Upload
lillian-dorthy-butler
View
244
Download
2
Tags:
Embed Size (px)
Citation preview
PowerStation Product Presentation
2
Outline
HGiga Power Family Series Award & Certification Essential Functionalities Platform Specifications Summary
3
HGiga Power Family Products
4
PowerStation Product Positioning
Bandwidth Management
Product RoleFirewall & Access Authentication
WAN Load Balancer
5
Who would choose PowerStation ?
Companies that want to use multiple WAN links effectively Companies that plan to use multiple inexpensive
broadband links to replace expensive lease lines Companies whose business depends on stable and highly
available Internet connection Companies that want to manage their bandwidth and
maintain quality of service of their applications Companies that want to have an integrated edge
appliance as their gateway to reduce the total cost of ownership.
6
Awards & Honors #1 Security Solution Provider in
Taiwan that received CMMI ® Maturity Level 3
#1 Security Solution Provider in Taiwan whose firewall product received ICSA Labs Corporate Firewall 4.1a. Certification.
7
Essential Functionalities
WAN Load Balance Outbound LB Outbound Failover Inbound LB Inbound Failover Healthy Link
Detection
QoS Management Connection Policy Host Policy P2P QoS Policy Traffic Analysis /
Report
VPN Solutions Remote Access
(PPTP/L2TP) VPN Load Balance
WLAN Access Control User-Level Auth Service Level
Agreement (SLA) External Auth Source
( AD,LDAP,POP3, SMTP,RADIUS )
Server Load Balance Single-Port App Server Health Monitor Multiple SLB
Algorithms
L7-App Filtering Blocking P2P
(BT, eDonkey, Kazaa) Blocking IM
(MSN, Yahoo, AOL, GTalk, QQ)
8
Network Architecture Overview
9
Outbound Load Balance
Outbound LB Outbound LB The healthy status of each
Internet connection is being
closely monitored, such as
response time, upstream /
downstream traffic rate and the
link utilization. The outbound
traffic is redirected via the
available best route(s).
Enterprises benefit with more
bandwidth at a lower cost.
10
Redundant Link Failover
Link Failover Link Failover The availability and connectivity
of each Internet connections is
monitored constantly. Once a
link fails, the traffic is redirected
via the next available link. Thus
the enterprises never worry
about the unexpected
interruption of their business.
11
Inbound Load Balance
Inbound LB Inbound LB [Inbound LB] is achieved via the
help of Domain Name System
(DNS). When an external user
would like to access a public
server (service), the best routing
path is calculated and the
resolved IP address is replied
back to the user.
12
Inbound Fault Tolerance
IB Failover IB Failover The DNS entries are constantly
modified based on the status of
each internet connection. It
ensures a non-interruptive,
guaranteed Internet service by
resolving DNS requests to a
functional IP address.
13
Sophisticated Healthy Link Detection
Link Monitor Link Monitor
The two detection
mechanisms are employed
to ensure the availability of
Internet connections. [Path
Traverse] monitors nearby
consecutive nodes of an
outgoing path. [Multi-Node
Probing] simulates user
behavior by constantly
accessing well-know public
servers.
14
Complete Link Quality Report (1/4)
Round Trip Time (Link Quality) Upstream/Downstream (Bandwidth)
Link MRTG
15
Complete Link Quality Report (2/4)
Link Status ReportLink Congestion Report
Link Error Report
16
Complete Link Quality Report (3/4)
Link Reliability
Health Count
17
Complete Link Quality Report (4/4)
Top N Hosts
18
VPN Load Balance (Tunnel Routing, Bonding)
Tunnel RoutingTunnel RoutingNot only Inbound/Outbound
Load Balance is achieved,
enterprise VPN also benefits
from [VPN Aggregation] by
combining bandwidth of multiple
Internet connections. Also link
failover is guaranteed by
redirecting VPN traffic over any
existing functional Internet
connections.
• As the VPN gateway
•Load balance VPN traffic
19
P2P/IM Blocking
Block P2P/IM. Block P2P/IM. IM/P2P brings new
challenges to network
administrators in terms of
network security and
bandwidth abuse. With the
help of new [L7-App Filter],
commonly-seen IM/P2P
software can be easily
blocked and network
administrators are relieved
from burden.
20
L7 Content Filtering: Supported Protocols P2P IM Web Mail Web IM Tunnel
BitComet / BT MSN AIM Mail Web Messenger
TeamViwer
eMue Yahoo Microsoft Hotmail
meebo
Kazaa AIM Yahoo Mail eBuddy
Foxy (GNUTELLA) Gtalk Gmail imhaha
WinMX QQ Gmail-SSL ILoveIM
Xunlei Mail2000 MSN2Go
BearShare Hinet Xuite KOOLIM
21
QoS Bandwidth Management
QoS Management. QoS Management. Bandwidth is never enough if no
proper management policy is defined.
[Smart QoS] is aimed to ensure the
quality of important application
services.
22
QoS Bandwidth Management
Source Destination Service Bandwidth Limit
192.168.0.0/16 ALL ALL Tx: 350
Rx: 150
192.168.0.0/16
Tx: 350Rx: 150
Tx: 350Rx: 150
Tx: 350Rx: 150
Tx: 350Rx: 150
Search every host and apply QoS limit
Dynamic TrackingDynamic TrackingThe experience tells us that 80%
of the available is abused by
only 20% of total
users/applications. Also, the
bandwidth abusers frequently
change the IP as well as MAC
address to avoid from being
tracked, which causes quite a lot
of administrative burden.
PowerStation monitors and
searches for every alive host on
the controller network and
applies QoS limit accordingly.
23
Traffic Analysis / Report
Traffic AnalysisTraffic Analysis Bandwidth management is
less effective if no proper
traffic analysis is provided.
Detailed analysis and traffic
chart are offered for problem
isolation and decision-making.
24
Traffic Report (1/5)
List the bandwidth limit for hosts and the real time traffic chart of each.
25
Traffic Report (2/5) List Top N hosts/services, in the forms of pie and line charts.
26
Traffic Report (3/5) List the traffic and connection information of every monitored host.
# of connectionsReport and Charts
Total Transferred Real-Time Speed
27
Traffic Report (4/5)
Real-Time Traffic
Host MRTG
28
Traffic Report (5/5)
Real Time ConnectionsQoS Connections
2929
Historical Traffic Analysis
Network Traffic AnalysisNetwork Traffic Analysis PowerLog is traffic analysis system that
continuously monitors the behavior of
every network node and presents the
analyzed data in a systematic way. Also,
a supplicated query engine is available
for customizing your own reports and
charts.
30
WLAN Access Control (DAC)
Access ControlAccess ControlWLAN bring security breaches into
enterprise network. Without proper
protection, invaluable cooperate
information is prone to theft by
malicious WLAN users. DAC [Data
Access Control] protects the wireless
network by providing authentication
and authorization. Only authorized
user is granted the proper access
right.
31
Building 1PowerDAC-MGMT
PowerDAC-AG
3. AUTH REQ
5. AUTH REP
4. Proxy-AUTH2. Login
Account System
Building 2
PowerDAC-AG
Centralized Mgmt Architecture (Access Gateway + Controller + FAT AP)
Advantages again Thin AP: Choose any preferred access point venders, no
historical burden. Choose the latest, the most powerful, the most
suitable access point models. Due to market competition, deployment of
massive quantity of access points can be very affordable (an indoor AP is about 50~80 USD)
Indoor AP Indoor AP
Indoor AP Indoor AP
32
Tight-Integration with Enterprise Account
POP3 SMTP RADIUS Microsoft Active Directory
LDAP
Account MGMT. Account MGMT. DAC provides seamless account
integration with existing account
servers. The account profile does not
need to reside on the DAC. The
existing enterprise servers can serve
as the external authentication sources,
such as commonly-seen POP3/SMTP
servers, RADIUS, MS AD and LDAP
servers. For system administrators, the
deployment of DAC is really a piece of
pie.
33
Mobile VPN
Provide secure remote access for mobile users. Windows has built-in support for PPTP/L2TP, no license and
client software is required.
34
Server Load Balance
Server LBServer LB A cluster of servers is easily
grouped by Server LB. Server LB
offers availability and scalability to
almost any existing Internet
services. Any backend server can
join and leave the cluster group
based on the customer’s need.
Any server malfunction could no
longer bring the critical application
offline.
35
Hardware Failover
High AvailabilityHigh Availability Mission-Critical application
requires 7x24 availability. Two
appliances is clustered in
Active/Passive configuration.
The active appliance responds
to all connection requests As
soon as the active appliance
fails, the passive appliance
takes over the job to ensure
non-interruption of service.
36
Hardware Specification (1/2)
Platform2050 3400 4220 4440
10 / 100 Base-TX 5 X 2 4
10 / 100 / 1000 Base-TX X 4 2 4
Physical WAN Links 4 3 3 7
Throughput (Mbps) 250 400 450 800
Concurrent session64000 128,000 256,000 280,000
Target Customer (person) 40~80 100~500 200~500 500~1000
Customer Scale SOHO, SmallSmall,
MediumSmall,
MediumMedium,
Large
37
Hardware Specification (2/2)
Platform 5620 9000 9200
10 / 100 Base-TX 2 1 X
10 / 100 / 1000 Base-TX 610
(copper x 8, SFP x 2)
24 A: copper x 24B: copper x 16 , SFP x 8)
Physical WAN Links 7 11 23
Throughput (Gbps) 2.8 3.2 4.8
Concurrent session 500,000 2,000,000 3,000,000
Target Customer (person) 3000~6000 3000~6000 6000~20000
Customer Scale LargeLarge,Carrier
Large, Carrier
38
Summary
HGiga Power Family features Awards and Certifications Modular Functionality Highly Reliable Superb Customer Feedback Intuitive Mgmt Interface Integrated Total Solutions
Your Security, Our Mission
39
Platform Hardware Specifications
40
Platform Hardware Specification (1/3)
Model 2050 3400
CPU VIA C3 1.5 GHz Intel Celeron M
RAM512 MB (DDR2 400/533MHz)
512 MB (DDR 400/333/266)
Chipset VIA CN700 + VT8237R+ Intel 852GM + ICH4
LAN Chip Realtek RTL8100C Intel 82540EM
10/100/1000 LAN None 4
10/100 LAN 5 None
LAN Bypass None None
Serial 1 (DB9, Rear) 1(RJ45, Front)
Power 60W Power Adaptor 200W AT Power Supply
Form Factor 1U 1U
Dimension 178 x 250 x 44 mm 426 x 365 x 43.5 mm
Certification CE/FCC CE/FCC
Net Weight 1.5 kg 8kg
2050│3400
41
Platform Hardware Specification (2/3)
4220│4440
Model 4220 4440
CPU Intel Pentium 4 Intel Pentium 4
RAM 512 MB (DDR 333/266) 512 MB (DDR 333/266)
Chipset Intel 845GV + ICH4 Intel 845GV + ICH4
LAN Chip Intel 82540EM/82551QM Intel 82540EM/82551QM
10/100/1000 LAN 2 4
10/100 LAN 2 4
LAN BypassFE LAN Bypass
(One Pair)FE LAN Bypass
(One Pair)
Serial 2 (DB9, Front/Rear) 2 (DB9, Front/Rear)
Power 250W ATX Power Supply 250W ATX Power Supply
Form Factor 1U 1U
Dimension 426 x 379 x 43.5 mm 426 x 379 x 43.5 mm
Certification CE/FCC CE/FCC
Net Weight 10kg 10kg
42
Platform Hardware Specification (3/3)
Model 5620 9000 9200
CPU Intel Core 2 Duo Intel Dual XEON EM64T Intel Dual Quad-Core
RAM 1G (DDR 667)2GB (DDRII 400, ECC &
Registered)2GB (DDR2 533/667 Fully-
buffered DIMM)
Chipset Intel 945G + ICH7R Intel E7520 + 6300ESB Intel® 5000P + Intel® ESB2
LAN Chip Intel 82551ER/82573 Intel 82546GB Intel® 82571EB, 82546GB
10/100/1000 LAN 6 10 (Copper x 8, SFP x 2)A: Copper x 24
B: Copper x 16 + SFP x 8
10/100 LAN 2 1 0
LAN BypassGbE LAN Bypass
(3 Pairs)GbE LAN Bypass
GbE LAN Bypass (Max. 12 Pairs)
Serial 1 (DB9, Front) 1 (RJ45, Front) 1 (RJ45, Front)
Power250W ATX Power
Supply460W ATX Power Supply x 2
(Redundant)460W 1+1 ATX Redundant
Power Supply
Form Factor 1U 2U 2U
Dimension 430 x 380 x 44 mm 424 x 530 x 88 mm 424 x 600 x 88 mm
Certification CE/FCC CE/FCC CE/FCC
Net Weight 8kg 18kg 25 kg
5260 | 9000│9200
43
Q & A
Please visit us at www.secureone.com.my
44
Thank you
Please visit us at www.secureone.com.my