• Integrated 4G LTE, 3G as well as IEEE 80211b/g/n WLAN in one box
• Embedded encryption, stateful firewall, NAT, ADVPN security features
• Unified Comware v7 OS, Comware v7 OS zero-touch solution, and single-pane-of-glass
management
Product overview
The HPE FlexNetwork MSR95x Router Series is a high-performance Comware v7 based
small-branch router that delivers integrated routing, switching, security, SIP, embedded
80211b/g/n WLAN connectivity, integrated 4G LTE/3G, and fiber (SFP) in a single box.
The MSR 95x Router Series solutions deliver up to 300 Kpps forwarding with comprehensive
IPv4 and IPv6 routing, MPLS, QoS, stateful firewall, network address translation (NAT), VPN,
switching, voice, and wireless capabilities in a compact, fixed form factor. Moreover, this router
series is based on open standards for seamless integration within small-branch deployments.
Data sheet
Page 2
Features and benefits
Quality of service (QoS)
• Traic policing
Supports Committed Access Rate (CAR) and line rate
• Weighted random early detection (WRED)/random early detection (RED)
Delivers congestion avoidance capabilities through the use of queue management algorithms
• Other QoS technologies
Support traic shaping
Management
• Industry-standard CLI with a hierarchical structure
Reduces training time and expenses, and increases productivity in multivendor installations
• Management security
Restricts access to critical configuration commands; oers multiple privilege levels with password
protection; ACLs provide Telnet and SNMP access; local and remote syslog capabilities allow
logging of all access
• SNMPv1, v2, and v3
Provide complete support of SNMP; provide full support of industry-standard Management
Information Base (MIB) plus private extensions; SNMPv3 supports increased security using
encryption
• Remote monitoring (RMON)
Uses standard SNMP to monitor essential network functions; supports events, alarm, history,
and statistics group plus a private alarm extension group
• FTP, TFTP, and SFTP support
Oers dierent mechanisms for configuration updates; FTP allows bidirectional transfers over a
TCP/IP network; trivial FTP (TFTP) is a simpler method using User Datagram Protocol (UDP);
Secure File Transfer Protocol (SFTP) runs over an SSH tunnel to provide additional security
• Debug and sampler utility
Supports ping and traceroute for both IPv4 and IPv6
• Network Time Protocol (NTP)
Synchronizes timekeeping among distributed time servers and clients; keeps timekeeping
consistent among all clock-dependent devices within the network so that the devices can
provide diverse applications based on the consistent time
• Information center
Provides a central repository for system and network information; aggregates all logs, traps,
and debugging information generated by the system and maintains them in order of severity;
outputs the network information to multiple channels based on user-defined rules
Data sheet
Page 3
Connectivity
• Multiple Gigabit Ethernet connection options
Provides two GbE WAN and four GbE LAN ports onboard
• Multiple advanced WAN interfaces
Provide traditional connection options including GbE copper (Cat5e/Ethernet) connection and
an additional fiber (SFP) port for a total of two WAN Gigabit Ethernet ports; and oer wireless
access with 4G LTE, 3G, and 80211n WLAN connectivity
• 4G LTE Verizon/AT&T/Sprint and global carrier support
Delivers embedded 4G LTE wireless WAN backhaul connectivity with three dierent carrier
firmware options and simultaneous 80211n WLAN connectivity
• Packet storm protection
Protects against broadcast, multicast, or unicast storms with user-defined thresholds
• Loopback
Supports internal loopback testing for maintenance purposes and an increase in availability;
loopback detection protects against incorrect cabling or network configurations and can be
enabled on a per-port basis for added flexibility
• 3G and 4G LTE access
Supports popular 3G and 4G LTE USB modems; for a list of supported products, contact your
local Hewlett Packard Enterprise representative
Performance
• Forwarding performance
Provides up to 300 Kpps; and meets current and future bandwidth-intensive application demands
for enterprise businesses
• Embedded encryption
Supports up to 100 VPN tunnels and up to 160 Mbps encryption throughput
• Gigabit Ethernet interface
Provides a connection to the network that eliminates the network as a bottleneck
Resiliency and high availability
• Backup center
Acts as a part of the management and backup function to provide backup for device interfaces;
delivers reliability by switching traic over to a backup interface when the primary one fails
• Virtual Router Redundancy Protocol (VRRP)
Allows groups of two routers to back each other up dynamically to create highly available routed
environments; and supports VRRP load balancing
Layer 2 switching
• Spanning Tree Protocol (STP)
Supports standard IEEE 8021D STP, IEEE 8021w Rapid Spanning Tree Protocol (RSTP) for faster
convergence, and IEEE 8021s Multiple Spanning Tree Protocol (MSTP)
• Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD)
protocol snooping
Controls and manages the flooding of multicast packets in a Layer 2 network
• Port mirroring
Duplicates port traic (ingress and egress) to a local or remote monitoring port
Data sheet
Page 4
• Port isolation
Increases security by isolating ports within a VLAN while still allowing them to communicate
with other VLANs
• VLANs
Supports IEEE 8021Q-based VLANs
• sFlow®
Allows traic sampling
Layer 3 services
• Address Resolution Protocol (ARP)
Determines the MAC address of another IP host in the same subnet; supports static ARPs;
gratuitous ARP allows detection of duplicate IP addresses; proxy ARP allows normal ARP
operation between subnets or when subnets are separated by a Layer 2 network
• Dynamic Host Configuration Protocol (DHCP)
Simplifies the management of large IP networks and supports client and server; DHCP Relay
enables DHCP operation across subnets
• Routing Information Protocol (RIP)
Uses a distance vector algorithm with UDP packets for route determination; supports RIPv1
and RIPv2 routing; includes loop protection
• Open shortest path first (OSPF)
Delivers faster convergence; uses this link-state routing Interior Gateway Protocol (IGP), which
supports ECMP, NSSA, and MD5 authentication for increased security and graceful restart for
faster failure recovery
• Border Gateway Protocol 4 (BGP-4)
Delivers an implementation of the Exterior Gateway Protocol (EGP) utilizing path vectors; uses
TCP for enhanced reliability for the route discovery process; reduces bandwidth consumption
by advertising only incremental updates; supports extensive policies for increased flexibility;
scales to very large networks
• Intermediate system to intermediate system (IS-IS)
Uses a path vector Interior Gateway Protocol (IGP), which is defined by the ISO organization
for IS-IS routing and extended by IETF RFC 1195 to operate in both TCP/IP and the OSI reference
model (Integrated IS-IS)
• Dual IP stack
Maintains separate stacks for IPv4 and IPv6 to ease the transition from an IPv4-only network
to an IPv6-only network design
Data sheet
Page 5
• Routing Information Protocol next generation (RIPng)
Extends RIPv2 to support IPv6 addressing
• OSPFv3
Provides OSPF support for IPv6
• BGP+
Extends BGP-4 to support Multiprotocol BGP (MBGP), including support for IPv6 addressing
• IS-IS for IPv6
Extends IS-IS to support IPv6 addressing
• IPv6 tunneling
Allows IPv6 packets to traverse IPv4-only networks by encapsulating the IPv6 packet into a
standard IPv4 packet; supports manually configured, 6to4, and Intra-Site Automatic Tunnel
Addressing Protocol (ISATAP) tunnels; is an important element for the transition from IPv4 to IPv6
• Policy routing
Allows custom filters for increased performance and security; supports ACLs, IP prefix, AS paths,
community lists, and aggregate policies
• BGP4+ support
Utilizes the BGP-4 (RFC 4271) exterior routing protocol for routing integrity and reliability
between dierent autonomous systems
Security
• Access control list (ACL)
Supports powerful ACLs for both IPv4 and IPv6; ACLs are used for filtering traic to prevent
unauthorized users from accessing the network, or for controlling network traic to save resources;
rules can either deny or permit traic to be forwarded; rules can be based on a Layer 2 header or a
Layer 3 protocol header; rules can be set to operate on specific dates or times
• Terminal Access Controller Access-Control System (TACACS+)
Delivers an authentication tool using TCP with encryption of the full authentication request,
providing additional security
• Network login
Allows authentication of multiple users per port using the IEEE 8021X standard
• Remote Authentication Dial-in User Service (RADIUS) login
Eases security access administration by using a password authentication server
• NAT enablement
Facilitates one-to-one NAT, many-to-many NAT, and NAT control—enabling NAT-PT to support
multiple connections; supports blacklisting in the NAT/NAT-PT; and enables a limit on the number
of connections, session logs, and multiple instances
• SSHv2
Uses external servers to log in to a remote device securely or MSRs from a remote location;
protects against IP spoofing and plain text password interception, with authentication and
encryption; and increases the security of SFTP transfers
• Unicast Reverse Path Forwarding (URPF)
Allows normal packets to be forwarded correctly, but discards the attaching packets due to lack
of a reverse path route or an incorrect inbound interface; and helps prevents source spoofing
and distributed attacks
• IPsec VPN
Supports DES, 3DES, and AES 128/192/256 encryption as well as MD5 and SHA-1 authentication
Loading...
+ 11 hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.