630 likes | 651 Views
Introducing the DrayTek Vigor 3300V series featuring load balancing, QoS, high availability, firewall and URL filtering to enhance SME solutions and broadband access. Benefit from advanced VPN capabilities and secure VoIP applications for efficient network management.
E N D
Vigor 3300VigorAccess Product Introduction August, 2005
Outline • SME Solution-Vigor 3300V Series • Broadband Access Solution-Vigor Access
SME Solution 3300V Series 3
Product Feature • Load Balance • QoS • High Availability • Firewall / URL Filtering • Physical DMZ/VLAN • VPN • VoIP 4
Load Balancing • Reduce Enterprise High Speed Trunk Fee. • Redundancy. • Intelligently Distribute Network Traffic to the Internet. 5
Quality of Service • Allows the Network Administrator to Monitor, Analyze, and Allocate Bandwidth for Various Types of Network Traffic in Real Time and/or for Business-Critical Traffic. • 8 Priority Queue. • Low Latency Queuing (LLQ). • 802.1p, DiffServ-Codepoint Marking. • Management by IP Address, Application, Service-Oriented. 6
High Availability • 7x24x365 Service. • Uninterrupted Network Access in the Event of Hardware Failure. • Apply on Master Maintenance. 7
De-Militarized Zone • Allows Users to Access Multiple Public Servers (e.g. Web, FTP, Mail servers) via Internet while Maintaining Security of Private LAN 8
Firewall • Protect the Trusted Network from Various Types Attacks that Explore Protocol Security Holes. • Benefit of Vigor Firewall • IP-based Packet Filtering. • URL Filtering. • Denial of Service (Dos) Prevention. • NAT : Port Redirection, Open port, DMZ. 9
URL Filtering • Inappropriate content blocking. • Improve Staff Working Efficiency. • Benefit of Vigor Content Filtering • Malicious Code Prevention.(Java,ActiveX,Cookie,exe,zip, ...etc.) • Filtering based on Access List, Keywords, or Time of Day. • Bundle with Surf Control Scan Mechanism 10
Virtual LANSecurity • Router-based Port Security can be used to Restrict Access to each VLAN as Required. • Benefit of Vigor VLAN • Isolate Users into the Different VLANs. 12
DrayTek VPN Solution • ICSA IPSec Certification (Vigor3300 series). • Supports 200 IPSec Tunnels. • Hardware-based accelerator of DES/3DES, AES/HMAC-SHA-1/HMAC-MD5 Encryption. • IPSec, PPTP, L2TP, L2TP over IPSec. • 30Mbps throughput in AES/3DES. • Preshared key and Certificate Authority(X.509 v3) Authentication. • DHCP over IPsec • RADIUS client support. 14
DrayTek VPN Solution • LAN-to-LAN VPN connection (Gateway-to-Gateway) Made by two Routers to Connect two Portions of Private Networks. The Vigor router support IPSec tunnel protocols. • Remote Dial-inVPN connection (Host-to-Gateway) Made by a remote access client, or a single user computer, that connects to a private network. In this type of connection, the Vigor router support IPSec tunnel for DHCP over IPsec protocols. To Optical Connection 15
Smart VPN Client • For Windows2000/XP. • Simplifies the Procedures to Create IPSec Tunnel with the Vigor Router by Easy-to-Use GUI. 16
VPN Scenario 17
VoIP Application • VoIP - FXO on-net/off-net calling 18
VoIP Application David Linda • VoIP - Integrate FXO to PBX • Case1. From VoIP to Extension • 1) David dials the VoIP number of Vigor3300V. • 2) After connection success, presses Linda’s extension 611. 19
VoIP Application David Linda • VoIP - Integrate FXO to PBX • Case2. From VoIP to PSTN (Off-Net Calling) • 1) David dials the VoIP number of Vigor3300V. • 2) After connection success, presses prefix number (e.g. “0”) to choose exterior line – PSTN. • 3) Then dials Linda’s PSTN number. 20
VoIP Application David Linda • VoIP - Integrate FXO to PBX • Case3. From Extension to VoIP • 1) Linda presses extension 610 to connect to Vigor3300V. • 2) After connection success, dials David’s VoIP number. 21
VoIP Application David Linda • VoIP - Integrate FXOto PBX • Case4. From PSTN to VoIP (On-Net Calling) • 1) Linda dials to PBX. • 2) After connection success, presses extension 610 to connect to Vigor3300V. • 3) Then dials David’s VoIP number. 22
VoIP Application David Linda • VoIP - Integrate FXS to PBX • Case1. From VoIP to Extension • 1) David dials the VoIP number of Vigor3300V. • 2) After connection success, presses Linda’s extension 610. 23
VoIP Application David Linda • VoIP - Integrate FXS to PBX • Case1. From VoIP to Extension 24
VoIP Application David Linda • VoIP - Integrate FXS to PBX • Case2. From Extension to VoIP • 1) Linda presses prefix number (e.g. “7”) to choose exterior line – FXS of Vigor3300V. • 2) Then dials David’s VoIP number. 25
VoIP Application David Linda • VoIP - Integrate FXS to PBX • Case2. From Extension to VoIP Note: The FXS model can’t provide on-net/off-net calling applications. 26
VoIP Application Secure VoIP • VoIP over VPN • sRTP (Secure Real-Time Transport Protocol) • Encrypts the Payload of VoIP Packets • Compatible with RTP
VoIP Application • VoIP - Integrated Scenario 28
Broadband Access Solution VigorAccess
System Benefit • Product Architecture • Broadband Application Scenario • IPDLSAM Advance Feature • Vigor CMS Feature Description
System Benefit New Technology DSL -ADSL2/+ Inventory Saving Scalable Reliability Multimedia Friendly EMS QoS
Product Architecture • Target on Medium-Size CO • up to 168 ADSL2/+ • Service and Signaling • Supports Voice & Data • Modular Flexibility • 24/48 Ports DSL/Splitter • WAN for FE or GE Interface • Network Resource Saving • EMS Management and Email Altering • Inventory Savings – Common Equipment on CO & Outside Plant Deployments • Firewall/Security/QoS Optional Support • Ready on April To MDF To Optical Fiber
Features • Target on Outdoor and Small-Size CO • 19” Rack Mountable Chassis, 1U Height • 24 G.dmt/G.lite/ ADSL/ADSL2/+, and Splitter build in • WAN Ethernet 10/100 Base-T Interface • MPoA, IPoA • IP ToS • Remote TFTP/FTP Firmware/Configuration • RS-232 & Telnet Command Line Interface • SNMP In-Band Management Support • Web-based GUI • EMS • IP Multicast: IGMP Snooping • Security/Firewall • Access Control List, Packet Filtering • Password Protected System • 512 VLAN (802.1Q)
Master Feature 2 Selectable WAN Interface - 802.3, 802.3ab EthernetStandard - 1000 Base-SX Module (SC connector) - 1000 Base-FX Module(SC connector) - 1000 Base-T Module(RJ45 connector) - 100 Base-T RJ45 Connector MGN Interface - 1 port RJ45 10/100 Base-T L2 Switch Function - IEEE 802.1d Spanning-Tree Protocol - IEEE 802.3x Flow Control - IEEE 802.1q VLAN - IEEE 802.1p Class of Service (CoS) Prioritization - 4-level Prioritization - 802.1ad Port Trucking/Link Aggregation Network Operation and Management - User Friendly Web-Based Interface - Telnet Server for Remote Management - TFTP Software Upgrade Utility - Console CLI for Local Management - SNMPv1,v2 - MIBII, Bridge MIB, Ethernet Like MIB, Private MIB, RMON 1,2,3,9 Groups Q.o.S - Packet filter and Classification.
Slave Feature Network Interface - Two 10/100M Fast Ethernet Interfaces or one Cascade Link is Gigabit Copper Interface Capacity – It Supports 24 ADSL 2/+ Ports. Security – It Supports Packet Filter, and Password Protection. Splitter Build in – It Supports 24 port xDSL/Splitter. Inventory Savings - Common Equipment across Central Office and Outside Plant Deployments Management – It is managed by IP-DSLAM Master Unit. Q.o.S - Packet Filter and Classification.
System Benefit • Product Architecture • Broadband Application Scenario • IPDLSAM Advance Feature • Vigor CMS Feature Description
IPDSLAM PPPoE PPPoE PPPoE MAC MAC MAC MAC 1483B 1483B ATM ATM PHY PHY ADSL2/+ ADSL2/+ PHY PHY
PPPoA to PPPoE IP IP IP IP MAC MAC PPP PPP PPPoE PPPoE ATM MAC ATM MAC PHY PHY ADSL2/+ ADSL2/+ PHY PHY
Static IP Application IP IP Intranet MAC MAC MAC (VLAN) MAC (VLAN) 1483B 1483B ATM ATM PHY PHY ADSL2/+ ADSL2/+ PHY PHY
System Benefit • Product Architecture • Broadband Application Scenario • IPDLSAM Advance Feature • Vigor CMS Feature Description
MAC limit -Port Security 16 MAC Address Limited on One Port >16 MAC Address <= 16 MAC Address
Generic Filter Mechanism ‧ Ethernet ‧TCP ‧UDP ‧ICMP ‧ IGMP ‧PPP or ‧ Packet Offset
Ethernet Type Filter o Source MAC address o Destination MAC addresses o EtherType o VLAN ID o Priority Tag o Destination Service Access Point (DSAP) of 802.2 LLC frame o Source Service Access Point (SSAP) of 802.2 LLC frame.
IP/TCP/UDP/ICMP/ PPP/Packet Offset Filter ‧ IP Layer o Destination IP Address o Source IP Address o IP Protocol type. ‧TCP Layer o Destination Port o Source Port. ‧UDP Layer o Destination Port o Source Port. ‧ICMP Layer o ICMP type o ICMP code. ‧ IGMP Layer o IGMP Type o IGMP Code o Group Address. ‧PPP Layer o PPP Protocol type ‧Packet Offset.
IP QoS Mechanism ‧ Downstream Bandwidth Limit per PVC ‧Upstream Bandwidth Limit per PVC ‧ 802.1p mapping to Class to Service ‧ Scheduling , Shaper and policing