HPE JH296A Product Data Sheet

Data sheet
HPE FlexNetwork MSR95x Router Series
Key features
• Converged high-performance fiber routing, switching, security, and 300 Kpps performance
• Integrated GbE WAN and LAN, fiber (SFP)
• Integrated 4G LTE, 3G as well as IEEE 80211b/g/n WLAN in one box
• Embedded encryption, stateful firewall, NAT, ADVPN security features
Product overview
The HPE FlexNetwork MSR95x Router Series is a high-performance Comware v7 based small-branch router that delivers integrated routing, switching, security, SIP, embedded 80211b/g/n WLAN connectivity, integrated 4G LTE/3G, and fiber (SFP) in a single box.
The MSR 95x Router Series solutions deliver up to 300 Kpps forwarding with comprehensive IPv4 and IPv6 routing, MPLS, QoS, stateful firewall, network address translation (NAT), VPN, switching, voice, and wireless capabilities in a compact, fixed form factor. Moreover, this router series is based on open standards for seamless integration within small-branch deployments.
Data sheet
Page 2
Features and benefits
Quality of service (QoS)
• Traic policing Supports Committed Access Rate (CAR) and line rate
• Congestion management Supports FIFO, PQ, CQ, WFQ, CBQ, and RTPQ
• Weighted random early detection (WRED)/random early detection (RED) Delivers congestion avoidance capabilities through the use of queue management algorithms
• Other QoS technologies Support traic shaping
Management
• Industry-standard CLI with a hierarchical structure Reduces training time and expenses, and increases productivity in multivendor installations
• Management security Restricts access to critical configuration commands; oers multiple privilege levels with password protection; ACLs provide Telnet and SNMP access; local and remote syslog capabilities allow logging of all access
• SNMPv1, v2, and v3 Provide complete support of SNMP; provide full support of industry-standard Management Information Base (MIB) plus private extensions; SNMPv3 supports increased security using encryption
• Remote monitoring (RMON) Uses standard SNMP to monitor essential network functions; supports events, alarm, history, and statistics group plus a private alarm extension group
• FTP, TFTP, and SFTP support Oers dierent mechanisms for configuration updates; FTP allows bidirectional transfers over a TCP/IP network; trivial FTP (TFTP) is a simpler method using User Datagram Protocol (UDP); Secure File Transfer Protocol (SFTP) runs over an SSH tunnel to provide additional security
• Debug and sampler utility Supports ping and traceroute for both IPv4 and IPv6
• Network Time Protocol (NTP) Synchronizes timekeeping among distributed time servers and clients; keeps timekeeping consistent among all clock-dependent devices within the network so that the devices can provide diverse applications based on the consistent time
• Information center Provides a central repository for system and network information; aggregates all logs, traps, and debugging information generated by the system and maintains them in order of severity; outputs the network information to multiple channels based on user-defined rules
Data sheet
Page 3
Connectivity
• Multiple Gigabit Ethernet connection options Provides two GbE WAN and four GbE LAN ports onboard
• Multiple advanced WAN interfaces Provide traditional connection options including GbE copper (Cat5e/Ethernet) connection and an additional fiber (SFP) port for a total of two WAN Gigabit Ethernet ports; and oer wireless access with 4G LTE, 3G, and 80211n WLAN connectivity
• 4G LTE Verizon/AT&T/Sprint and global carrier support Delivers embedded 4G LTE wireless WAN backhaul connectivity with three dierent carrier firmware options and simultaneous 80211n WLAN connectivity
• Packet storm protection Protects against broadcast, multicast, or unicast storms with user-defined thresholds
• Loopback Supports internal loopback testing for maintenance purposes and an increase in availability; loopback detection protects against incorrect cabling or network configurations and can be enabled on a per-port basis for added flexibility
• 3G and 4G LTE access Supports popular 3G and 4G LTE USB modems; for a list of supported products, contact your local Hewlett Packard Enterprise representative
Performance
• Forwarding performance Provides up to 300 Kpps; and meets current and future bandwidth-intensive application demands for enterprise businesses
• Embedded encryption Supports up to 100 VPN tunnels and up to 160 Mbps encryption throughput
• Gigabit Ethernet interface Provides a connection to the network that eliminates the network as a bottleneck
Resiliency and high availability
• Backup center Acts as a part of the management and backup function to provide backup for device interfaces; delivers reliability by switching traic over to a backup interface when the primary one fails
• Virtual Router Redundancy Protocol (VRRP) Allows groups of two routers to back each other up dynamically to create highly available routed environments; and supports VRRP load balancing
Layer 2 switching
• Spanning Tree Protocol (STP) Supports standard IEEE 8021D STP, IEEE 8021w Rapid Spanning Tree Protocol (RSTP) for faster convergence, and IEEE 8021s Multiple Spanning Tree Protocol (MSTP)
• Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) protocol snooping Controls and manages the flooding of multicast packets in a Layer 2 network
• Port mirroring Duplicates port traic (ingress and egress) to a local or remote monitoring port
Data sheet
Page 4
• Port isolation Increases security by isolating ports within a VLAN while still allowing them to communicate with other VLANs
• VLANs Supports IEEE 8021Q-based VLANs
• sFlow® Allows traic sampling
Layer 3 services
• Address Resolution Protocol (ARP) Determines the MAC address of another IP host in the same subnet; supports static ARPs; gratuitous ARP allows detection of duplicate IP addresses; proxy ARP allows normal ARP operation between subnets or when subnets are separated by a Layer 2 network
• Dynamic Host Configuration Protocol (DHCP) Simplifies the management of large IP networks and supports client and server; DHCP Relay enables DHCP operation across subnets
Layer 3 routing
• Static IPv4 routing Provides simple manually configured IPv4 routing
• Routing Information Protocol (RIP) Uses a distance vector algorithm with UDP packets for route determination; supports RIPv1 and RIPv2 routing; includes loop protection
• Open shortest path first (OSPF) Delivers faster convergence; uses this link-state routing Interior Gateway Protocol (IGP), which supports ECMP, NSSA, and MD5 authentication for increased security and graceful restart for faster failure recovery
• Border Gateway Protocol 4 (BGP-4) Delivers an implementation of the Exterior Gateway Protocol (EGP) utilizing path vectors; uses TCP for enhanced reliability for the route discovery process; reduces bandwidth consumption by advertising only incremental updates; supports extensive policies for increased flexibility; scales to very large networks
• Intermediate system to intermediate system (IS-IS) Uses a path vector Interior Gateway Protocol (IGP), which is defined by the ISO organization for IS-IS routing and extended by IETF RFC 1195 to operate in both TCP/IP and the OSI reference model (Integrated IS-IS)
• Static IPv6 routing Provides simple manually configured IPv6 routing
• Dual IP stack Maintains separate stacks for IPv4 and IPv6 to ease the transition from an IPv4-only network to an IPv6-only network design
Data sheet
Page 5
• Routing Information Protocol next generation (RIPng) Extends RIPv2 to support IPv6 addressing
• OSPFv3 Provides OSPF support for IPv6
• BGP+ Extends BGP-4 to support Multiprotocol BGP (MBGP), including support for IPv6 addressing
• IS-IS for IPv6 Extends IS-IS to support IPv6 addressing
• IPv6 tunneling Allows IPv6 packets to traverse IPv4-only networks by encapsulating the IPv6 packet into a standard IPv4 packet; supports manually configured, 6to4, and Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) tunnels; is an important element for the transition from IPv4 to IPv6
• Policy routing Allows custom filters for increased performance and security; supports ACLs, IP prefix, AS paths, community lists, and aggregate policies
• BGP4+ support Utilizes the BGP-4 (RFC 4271) exterior routing protocol for routing integrity and reliability between dierent autonomous systems
Security
• Access control list (ACL) Supports powerful ACLs for both IPv4 and IPv6; ACLs are used for filtering traic to prevent unauthorized users from accessing the network, or for controlling network traic to save resources; rules can either deny or permit traic to be forwarded; rules can be based on a Layer 2 header or a Layer 3 protocol header; rules can be set to operate on specific dates or times
• Terminal Access Controller Access-Control System (TACACS+) Delivers an authentication tool using TCP with encryption of the full authentication request, providing additional security
• Network login Allows authentication of multiple users per port using the IEEE 8021X standard
• Remote Authentication Dial-in User Service (RADIUS) login Eases security access administration by using a password authentication server
• NAT enablement Facilitates one-to-one NAT, many-to-many NAT, and NAT control—enabling NAT-PT to support multiple connections; supports blacklisting in the NAT/NAT-PT; and enables a limit on the number of connections, session logs, and multiple instances
• SSHv2 Uses external servers to log in to a remote device securely or MSRs from a remote location; protects against IP spoofing and plain text password interception, with authentication and encryption; and increases the security of SFTP transfers
• Unicast Reverse Path Forwarding (URPF) Allows normal packets to be forwarded correctly, but discards the attaching packets due to lack of a reverse path route or an incorrect inbound interface; and helps prevents source spoofing and distributed attacks
• IPsec VPN Supports DES, 3DES, and AES 128/192/256 encryption as well as MD5 and SHA-1 authentication
Loading...
+ 11 hidden pages