ADTRAN NetVanta 2050 User Manual

Product Features

■ Standards-based IPSec

VPN tunneling with
DES/3DES/AES encryption

■ Internet Key Exchange (IKE)

for user authentication

■ Stateful inspection firewall

for network security

■ Five private tunnels and

up to 15 users

■ Built-in IP router supporting

BGP, OSPF, and RIP

■ Quality of Service (QoS)

for delay sensitive traffic
like VoIP

■ Network Address

Translation for IP
address concealing

■ Web-based and CLI

remote management

■ 10/100Base-T Ethernet

interfaces for flexible
connectivity

■ Logging and alerts

■ Industry-leading five-year

North American warranty

The ADTRAN NetVanta®2050 and 2054
are Small Office/Home Office VPN/Firewall
gateways providing all the necessary
components required to secure an
integrated VPN solution. Used primarily for

remote access, the NetVanta 2050 and 2054
are perfect for work-at-home telecommuters
needing to have a secure connection back to
corporate resources. Based on the ADTRAN
Operating System (AOS), the NetVanta 2050
and 2054 provide key security and data
protection features such as IPSec VPN
tunneling, stateful inspection firewall, IP
routing, Network Address Translation (NAT),
and even a DHCP server. The 2050 and 2054
support the same features and perform the
same functions, but the 2054 adds a built-in
four-port 10/100Base-T Ethernet switch.

Security

On a public infrastructure like the Internet,
security is of the utmost importance. The
NetVanta 2050 and 2054 employs a stateful
inspection firewall that protects an organiza­tion’s network from common Denial of
Service (DoS) attacks including TCP
synflooding, IP spoofing, ICMP redirect, ping­of-death, and IP reassembly problems.

For the telecommuter that needs a
dedicated firewall without corporate VPN
access, the NetVanta 2050 and 2054 offer
a firewall only version. The firewall only
versions offer the same basic features,
without IPSec VPN tunneling, encryption
and authorization.

VPN Tunneling

The NetVanta 2050 and the 2054 are IPSec­compliant devices that provide secure
communications over potentially unsecure
networks. As security gateways, both the
NetVanta 2050 and 2054 supports up to five
simultaneous VPN tunnels and up to 15 users
on the LAN, while supporting encryption
algorithms including DES, 3DES, and AES.
In addition, these devices support IKE
(Internet Key Exchange) and X.509 digital
certificates for user authentication.

Management

NetVanta’s web-based GUI or CLI can be used
for secure local or remote configuration of
any NetVanta 2050 and 2054. For a central­ized, enterprise-wide management scheme,
ADTRAN offers n-Command

™

, an intuitive,
scalable software suite for managing larger
NetVanta deployments and features robust
productivity tools to effectively manage a
distributed network. To administer user
accounts, the NetVanta 2050 and 2054 utilizes
XAUTH using RADIUS and RSA SecurID to
manage administration account lists. These
devices also offer built-in alert and logging
mechanisms to warn administrators about
activities that are going on in the network.

Quality of Service (QoS)

QoS is also supported for delay sensitive
traffic like VoIP or video. To prioritize
mission critical traffic and control network
congestion, the NetVanta 2050/2054 uses
Low Latency Queuing, Weighted Fair
Queuing (WFQ), Class-based WFQ, and
DiffServ marking to establish priority of
IP packets routed over the network.

VoIP Ready

In combination with the QoS features, a
specialized SIP Application Layer Gateway
(ALG) allows SIP traffic to traverse NAT­enabled firewalls. For an enterprise network,
this interoperability allows IP PBXs, phones,
and other SIP-based devices to set up, tear
down, and pass voice and call control
messages seamlessly through the integral
NAT-enabled firewall.

Interoperability

The NetVanta 2050 and 2054 offers the
highest level of integration with ADTRAN’s
complete line of IPSec VPN equipped
NetVanta products: NetVanta Ethernet
Switches, NetVanta Access Routers, and
NetVanta VPN/Firewall appliances. Together
the NetVanta Series offers the most robust
set of feature to address a wide range of
enterprise VPN needs.

NetVanta 2050/2054

Small Office and Home Office VPN Gateway and Firewall

Specifications subject to change without notice. ADTRAN and NetVanta are
registered trademarks of ADTRAN, Inc. n-Command is a trademark of
ADTRAN, Inc. All other registered trademarks and trademarks mentioned in
this publication are the property of their respective owners.

Product Specifications

Physical Interface

■

Public: Auto-Sensing 10/100Base-T

■

Private: 2050: One auto-sensing 10/100Base-T

2054: Four auto-sensing 10/100Base-T

■

Serial Port: RS-232 for off-net configuration

Diagnostics

Front Panel Status LEDs

■

Power: status

■

VPN: status, transmit, receive

■

Private: transmit, receive

■

Public: transmit, receive

Security

Firewall

■

Stateful Inspection Firewall

■

Denial of Service (DoS) Protection

■

Access Control Lists

■

Application Level Gateways (ALGs)

Virtual Private Network (VPN)

■

IPSec Mode: Tunnel

■

Encryption: DES, 3DES, and AES

■

Diffie Hellman Group Support:

❍

Group 1: MODP 768

❍

Group 2: MODP 1024

■

Hash Algorithms:

❍

MD5-HMAC

❍

SHA1-HMAC

■

Authentication Mechanisms:

❍

XAUTH

❍

X.509 Digital certificates

❍

Preshared keys

❍

Secure ID

❍

DSS Signatures

■

Key Management: IKE (ISAKMP/Oakley)

■

IKE Modes:

❍

Main

❍

Aggressive

❍

Perfect Forward Secrecy

❍

Mode Config

■

Dead Peer Detection

■

NAT Traversal V2

Network Address Translation

■

Basic NAT (1:1), NAPT (Many:1), 1:1 Port Translation

■

NAT compatible SIP ALG

Secure Management

■

Multi-level access control

■

RADIUS AAA

■

SSH CLI and SSL GUI

NetVanta®2050/2054

Small Office and Home Office VPN Gateway and Firewall

ADTRAN, Inc.

Attn: Enterprise Networks

901 Explorer Boulevard

Huntsville, AL 35806

P.O. Box 140000

Huntsville, AL 35814-4000

256 963-8000 voice

256 963-8699 fax

General Information

800 9ADTRAN
info@adtran.com
www.adtran.com

Pre-Sales

Technical Support

800 615-1176 toll-free

application.engineer@adtran.com

www.adtran.com/support

Where to Buy

877 280-8416 toll-free

channel.sales@adtran.com

www.adtran.com/where2buy

Post-Sales

Technical Support

888 423-8726

support@adtran.com

www.adtran.com/support

ACES Installation &

Maintenance Service

888 874-ACES

aces@adtran.com

www.adtran.com/support

International Inquiries

256 963 8000 voice

256 963-6300 fax

international@adtran.com

www.adtran.com/international

For the regional office

nearest you, visit:

www.adtran.com/where2buy

Protocols

■

IP

■

RIP (v1 and v2)

■

eBGP/iBGP

■

GRE

■

OSPF

■

PPPoE

Quality of Service (QoS)

■

Class-based Weighted Fair Queuing

■

Low Latency Queuing

■

Weighted Fair Queuing

■

DiffServ marking and packet recognition

■

DiffServ preservation through VPN tunnel

Administration

■

Familiar Command Line Interface (CLI)

■

Web-based GUI

■

SYSLOG Logging

■

n-Command™support

■

Email Alerts (SMTP)

■

SNMP v2

■

Policy Statistics

DHCP

■

Server, Client, Relay

■

MAC Address Masquerading

Environment

■

Operating Temperature: 0° to 50°C (32° to 122°F)

■

Storage Temperature: -20° to 70°C (-4° to 158°F)

■

Relative Humidity: Up to 95%, non-condensing

Physical

■

Size: 1.625" H, 7.5" W, 5.437" D

■

Weight: 2 lbs. (shipping weight)

■

Power: 12 VDC Power, 4 W

Agency Approvals

■

FCC Part 15 (Class B)

■

UL and Canadian UL (CUL), IEC/EN, CSA, CE Mark

Product Includes

■

12 VDC locking power supply

■

6 ft. crossover Ethernet cable

■

User manual ■Quick start guide

Ordering Information

Equipment Part #

NetVanta 2050 Firewall Only 1202362L1

NetVanta 2054 Firewall Only 1202363L1

NetVanta 2050 1202362L2

NetVanta 2054 1202363L2

NetVanta 2000 Series VPN Upgrade 1950362L2

61202362L2-8G 10.1 August 2005

Copyright ©2005 ADTRAN, Inc.

All rights reserved.

NetVanta 2050

NetVanta 2054

ADTRAN is an ISO 9001, ISO 14001,

and a TL 9000 certified supplier.