Service gateway ESR-100

Overview
Specifications
Reviews
  • scalable solution for different fields of application
  • advanced command line interface for management
  • flexible services configuration
  • interfacing with equipment of leading manufacturers capability
  • hardware acceleration of data processing
  • bandwidth up to 10 Gbps
  • L2/L3 functions performance at the hardware level
  • device models with increased reliability and critical nodes redundancy
    The family of ESR routers are a universal hardware platform capable of performing a wide range of tasks related to network security. The lineup includes application-oriented models to be used in networks of various sizes - from small business networks to carrier networks and data centres.  
      

    Typical tasks performed by service routers:

    • providing NAT, Firewall services
    • routing
    • organization of secure network tunnels to combine different offices of companies (IPsec VPN)
    • organization of remote access to local resources in enterprise networks (L2TP, PPTP), Open VPN
    • filtering of network data by various criteria emergence of new network services
        These functions are combinable with traditional services. The devices have features of L2 switch and L3 router.
             

        Perfomance 

        The key elements of ESR-100 are data processing hardware acceleration equipment ensuring high levels of productivity. Hardware and software processing is distributed among the units of the device. 

        Performance

        • Firewall performance (large packets) - 1.68 / 134 Gbps / Kpps
        • Performance NAT (big packets) - 1.68 / 200 Gbps / Kpps
        • Performance IPsec VPN (big bags) - 0.42 / 42 Gbps / Kpps (aes128bit-sha1)
        • VPN tunnels - 200
        • Static routes - 11K
        • The number of concurrent sessions - 256K

        Interfaces

        • 4 Combo port 10/100/1000Base-T SFP + /1000 Base-X
        • 1 USB2.0 ports
        • 1 USB3.0 ports
        • Slot for SD-cards

        Specifications

        • RAM - up to 8 GB
        • Built-in Flash-memory - 1 GB
        • Power supply - 220V AC / 48V DC
        • Power consumption up to 75 watts

        Hardware Features

        • Hardware encryption acceleration
        • Hardware acceleration DPI

        Server VPN

        • L2TP
        • PPTP
        • OpenVPN

        Tunneling

        • GRE
        • IPIP
        • L2TPv3

        L2 functions

        • Packet switching (bridging)
        • STP, RSTP, MSTP 802.1d, 802.1Q
        • LAG/LACP 802.3ad
        • VLAN 802.1Q
        • Port Isolation
        • Private VLAN Edge (PVE)

        L3 functions (IPv4/IPv6)

        • SNAT, DNAT, Static NAT (IPv4 only) addresses translation
        • Static routes
        • Dynamic routing protocols RIPv2, OSPFv2, BGP, OSPFv3
        • VRF Lite
        • PBR
        • Prefix-List

        IP addressing management (IPv4/IPv6)

        • Static addresses
        • DHCP client, PPPoE client
        • Embedded DHCP server
        • DHCP Relay

        Quality of Service (QoS)

        • Up to 8 priority queues per port
        • L2 and L3 traffic prioritization (802.1p, DSCP, IP presedence)
        • Queues overload management RED, GRED
        • Port prioritizing , VLAN
        • Remarking of priorities resources
        • Policy enforcement (policing)
        • Bandwidth management (shaping)
        • Hierarchical QoS
        • Sessions marking

        Network reliability assurance support

        • Dual homing
        • VRRP
        • WAN interfaces load balancing, data stream redirection
        • High availability: connection reservation
        • Two devices stacking , configuration, on-line data, link redundancy

        Network security functions

        • Network interfaces zoning
        • Zone isolation, firewall, data filtering rules
        • IPSec
        • Encryption of connections (DES, 3DES, AES), Blowfish, Camellia
        • Logs authentication MD-5, SHA-1, SHA-2
        • Access Control List based on MAC, IP

        Monitoring and control:

        • Standard SNMP MIB support
        • Management of access level
        • Authentication on the local user database, RADIUS, TACACS+, LDAP
        • Protection against configuration errors, configuration recovery
        • Management Interfaces CLI
        • Syslog
        • Use of system resources monitor
        • ping, traceroute (Ipv4, Ipv6)
        • Upload and download configuration via TFTP
        • Online Software Updating, via USB -drive, SD card
        • Software updating, upload and download of configuration via TFTP, SCP, FTP
        • IP SLA Wellink (wiSLA) (continuos monitoring of VPN L2 and VPN L3)
        • NTP
        • Netflow v5/v9/v10
        • Local management - console RS-232
        • Remote management (Ipv4, Ipv6) - telnet, SSH

        Monitoring functions

        • Load testing of channel capacity: up to 150 Mbps
        • TWAMP: up to 100 tests at the same time
        • Reflector: TWAMP, UDP-Echo, L2
        • Services monitoring TCP: up to 100 tests at the same time
        • Services monitoring HTTP: up to 100 tests at the same time
        • DNS: up to 100 tests at the same time
        • Simultaneous controlled services amount: more than 100

        Physical characteristics and environment features

        • Power supply source: circuit of alternating current 220V+-20%,50 GHz
        • Power consumption less than 75 W
        • Weight less than 3,6 kg
        • Dimensions (WхHхD): 310х46,3х240 mm
        • Temperature range from -10 to +45°С
        • Temperature range for storage from -40 to +70°С