tunnel mode" and "Transport mode". • - Transport mode • This mode is used for IPsec between target devices or between target device and NS1000. • - Tunnel mode • This mode is used for IPsec in the case of connection between NS1000s • 3) Security Protocol • The router supports AH and ESP as communication protocol. • 4) Ease of setup • The router provides initial configuration and GUI for ease of setup • Installer can setup with minimized program item, such as facing IP address and • shared security key. • 5) Easy setup application for Smartphone • Application to set VPN for Smartphone is provided. Supported OS are Android 4.0 and iOS 6.0. (TBD) • 6) UPnP • UPnP (Universal Plug and Play) is not supported. • 7) IPv6 • The router does not support IPv6 router function. But it supports Bridge (Pass through) for IPv6 • packets, so that it is possible to communicate between IPv6 devices.
Modification 20130718-014 NS1000 V3.0 Maintenance Feature Enhancement_Rev0.5_18July2013.pptx - Pre-release