|
|
|
|
Legacy firewall devices have their limitations on networking protection and are often dedicated. The vulnerabilities of contemporary networks ranging from Web surfing, e-mail, FTP, to various instant messaging and P2P softwares, present a heavy burden for network administrators.
Conventional firewalls are blind to today's attacks, and also cannot detect inappropriate e-mail and Web content. The most common solution is complex, costly collection of independent systems to deal with each of these threats along with network-level intrusions and attacks.
The VigorPro 5500 employs a unique, hardware-accelerated architecture the provides the ability to perform real-time security without slowing critical network applications, such as Web traffic. Software-based anti-virus systems, which are designed for scanning non-real-time email messages, are too slow to be used to scan Web traffic or other real-time network applications.
Conventional way to protection against virus or malicious program, it required each host to install software on the host. To install software on a large number of hosts is a time consuming process. To evaluate for vulnerabilities, both scan engine and virus database needs constant upgrade. It is very costly and annoying for IT personnel with high maintenance. While VigorPro 5500 works as firewall as well as internet gateway, so by nature VigorPro 5500 blocks any attacks at the point of network entry. Through the user interface, the security administrator can monitor and instruct the VigorPro 5500 to look for any vulnerability in network-level. Provide protection of all hosts inside network edge before threats intrude.
Conventional firewalls only inspect packets connection behavior to against any connection-based attack. While the content-based threats today. such as virus, worms, Trojans or banned content, which spread faster and do more damage. Conventional firewalls bypass the widely spread content-based threat and expose internal network to outside world. VigorPro 5500 deploys DrayTek's unique MSSI™ (Multi-stack Stateful Inspection) mechanism. With MSSI™ , VigorPro 5500 inspects packet streams, compares any suspected content or behavior with build-in database in real-time, and provide inline anti-virus and anti-intrusion protection.
1. Anti-Virus
- Scan SMTP, POP3, HTTP, IMAP, FTP
- Scan ZIP / GZIP / BZIP2
- Scan encrypted VPN tunnels
- Automatic virus signature update
- Automatic alert when signature update service expired
- Real-time e-mail/syslog alert when virus is detected
|
2. Anti-Intrusion
- Rule-based detection list
- Pass / Disallow / Reset when intrusion is detected
- Automatic intrusion signature update
- Automatic alert when signature update service expired
- Real-time e-mail/syslog alert when under attack
|
3. Anti-Spam
- Real-time scan SMTP, POP3
- Automatic alert when license expired
- Real-time syslog alert when spam is detected
- Multi-language detection
- Multi-type (graphic, document, HTML) detection
- Single / Double byte coding detection
- No user limitation
|
4. Dual-WAN
- Outbound Policy-Based Load-Balance
- BoD (Bandwidth on Demand)
- WAN Connection Fail-over
|
5. WAN Protocol
- DHCP Client
- Static IP
- PPPoE
- PPTP
- L2TP *
- BPA
|
6. VPN
- Up to 200 VPN Tunnels
- Protocol : PPTP, IPSec, L2TP, L2TP over IPSec
- Encryption : MPPE and Hardware-Based AES / DES / 3DES
- Authentication : Hardware-Based MD5, SHA-1
- IKE Authentication : Pre-Shared Key and Digital Signature (X.509)
- LAN-to-LAN, Teleworker-to-LAN
- DHCP over IPSec
- NAT-Traversal (NAT-T)
- Dead Peer Detection (DPD)
- VPN Pass-Through
|
7. Firewall Facilities
- SPI (Stateful Packet Inspection)
- CSM (Content Security Management) for IM/P2P Application
- Multi-NAT, DMZ Host, Port Redirection and Open Port
- Policy-Based IP Packet Filter
- DoS / DDoS Prevention
- IP Address Anti-Spoofing
- E-Mail Alert and Logging via Syslog
- Bind IP to MAC Address
|
8. Network Features
- DHCP Client / Relay / Server
- Dynamic DNS
- NTP Client
- Call Scheduling
- RADIUS Client
- DNS Cache/Proxy
- UPnP
- Port-Based VLAN
- Routing Protocol : Static Routing , RIP V2
|
9. Network Management
- Web-Based User Interface (HTTP/ HTTPS)
- Quick Start Wizard
- CLI (Command Line Interface, Telnet / SSH *)
- Administration Access Control
- Configuration Backup / Restore
- Built-in Diagnostic Function
- Firmware Upgrade via TFTP/FTP
- Logging via Syslog
- SNMP Management with MIB-II
|
10. Content Filter
- URL Keyword Blocking (White List and Black List)
- Java Applet, Cookies, Active X, Compressed, Executable, Multimedia File Blocking
- Web Content Filter
- Time Schedule Control
|
11. Bandwidth Management
- Class-based Bandwidth Guarantee by User-Defined Traffic categories
- DiffServ Code Point Classifying
- 4-level Priority for Each Direction (Inbound / Outbound)
- Bandwidth Borrowed
- Bandwidth / Session Limitation
|
|
|
Technical Specifications of VigorPro 5500
|
| Hardware Interface |
WAN |
2x 10/100 Base-Tx RJ45 ports |
| LAN |
5x 10/100/1000 Base-Tx RJ45 ports |
| Anti-Virus |
Scan SMTP, POP3, HTTP, IMAP, FTP |
| Automatic virus signature update |
| Automatic alert when signature update service expired |
| Real-time e-mail/syslog alert when virus is detected |
| Anti-Intrusion |
Rule-based detection list |
| Pass/block/reset when intrusion is detected |
| Automatic intrusion signature update |
| Automatic alert when signature update service expired |
| Real-time e-mail/syslog alert when under attack |
| Anti-Spam |
Real-time scan SMTP, POP3 |
| Automatic alert when license expired |
| Real-time syslog alert when spam is detected |
| Multi-language detection |
| Multi-type (graphic, document, HTML) detection |
| Single / Double byte coding detection |
| QoS |
Class-based bandwidth guarantee by user-defined traffic categories |
| Support four priority-levels |
| Support DiffServ Codepoint classifying |
| Port-based rate throttling capability |
| VPN |
Up to 200 VPN tunnels |
| LAN-to-LAN, Teleworker-to-LAN |
| Protocol |
PPTP |
| IPSec |
| L2TP |
| L2TP over IPSec |
| Encryption |
AES |
| MPPE and hardware-based |
| DES / 3DES |
| Authentication |
MD5 |
| SHA-1 |
| IKE authentication |
Pre-shared key |
| Digital signature (X.509) |
| Firewall Facilities |
IM/P2P blocking |
| Multi-NAT, DMZ host, port-redirect/open port |
| Rule-based packet filtering |
| SPI (Stateful Packet Inspection) |
| DoS/DDoS protection |
| IP address anti-spoofing |
| E-mail alert and logging via syslog |
| Flexible Web Filtering |
Block URL (web-site) by user-defined keywords |
| Preclude web surfing from using directly IP address |
| Block automatic download of Java applets and Active X controls |
| Block web site cookies and proxy |
| Block http downloads of file type : Executable/Compressed/Multi-media |
| Support time schedule to control the restrictions and regular Internet access |
| Web content filter |
| Management |
Web-based user interface (HTTP / HTTPS) |
| Quick Start Wizard |
| CLI (Command Line Interface , Telnet) |
| Administration access control |
| Configuration backup / restore |
| Build-in diagnostic function |
| Firmware upgrade via TFTP / FTP |
| Syslog |
| SNMP management MIB-II |
| Temperature |
Operating : 0°C ~ 45°C |
| Storage : -25°C ~ 70°C |
| Humidity |
10% ~ 90% (non-condensing) |
| Max. Power |
15 Watt |
| Dimension |
L273 * W166 * H44.6 (mm) |
| Power |
AC 100~240V, 50/60Hz |
Legacy firewall devices have their limitations on networking protection and are often dedicated. The vulnerabilities of contemporary networks ranging from Web surfing, e-mail, FTP, to various instant messaging and P2P softwares, present a heavy burden for network administrators.
VigorPro 5500, serving as UTM equipment of the new generation, can fulfill your requirements for secure networks.
|
| All-in-one Unified Security Firewall |
Conventional firewalls are blind to today's attacks, and also cannot detect inappropriate e-mail and Web content. The most common solution is complex, costly collection of independent systems to deal with each of these threats along with network-level intrusions and attacks. The VigorPro 5500 is capable of providing a complete complement of integrated services including :
- Anti-Virus
- Intrusion prevention
- Intrusion Detection
- Anti-Spam (Commtouch®)
- Web Content Filter (power by SurfControl)
- VPN
- SPI Firewall
|
| Hardware-accelerated, Real-time Response |
The VigorPro 5500 employs a unique, hardware-accelerated architecture the provides the ability to perform real-time security without slowing critical network applications, such as Web traffic. Software-based anti-virus systems, which are designed for scanning non-real-time email messages, are too slow to be used to scan Web traffic or other real-time network applications.
|
| Network-level Protection |
Conventional way to protection against virus or malicious program, it required each host to install software on the host. To install software on a large number of hosts is a time consuming process. To evaluate for vulnerabilities, both scan engine and virus database needs constant upgrade. It is very costly and annoying for IT personnel with high maintenance. While VigorPro 5500 works as firewall as well as internet gateway, so by nature VigorPro 5500 blocks any attacks at the point of network entry. Through the user interface, the security administrator can monitor and instruct the VigorPro 5500 to look for any vulnerability in network-level. Provide protection of all hosts inside network edge before threats intrude.
|
| Content-based Inline Inspection |
Conventional firewalls only inspect packets connection behavior to against any connection-based attack. While the content-based threats today. such as virus, worms, Trojans or banned content, which spread faster and do more damage. Conventional firewalls bypass the widely spread content-based threat and expose internal network to outside world. VigorPro 5500 deploys DrayTek's unique MSSI™ (Multi-stack Stateful Inspection) mechanism. With MSSI™ , VigorPro 5500 inspects packet streams, compares any suspected content or behavior with build-in database in real-time, and provide inline anti-virus and anti-intrusion protection.
|
|
Interface of VigorPro 5500
|
| Hardware Interface |
WAN |
2x 10/100 Base-Tx RJ45 ports |
| LAN |
5x 10/100/1000 Base-Tx RJ45 ports |
| Temperature |
Operating : 0°C ~ 45°C |
| Storage : -25°C ~ 70°C |
| Humidity |
10% ~ 90% (non-condensing) |
| Max. Power |
15 Watt |
| Dimension |
L273 * W166 * H44.6 (mm) |
| Power |
AC 100~240V, 50/60Hz |
| Firmware Version : |
3.3.2 |
| Release Date : |
04/05/2009 |
| Support Language : |
English |
| Release Note : |
ReleaseNote.pdf |
| Downloads |
|
|
|
|
|
 |