MultiWAN Security Firewall

Vigor3200 Series

  • 4-Port Gigabit WAN with load balance and redundancy to guarantee business essential data exchange
  • Extra USB port for 3.5G mobile WAN or FTP/printer servers
  • WAN/USB 3.5G ports enable user-defined WAN redundancy and Load Balance policy
  • 1-Port Gigabit LAN switch facilitating the execution of unified communication applications in business CO/remote site
  • Firewall with SPI based IP filters, Dos/DDoS prevention, and Object-based policy for easy settings
  • Enterprise level Content Security Management (CSM)
  • GlobalView Web Content Filter powered by 
  • VPN with 64 hardware-based tunnels on comprehensive VPN protocols; up to 40Mbps IPSec throughput
  • Support up to 10 concurrent SSL VPN tunnels 
  • Network management features including CLI/Telnet/SSH, Diagnostic tables, SNMP, 2-level Access Control, TR-069, TR-104 management, etc
  • Network features including call scheduling, RADIUS support, UPnP, VLAN, QoS, Packet Forward Acceleration, etc
  • Support VPN Backup and Load Balance (VPN Trunking) for WAN1 and WAN2
  • Smart Monitor Traffic Analyzer (Up to 100 nodes) 

 

Features of the Vigor3200 series Multi-Subnet security routers will satisfy the network requirements of small to medium business networks. Its Multi-Subnet interface with Multi-VLAN function allows users to easily divide network into different sections based on applications, such as VoIP, web or ftp server or user groups, such as Sales, Technical Support or HR dept. Each usage/application or user group can get its dedicated bandwidth and administrator can have security control between user groups for preventing possible data leakage.

Multi-WAN with Bandwidth Management

All these 4xGbps WAN ports support current xDSL/Cable/Satellite broadband and the USB port also allows connection to the 3.5G Mobile Broadband. The WAN ports can be configured to increase data throughput, backup each other (Failover mode), or share the traffic (Load Balance). If you have your own Web server, FTP server and mail server, the 4 WAN ports will provide additional bandwidth for customers. In addition, the 1xGbps LAN port switch compatible with PoE switch (e.g. VigorSwitch P2260) and Gigabit switch (e.g. VigorSwitch G2080/G2240) can support large data transfer and connect to multiple client devices (PC/servers) in small to medium LAN networks.

Vigor3200 series embedded with tag-based multi-subnet function can maximize the investment of your obtained bandwidth. For example, you can allocate your 100Mbps broadband connection(s) to timing critical applications such as VoIP, web or ftp severs and business essential departments such as Sales and Technical Support team. You additional low monthly fee DSL or cable line can be used by mail server or HR team which don’t need fast data/voice packet transmission for daily operation. SMB can get highly cost-effective and secure network as adopting Vigor3200 series.

USB Port for 3.5G or FTP/Printer Server

The capability of the USB port to connect to 3.5G mobile broadband means that the router can be used in anywhere with 3.5G coverage, such as moving vehicles, temporary events, offices where xDSL or Cable are not available, etc.

Apart from supporting printer servers, the USB port also allows the connection of a USB disk or hard drive for FTP file transfer through the Internet or local networks. The network administrator can set username/password and directory/file access privilege for individual users.

 DMZ Port for providing servers with extra protection

The DMZ port of Vigor3200 series can provide additional layer protection to servers, such as Web server, which need to expose resources from untrusted network: e.g. Internet but also have uncompromising internal LAN security requirements.

Through the user-friendly WUI of Vigor3200 series, admin can activate DMZ by NAT or Physical mode to the chosen server. That would makes external attacks only have access to the external-facing equipment in the DMZ, not entire LAN to insert extra layer of protection to SMB’s internal network.

Security Firewall

The Vigor3200 series offer you robust firewall options with both IP-layer and content-based protection. The DoS/DDoS prevention and URL/Web content filter strengthen the security outside and inside the network. The enterprise-level CSM (Content Security Management) enables users to control and manage IM (Instant Messenger) and P2P (Peer-to-Peer) applications more efficiently. The CSM hence prevents inappropriate content from distracting employees and impeding productivity. Furthermore, the CSM can keep office networks threat-free and available.

Comprehensive VPN

Up to 64 simultaneous hardware based VPN tunnels are supported providing a throughput up to 40Mbps. Each of these can be configured to use any of the common VPN protocols: PPTP, IPSec, L2TP, L2TP over IPSec, etc., and with any of the most up-to-date encryption (MPPE, AES/DES/3DES), Authentication (MD5, SHA-1), Pre-shared Key, Digital Signature (X.509). These tunnels can be used for LAN-to-LAN or remote dial-in. 

Advanced WLAN

The Vigor3200n model includes a built-in 802.11n Wireless Access Point (WAP) delivering wireless network speed up to 300Mbps. For upmost security, it supports WEP/WPA/WPA2 (64bit/128bit), MAC Address Access Control, 4 x SSID, 802.1x Authentication and WLAN Isolation. Other enhanced features include: WDS (Wireless Distribution System) to extend the coverage range, Wireless Rate Control to manage bandwidth allocation to wireless devices, and WMM (Wi-Fi Multimedia) to prioritize voice, video and data within the WLAN network.

Easy Network Management

Configuring Vigor3200 router is easy with the web based configuration pages, plus the CLI/Telnet/SSH methods. Tools allowing network administrators to manage and maintain the networks with ease include:

  • Diagnostic Tables that show network connection status

  • SNMP for network traffic monitoring

  • Two levels of Access Control to prevent unauthorized access to the router

  • TR-069 and TR-104 for service providers to manage user devices remotely

More features are available to support business networks’ operations, such as Call Scheduling, RADIUS support, UP&P, VLAN, QoS, Packet Forward Acceleration, etc.

 

Features:

 

1. Multi-WAN  (Ethernet / 3.5G)

  • Outbound Policy-based Load-balance
  • WAN Connection Failover

2. Wireless Access Point

  • IEEE 802.11b/g/n Compliant
  • Wireless Client List
  • Wireless LAN Isolation
  • 64/128-bit WEP/WPA/WPA2
  • WPS
  • MAC Address Access Control
  • Access Point Discovery
  • WDS (Wireless Distribution System)
  • 802.1x Authentication
  • Hidden SSID
  • Multiple SSID
  • Wireless Rate-control
  • WMM (Wi-Fi Multimedia)

3. WAN Protocol

  • DHCP Client
  • Static IP
  • PPPoE
  • PPTP
  • BPA
  • L2TP

4. VPN

  • Up to 64 VPN Tunnels
  • Protocol: PPTP, IPSec, L2TP, L2TP over IPSec
  • Encryption: MPPE and Hardware-based AES/DES/3DES
  • Authentication: Hardware-based MD5, SHA-1
  • IKE Authentication: Pre-shared Key and Digital Signature (X.509)
  • LAN-to-LAN, Teleworker-to-LAN
  • DHCP over IPSec
  • NAT-Traversal (NAT-T)
  • Dead Peer Detection (DPD)
  • VPN Pass-through
  • VPN Wizard
  • SSL VPN

5. Firewall

  • Multi-NAT, DMZ Host, Port-redirection and Open Port
  • Object-based Firewall
  • MAC Address Filter
  • SPI (Stateful Packet Inspection) (Flow Track)
  • DoS / DDoS Prevention
  • IP Address Anti-spoofing
  • E-mail Alert and Logging via Syslog
  • Bind IP to MAC Address
  • Time Schedule Control

6. USB

  • 3.5G USB Modem as 5th WAN
  • Printer Sharing
  • File System : 
    • Support FAT32 / FAT16 File System 
    • Support FTP Function for File Sharing 

7. Bandwidth Management

  • QoS :
    • Guarantee Bandwidth for VoIP
    • Class-based Bandwidth Guarantee by User-defined Traffic Categories
    • DiffServ Code Point Classifying
    • 4-level Priority for Each Direction (Inbound/Outbound)
    • Bandwidth Borrowed
  • Bandwidth / Session Limitation
  • Layer-2 (802.1p) and Layer-3 (TOS / DSCP) QoS Mapping *

8. Network Management

  • Web-Based User Interface (HTTP/HTTPS)
  • Quick Start Wizard
  • CLI (Command Line Interface, Telnet/SSH)
  • Administration Access Control
  • Configuration Backup/Restore
  • Built-in Diagnostic Function
  • Firmware Upgrade via TFTP/FTP/HTTP/TR-069
  • Logging via Syslog
  • SNMP Management with MIB-II
  • Management Session Time Out
  • 2-level management (Admin/User Mode)
  • TR-069 Management
  • TR-104 Management

9. Content Security Management

  • IM/P2P Applications V3 (APP Enforcement)
  • URL Content Filter :
    • URL Keyword Blocking (White List and Black List)
    • Java Applet, Cookies, Active X, Compressed, Executable, Multimedia File Blocking
    • Excepting Subnets
    • Time Schedule Control
  • GlobalView Web Content Filter (Powered by *

10. Network Features

  • Packet Forwarding Acceleration
  • DHCP Client/Relay/Server
  • DHCP Option
  • IGMP V2
  • Dynamic DNS
  • NTP Client
  • Call Scheduling
  • RADIUS Client
  • DNS Cache/Proxy
  • UPnP 30 Sessions
  • Routing Protocol:
    • Static Routing
    • RIP V2
  • Multi Subnet LAN
  • VLAN Tagging (802.1q) on WAN

11. Declaration of Conformity

info@draytek.com.sg

© 2012 draytek.com.sg. All Rights Reserved.