Patton DMZ Secure Routers streamline DMZ implementation and secure-firewall configurations
for enterprise networks without sacrificing QoS for critical business traffic.
QoS/CoS Profiles
Configurable burst tolerance, bandwidth guarantees plus
reduce per flow traffic jitter as required by the application.
Triple-Port Power DMZ
Use to configure the 3rd 10/100 Ethernet port as a physical
and logical DMZ to keep traffic off the local network.
VPN Tunnels
Standard IPSec with AH and ESP ensures maximum
protection when traversing unsecured networks.
IP ACCESS PRODUCTS
atton’s IPLink Managed VPN Routers are a family of next generation appliances that address both the security and the traffic prioritization needs of enterprises. The Model 2823 Secure DMZ
Router with integrated QoS makes it easy for enterprises to isolate
their web servers in a secure demilitarized zone (DMZ). The
three-port router provides physically and logically separates connections to a
private LAN and a DMZ network, while still allowing secure business-class
Internet access with traffic-shaping services.
As with all IPLink VPN Ro u t e r, the Se c u re DMZ Router implements a comp r e h e n s i ve security environment. It all starts with IPSec. By supporting ESP as
well as AH, IPLink VPN Routers provide data integrity, authentication, antireplay and data confidentiality to any traffic flow. DES, 3DES, and AES provide standard encryption up to 256 bits. Fi rewall capabilities of the IPLink
VPN Routers include Access Control Lists (ACLs), IP address and port filtering, and protection against Denial of Se rvice (DoS) attacks. Likewise, PPPo E
p rot ocols include support for PAP and CHAP authentication.
QoS features include ToS/DiffServ marking and the configuration of eight
service class tags per IEEE 802.1p/Q. With traffic scheduling and shaping,
create dedicated bandwidth guarantees, configurable burst tolerance, and
policing to include excess traffic discard. IP fragmentation is configurable to
help minimize jitter in traffic flows.
Advanced IP features include RIPv1 & RIPv2 routing and static route configuration. Static and dynamic NAT, NAPT, DNS resolver and relay, dynamic
DNS, and DHCP server further add to the capabilities of the IPLink VPN
Router. All IPLink VPN routers can be managed via a web browser (HTTP),
command line interface (Telnet), or an SNMP management platform.
For more information, visit us at www.patton.com.
P
IPLink Managed VPN Routers
Model 2823 DMZ Secure Router
IPLink 2823
VPN
Configurable Security Profiles
Built-in IP address and IP port filtering, ACLs and DoS attack
detection creates a comprehensive security environment.
SNMP/HTTP Management
Easily manage the IPLink VPN Routers
via a simple web browser interface.
Strong Encryption
DES, 3DES, and AES offer standards based encryption
algorithms from 56 to 256 bits.
DNS resolver and relay, NAT/NAPT, dynamic
DNS, and DHCP server, eases integration.
Enhanced IP Services
Special Rates Available
Call for Details
Internal/external
and AC/DC power
VPN & QoS software comes standard
10/100 LAN Ethernet
switch with full-duplex and
auto MDI/MDI-X operation
10/100 Ethernet WAN
with full-duplex and auto
MDI/MDI-X operation
Front panel LEDs
show operational
status at a glance
Proven Patton design
7622 Rickenbacker Drive
Gaithersburg, MD 20879 USA
Phone +1-301-975-1000
Fax +1-301-869-9293
E-mail sales@patton.com
URL http://www.patton.com
07M2823-DS2
Meriedweg 7
CH-3172 Niederwangen
Phone +41 (31) 985 25 25
Fax +41 (31) 985 25 26
E-mail sales@inalp.com
URL http://www.inalp.com
Specifications
WAN Ethernet port
10/100BaseT (RJ-45 connector); auto-negotiating; half/full duplex operation with automatic
MDI/MDI-X
LAN Ethernet Ports
One 10/100BaseT port (RJ-45 connector); autonegotiating; half or full duplex operation with
automatic MDI/MDI-X plus One 10BaseT (RJ-45
connector); half or full duplex with automatic
MDI/MDI-X
Management
CLI via Telnet; TFTP for Software upgrade and
configuration upload; SNMPv1; HTTP/web browser
Protocols
IP (RFC 741), TCP (RFC 793), UDP (RFC 768),
ICMP & ICMP Redirect (RFC 792), ARP (RFC 826).
IP Router with RIPv1 (RFC 1058), RIPv2 (RFC
2453), programmable static routes. Integrated
DHCP Server (RFC 2131), DNS Relay (RFC 1631),
IEEE 802.1p VLAN Tagging, NAT/NAPT (RFC
1631/2391)
Security
IPSec including AH and ESP. DES, 3DES, and AES
encryption. Access Control Lists (ACLs). IP port
and address filtering both by source and destination. DoS Detection. Password protected system
management with a username/password for console and virtual terminal.
Power Supplies
External universal 90–260 VAC input or 48 VDC
input. (Optional Internal universal 90–260
VAC input.)
Compliance
CE Mark; Safety: UL60950-1, CSA 22.2
6095001, IEC/EN60950-1. Universal AC units
are US NRTL Listed; EMC Emission s: FCC Part
15 Class A; EN55 022 Class A; EMC
Immunity: EN55024
Environment
Operating temperature: 0-40°C (32-104 °F);
Humidity: 5-80% non-condensing
Dimensions & Weight
7.3W x 1.6H x 6.1D in.
(18.5H x 4.1W x 15.5D c m)
30.5 oz./500g (models with internal power);
24.4 oz./400g (models with external power; no
power supply)
Ordering Information
2823/UI 2823/48 2823/EUI
Typical ApplicationFeatures
✔ Three 10/100 Ethernet ports
• Easily create a physical and logical DMZ
• Avoid router configuration complexity
• Apply QoS to the DMZ to guarantee priority
for business traffic flows
✔ VPN tunneling secures IP network traversal.
• IPSec encryption supporting AH and ESP pro-
vides data integrity, authentication, anti-replay
and data confidentiality.
✔ 256-bit encryption protects data.
• With support for DES, 3DES, and AES, data
can be encrypted using 56 to 256-bit algorithms, right-sizing security to resources.
✔ QoS/CoS profiles
• QoS/CoS guarantees traffic priority.
• ToS/DiffServ labeling
• Eight service class tags per IEEE 802.1p/Q
• Per flow bandwidth guarantees
• Hierarchical traffic classes
• Configurable burst tolerance
• Excess traffic discard
• Configurable packet and frame fragmenta-
tion to minimize jitter.
IPLink VPN Routers are next-generation security appliances that address the needs of business users by integrating QoS
into a one-box solution. By including QoS, broadband connections can be put to dual-use without impacting the quality of
business data flows.
Loading...