Patton 2823 User Manual

Patton DMZ Secure Routers streamline DMZ implementation and secure-firewall configurations
for enterprise networks without sacrificing QoS for critical business traffic.
QoS/CoS Profiles
Configurable burst tolerance, bandwidth guarantees plus
reduce per flow traffic jitter as required by the application.
Triple-Port Power DMZ
Use to configure the 3rd 10/100 Ethernet port as a physical
VPN Tunnels
Standard IPSec with AH and ESP ensures maximum
protection when traversing unsecured networks.
IP ACCESS PRODUCTS
atton’s IPLink Managed VPN Routers are a family of next genera­tion appliances that address both the security and the traffic prior­itization needs of enterprises. The Model 2823 Secure DMZ Router with integrated QoS makes it easy for enterprises to isolate
their web servers in a secure demilitarized zone (DMZ). The three-port router provides physically and logically separates connections to a private LAN and a DMZ network, while still allowing secure business-class Internet access with traffic-shaping services.
As with all IPLink VPN Ro u t e r, the Se c u re DMZ Router implements a com­p r e h e n s i ve security environment. It all starts with IPSec. By supporting ESP as well as AH, IPLink VPN Routers provide data integrity, authentication, anti­replay and data confidentiality to any traffic flow. DES, 3DES, and AES pro­vide standard encryption up to 256 bits. Fi rewall capabilities of the IPLink VPN Routers include Access Control Lists (ACLs), IP address and port filter­ing, and protection against Denial of Se rvice (DoS) attacks. Likewise, PPPo E p rot ocols include support for PAP and CHAP authentication.
QoS features include ToS/DiffServ marking and the configuration of eight service class tags per IEEE 802.1p/Q. With traffic scheduling and shaping, create dedicated bandwidth guarantees, configurable burst tolerance, and policing to include excess traffic discard. IP fragmentation is configurable to help minimize jitter in traffic flows.
Advanced IP features include RIPv1 & RIPv2 routing and static route config­uration. Static and dynamic NAT, NAPT, DNS resolver and relay, dynamic DNS, and DHCP server further add to the capabilities of the IPLink VPN Router. All IPLink VPN routers can be managed via a web browser (HTTP), command line interface (Telnet), or an SNMP management platform.
For more information, visit us at www.patton.com.
P
IPLink Managed VPN Routers
Model 2823 DMZ Secure Router
IPLink 2823
VPN
Configurable Security Profiles
Built-in IP address and IP port filtering, ACLs and DoS attack
detection creates a comprehensive security environment.
SNMP/HTTP Management
Easily manage the IPLink VPN Routers
via a simple web browser interface.
Strong Encryption
DES, 3DES, and AES offer standards based encryption
algorithms from 56 to 256 bits.
DNS resolver and relay, NAT/NAPT, dynamic
DNS, and DHCP server, eases integration.
Enhanced IP Services
Special Rates Available
Call for Details
Internal/external and AC/DC power
VPN & QoS software comes standard
10/100 LAN Ethernet switch with full-duplex and auto MDI/MDI-X operation
10/100 Ethernet WAN
with full-duplex and auto
MDI/MDI-X operation
Front panel LEDs show operational
status at a glance
Proven Patton design
7622 Rickenbacker Drive
Gaithersburg, MD 20879 USA
Phone +1-301-975-1000
Fax +1-301-869-9293
E-mail sales@patton.com
URL http://www.patton.com
07M2823-DS2
Meriedweg 7
CH-3172 Niederwangen
Phone +41 (31) 985 25 25
Fax +41 (31) 985 25 26
E-mail sales@inalp.com
URL http://www.inalp.com
Specifications
WAN Ethernet port
10/100BaseT (RJ-45 connector); auto-negotiat­ing; half/full duplex operation with automatic MDI/MDI-X
LAN Ethernet Ports
One 10/100BaseT port (RJ-45 connector); auto­negotiating; half or full duplex operation with automatic MDI/MDI-X plus One 10BaseT (RJ-45 connector); half or full duplex with automatic MDI/MDI-X
Management
CLI via Telnet; TFTP for Software upgrade and configuration upload; SNMPv1; HTTP/web browser
Protocols
IP (RFC 741), TCP (RFC 793), UDP (RFC 768), ICMP & ICMP Redirect (RFC 792), ARP (RFC 826). IP Router with RIPv1 (RFC 1058), RIPv2 (RFC
2453), programmable static routes. Integrated DHCP Server (RFC 2131), DNS Relay (RFC 1631), IEEE 802.1p VLAN Tagging, NAT/NAPT (RFC 1631/2391)
Security
IPSec including AH and ESP. DES, 3DES, and AES encryption. Access Control Lists (ACLs). IP port and address filtering both by source and destina­tion. DoS Detection. Password protected system
management with a username/password for con­sole and virtual terminal.
Power Supplies
External universal 90–260 VAC input or 48 VDC input. (Optional Internal universal 90–260 VAC input.)
Compliance
CE Mark; Safety: UL60950-1, CSA 22.2 6095001, IEC/EN60950-1. Universal AC units are US NRTL Listed; EMC Emission s: FCC Part 15 Class A; EN55 022 Class A; EMC Immunity: EN55024
Environment
Operating temperature: 0-40°C (32-104 °F); Humidity: 5-80% non-condensing
Dimensions & Weight
7.3W x 1.6H x 6.1D in. (18.5H x 4.1W x 15.5D c m)
30.5 oz./500g (models with internal power);
24.4 oz./400g (models with external power; no power supply)
Ordering Information
2823/UI 2823/48 2823/EUI
Typical ApplicationFeatures
Three 10/100 Ethernet ports
Easily create a physical and logical DMZ
Avoid router configuration complexity
Apply QoS to the DMZ to guarantee priority
for business traffic flows
VPN tunneling secures IP network traversal.
IPSec encryption supporting AH and ESP pro-
vides data integrity, authentication, anti-replay and data confidentiality.
256-bit encryption protects data.
With support for DES, 3DES, and AES, data
can be encrypted using 56 to 256-bit algo­rithms, right-sizing security to resources.
QoS/CoS profiles
QoS/CoS guarantees traffic priority.
ToS/DiffServ labeling
Eight service class tags per IEEE 802.1p/Q
Per flow bandwidth guarantees
Hierarchical traffic classes
Configurable burst tolerance
Excess traffic discard
Configurable packet and frame fragmenta-
tion to minimize jitter.
IPLink VPN Routers are next-generation security appliances that address the needs of business users by integrating QoS into a one-box solution. By including QoS, broadband connections can be put to dual-use without impacting the quality of business data flows.
Loading...