Description of integrated security gateway for access routers

The rapid development of access routers in China has also led to the development of network-wide area network access routers. Here we mainly introduce how the new enterprise Wan can improve network security. New Enterprise WAN) access routers can provide elastic and scalable solutions for enterprise private network and Internet access; seamless integration of firewall and IPSec VPN features provides strong network security.

Recently, the United States network company released the AccessIron series enterprise WAN Access Router. This series of products consists of multiple ports T1/E1 and T3 access routers, mainly to provide scalable, reliable and cost-effective solutions for enterprises to build a high-performance wan.

With support for Frame Relay FR, Point-to-Point Protocol (PPP), multi-link bundling, and channel-based T1/E1 and E3 interfaces, the AccessIron product can flexibly support various services and Wan configurations. In addition, the AccessIron Access Router provides a complete set of hierarchical security features to effectively ensure network integrity and prevent DoS attacks. In particular, this series of access routers can also be configured with advanced firewall functions to provide full-state packet inspection for application-oriented network security.

The series of AccessIron 1200 products are T1/E1 access and aggregation access routers, which can provide 1 to 16 channelized T1/E1 links and are suitable for deployment of small and medium-sized enterprises. The AR1204 in this series has the ability to expand T1/E1 as needed, and four T1/E1 ports are pre-installed. When the network demand increases, you can use the software license key to activate the port. By using software to expand the T1/E1 link, AR 1204 can provide cost-effective solutions for T1/E1 applications, greatly eliminating hardware upgrade costs and interruption time. In addition, AR 1204 can also be installed with the ICSA-certified IPSec function to implement secure VPN operations on the public internet.

The AccessIron 3200 series is a high-capacity access router that provides cost-effective solutions for Channel-based and non-channel-based T3 applications. The AR3201-CH in the series supports up to 28 T1 connections on one channelized T3 interface, and the AR3202-CH supports up to 56 T1 dual-bundle connections across two channelized T3 interfaces. The AR3201-CL and the AR3202-CL support one and two non-channelized T3 interfaces, respectively. These products include layer-4 switching, layer-4 routing, multi-link binding technology and high availability, performance management, and security services-all of which are integrated into a fault-tolerant chassis. AccessIron 3200 series access routers and 1200 series -- both AR 1208 and AR 1216 have passed the NEBS certification and comply with the strict environment and security requirements required by service providers, it is also suitable for deployment of the service provider's PoP Point-of-Presence.

The AccessIron WAN Access Router can provide scalable and elastic point-to-point and multi-point connections for Internet access and multi-site WAN connections. The AccessIron T1/E1 and T3 ports can be configured to support Point-to-Point Protocol or frame relay operations to implement various leased line and frame relay configurations. In addition, network bandwidth can also use standard multi-link PPPML-PPP) and Multi-link frame relay MFR) to incrementally increase with n x 64 Kbps and n x T1/E1, this ensures that enterprise customers can easily add Wide Area links.

How is interoperability reflected?

The AccessIron Access Router achieves interoperability based on standards. It has been verified by practice that it can interoperate with switches and access routers of all major network equipment manufacturers. The technologies used in the AccessIron series mainly include:

Scalable access capacity: Multi-link bundling can gradually increase access bandwidth in increments of n × T1/E1.
Standard-based Advanced Layer 2nd features: PPP/MLPPP, FR/MFR and HDLC, IEEE 802.1Q, and 802.1D bridging.
Standard-based Advanced Layer 3rd features: OSPF, RIP, r00002, BGP4, and VRRP.

Rich service quality features enable convergence of advanced services and multimedia: 8 priorities, classification-based priority and traffic management, configurable bandwidth conventions, Diffserv and ToS; random Early Detection packet discarding for TCP data streams. Advanced Security Services: layer 3/4 Access Control List, network address translation, security TelnetSSHv2), authentication management access TACACS +, RADIUS), PPP authentication protocol PAP) and denial of service protection, solid Design: redundant AC/DC power supply, NEBS L3 certified AccessIron 1208, 1216 and all 3200 series models), firewall option: For application full-state packet inspection and intrusion detection.