SPX Series

Document Sample
SPX Series Powered By Docstoc
					                                                                                                            SPX Series
                                                                                                                 SSL VPN Access Gateways
                                                                                                                     Product Datasheet: SPX2000 / 3000 / 5000

                                                                                                                     Product Highlights

                                                                                                             • Anytime, anywhere secure access for
                                                                                                               any user – internal or external, fixed or
                                                                                                               wireless – to productivity-enhancing
                                                                                                               corporate resources

Array Networks SSL VPN Access Gateways enable anytime,                                                       • Consolidated access control for employ-
anywhere secure access for employees, customers and strategic                                                  ees, partners, and customers on a single
                                                                                                               gateway enabling simplified manage-
partners to business-critical resources — increasing corporate                                                 ment, increased security, and greater
productivity and lowering IT overhead. Purpose-built for high-performance
access control and security, SPX Series systems deliver the headroom to extend access to remote and          • End-to-end, multi-layer security includ-
                                                                                                               ing end-point security, integrated firewall,
local users while maintaining both maximum security and instantaneous application response times.
                                                                                                               reverse proxy architecture, comprehen-
                                                                                                               sive AAA, and a security-hardened OS
    Anytime Anywhere Access                               The Performance Leader
                                                                                                             • Industry-leading application support
Array Networks SPX Series systems are the gold        Typically, layers of protection add to security at       for email, portals, file shares, client/server
standard for SSL VPNs, delivering powerful yet        the expense of application performance; and no           & Web-enabled applications, and granu-
intuitive secure access to meet the needs of any      matter how sophisticated a VPN is, it won’t              lar layer-3 connectivity from any device
size organization. Using SSL, the security protocol   enhance productivity unless end users find it
present in all Web browsers, the SPX Series           quick and easy. To this end, Array’s high capacity     • Unmatched performance and capacity
enables clientless secure access from any location    platforms, proprietary SpeedStack™ packet                for maintaining single-digit millisecond
internal or external – LAN, WLAN, wireless            processing      technology,     and     integrated       latency across thousands of fully secure
hotspots, kiosks, corporate and employee-owned        application acceleration sustain single-digit            and uniquely configured users
laptops, even mobiles and PDAs – to any               millisecond latency for up to tens of thousands of
information source, including email, file shares,     concurrent users, regardless of security level or      • Superior end-user experience through
applications, and other core business systems.        complexity of configuration. With the                    integrated application acceleration and
                                                      purpose-built Array SPX, the compromise                  256 virtual portals tunable to the prefer-
                                                      between security and performance is eliminated           ences of multiple communities of interest
    Maximum Security & Control
                                                      once and for all.
The SPX Series features unparalleled safeguards                                                              • Lowest TCO with the highest ROI; no
for protecting business critical information. With        Evolving to Universal Access                         clients to install or manage on access
Array's end point security, uploads, downloads,                                                                devices, scalable to 64,000 users on a
and access to data are tightly controlled based on    With support for up to 64,000 concurrent users           single system with invest-as-you-grow
the administrator's comfort for a given device or     on a single system, the Array SPX Series is              licensing,    connection     multiplexing
access environment. What’s more, an integrated        uniquely capable of serving as a universal access        increases server capacity ten fold
firewall, reverse proxy architecture, and security    gateway for both temporary and established
hardened operating system ensure resources are        connections, inside or outside the corporate
as safe as they are secure. Strong authentication     perimeter, fixed or wireless. Moreover, support for
and authorization provide dynamic, controlled         up to 256 fully secure virtual portals, again on a       Effortless Management
access for URLs, files, and applications based on     single system, enables instant DMZs and tailored,
user identity and role within the organization,       intuitive interfaces that meet the specific needs     The Array SPX offers both a CLI and a Web user
while comprehensive auditing tracks all activity on   of each and every employee, business unit,            interface that can easily be customized to create
a per user, per event, and per resource level.        customer, and partner. Evolving to universal          an intuitive management system. Monitoring the
Additionally, the SPX application manager             access, security and access control are assured for   Array SPX is simple with SNMP-based monitoring
supports multiple access methods for Web,             all users, while TCO is greatly reduced through       tools such as HP OpenView, and with support for
client/server, and native applications, making        rock bottom cost-per-user and dramatic                XML-RPC, a wide range of third-party applications
specific resources available as appropriate to        improvements in management efficiency.                can be used to automate management tasks.
maintain maximum security and control.
End-to-End Security                                    AAA                                                    Client/Server Application Manager                                       Connection Multiplexing
                                                                                                              • Any client-initiated TCP applications                                 • Reduces number of back-end connections
End-Point Security                                     Authentication
                                                                                                              • Single port, multi-port, dynamic port                                 • Optimizes servers for greater efficiency
Host Checking                                          • LDAP, Radius, AD, LocalDB, RSA SecurID,              • Outlook, Lotus Notes
• Tests device state prior to allowing access             Swivel, Vasco, Cellphone, Custom
• Scans for personal firewalls, anti-virus, OS         • Certificate based authentication
                                                                                                              • Windows terminal services, Citrix                                     Availability & Scalability
                                                                                                                Presentation Server
  service packs                                        • Supports authentication server rating                • Passive & Active FTP                                                  •   N+1 clustering
• Customized rules for a range of apps,                   (search user credential in multiple servers)        • Windows XP remote desktops                                            •   Up to 32 systems per cluster
  registry checks, patches                                                                                    • VNC servers                                                           •   Dual power supplies
                                                                                                              • Telnet                                                                •   Up to 64,000 concurrent users per system
Adaptive Policies                                      Granular access control of resources                                                                                           •   Up to 256 virtual portals per system
• Level of access conditional on end-point             • Supports group and users policies                    Thin Client Support
  status                                               • Supports permit and deny policies
• Supports virtual instances                           • Supports global users (remote + internal)
                                                                                                              • Citrix Presentation Server applications                               Total Cost of Ownership
                                                                                                              • Windows terminal services applications
• Integrated policy management                         • Consolidated access control                          • Telnet thin client                                                    • Invest-as-you-grow feature and license
                                                       • Provides high flexibility in configuration                                                                                     packs
Secure Virtual Desktop                                                                                        Layer 3 VPN
                                                       Two factor authentication/authorization                                                                                        • No client installation or management for
• Limits user ability to store confidential                                                                   • Supports any IP based applications (TCP,                                access devices
  information on unauthorized workstations             • SSL Client certificates
                                                       • RSA SecurID                                            UDP, NetBIOS)                                                         • Policies for all users in any location set on
• Wipes all stored information when the                                                                       • Allows IPSec traffic to be tunneled over SSL                            single system, simplifying management
  session is over                                      • Entrust
                                                       • Other RADIUS-based authentication                      VPN                                                                   • ROI increases as your business grows, no
• Stores information in an encrypted vault                                                                    • Different network pools defined per user                                need for additional SSL VPN hardware
• Controls local resources and ability to                 systems
                                                                                                                or group                                                              • Connection multiplexing increases
  download session data into a local drive             Single Sign-on
                                                                                                              • Split tunneling and full tunneling control                              application/server capacity ten fold
                                                       • NTLM                                                 • Network drive mapping                                                 • Minimizes need for expensive servers and
Cache Cleaning
                                                       • HTTP Basic Authentication                            • Automatic launch of network                                             server software
• Per-session with idle timeout and browser
  closure                                              Auditing                                                 scripts/commands
• Windows 2K and previous generation                   • Full audit trail in WebTrends WELF format            • IP address assignment based on users,                                 Management
  Windows                                              • Logs all user activity – success, failures,            groups, DHCP and RADIUS
                                                                                                              • Works in conjunction with all other                                   • Role-based administration
• RedHat, Linux 9                                         attacks                                                                                                                     • Strong administrator authentication
• Mac OS X                                                                                                      resources
                                                                                                              • Supports Windows98SE, ME, 2000, XP and                                • RADIUS accounting
Multi-Layer Security                                   Application Support                                      LINUX                                                                 Virtualization
Security-Hardened ArrayOS™                             Web-Based Applications                                 • Pre-installable client, web-delivered client                          • Up to 256 discrete virtual portals/user
• Not subject to vulnerabilities of off the            • 100% clientless Web-based applications                                                                                         communities on a single system
  shelf operating systems                              • Supports re-write of URLs found in HTML,             Application Acceleration                                                • Delegated management
• System as secure as the information it                  JavaScript, HTTP cookies                                                                                                    • URL aliasing (saves on certificates and IPs)
  protects                                             • Ensures proper function of application               SpeedStack™ Technology                                                  • Complete security and data separation
                                                          beyond the corporate network                        • Up to 10,000 SSL transactions per second                              • Instant DMZ on demand
Wire-speed SSL VPN Firewall
                                                       • Masks internal DNS and IP addressing                 • Optimized packet flow reduces processing                              • Strong compliance assurance
• Content filtering                                                                                             delay
• Supports passive and active filtering                • Device Platforms Supported:                                                                                                  Multi-device Management
                                                          Windows98SE, ME, 2K, XP, Linux, WAP/WML             • Single-digit millisecond latency
• Supports permit or deny policies                                                                                                                                                    • SSH/CLI, SSL/WebUI, SNMP, XML/RPC API
• Layer 7 filtering                                       portal, BREW, Java-based cellphones,                Hardware-based SSL Acceleration                                         • Integration with Microsoft Operations
• DDoS prevention                                         WinCE/PALM PDA                                      • High performance engine                                                 Manager, HP OpenView
• Telnet Application-Layer Filter (ALF)                File Access                                            • Key exchange and bulk encryption
                                                       • SMB, DFS (Windows); NFS (UNIX)                         performed in kernel
Fully Stateful Reverse Proxy
                                                       • Browse and delete directories                        • Industry leading metrics
• Network gapping and separation
• All connections terminated on SPX, all               • Upload, download and delete files                    Hardware Compression
  traffic inspected                                    • Easy access                                          • Reduced download times                                                                                              Web Enabled
                                                       • Maintains original server policies (access                                                                                                                                 Applications
• Supports re-encryption on the back end                                                                      • Improves user experience, especially
                                                          rights)                                                          for slow speed links
                                                       • Supports NTLM single sign-on
                                                                                                                                                                                                   SSL         SSL

                                                    SPX2000              SPX3000                 SPX5000

   SSL Processing

                                                    HW                   HW                      HW
                                                                                                                                Mobile User
   Compression                                                                                                                                                      Array Platform
                                                    SW                   SW                      HW                                                                                                              SSL

   Ports                                            2 FE                 2 Gig Eth               4 Gig Eth                                                                                               SSL

                                                                                                                                                                                                                           Client         Corporate
   Min User License                                 25                   50                      100                                                    SSL
   Max Concurrent Users                             500                  2500                    64,000
                                                                                                                          Extranet Business Partner
   SSL TPS                                          800                  2200                    10,000                                                       SSL


                                                    100 Mbps             300 Mbps                850 Mbps                                                                                    SSL

   Max SSL Sessions                                 4000                 20,000                  100,000
   Form Factor                                      1U                   1U                      3U
   Power Supply                                     Single               Single                  Dual                             Remote
                                                                                                                                                                                                         Customer                     Regional

 Technical Specificatons
 Support                Bronze, Silver, Gold & Platinum Level Support Plans                                  Dimensions                Array SPX2000 17" W X 15" D X 1.75" H or 1U
                                                                                                                                       Array SPX3000 17" W X 15" D X 1.75" H or 1U
 Warranty               1 year Hardware; 90 day Software
                                                                                                                                       Array SPX5000 17" W X 23.5" D X 5.25" H or 3U
 SPX 2000 Standards     2 Port 10 Base-T/100 Base-TX, IP, SecurID, SSL-TLS, HTTP 1.0/1.1, SNMP
                                                                                                             Weight                    Array SPX2000/3000: 14 lbs; SPX5000 36.5 lbs
 SPX 3000 Standards     2 port 10/100/1000 Base-TX, IP, SecurID, SSL-TLS, HTTP 1.0/1.1, SNMP
                                                                                                             Environmental             Operating Temperature: 0° to 40°C, Humidity: 0% to 90%, non-condensing
 SPX 5000 Standards     10/100/1000 Base-TX, 1000 Base-SX, IP, SecurID, SSH, SSL-TLS,                                                  SPX2000/3000: 100-240VAC, 8-4 A, 63-47Hz, Auto-ranging
                        HTTP 1.0/1.1, SNMP                                                                                             SPX5000: 100-240VAC, 6 A, 50-60Hz, Auto-ranging, Redundant, Hot Swappable
 Management             SSH CLI, Direct Console CLI, SNMP, Single Console for Cluster, Array Pilot™          Regulatory                Emissions: FCC, ICES, VCCI, MIC, BSMI, AS/NZS 3548, Compliance
                        (Secure WebUI) for Array OS, XML-RPC                                                 compliance                EN 55022, EN 55024 Class A; EN 60950, UL 1950, CAN/CSA 950, NOM
 Console port           Male DB9 Serial (RS232) Port                                                         Safety                    CSA, CE, UL

                                                                                                                                                                                                      Array Networks
                                                                                                                                                                                1371 McCarthy Blvd. – Milpitas, CA 95035
                                                                                                                                                   408-240-8700 (tel) — 408-240-8753 (fax) — 1-866-MY-ARRAY (toll free)

Shared By:
Description: SSL VPN is to solve remote user access to sensitive corporate data to solve the simplest and most secure technology. Compared with the complex IPSec VPN, SSL-to-use way to implement a simple remote connectivity information. Any browser installed, the machine can use SSL VPN, this is because SSL embedded in the browser, it does not require the same as traditional IPSec VPN client must be installed to each client.