Size:
454.25 Kb
Download

 

 

ProSafe® Quad WAN Gigabit

 

 

 

 

 

 

SSL VPN Firewall

Data Sheet

 

 

 

SRX5308

 

 

 

 

 

 

 

 

 

 

 

 

 

Ultra High Performance Business-classFirewall Security

 

 

 

 

 

 

The flagship model of the ProSafe firewall family — the SRX5308 is perfect for even the most

 

 

 

demanding business networks. The SRX5308 features a hardware-accelerateddata flow

 

 

 

architecture that allows for 1 Gbps of stateful firewall throughput. This powerful VPN router

 

 

 

is a high-performance,SNMP-manageable,network solution that furnishes multidimensional

 

 

 

security including denial-of-service(DoS) protection, stateful packet inspection (SPI), URL

 

 

 

keyword filtering, configurable hardware DMZ port, logging, reporting, and real-time

 

 

 

alerts. QoS, WAN traffic metering, and bandwidth profiling gives you granular bandwidth

 

 

 

management capabilities. VLAN support allows you to separate guest traffic from critical

 

 

 

production servers. Four Gigabit LAN ports allows for maximum internal data transfer speeds,

 

 

 

while the four Gigabit WAN ports provide two modes of session-basedload-balancingas well

 

 

 

as failover protection to ensure maximum throughput and reliable connectivity to the Internet.

 

 

 

 

 

 

 

 

 

 

 

 

Features and Benefits

 

 

 

 

 

LAN-to-WANThroughput¹

 

Hardware-accelerated1GbpsLAN-to-WANfirewall throughput

 

 

 

 

 

 

 

• 200,000 concurrent connections

 

 

 

 

 

 

 

 

 

 

 

 

 

Secure Firewall

 

• DoS attack protection

 

 

 

 

 

 

 

• Block TCP/UDP packet floods

 

 

 

 

 

 

 

• Port/service blocking

 

 

 

 

 

 

 

• Hardware DMZ port

 

 

 

 

 

 

 

• Web content filter

 

 

 

 

 

 

 

 

 

 

 

 

 

Quad Gigabit WAN Ports

 

• 2 modes of session-basedWAN load balancing

 

 

 

 

 

 

 

• WAN failover for maximum uptime

 

 

 

 

 

 

 

 

 

 

 

 

 

VLAN Support

 

• Create up to 254 individual 802.1Q VLANs

 

 

 

 

 

 

 

• Allows for secure network segmentation

 

 

 

 

 

 

 

• Separate guest traffic from critical production servers

 

 

 

 

 

 

 

 

 

 

 

 

 

SSL and IPsec VPN Remote Access

 

• SSL VPN – clientless remote access, anywhere, anytime

 

 

 

 

 

 

 

• IPsec VPN – secure site-to-sitetunnels andclient-basedremote access

 

 

 

 

 

 

 

Industry-strengthencryption algorithms

 

 

 

 

 

 

 

• IKE authentication protects against unauthorized remote access

 

 

 

 

 

 

 

• 125 simultaneous IPsec VPN tunnels

 

 

 

 

 

 

 

• 50 simultaneous SSL VPN tunnels

 

 

 

 

 

 

 

 

 

 

 

 

 

Bandwidth Management

 

• Control end user bandwidth consumption with Bandwidth Profiles

 

 

 

 

 

 

 

• Prioritize traffic with Quality of Service (QoS)

 

 

 

 

 

 

 

• WAN Traffic Metering

 

 

 

 

 

 

 

 

 

 

 

 

 

Easy to Use

 

• Auto Detect connects to your ISP quickly

 

 

 

 

 

 

 

• DHCP (client and server) for fast deployment

 

 

 

 

 

 

 

• Intuitive Web management GUI

 

 

 

 

 

 

 

• IPsec VPN Wizard allows for easy VPN setup

 

 

 

 

 

 

 

• SNMP, telnet management support

 

 

 

 

 

 

 

• SYSLOG and emailed logs enable thorough network monitoring

 

 

 

 

 

 

 

 

 

 

 

 

 

Reliable NETGEAR Hardware

 

Industry-grademetal casing

 

 

 

 

 

 

 

High-qualityelectronics

 

 

 

 

 

 

 

• NETGEAR Lifetime Warranty

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

VPNC

 

 

 

 

 

CERTIFIED

 

 

 

 

 

 

Basic

 

 

 

 

 

 

Interop

 

 

 

 

 

 

AES

 

 

 

 

 

 

Interop

 

 

1-888-NETGEAR(638-4327)

 

 

 

 

 

 

 

Email: info@NETGEAR.com

 

 

*

 

 

 

 

 

 

 

 

ProSafe® Quad WAN Gigabit SSL VPN Firewall

SRX5308

Gigabit Ethernet

Fast Ethernet

STM300

ProSecure Web and Email

Security Appliance

GSM7224-200

ProSafe 24-portGigabit

Managed Switch

Servers

Desktop PCs connect with

10/100/1000 Mbps Gigabit

Ethernet PCI Adapter (GA311)

 

Remote Access

PDA with Web browser

 

 

 

 

 

 

via Kiosk or Laptop

 

 

 

SRX5308

 

VPN Tunnel

 

 

encrypts your data

SRX5308

ProSafe Quad WAN Gigabit

 

 

 

 

 

 

ProSafe Quad WAN Gigabit

SSL VPN Firewall

 

 

 

 

 

 

SSL VPN Firewall

 

 

 

 

Internet

Broadband

Broadband

modems

modems

PC with GA311

Laptop with SSL VPN

Telecommuter connects with ProSafe VPN Client Software (VPN01L or VPN05L)

WNDAP350 ProSafe Dual Band

Wireless-NAccess Point

STM150

ProSecure Secure Threat

Management Appliance

GS724TPS

ProSafe 24-portGigabit

Stackable PoE Smart Switch

Desktop PCs connect with 10/100/1000 Mbps Gigabit Ethernet PCI Adapter (GA311)

TECHNICAL SPECIFICATIONS

PERFORMANCE

LAN-to-WANThroughput¹

924 Mbps

 

 

IPsec VPN (3DES) Throughput¹

180 Mbps

 

 

SSL VPN Throughput¹

21 Mbps

 

 

Maximum Concurrent Connections

200,000

 

 

Maximum Number of VLANs

254

 

 

Dedicated IPsec VPN Tunnels

125

 

 

Dedicated SSL VPN Tunnels

50

 

 

FIREWALL FEATURES

Stateful Packet Inspection (SPI)

Port/Service Blocking, Denial-of-service(DoS) Prevention, Stealth Mode, Block TCP Flood, Block UDP Flood,

 

WAN/LAN Ping Response Control

 

 

Firewall Functions

Port Range Forwarding, Port Triggering, DNS proxy, MAC Address Cloning/spoofing, NTP Support, UPnP, Auto-

 

Uplink on Switch Ports, L3 Quality of Service (QoS),LAN-to-WANandWAN-to-LAN(ToS),Bandwidth Profiling

 

 

Content Filtering

Web Components (Proxy, Java, ActiveX, Cookies), Web Keyword Blocking, Trusted Domains

 

 

User Authentication for VPN

Active Directory, LDAP, Radius, WIKID, MIAS, NT Domain, Local User Database

 

 

PCI Compliance Two Factor

Authentication Support

 

VoIP SIP ALG Compatibility List

Linksys SPA-901,LinksysSPA-941,SNOM M3, Cisco 7940G,X-Lite3.0 (software for phones),

 

D-LinkDPH-140S,GrandstreamGXP-2000,Polycom SoundStation 6000, Siemens C450, Aastra 51i

 

 

VPN Pass Through

IPsec, PPTP, L2TP

 

 

FIREWALL FEATURES

 

 

 

WAN Modes

NAT, Classical Routing

 

 

ISP Address Assignment

DHCP, Static IP Assignment, PPPoE, PPTP

 

 

NAT Modes

1-1,NAT, PAT

 

 

Routing

Static, Dynamic, RIPv1, RIPv2

 

 

DHCP

DHCP Server, DHCP Relay

 

 

DDNS

DynDNS.org, TZO.com, Oray.net, 3322.org

 

 

VLANs

802.1Q

 

 

Quad-WANFail-over

 

 

WAN Load Balancing Modes

Weighted Load Balancing, Round Robin

 

 

VPN

 

 

 

IPsec Encryption/Authentication

56-bitDES,168-bit3DES, AES(128, 192, 256bit)/SHA-1,MD5

 

 

Key Exchange

IKE, Manual Key, Pre-sharedKey, PKI, X.509 v3

 

 

IPsec NAT Traversal (VPN Passthrough)

IPsec Access Modes

Client-to-site,Site-to-site

 

 

IPsec VPN Wizard

 

ProSafe® Quad WAN Gigabit SSL VPN Firewall

SRX5308

 

TECHNICAL SPECIFICATIONS

 

 

 

VPN

 

 

 

 

 

 

 

 

 

 

SSL Version Support

SSLv3, TLS1.0

 

 

 

 

 

 

SSL Encryption Support

DES, 3DES, ARC4, AES(ECB, CBC, XCBC, CNTR)128, 256 bit

 

 

 

 

 

 

SSL Message Integrity

MD5, SHA-1,MAC-MD5/SHA-1,HMAC-MD5/SHA-1

 

 

 

 

 

 

SSL Certificate Support

RSA, Diffie-Hellman,Self

 

 

 

 

 

 

SSL VPN Platforms Supported

Windows 2000/XP/Vista/Windows 7 (32, 64 bit), MAC OS X 10.4+

 

 

 

 

 

 

MANAGEMENT

 

 

 

 

 

 

 

Management Interface Options

HTTP/HTTPS, SNMP v2c, Telnet

 

 

Logging

Accepted Packets, Dropped Packets, System, Source MAC filter, Session Limit, Bandwidth Limit, SSl VPN, IPsec VPN

 

Log Delivery

Email Delivery, Syslog

 

 

Diagnostics

Ping, DNS Lookup, Trace Route

 

 

Maintenance

Save/restore Configuration, Restore to Factory Defaults, Firmware Upgrades via Web Browser, Display Statistics

 

HARDWARE

 

 

 

 

 

 

 

Gigabit RJ45 Ports WAN/LAN

4/4

 

 

 

 

 

 

DMZ Interfaces (Configurable)

1

 

 

 

 

 

 

Flash Memory/RAM

64 MB/512 MB

 

 

 

 

 

 

Certifications

VPNC (Basic, AES Interop)

 

 

 

 

 

 

Major Regulatory Compliance

Environment: RoHS, China RoHS Safety: CE/LVD, cUL EMI: FCC

 

 

 

Part 15 Class A, CE mark commercial, C-TickClass A, VCCI

 

 

 

 

 

 

Storage and Operating Temperatures

Operating Temperature: 0˚ - 45˚C (32˚-113˚F)

 

 

 

Storage Temperature: -20˚– 70˚ C(-4˚– 158˚ F)

 

 

Humidity

Operation 90% Maximum Relative, Storage 95% Maximum Relative

 

 

 

 

 

 

Electrical Specifications

AC 100-240V,50/60 Hz Universal Input, DC 5V/5A Output Internal Power Supply

 

 

 

 

 

 

Dimensions (W x H x D) cm

33 x 4.3 x 20.9

 

 

 

 

 

 

Dimensions (W x H x D) in

13 x 1.7 x 8.2

 

 

 

 

 

 

Weight kg/lb

2.1/4.6

 

 

 

 

 

System Requirements

Cable, DSL, or Wireless Broadband Modem, Internet Service, Network Card for Each Connected PC,

 

 

Network Software (e.g. Windows), Internet Explorer 5.0 or Higher or Mozilla Firefox 1.0 or Higher

 

 

 

 

Package Contents

ProSafe Quad WAN Gigabit Firewall (SRX5308), Ethernet Cable, Power Cable, Rackmount Kit, Rubber

 

 

Feet, Installation Guide, Warranty/Support Information Card, Resource CD With Single User ProSafe

 

 

VPN Client Software License

 

 

Warranty

Lifetime

 

 

 

 

 

 

ORDERING INFORMATION

 

 

 

 

 

 

 

North America

SRX5308-100NAS

 

 

 

 

 

 

Europe

SRX5308-100EUS

 

 

 

 

 

 

Asia

SRX5308-100AJS

 

 

 

 

 

 

ACCESSORIES

 

 

 

 

 

 

 

ProSafe Client Software

VPN01L (1-User),VPN05L(5-User)

 

 

 

 

 

 

ProSafe Network Management Software

NMS100

 

 

 

 

 

 

PROSUPPORT SERVICE PACKS

 

 

 

 

 

 

 

OnCall 24x7, Category 1

PMB0331-100(US), PMB0331(non-US)

 

 

 

 

 

 

XPressHW, Category 1

PRR0331

 

 

 

 

 

350 E. Plumeria Drive

San Jose, CA 95134-1911USA1-888-NETGEAR(638-4327)E-mail:info@NETGEAR.com www.NETGEAR.com

© 2010 NETGEAR, Inc. NETGEAR, the NETGEAR Logo, NETGEAR Digital Entertainer Logo, Connect with Innovation, FrontView, IntelliFi, PowerShift, ProSafe, ProSecure, RAIDar, RAIDiator, X-RAID,RangeMax, ReadyNAS and Smart Wizard are trademarks of NETGEAR, Inc. in the United States and/or other countries. Mac and the Mac logo are trademarks of Apple Inc., registered in the U.S. and other countries. Other brand names mentioned herein are for identification purposes only and may be trademarks of their respective holder(s). Information is subject to change without notice. All rights reserved.

*Basic technical support provided for 90 days from date of purchase. ¹Throughput measured in a lab environment. Actual performance may vary.

D-SRX5308-0