Docstoc

DrayTek-Apresentacao_V3300- VigorAccess

Document Sample
DrayTek-Apresentacao_V3300- VigorAccess Powered By Docstoc
					    Vigor 3300
   VigorAccess
Product Introduction


      August, 2005
             Outline
• SME Solution-Vigor 3300V Series
• Broadband Access Solution-Vigor
  Access
SME Solution
3300V Series




               3
    Product Feature
•   Load Balance
•   QoS
•   High Availability
•   Firewall / URL Filtering
•   Physical DMZ/VLAN
•   VPN
•   VoIP




                               4
              Load Balancing
• Reduce Enterprise High Speed Trunk Fee.
• Redundancy.
• Intelligently Distribute Network Traffic to the Internet.




                                                              5
      Quality of Service
– Allows the Network Administrator to Monitor,
  Analyze, and Allocate Bandwidth for Various Types
  of Network Traffic in Real Time and/or for
  Business-Critical Traffic.
– 8 Priority Queue.
– Low Latency Queuing (LLQ).
– 802.1p, DiffServ-Codepoint Marking.
– Management by IP Address, Application, Service-
  Oriented.




                                                      6
              High Availability

• 7x24x365 Service.
• Uninterrupted Network
  Access in the Event of
  Hardware Failure.
• Apply on Master
  Maintenance.




                                  7
        De-Militarized Zone

• Allows Users to Access Multiple Public Servers (e.g.
  Web, FTP, Mail servers) via Internet while Maintaining
  Security of Private LAN




                                                       8
                Firewall

• Protect the Trusted Network from Various
  Types Attacks that Explore Protocol Security
  Holes.
• Benefit of Vigor Firewall
   – IP-based Packet Filtering.
   – URL Filtering.
   – Denial of Service (Dos) Prevention.
  – NAT : Port Redirection, Open port, DMZ.



                                                 9
               URL Filtering
• Inappropriate content blocking.
   – Improve Staff Working Efficiency.

• Benefit of Vigor Content Filtering
   – Malicious Code Prevention.
     (Java,ActiveX,Cookie,exe,zip, ...etc.)
   – Filtering based on Access List, Keywords, or Time
     of Day.

• Bundle with Surf Control Scan Mechanism




                                                         10
URL Filtering




                11
         Virtual LAN Security
• Router-based Port Security can be used to Restrict
  Access to each VLAN as Required.

• Benefit of Vigor VLAN
   – Isolate Users into the Different VLANs.




                                                       12
VLAN Architecture




                    13
     DrayTek VPN Solution
– ICSA IPSec Certification (Vigor3300 series).
– Supports 200 IPSec Tunnels.
– Hardware-based accelerator of DES/3DES,
  AES/HMAC-SHA-1/HMAC-MD5 Encryption.
– IPSec, PPTP, L2TP, L2TP over IPSec.
– 30Mbps throughput in AES/3DES.
– Preshared key and Certificate Authority (X.509 v3)
  Authentication.
– DHCP over IPsec
– RADIUS client support.




                                                       14
        DrayTek VPN Solution
• LAN-to-LAN VPN connection (Gateway-to-Gateway)
  Made by two Routers to Connect two Portions of
  Private Networks. The Vigor router support IPSec
  tunnel protocols.

• Remote Dial-in VPN connection (Host-to-Gateway)
  Made by
 To Optical a remote access client, or a single user
  computer,
 Connection that connects to a private network. In this
  type of connection, the Vigor router support IPSec
  tunnel for DHCP over IPsec protocols.




                                                          15
           Smart VPN Client
• For Windows2000/XP.
• Simplifies the Procedures to Create IPSec Tunnel with
  the Vigor Router by Easy-to-Use GUI.




                                                          16
VPN Scenario




               17
           VoIP Application
• VoIP - FXO on-net/off-net calling




                                      18
             VoIP Application
• VoIP - Integrate FXO to PBX
  Case1. From VoIP to Extension
  1) David dials the VoIP number of Vigor3300V.
  2) After connection success, presses Linda’s extension 611.



                                                        David



Linda




                                                                19
             VoIP Application
• VoIP - Integrate FXO to PBX
  Case2. From VoIP to PSTN (Off-Net Calling)
  1) David dials the VoIP number of Vigor3300V.
  2) After connection success, presses prefix number (e.g. “0”) to
     choose exterior line – PSTN.
  3) Then dials Linda’s PSTN number.

                                                      David




                                             Linda




                                                                     20
              VoIP Application
• VoIP - Integrate FXO to PBX
   Case3. From Extension to VoIP
   1) Linda presses extension 610 to connect to Vigor3300V.
   2) After connection success, dials David’s VoIP number.



                                                       David



Linda




                                                               21
             VoIP Application
• VoIP - Integrate FXO to PBX
  Case4. From PSTN to VoIP (On-Net Calling)
  1) Linda dials to PBX.
  2) After connection success, presses extension 610 to connect
     to Vigor3300V.
  3) Then dials David’s VoIP number.


                                                       David



                                              Linda



                                                                  22
              VoIP Application
• VoIP - Integrate FXS to PBX
   Case1. From VoIP to Extension
   1) David dials the VoIP number of Vigor3300V.
   2) After connection success, presses Linda’s extension 610.


                                                          David


Linda




                                                                  23
           VoIP Application
• VoIP - Integrate FXS to PBX
   Case1. From VoIP to Extension


                                   David


Linda




                                           24
               VoIP Application
 • VoIP - Integrate FXS to PBX
    Case2. From Extension to VoIP
    1) Linda presses prefix number (e.g. “7”) to choose exterior
       line – FXS of Vigor3300V.
    2) Then dials David’s VoIP number.


                                                            David


Linda




                                                                    25
                VoIP Application
• VoIP - Integrate FXS to PBX
    Case2. From Extension to VoIP



                                                                            David


Linda




   Note: The FXS model can’t provide on-net/off-net calling applications.


                                                                                    26
          VoIP Application
Secure VoIP
  – VoIP over VPN
  – sRTP (Secure Real-Time Transport Protocol)
    • Encrypts the Payload of VoIP Packets
    • Compatible with RTP
            VoIP Application
VoIP - Integrated Scenario




                               28
Broadband Access Solution
       VigorAccess
•   System Benefit
•   Product Architecture
•   Broadband Application Scenario
•   IPDLSAM Advance Feature
•   Vigor CMS Feature Description
     System Benefit


New Technology DSL -ADSL2/+
Inventory Saving   Scalable
Reliability        Multimedia
Friendly EMS       QoS
            Product Architecture
•   Target on Medium-Size CO
•   up to 168 ADSL2/+
•   Service and Signaling                          To MDF
     – Supports Voice & Data
•   Modular Flexibility
     – 24/48 Ports DSL/Splitter       To Optical
     – WAN for FE or GE Interface Fiber
•   Network Resource Saving
•   EMS Management and Email Altering
•   Inventory Savings –
    Common Equipment on CO
    & Outside Plant Deployments
•   Firewall/Security/QoS Optional Support
•   Ready on April
                           Features

•   Target on Outdoor and Small-Size CO         – IP Multicast: IGMP Snooping
•   19” Rack Mountable Chassis, 1U Height  •   Security/Firewall
•   24 G.dmt/G.lite/ ADSL/ADSL2/+, and          – Access Control List, Packet
    Splitter build in                             Filtering
•   WAN Ethernet 10/100 Base-T Interface
                                                – Password Protected System
•   MPoA, IPoA
•   IP ToS                                      – 512 VLAN (802.1Q)
•   Remote TFTP/FTP
    Firmware/Configuration
•   RS-232 & Telnet Command Line Interface
•   SNMP In-Band Management Support
•   Web-based GUI
•   EMS
                    Master Feature
 2 Selectable WAN Interface
                                          Network Operation and Management
  - 802.3, 802.3ab Ethernet Standard
                                          - User Friendly Web-Based Interface
  - 1000 Base-SX Module (SC connector)
                                          - Telnet Server for Remote Management
  - 1000 Base-FX Module(SC connector)
                                          - TFTP Software Upgrade Utility
  - 1000 Base-T Module(RJ45 connector)
                                          - Console CLI for Local Management
  - 100 Base-T RJ45 Connector
                                          - SNMPv1,v2
 MGN Interface
                                          - MIBII, Bridge MIB, Ethernet Like MIB,
  - 1 port RJ45 10/100 Base-T
                                            Private MIB, RMON 1,2,3,9 Groups
 L2 Switch Function
 - IEEE 802.1d Spanning-Tree Protocol Q.o.S
 - IEEE 802.3x Flow Control              - Packet filter and Classification.
 - IEEE 802.1q VLAN
 - IEEE 802.1p Class of Service (CoS)
Prioritization
 - 4-level Prioritization
- 802.1ad Port Trucking/Link Aggregation
                         Slave Feature
Network Interface
- Two 10/100M Fast Ethernet Interfaces
 or one Cascade Link is Gigabit Copper Interface
Capacity
– It Supports 24 ADSL 2/+ Ports.
Security
– It Supports Packet Filter, and Password
Protection.
Splitter Build in
– It Supports 24 port xDSL/Splitter.
Inventory Savings
- Common Equipment across Central Office
and Outside Plant Deployments
Management
– It is managed by IP-DSLAM Master Unit.
Q.o.S
- Packet Filter and Classification.
•   System Benefit
•   Product Architecture
•   Broadband Application Scenario
•   IPDLSAM Advance Feature
•   Vigor CMS Feature Description
 Broadband FTTB
Application Scenario
Broadband Enterprise
    Application
Broadband Application
Scenario-DSL Extension
Campus Application
Hotel Application
              IPDSLAM PPPoE




PPPoE                                PPPoE


        MAC   1483B    1483B   MAC
MAC                                  MAC
             ATM       ATM
PHY     PHY ADSL2/+   ADSL2/+ PHY    PHY
        PPPoA to PPPoE




IP     IP    IP                     IP

            PPP                    PPPoE
                           PPPoE
MAC   MAC           PPP
            ATM     ATM    MAC     MAC
PHY   PHY ADSL2/+   ADSL2/+ PHY    PHY
      Static IP Application




IP                                        IP
                                                 Intranet
                                 MAC     MAC
MAC    MAC   1483B    1483B
                               (VLAN)   (VLAN)
             ATM      ATM
PHY    PHY ADSL2/+   ADSL2/+    PHY      PHY
•   System Benefit
•   Product Architecture
•   Broadband Application Scenario
•   IPDLSAM Advance Feature
•   Vigor CMS Feature Description
MAC limit -Port Security


                16 MAC Address
                Limited on One
                Port
   >16 MAC
   Address




    <= 16 MAC
    Address
Generic Filter Mechanism
              ‧ Ethernet
              ‧ TCP
              ‧ UDP
              ‧ ICMP
              ‧ IGMP
              ‧ PPP or
              ‧ Packet Offset
          Ethernet Type Filter

o Source MAC address
o Destination MAC addresses
o EtherType
o VLAN ID
o Priority Tag
o Destination Service Access Point (DSAP) of 802.2 LLC frame
o Source Service Access Point (SSAP) of 802.2 LLC frame.
  IP/TCP/UDP/ICMP/
PPP/Packet Offset Filter
‧ IP Layer            ‧ ICMP Layer
o Destination IP       o ICMP type
Address
                      o ICMP code.
o Source IP Address
                      ‧ IGMP Layer
o IP Protocol type.
                      o IGMP Type
‧ TCP Layer
                      o IGMP Code
o Destination Port
                      o Group Address.
o Source Port.
                       ‧ PPP Layer
‧ UDP Layer
                      o PPP Protocol type
o Destination Port
                      ‧ Packet Offset.
o Source Port.
IP QoS Mechanism
         ‧ Downstream Bandwidth Limit per PVC
         ‧ Upstream Bandwidth Limit per PVC
         ‧ 802.1p mapping to Class to Service
         ‧ Scheduling , Shaper and policing
TR-069 WAN CPE Management
Avoiding Broadcast Storm

             • Can Limit Incoming Broadcast Packet
             Rate to Avoid Broadcast Storm
          Triple Play –Channel
           Classification IPTV
• General class is prohibited to access
Luxurious class content



               Luxurious Class



                                          Internet
                General class



                                              Extra Channel
                                              General Channel
              Agenda
•   System Benefit
•   Product Architecture
•   Broadband Application Scenario
•   IPDLSAM Advance Feature
•   Vigor CMS Feature Description
     Vigor CMS Scenario
 Manage SME, Mini DSLAM and Large Scale
DSLAM。
 Efficiency Security Management from 1,000 to
10,000 NEs
         Vigor CMS Capability
• SNMP In-band through the IP network
• Authentication and Security Management
• Software Download
• Configuration Backup/Restore
• Alarm, Diagnostics, Status Update
• Fault and Performance Management
     Vigor CMS Benefit
– Configuration Management
   • Auto Provisioning, Firmware Upgrade
– Deployment Management
   • Configuration Backup/Restore.
– Topology Management
   • Auto Discovery for Managing Devices. (eg. Add
     or Delete from Layer Structure Subnets)
– Security Management
   • Authentication, Resource Control
– Monitor management
   • Fault Management, Device Polling



                                                     57
     Vigor CMS Benefit
– Backend Storage Management
    • Store Alarms, Events and User Activities.
– Interoperability
    • User Authentication Message that Forwarded to
      RADIUS Server could be integrated with
      Enterprise Security Management.
– Northbound Interface to Bundle with Billing
  System
    • All SNMP Compliant NMS can Receive and
      Collect Devices Status Information from Vigor
      CMS through Northbound Interface.


                                                      58
Status Report
Alarm Management
Configuration Management
Performance Management
Monitor Management

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:20
posted:9/17/2012
language:Latin
pages:63