|
|
Products Center
Unified Security Firewall
VigorPro 5300 |
|
|
1.
Anti-Virus
- Scan SMTP, POP3, HTTP, IMAP, FTP
- Scan ZIP / GZIP / BZIP2
- Scan Encrypted VPN Tunnels
- Automatic Virus Signature Update
- Automatic Alert when Signature Update
Service Expired
- Real-timeE-mail / Syslog Alert when
Virus is Detected
|
2.
Anti-Intrusion
- Rule-based Detection List
- Pass / Disallow / Reset when Intrusion
is Detected
- Automatic Intrusion Signature Update
- Automatic Alert when Signature Update
Service Expired
- Real-time E-mail / Syslog Alert
when Under Attack
|
3.
Dual-WAN
- Outbound Policy-based Load-balance
- BoD ( Bandwidth on Demand )
- WAN Connection Fail-over
|
4.
WAN Protocol
- DHCP Client
- Static IP
- PPPoE
- PPTP
- BPA
- L2TP
|
5.
VPN
- Up to 100 VPN Tunnels
- Protocol : PPTP, IPSec, L2TP, L2TP
over IPSec
- Encryption : MPPE and Hardware-Based
AES / DES / 3DES
- Authentication : Hardware-Based
MD5, SHA-1
- IKE Authentication : Pre-shared
Key and Digital Signature ( X.509
)
- LAN-to-LAN, Teleworker-to-LAN
- DHCP over IPSec
- NAT-Traversal ( NAT-T )
- Dead Peer Detection ( DPD )
- VPN Pass-through
|
6.
Firewall Facilities
- SPI ( Stateful Packet Inspection
)
- CSM ( Content Security Management
)
- URL Content Filter
- Web Content Filter
- IM / P2P Blocking
- Multi-NAT, DMZ Host, Port Redirection
and Open Port
- Policy-based IP Packet Filter
- DoS / DDoS Prevention
- IP Address Anti-Spoofing
- E-Mail Alert and Logging via Syslog
- Bind IP to MAC Address
|
7.
Bandwidth Management
- Class-based Bandwidth Guarantee
by User-defined Traffic Categories
- DiffServ Code Point Classifying
- 4-level Priority for Each Direction
( Inbound / Outbound )
- Bandwidth Borrowed
- Bandwidth / Session Limitation
|
8.
Network Features
- DHCP Client / Relay / Server
- Dynamic DNS
- NTP Client
- Call Scheduling
- RADIUS Client
- DNS Cache / Proxy
- UPnP
- Port-based VLAN
- Routing Protocol : Static Routing
, RIP V2
|
9.
Content Filter
- URL Keyword Blocking ( White List
and Black List )
- Java Applet, Cookies, Active X,
Compressed, Executable, Multimedia
File Blocking
- Time Schedule Control
|
10.
Network Management
- Web-based User Interface ( HTTP/
HTTPS )
- Quick Start Wizard
- CLI ( Command Line Interface, Telnet
)
- Administration Access Control
- Configuration Backup / Restore
- Built-in Diagnostic Function
- Firmware Upgrade via TFTP/FTP
- Logging via Syslog
- SNMP Management with MIB-II
|
|
|
|
Technical
Specifications of VigorPro 5300 |
| Hardware
Interface |
WAN |
2x 10/100 Base-Tx
RJ45 ports |
| LAN |
4x 10/100 Base-Tx
RJ45 ports |
| Anti-Virus
|
Scan SMTP, POP3,
HTTP, IMAP, FTP |
| Scan ZIP / GZIP
/ BZIP2 |
| Scan Encrypted
VPN Tunnels |
| Automatic Virus
Signature Update |
| Automatic Alert
when Signature Update Service Expired |
| Real-time E-mail
/ Ssyslog Alert when Virus is Detected
|
| Anti-Intrusion |
Rule-based Detection
List |
| Pass / Disallow
/ Reset when Intrusion is Detected |
| Automatic Intrusion
Signature Update |
| Automatic Slert
when Signature Update Service Expired |
| Real-time E-mail
/ Syslog Alert when Under Attack |
| Dual WAN |
Outbound Policy-based
Load-balance |
| BoD ( Bandwidth
on Demand ) |
| WAN Connection Fail-over |
| VPN |
Up to 100 VPN Tunnels
|
| LAN-to-LAN, Teleworker-to-LAN
|
| Protocol : PPTP
/ IPSec / L2TP / L2TP over IPSec |
| Encryption : MPPE
and Hardware-based AES / DES / 3DES |
| Authentication :
Hardware-based MD5 , SHA-1 |
| DHCP over IPSec |
| IKE
Authentication |
Pre-shared Key |
| Digital Signature ( X.509
) |
| NAT-Traversal (
NAT-T) |
| Dead Peer Detection
( DPD ) |
| VPN Pass-through |
| Firewall
Facilities |
SPI ( Stateful Packet Inspection
) |
| CSM |
URL Content Filter |
| Web Content Filter |
| IM / P2P Blocking |
| Multi-NAT, DMZ
Host, Port Redirection and Open Port |
| Policy-based IP
Packet Filter |
| DoS / DDoS Prevention |
| IP Address Anti-Spoofing |
| E-mail Alert and
Logging via Syslog |
| Bind IP to MAC Address |
| Bandwidth
Management |
Class-based Bandwidth
Guarantee by User-defined Traffic Categories
|
| DiffServ Code Point
Classifying |
| 4 level Priority
for Each Direction ( Inbound / Outbound
) |
| Bandwidth Borrowed |
| Bandwidth / Session
Limitation |
| Network
Features |
DHCP Client / Relay
/ Server |
| Dynamic DNS |
| NTP Client |
| Call Scheduling |
| RADIUS Client |
| DNS Cache / Proxy |
| UPnP |
| Port-based VLAN |
| Routing Protocol
: Static Routing , RIP V2 |
| Content
Filter |
URL Keyword Blocking ( White
List and Black List ) |
| Java Applet, Cookies,
Active X, Compressed, Executable, Multimedia
File Blocking |
| Time Schedule Control |
| Network
Management |
Web-based User Iinterface
( HTTP / HTTPS ) |
| Quick Start Wizard |
| CLI ( Command
Line Interface , Telnet ) |
| Administration Access
Control |
| Configuration Backup
/ Restore |
| Build-in Diagnostic
Function |
| Firmware Upgrade
via TFTP / FTP |
| Logging via Syslog |
| SNMP Management
MIB-II |
| Temperature |
Operating : 0°C
~ 45°C |
| Storage : -25°C
~ 70°C |
| Humidity |
10% ~ 90% ( Non-condensing
) |
| Max. Power |
10 Watt |
| Dimension |
L240.96 * W165.07
* H43.96 ( mm ) |
| Power |
DC 15V / 1.34A |
|
|
|
Legacy firewall devices have their limitations
on networking protection and are often dedicated.
The vulnerabilities of contemporary networks ranging
from Web surfing, e-mail, FTP, to various instant
messaging and P2P softwares, present a heavy burden
for network administrators.
VigorPro 5300, serving as UTM equipment of the new
generation, can fulfill your requirements for secure
networks.
|
| All-in-one Unified Security Firewall |
Conventional firewalls are blind to today's attacks, and also cannot detect inappropriate e-mail and Web
content. The most common solution is complex, costly collection of independent systems to deal with each
of these threats along with network-level intrusions and attacks. The VigorPro 5300 is capable of providing
a complete complement of integrated services including :
Anti-Virus
Intrusion prevention
Intrusion Detection
CSM ( Content Security Management )
VPN
SPI Firewall
Figure 2. All-in-one
Unified Security Firewall |
|
| Hardware-accelerated, Real-time
Response |
The VigorPro 5300 employs a unique, hardware-accelerated
architecture the provides the ability to perform real-time
security without slowing critical network applications,
such as Web traffic. Software-based anti-virus systems,
which are designed for scanning non-real-time email
messages, are too slow to be used to scan Web traffic
or other real-time network applications.
Figure 3. Hardware-accelerated,
Real-time Response |
|
| Network-level Protection |
Conventional way to protection against virus or
malicious program, it required each host to install
software on the host. To install software on a large
number of hosts is a time consuming process. To evaluate
for vulnerabilities, both scan engine and virus database
needs constant upgrade. It is very costly and annoying
for IT personnel with high maintenance. While VigorPro 5300
works as firewall as well as internet gateway, so
by nature VigorPro 5300 blocks any attacks at the point
of network entry. Through the user interface, the
security administrator can monitor and instruct the
VigorPro 5300 to look for any vulnerability in network-level.
Provide protection of all hosts inside network edge
before threats intrude.
Figure 4. Network-level
Protection |
|
| Content-based Inline Inspection |
Conventional firewalls only inspect packets connection
behavior to against any connection-based attack. While
the content-based threats today. such as virus, worms,
Trojans or banned content, which spread faster and
do more damage. Conventional firewalls bypass the
widely spread content-based threat and expose internal
network to outside world. VigorPro 5300 deploys DrayTek's
unique MSSI™ ( Multi-stack Stateful Inspection)
mechanism. With MSSI™ , VigorPro 5300 inspects
packet streams, compares any suspected content or
behavior with build-in database in real-time, and
provide inline anti-virus and anti-intrusion protection.
Figure 5. Content-based
Inline Inspection |
|
|
|
|
Page last modified : 03 January 2008 |