Service gateway ESR-1200

  • Scalable solution for different fields of application
  • Advanced command line interface for management
  • Flexible services configuration
  • Compatible with leading manufacturers’ equipment
  • Hardware acceleration of data processing
  • Advanced reliability with critical nodes redundancy

Description

Functional area

The family of ESR routers is a universal hardware platform capable of performing a wide range of tasks related to network security. The lineup includes models that can be used in networks of various sizes – from small business networks to carrier networks and data centers.

Performance

The key elements of ESR-1000 are data processing hardware acceleration means that ensure a high level of productivity.  Hardware and software processing is distributed among the units of the device.

Typical tasks performed by service routers:

  • providing of NAT, Firewall services
  • routing
  • organization of secure network tunnels to combine different offices of companies (IPsec VPN)
  • organization of remote access to local resources on enterprise networks L2TP, PPTP, OpenVPN
  • filtering of network data by various criteria

Server VPN

  • L2TP
  • PPTP
  • OpenVPN

Tunneling

  • GRE
  • IPIP
  • L2TPv3
  • LT (inter VRF-lite routing)

L2  functions

  • Packet switching (bridging)
  • STP, RSTP, MSTP 802.1d (only ESR-1000)
  • LAG/LACP  802.3ad
  • VLAN 802.1Q
  • Port Isolation (only ESR-1000)
  • Private VLAN Edge (PVE) (only ESR-1000)
  • QinQ subinterfaces

L3  functions (IPv4/IPv6)

  • SNAT, DNAT, Static NAT (only IPv4) address translation
  • Static routes
  • Dynamic routing protocols RIPv2, OSPFv2, BGP, OSPFv3
  • VRF Lite
  • PBR
  • Prefix-List
  • BFD (only BGP)

IP addressing management (IPv4/IPv6)

  • Static addresses
  • DHCP client
  • Embedded DHCP server
  • DHCP Relay Option 82

Quality of Service (QoS)

  • Up to 8 priority queues per port
  • L2 and L3 traffic prioritization (802.1p, DSCP, IP Precedence)
  • Queues overload management RED, GRED
  • Port prioritizing, VLAN
  • Remarking of priority resources
  • Policy enforcement (policing)
  • Bandwidth management (shaping)
  • Hierarchical QoS
  • Session marking

Network reliability assurance means

  • Dual homing  (only ESR-1000)
  • VRRP v2,v3
  • WAN interfaces load balancing, data stream redirection
  • Firewall sessions backup
  • Route tracking based on VRRP state

BRAS (IPoE)*

  • User termination
  • White/black URL lists
  • Limiting by traffic amount or session time, or both parameters.
  • Optional additional verification of authorized users through MAC address
  • HTTP/HTTPS Proxy
  • HTTP/HTTPS Redirect
  • Session accounting via Netflow protocol
  • Interaction with ААА, PCRF
  • Bandwidth management by offices and SSID

Network security functions

  • Network interfaces zoning
  • Zone isolation, Firewall, data filtering rules
  • IPsec (Policy-based, Route-based)
  • Encryption of connections (DES, 3DES, AES, Blowfish, Camellia)
  • Logs authentication (MD-5, SHA-1, SHA-2)
  • Access Control List (ACL) support based on MAC, IP

Monitoring and control

  • Standard SNMP MIB support
  • Management of access level
  • Authentication through the local user database, RADIUS, TACACS+, LDAP
  • Protection from configuration errors, configuration recovery. Reset configuration to default settings
  • CLI management Interfaces
  • Syslog
  • System resources usage monitor
  • Ping, traceroute (IPv4/IPv6)
  • Software updating, upload and download of configuration via TFTP, SCP, FTP
  • NTP
  • Netflow v5/v9/v10 (URL statistics export for HTTP, host for HTTPS)
  • Local management - console RS-232
  • Remote management (IPv4, IPv6) - Telnet, SSH
  • Service/processes information displaying

Service quality monitoring functions (SLA)*

  • Integrating with Wellink wiSLA
  • Load testing of channel capacity: up to 150 Mbps
  • TWAMP support: up to 100 simultaneous tests
  • Reflector: TWAMP, UDP-Echo, L2
  • Services monitoring TCP: up to 100 simultaneous tests
  • Services monitoring HTTP: up to 100 simultaneous tests
  • DNS support: up to 100 simultaneous tests
  • Simultaneous controlled services amount: more than 100

Physical characteristics and environment features

  • Power supply source: AC 220V+-20%, 50 GHz
  • Power consumption less than 75 W
  • Weight less than 3.6 kg
  • Dimensions (WхHхD): - ESR-100 and ESR-200: 310х46.3х240 mm - ESR-1000 and ESR-1200: 430x44x352 mm
  • Temperature range from -10 to +45°С
  • Temperature range for storage from -40 to +70°С
* Activated by the license