Lancom Systems 62035 Ficha de datos Pagina 7
- Pagina / 11
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
VPN
Creation of VPN connections between LANCOM routers via drag and drop in LANconfig1-Click-VPN Site-to-Site
IPSec key exchange with Preshared Key or certificateIKE
X.509 digital multi-level certificate support, compatible with Microsoft Server / Enterprise Server and OpenSSL, upload of PKCS#12 files via HTTPS
interface and LANconfig. Simultaneous support of multiple certification authorities with the management of up to nine parallel certificate hierarchies
as containers (VPN-1 to VPN-9). Simplified addressing of individual certificates by the hierarchy's container name (VPN-1 to VPN-9). Wildcards for
certificate checks of parts of the identity in the subject. Secure Key Storage protects a private key (PKCS#12) from theft
Certificates
Automatic creation, rollout and renewal of certificates via SCEP (Simple Certificate Enrollment Protocol) per certificate hierarchyCertificate rollout
CRL retrieval via HTTP per certificate hierarchyCertificate revocation lists (CRL)
Check X.509 certifications by using OCSP (Online Certificate Status Protocol) in real time as an alternative to CRLsOCSP Client
XAUTH client for registering LANCOM routers and access points at XAUTH servers incl. IKE-config mode. XAUTH server enables clients to register
via XAUTH at LANCOM routers. Connection of the XAUTH server to RADIUS servers provides the central authentication of VPN-access with user
name and password. Authentication of VPN-client access via XAUTH and RADIUS connection additionally by OTP token
XAUTH
Automated configuration and dynamic creation of all necessary VPN and routing entries based on a default entry for site-to-site connections.
Propagation of dynamically learned routes via RIPv2 if required
Proadaptive VPN
3DES (168 bit), AES (128, 192 or 256 bit), Blowfish (128 bit), RSA (1024-4096 bit) and CAST (128 bit). OpenSSL implementation with FIPS-140
certified algorithms. MD-5 or SHA-1 hashes
Algorithms
Wirespeed NAT performance through hardware support (offloading) for plain IP connections (incl. DHCP) where source and destination addresses
are not withn the same /20 network.
Hardware NAT
NAT-Traversal (NAT-T) support for VPN over routes without VPN passthroughNAT-Traversal
VPN data compression based on Deflate compression for higher IPSec throughput on low-bandwidth connections (must be supported by remote
endpoint)
IPCOMP
Enables the registration of IP addresses with a Dynamic DNS provider in the case that fixed IP addresses are not used for the VPN connectionDynamic DNS
DNS forwarding according to DNS domain, e.g. internal names are translated by proprietary DNS servers in the VPN. External names are translated
by Internet DNS servers
Specific DNS forwarding
Enables the use of IPv4 VPN over IPv6 WAN connectionsIPv4 VPN over IPv6 WAN
VPN throughput (max., AES)
288 Mbps1418-byte frame size UDP
54 Mbps256-byte frame size UDP
Firewall throughput (max.)
504 Mbps1518-byte frame size UDP
90 Mbps256-byte frame size UDP
Hardware firewall throughput (max.)
930 MbpsHW-NAT TCP
Content Filter (optional)
Activate the 30-day trial version after free registration under http://www.lancom.eu/routeroptionsDemo version
Worldwide, redundant rating servers from IBM Security Solutions for querying URL classifications. Database with over 100 million entries covering
about 10 billion web pages. Web crawlers automatically search and classify web sites to provide nearly 150,000 updates per day: They use text
classification by optical character recognition, key word searches, classification by word frequency and combinations, web-site comparison of text,
images and page elements, object recognition of special characters, symbols, trademarks and prohibited images, recognition of pornography and
nudity by analyzing the concentration of skin tones in images, by structure and link analysis, by malware detection in binary files and installation
packages
URL filter database/rating server
Additional filtering of HTTPS requests with separate firewall entriesHTTPS filter
Filter rules can be defined in each profile by collecting category profiles from 58 categories, for example to restrict Internet access to business
purposes only (limiting private use) or by providing protection from content that is harmful to minors or hazardous content (e.g. malware sites).
Clearly structured selection due to the grouping of similar categories. Content for each category can be allowed, blocked, or released by override
Categories/category profiles
Each category can be given an optional manual override that allows the user to access blocked content on a case-by-case basis. The override
operates for a limited time period by allowing the category or domain, or a combination of both. Optional notification of the administrator in case
of overrides
Override
Lists that are manually configured to explicitly allow (whitelist) or block (blacklist) web sites for each profile, independent of the rating server.
Wildcards can be used when defining groups of pages or for filtering sub pages
Black-/whitelist
LANCOM WLC-4006+
Features as of: LCOS 8.84
Relacionado con productos y manuales para Gateways / Controladores Lancom Systems 62035
(7 paginas)© 2020, manymanuals.es. Todos los derechos reservados | 0.096 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales