Alcatel-Lucent OmniAccess 780 User Manual

OmniAccess 780 Uniﬁed Services Gateway

The Alcatel-Lucent OmniAccess 780 Unified Services Gateway (USG) is an integrated networking device specifically

designed for the regional or branch office with a streamlined form factor and support for a comprehensive set of

interfaces. The OmniAccess 780 USG has six interface slots and supports a mix and match of interface types (see below).

The OmniAccess 780 USG is targeted to enterprise branch ofﬁces and campus gateways for applications and services

that require the built-in resiliency and redundancy that the OmniAccess 780 offers. The OmniAccess 780 USG provides

multiple services on one platform (Ethernet switching, IP routing, VoIP, video) to reduce the cost and complexity of the

WAN access network infrastructure and allows new services to be implemented quickly and easily.

B E N E F I T SF E A T U R E S

• Integrates multiple services onto one platform

• Embedded encryption accelerator and an integrated digital s ignal processor for voice call processing

• Choice of optional interfaces

• Remote management

• Modular software design - ModuLive

• OnePass packet processing

• LifeLIne management framework

• Eliminates mu l tiple de v ices and provides the same services on one unified, resilient, low-cost, small footprint platform

• Serves all IP communications needs of small enterprise branch offices and the service provide customer edge

• Supports a wide range of connectivity requirements

• Eliminates th e need f o r on-site intervention

• Seamless addition of modules with no impact on other services in operation

• Provides true service unification and saves CPU resources while minimizing latency through the system

• Ensures management traffic reaches the system 100% of the time

he Omn iAccess 780 USG offers

uperior high availability for a

s regional or branch site, along with comprehensive remote management by leveraging a highly modular system design and innovative management architecture. The OmniAccess 780 USG also integrates critical security features such as firewall, denial of service (DoS) protection, application level gateways, intrusion detection and prevention, and IPSec virtual private network (VPN), onto one unified platform.

ith a separate management plane,

edicated management processors,

d and multiple access mechanisms to reach the system, Alcatel-Lucent's Lifeline management framework allows highly resilient remote system administration, independent of the state of the system. All services provided by the OmniAccess 780 can be managed remotely, thereby eliminating the need for on-site intervention.

The Alcatel-Lucent ModuLive software platform provides a fully modular, always live software base that

T E C H N I C A L S P E C I F I C A T I O N S

aximizes system availability by

nabling in-service upgrades and

e conﬁguration changes, and by ensuring that a fault in one service module has minimal or no impact on other services. It also allows for online insertion and removal of line cards, obviat ing the need for netw ork outages during hardware upgrades. As multiple services are added, scalability and performance are maintained through Alca tel-Lucent's uni que OnePass approach, which performs common packet classification across multiple services.

Hardware

• Module slots: 6 interface slots

• Interface cards ¬ 8-port 10/100/1000 Mbps Ethernet ¬ 4-port T1/E1 ¬ 4-port serial (V.35/X.21)

• Services engine (SE): 2-port 10/100/1000 Mbps Ethernet (built-in)

• Hot swappable line cards

• RAM (default/max): 512 MB/1 GB

• FLASH memory: 512 MB

Routing

• Static routes

• RIP v1/v2 dynamic routing

• OSPF/BGP dynamic routing

• Multicast routing – PIM

• IGMP (v1, v2)

• GRE tunnels

• VRRP

• Policy-based routing

• Packet forward rate (64 byte pkts): 930 kpps *

• Forwarding performance: 2Gbps *

• Max. number of BGP peers: 200 **

• Max. number of VLANs: 4096 **

Firewall

• Stateful packet inspection and filtering (ACL)

• NAT (Source and Destination NAT)

• DoS and DDoS protection

• Protocol anomaly: IP, TCP, UDP

• ALGs: TFTP, FTP, NFS, DNS, RTSP, SIP, DHCP, UA/NOE

• Common classification for all services

• Firewall performance: 2 Gbps *

• Concurrent sessions: 128,000 *

Quality of service

• L3/4 traffic policy definition

• Interface egress queues: 16 queues per interface

• Priority scheduling

• Weighted fair queuing

• Class-based queuing

• Hierarchical queuing: Up to 4 levels

• Ingress policing

• Egress shaping

• DSCP/TOS marking

• WRED

• DiffServ: RFC 3246, 2597, 2445

VPN (IPSec)

• Site-to-site VPN tunnels: Up to 1500 **

• Tunnel interfaces

• DES (56 bit), 3DES (168 bit), and AES (128, 192, 256 bit) encryptions

• MD-5 and SHA-1 authentication

• IKE with pre-shared key or PKI

• Perfect forward secrecy (DH groups): 1, 2, 5

• IPSec NAT traversal

• AES performance: 180 Mbps *

• Max. concurrent VPN tunnels: 1500 **

Intrusion detection/intrusion prevention

• Detection mode

• Prevention mode

• Automatic signature updates

• Group-based IDS/IPS : Pr iority/ protoco l/ intrusion type

WAN protocols

• PPP

• MLPPP

• Frame relay

• MLFR

• HDLC

• PAP/CHAP Authentication

LAN protocols

• STP

• Bridging

• IEEE 802.1Q VLANs

• Per-VLAN STP (PVST+)

• IRB (Integrated Routing and Bridging)

Network services

• DHCP relay/server

• DNS client

• TFTP server/client

• FTP client

• ssh server/client

• HTTP server

• Transparent Firewall

VoIP Support

• SIP / NOE ALGs

• Priority scheduling

• Dynamic Pinholing in Firewall

• DSCP classification and marking

• TFTP Server for booting IP phones

• DHCP options for phones provisioning

* Performance numbers based on 2 GHz reference engine, capacity limits based on 512 MB RAM ** No preset limit in software. Numbers listed are verified. They could scale higher depending on services enabled.

2 Alcatel-Lucent OmniAccess 780 Uniﬁed Services Gateway

+ 2 hidden pages