Intel Express Routers 9000 User Manual

284.72 Kb
Loading...

K E Y F E AT U R E S J

Secure LAN to LAN connectivity over the Internet featuring 144 bit encryption

Multiple protocol support including Frame Relay, X.25, EuroISDN and PPP

Easy configuration and management with Intel Device View for Windows*

Intel Express Routers

The VPN routers for secure networking over the Internet.

Intel Express Routers can now secure your private business communications for safe transmission over the Internet, while continuing to offer a simple and cost effective solution for all your traditional WAN routing needs. With two or more Express Routers, you can create a secure Virtual Private Network over the Internet. Powerful encryption and tunneling capabilities safeguard your data. With the comparatively low cost of Internet access, you can save as much as 80% of the cost of dedicated long distance WAN connections.

Intel Express Routers provide a rich set of features while simplifying the traditional complexity of router installation and management. An Intel Express Router can be up and running in minutes, using simple menu-based options with default settings that will satisfy most network situations. Management is also easy, with powerful Windows* OS-based SNMP management tools that provide a hierarchal view of each WAN and LAN connection for monitoring and troubleshooting.

You get sophisticated control of WAN link activity. Features such as advanced filtering, data compression and Network Address Translation (NAT) are built in to each router, ensuring efficient data transmission, a secure data link across the public domain, and a safeguard that restricts public access to your private LAN.

Unlike other router solutions in which software and other important components are costly add-ons, Intel Express Routers are complete, cost-effective solutions. Each Intel Express Router includes all the hardware and software needed for full installation. The only item packaged separately is the appropriate WAN interface cable for the environment.

Intel Express Routers are designed for worldwide network environments worldwide, with support for a range of WAN protocols and interfaces. They integrate with other Intel networking products for a complete corporate internetworking solution.

N E W F E AT U R E S

Secure Virtual Private Network support

Even easier-to-use console interface

Robust new features added to Intel Device View for Windows*

Enhanced SNMP support

Support for RMON groups 1, 2, 3 and 9

Frame Relay encryption (per link)

Improved diagnostic tools

Intel Express Routers

The features described below are supported by all Intel Express Routers. The router models are differentiated by the WAN support they provide.

Secure business communication over the Internet – Virtual Private Networks and more

The Internet offers unprecedented savings as a means of long distance corporate communication. In fact, Internet access can easily cost as little as 20% of the cost of a traditional WAN connection. But how do you keep your vital business data secure as it crosses the public domain?

Intel Express Routers provide a simple and inexpensive solution, enabling you to create a highly secure Virtual Private Network (VPN) over the Internet and public Frame Relay and X.25 networks. There’s no need to alter your existing network architecture. Security is provided by using an Intel router for each point at which you connect to the Internet. Powerful encryption keeps your data private. (See the side bar on tunneling for more information.)

Other security features include:

Data encryption. Encryption is available when used over Point-to-Point Protocol (PPP) or Frame Relay links. Encryption is performed using the Blowfish algorithm, with a 144 bit encryption key. For best effectiveness, encryption is performed across the entire data stream rather than on individual packets only. All Express Router models come in two versions – with or without encryption.

Network Address Translation (NAT). Network Address Translation enhances security by hiding internal IP addresses when data is sent over the Internet or WAN. NAT also provides considerable savings in time and money by eliminating the need to redesign your business’s internal TCP/IP addressing scheme when connecting to the Internet or remote sites with conflicting IP addressing schemes.

Using NAT, an Intel Express Router automatically assigns a unique Internet IP address to each internal LAN address, enabling transparent communication with those outside your corporate network. Alternatively, the router can maintain a pool of unique IP addresses, assigning a temporary address to a workstation whenever it connects over the Internet or WAN. This method requires fewer official Internet IP addresses.

Authentication – PAP, CHAP. To ensure that Intel Express Routers communicate only with other authorized devices, the routers can be configured to use the Password Authentication Protocol (PAP) or the Challenge Handshake Authentication Protocol (CHAP) when communicating over PPP links. The routers will demand authentication whenever the link is established.

Over ISDN (EuroISDN only) and analog modems, PPP Call Back can be used for authentication. If a user dials in for access to the LAN, the router cuts the connection, then calls back to ensure that it’s an authorized link. PPP Call Back is compatible with the Microsoft Call Back standard.

Filtering. IP and IPX filtering eliminates unauthorized communication over the WAN or LAN link. By tightly defining filters to pass communication only to and from authorized sources, links remain secure.

Comprehensive cost control of WAN links

Traditionally, WAN link traffic is by far the most expensive cost component of WAN connections. Intel Express Routers help control WAN link costs while also maximizing the available bandwidth for data communication. They do this in a variety of ways:

Data compression. Data compression allows the transmission of more information over the same bandwidth on a WAN connection. Software-based LZS data compression is supported in the Intel Express 9100, 9200, 9201 and 9300 Routers for Frame Relay and PPP. LZS is an industry accepted specification providing typical compression rates of approximately 4:1 and interoperability with other routers. The hardware-based data compression supported in the Intel Express Router 9400 is also based on the LZS algorithm. This distinctive feature allows compression while running at full bandwidth. X.25 and LAPB compression is supported in an implementation that requires Express Routers at both ends of the connection.

Filtering. Filtering eliminates unnecessary communication over the WAN link. With tightly defined filters, only essential traffic passes through, thus lowering communication costs. The Intel Express Routers support filters for IP, IPX and bridging.

2

+ 6 hidden pages