|
| Interfaces/Ports |
4 x RJ-45 10/100Base-TX LAN
1 x RJ-45 10/100Base-TX WAN
1 x Auxiliary Management
1 x Console Management |
|
| Data Transfer Rate |
10Mbps Ethernet
100Mbps Fast Ethernet |
| Performance |
75 Mbps Firewall Performance
20 Mbps 3DES (168-bit) performance
75 Mbps Deep Inspection Performance |
| Virtualization |
4000 Concurrent Sessions
2000 New Sessions/second
25 Concurrent VPN tunnels Maximum
10 Tunnel Interfaces Maximum
3 Virtual Routers |
| Stateful Packet Filtering |
NAT
PAT |
| Firewall Protections |
Denial of Service (DoS)
Dynamic Denial of Services (DDoS)
Network Attack Detection
TCP Reassembly for Fragmented Packet Protection
Malformed Packet Protections
Deep Inspection Firewall
Protocol Anomaly Detection
Stateful Protocol Signatures
Content Inspection
External URL Filtering (Websense)
Malicious URL filtering |
| VPN Support |
Manual Key, IKE, PKI (X.509)
DES (56-bit), 3DES (168-bit) and AES encryption
MD-5 and SHA-1 authentication
Perfect forward secrecy (DH Groups)
Prevent replay attack
Remote access VPN
IPSec NAT traversal
Redundant VPN gateways
VPN tunnel monitor
Firewall and VPN User Authentication:
Built-in (internal) database user limit: 100 max
3rd Party user authentication: RADIUS, RSA SecurID, and LDAP
XAUTH VPN authentication Web-based authentication |
| Licenses |
Unlimited Users License |
| Upgradeability |
Software upgrades TFTP/WebUI/SCP/NSM |
|
| Protocols |
TCP/IP
HTTP
FTP
SMTP
POP
IMAP
L2TP
IPSec
Telnet
SNMP v2
OSPF
BGP
PPPoE
DHCP
RIP v2.0
HTTPS
POP3
OCSP
SCP
LDAP
DNS
RADIUS |
| Management |
Logging/Monitoring:
E-mail (2 addresses)
NetIQ WebTrends: External
SNMP (v2)
Standard and custom MIB
Traceroute
Syslog (multiple servers):External, up to 4 servers
System Management:
WebUI (HTTP and HTTPS)
Command Line Interface (console)
Command Line Interface (telnet)
Command Line Interface (SSH)
NetScreen-Security Manager Future support
All management via VPN tunnel on any interface
Rapid deployment
Traffic Management:
Guaranteed bandwidth
Maximum bandwidth
Priority-bandwidth utilization
DiffServ stamp
|
|
| Input Voltage |
12 V DC Power Supply
90 V AC to 264 V AC |
| Power Consumption |
12 W |
|
| Temperature |
-5 °C (23 °F) to 50 °C (122 °F) Operating
-20 °C (-4 °F) to 70 °C (158 °F) Non-operating |
| Humidity |
10 to 90% Non-condensing |
|
| Form Factor |
Rack-mountable |
| Dimensions |
1" Height x 8.25" Width x 5" Depth |
| Weight |
1.3 lb |
|
| Additional Information |
Security: ICSA Firewall and VPN
MTBF (Bellcore model): 8.5 years
Number of application attacks detected w/DI over 250
Malicious URL filtering up to 48 URLs
Mode of Operation:
Layer 2 mode (transparent mode)
Layer 3 mode (route and/or NAT mode)
Home/work zones
Dual Untrust
Dial backup
Policy-based NAT
Virtual IP: 1
Mapped IP: 32
Routing:
OSPF/BGP dynamic routing: 2 instances each
RIPv2 dynamic routing: 2 instances
Static routes: 1,024
Source-based routing
PKI Support:
PKI certificate requests (PKCS 7 and PKCS 10)
Automated certificate enrollment (SCEP)
Certificate Authorities Supported
Verisign CA
Entrust CA
Microsoft CA
RSA Keon CA
iPlanet (Netscape) CA
Baltimore CA
DOD PKI CA
Administration:
Local administrators database 20
Restricted administrative networks 6
Root Admin, Admin, and Read Only user levels
Configuration Roll-back
Performance:
Policies: 100
High Availability (HA):
HA mode: HA Lite
Redundant interfaces
Configuration synchronization
Device failure detection
Link failure detection
Authentication for new HA members
Encryption of HA traffic
Dual Untrust
Dial Backup
*Note: Dialbackup Tested with 3COM 5686 56K modem and ZyXel omni.net LCD ISDN modem |
| Certifications & Standards |
IEEE:
IEEE 802.3
IEEE 802.3u
Safety Certifications:
UL
CUL
TUV
CB
EMC Certifications:
FCC class B
CE class B
C-Tick
VCCI class B
|
