NETGEAR SRX5308 User Manual

ProSafe® Quad WAN Gigabit

VPNC

CERTIFIED

Basic

Interop

AES

Interop

SSL VPN Firewall Data Sheet

SRX5308

Ultra High Performance Business-class Firewall Security

The flagship model of the ProSafe firewall family — the SRX5308 is perfect for even the most
demanding business networks. The SRX5308 features a hardware-accelerated data flow
architecture that allows for 1 Gbps of stateful firewall throughput. This powerful VPN router
is a high-performance, SNMP-manageable, network solution that furnishes multidimensional
security including denial-of-service (DoS) protection, stateful packet inspection (SPI), URL
keyword filtering, configurable hardware DMZ port, logging, reporting, and real-time
alerts. QoS, WAN traffic metering, and bandwidth profiling gives you granular bandwidth
management capabilities. VLAN support allows you to separate guest traffic from critical
production servers. Four Gigabit LAN ports allows for maximum internal data transfer speeds,
while the four Gigabit WAN ports provide two modes of session-based load-balancing as well
as failover protection to ensure maximum throughput and reliable connectivity to the Internet.

FEATURES AND BENEFITS

LAN-to-WAN Throughput¹ • Hardware-accelerated 1Gbps LAN-to-WAN firewall throughput

• 200,000 concurrent connections

Secure Firewall • DoS attack protection

• Block TCP/UDP packet floods

• Port/service blocking

• Hardware DMZ port

• Web content filter

Quad Gigabit WAN Ports • 2 modes of session-based WAN load balancing

• WAN failover for maximum uptime

VLAN Support

SSL and IPsec VPN Remote Access • SSL VPN – clientless remote access, anywhere, anytime

Bandwidth Management • Control end user bandwidth consumption with Bandwidth Profiles

Easy to Use • Auto Detect connects to your ISP quickly

Reliable NETGEAR Hardware • Industry-grade metal casing

• Create up to 254 individual 802.1Q VLANs

• Allows for secure network segmentation

• Separate guest traffic from critical production servers

• IPsec VPN – secure site-to-site tunnels and client-based remote access

• Industry-strength encryption algorithms

• IKE authentication protects against unauthorized remote access

• 125 simultaneous IPsec VPN tunnels

• 50 simultaneous SSL VPN tunnels

• Prioritize traffic with Quality of Service (QoS)

• WAN Traffic Metering

• DHCP (client and server) for fast deployment

• Intuitive Web management GUI

• IPsec VPN Wizard allows for easy VPN setup

• SNMP, telnet management support

• SYSLOG and emailed logs enable thorough network monitoring

• High-quality electronics

• NETGEAR Lifetime Warranty

24/7

T E C H N I C A L

S U P P O R T*

1-888-NETGEAR (638-4327)
Email: info@NETGEAR.com

*

ProSafe® Quad WAN Gigabit SSL VPN Firewall SRX5308

Gigabit Ethernet
Fast Ethernet

GSM7224-200

ProSafe 24-port Gigabit
Managed Switch

Servers

STM300

ProSecure Web and Email
Security Appliance

Desktop PCs connect with
10/100/1000 Mbps Gigabit
Ethernet PCI Adapter (GA311)

SRX5308

ProSafe Quad WAN Gigabit
SSL VPN Firewall

WNDAP350
ProSafe Dual Band
Wireless-N Access Point

PC with GA311

Remote Access
via Kiosk or Laptop

Broadband
modems

Laptop with SSL VPN

Internet

PDA with Web browser

VPN Tunnel
encrypts your data

Broadband
modems

™

Everybody’s conn ecti ng.

NMS100 ProSafe Network Management System

2

7

0

-

1

0

2

6

3

-

0

1

Instructions:

Software CD

This CD should automatically

Version 1.0

run when inserted into your
CD-ROM drive. If the CD
does not start automatically,
browse to the CD drive and
click on NMSsetup.exe

© 2004 NETGEAR, INC.
ALL RIGHTS RESERVED
© 2004 NETGEAR, Inc.

240-10041-01
All rights reserved
240-10129-01

Telecommuter connects with
ProSafe VPN Client Software
(VPN01L or VPN05L)

SRX5308

ProSafe Quad WAN Gigabit
SSL VPN Firewall

GS724TPS

ProSafe 24-port Gigabit
Stackable PoE Smart Switch

Desktop PCs connect with
10/100/1000 Mbps Gigabit
Ethernet PCI Adapter (GA311)

STM150

ProSecure Secure Threat
Management Appliance

TECHNICAL SPECIFICATIONS

PERFORMANCE

LAN-to-WAN Throughput¹ 924 Mbps

IPsec VPN (3DES) Throughput¹ 180 Mbps

SSL VPN Throughput¹ 21 Mbps

Maximum Concurrent Connections 200,000

Maximum Number of VLANs 254

Dedicated IPsec VPN Tunnels 125

Dedicated SSL VPN Tunnels 50

FIREWALL FEATURES

Stateful Packet Inspection (SPI) Port/Service Blocking, Denial-of-service (DoS) Prevention, Stealth Mode, Block TCP Flood, Block UDP Flood,

Firewall Functions Port Range Forwarding, Port Triggering, DNS proxy, MAC Address Cloning/spoofing, NTP Support, UPnP, Auto-

Uplink on Switch Ports, L3 Quality of Service (QoS),LAN-to-WAN and WAN-to-LAN(ToS), Bandwidth Profiling

Content Filtering Web Components (Proxy, Java, ActiveX, Cookies), Web Keyword Blocking, Trusted Domains

User Authentication for VPN Active Directory, LDAP, Radius, WIKID, MIAS, NT Domain, Local User Database

PCI Compliance Two Factor
Authentication Support

VoIP SIP ALG Compatibility List Linksys SPA-901, Linksys SPA-941, SNOM M3, Cisco 7940G, X-Lite 3.0 (software for phones),

D-Link DPH-140S, Grandstream GXP-2000, Polycom SoundStation 6000, Siemens C450, Aastra 51i

VPN Pass Through IPsec, PPTP, L2TP

WAN/LAN Ping Response Control

•

FIREWALL FEATURES

WAN Modes NAT, Classical Routing

ISP Address Assignment DHCP, Static IP Assignment, PPPoE, PPTP

NAT Modes 1-1, NAT, PAT

Routing Static, Dynamic, RIPv1, RIPv2

DHCP DHCP Server, DHCP Relay

DDNS DynDNS.org, TZO.com, Oray.net, 3322.org

VLANs 802.1Q

Quad-WAN Fail-over

•

WAN Load Balancing Modes Weighted Load Balancing, Round Robin

VPN

IPsec Encryption/Authentication 56-bit DES, 168-bit 3DES, AES(128, 192, 256 bit)/SHA-1, MD5
Key Exchange IKE, Manual Key, Pre-shared Key, PKI, X.509 v3
IPsec NAT Traversal (VPN Passthrough)

IPsec Access Modes Client-to-site, Site-to-site
IPsec VPN Wizard

•

•