Gigabit Multi-Homing VPN Security Router

MH-3400
Gigabit Multi-Homing VPN Security Router
Physical Port
• 1~2 x 10/100/1000 Base-T RJ-45, configurable with LAN
1 (Mirror Port)
• 3~4 x 10/100/1000 Base-T RJ-45, configurable with WAN
4 (WAN 4 / LAN2 / DMZ)
• 1 x USB 2.0 Host for 3G/3.5G Internet Access
Appropriate Network Security Solutions
Multi-WAN Function
As Internet becomes essential for business, the crucial solution to preventing your
• Inbound / Outbound Load Balance: by session and by IP
Internet connection from failure is to have more than one connection. PLANET MH-3400
is a Gigabit Multi-Homing VPN Security Router ideal to help the SMBs increase the
broadband network performance and reduce the risks of potential shutdown if one of the
Internet connections fails. The MH-3400, supporting Multi-Subnet interface with MultiVLAN function, allows users to easily divide network into different sections based on
• Bandwidth expansion with 3~4 Gigabit WAN ports
• Multi-WAN auto line backup
IP Routing Feature
• Dynamic Route RIP v1/v2
applications, such as VoIP, web or ftp server, or user groups.
• Static Route
Internet
100101
001010
100001
000101
DoS Firewall
Bandwidth Management
SPI Firewall
• Smart QoS
• Session Limit
• Port-based QoS
Internet
Hacker
DoS/DDoS Attack
Security Router
• QoS Schedule
Switch
ARP Attack
Firewall Security
• Stateful Packet Inspection(SPI) Firewall
Switch
• IP & Port Filtering
Intranet
Hacker
ARP Attack
• Block Website by Keyword, Content Filter
• Firewall Detection: Ping of Death, SYN Flooding, Land
ARP Attack
VLAN 2 (R&D Department)
VLAN 1 (Accounting Department)
1000Base-T UTP
Faced with the increasingly large number of IP cameras and Wireless APs being
installed and deployed in all kinds of applications, more and more network equipment
comes with IPv6 protocol for next generation networking. The MH-3400 supports both
the original IPv4 network structure as well as the new IPv6 protocol. With easy and
friendly management interfaces and plenty of management functions included.
• Supports DMZ to protect your network: DMZ Host
VPN Feature
• Configure Concurrent Tunnels: 200 IPSec + 60 PPTP or
other combinations within the memory’s limitation
• Supports up to 2 Groups of VPN
• IPSec, PPTP Passthrough
IPv4
IPv6
Network
IPv4
Network
1
attack, IP Spoofing
• Prevents ARP Attack on LAN
Cost-effective IPv6 Managed Router Solution for SMBs
Data Sheet
• Denial of Service (DoS) prevention
Dual Stack
Built-in IPsec Secure
and QoS
IPv6
1
MH-3400
Improving Network Efficiency with Load Balancing
Moreover, the MH-3400 allows you to perform load balancing by distributing the traffic
through three or four WAN connections. In Outbound Load Balancing, the network
sessions are assigned based on the user configurable load balancing mode, including
“Auto Load Balance”, and “Unbinding WAN Balance”. Users can also configure which IP
or TCP/UDP type of traffic to use when connecting to a WAN port. The Inbound Load
Balancing is for enterprise’s internal server. The Inbound Load Balancing can reduce the
server loading and the risks of system crash so that the MH-3400 helps to improve the
Networking
• DHCP Server (supports class C)
• Multiple DHCP Servers support multiple Subnet (supports
4 sets of Class C)
• PPPoE / Static IP / DHCP Client
• Protocol: TCP/IP, ARP, ICMP, FTP/TFTP, IPv4, IPv6
• NAT with popular ALG support
server working efficiency.
• Port forwarding
• DNS Relay
PC Group
• DDNS: supports DynDNS, 3322, No-IP
2
PC Group
Internet
1
• Password protected configuration or management
PC Group
3
sessions for web access
• Port Management – Speed / Duplex / Auto Negotiation
ISP1
• VLAN Tagging (802.1Q) / Port VLAN
ISP2
• Transparent Bridge
3G USB Support
Multi-WAN
• 3G/3.5G Internet Access
Switch
Security Router
• Automatic fail-over and load balancing between 3G and
Switch
WAN
• Auto / manual throughput and time calculation
DNS Server
ERP Server
E-mail Server
Web Server
1000Base-T UTP
mechanism for cost or dial-on
• Throughput measurement
• APN and PIN code support
Strong Protection for Network Security
In addition to a multi-homing device, the MH-3400 provides a complete security
solution in one single box. The policy-based firewall, content filtering functions and VPN
connectivity with 3DES and AES encryption make it a perfect product for your network
security. No more complicated connections and settings for integrating different security
products on the network are required.
Network Management
• Comprehensive web-based management and policy
setting
• SNMP v1/v2c (IPv4 only)
• Monitoring, logging, and alarms of system activities
Branch Office
Internet
Headquarters
• Firmware upgrade through Web browser
01010101010110010101010100010101010
01010101010110010101010100010101010
VPN Encryption for
Network Security and Data Protection
2
MH-3400
QoS Bandwidth Management
Besides offering easy yet powerful bandwidth management functions, the MH-3400 features Smart QoS with dynamic bandwidth management to
automatically control P2P, video downloading and other bandwidth hogging in order to avoid bandwidth insufficiency. It also helps the network administrators
better allocate network resources based on business priorities, as well as to shape and control bandwidth usage by prioritizing different persons/groups or
applications in bandwidth use.
Internet
Internet
Dynamically
Adjust
20
20
Mbps
20
Mbps
50
50
Mbps
Mbps
20
20
Mbps
Mbps
Mbps
Applications
PLANET Multi-Homing VPN Security Router, the MH-3400, has the powerful firewall functions like SPI Firewall DoS prevention. Providing IPSec and PPTP
VPN solutions, the MH-3400 offers the secured data communications for branches, vendors, and/or mobile workers a flexible way to connect back to the
headquarters.
Vendor
Branch Offices
Firewall Gateway
Firewall Gateway
PC Group
PC
a/n
Modem
Internet
VDSL2
VDSL2
IPSec VPN Tunnel
IPSec VPN Tunnel
ADSL
Modem
Access Point
Laptop
ADSL
Modem
Access Point
PPTP VPN Tunnel
Firewall
MH-3400
Firewall
PC
DMZ
b/g
Laptop
Finance-Server
PC
Web-Server
Mail-Server
Action Office
Headquarters
VDSL2
VDSL2
ADSL 2/2+
ADSL
100Base-TX UTP
1000Base-T UTP
a/n
5GHz 802.11a/n
3
MH-3400
The MH-3400 can connect multiple WANs by different ISPs. It can create a stable and qualified VPN connection for many important applications such as
VoIP, video conference and data transmission.
Branch Office
Lobby
Fisheye IP Camera
Computer Room
Meeting Room
PSTN
PoE
FAX
PC Group
NVR
PoE
H.264 IP Camera
Switch
Phone
PoE
MH-3400
Modem
PPTP VPN
Tunnel
Modem
ISP1
VoIP Gateway
PoE Switch
ISP2
PPTP VPN
Tunnel
Internet
ISP3
Headquarters
ISP4
MH-3400
Modem
Modem
Core Switch
PBX
VoIP Gateway
Switch
CMS
DMZ
Phone
PSTN
Management
FAX
Office
Security Center
100BASE-TX UTP
1000BASE-T UTP
Web or Mail Server
Central
Telephone wire
PoE
100BASE-TX UTP with PoE
4
MH-3400
Specifications
MH-3400
Model
Hardware
Ethernet
Button
LAN
1~2 x 10/100/1000Mbps RJ-45, configurable with LAN 1 (Mirror Port)
WAN
3~4 x 10/100/1000Mbps RJ-45, configurable with WAN 4 (WAN 4 / LAN2 / DMZ)
DMZ
1 x 10/100/1000Mbps RJ-45
Reset
1 x Reset button for reset to factory default setting
Power
1 x Power on/off switch
USB
1 x USB 2.0 Host
Operating Environment
Temperature:
0 ~ 50 degrees C
Relative Humidity: 10~85% (non-condensing)
Dimensions (W x D x H)
240 x160 x 44 mm
Power
100~240 VAC, 50~60 Hz, max 0.5A
Regulatory
FCC Class B, CE
Software
Multi-WAN Function
■ Inbound / Outbound Load Balance: by session and by IP
■ Protocol Binding
■ Network Service Detection
Routing
■ Dynamic Route RIP v1/v2
■ Static Route
System Performance
■ Concurrent session: 50000
■ Firewall performance: 1Gbps
■ Corporation size: SMB (clients 200~250)
■ 3DES performance: 154Mbps
Bandwidth Management
■ Session Limit
■ Smart QoS
■ Port-based QoS
■ QoS Schedule
Firewall Security
■ NAT
■ One-to-One NAT
■ Multiple-to-One NAT
■ Stateful Packet Inspection (SPI) Firewall
■ Denial of Service (DoS) prevention
■ IP & Port Filtering
■ Block Website by Keyword, Content Filter
■ Firewall Detection: Ping of Death, SYN Flooding, Land attack, IP Spoofing
■ Email Alert for Hacker Attack
■ IP&MAC Binding
■ DMZ Host
■ Prevents ARP Attack on LAN
Networking
■ Configurable DMZ
■ DHCP Server (supports class C)
■ Multiple DHCP Server (supports 4 sets of Class C)
■ PPPoE / Static IP / DHCP Client
■ LAN MAC Clone
■ Multiple Subnet (Max. 30 sets)
■ Protocol: TCP /IP, ARP, ICMP, FTP/TFTP, IPv4, IPv6
■ NAT with popular ALG support
■ Port Forwarding
■ DNS Relay
■ DDNS: supports DynDNS, 3322, No-IP
■ Password protected configuration or management sessions for web access
■ Port Management – Speed / Duplex / Auto Negotiation
■ VLAN Tagging (802.1Q) / Port VLAN
■ Transparent Bridge
USB Feature
■ 3G/3.5G Internet Access
■ Automatic failover / load balancing between 3G and WAN
■ Auto / manual throughput and time calculation mechanism for cost or dial-on demand (Cellular cost Control)
■ Signal strength display on front panel
■ Throughput measurement
■ APN and PIN code support
Network Management
■ Comprehensive web-based management and policy setting
■ SNMP v1/v2c (IPv4 only)
■ Monitoring, logging, and alarms of system activities
■ Firmware upgrade through Web browser
5
MH-3400
Hardware
VPN Support
VPN Tunnel
■ 200 IPSec VPN Tunnels / 60 PPTP VPN Tunnels.
IPSec VPN
■ IPSec H/W acceleration
■ Supports up to 2 Groups of VPN
■ Friendly VPN Tunnel Management
■ IKE: Pre-Shared keys
■ IPSec Encryption DES / 3DES / AES128 / AES192 / AES256
■ IPSec Authentication MD5 / SHA1
■ PMTU
■ NAT Traversal (NAT-T)
■ Connect on Demand
■ DPD detection
■ VPN Hub
■ IP by DNS resolved
■ View Log
■ IPSec, PPTP Passthrough
Ordering Information
MH-3400
Gigabit Multi-Homing VPN Security Router
Related Products
XRT-401F
4-Port LAN + 1-Port WAN Broadband Router
CS-2001
UTM Content Security Gateway
CS-5800
Gigabit Content Security Router
SG-4800
Gigabit SSL VPN Security Router
PLANET Technology Corporation
11F., No.96, Minquan Rd., Xindian Dist., New Taipei City
231, Taiwan (R.O.C.)
Tel: 886-2-2219-9518 Fax: 886-2-2219-9528
Email: sales@planet.com.tw www.planet.com.tw
MH-3400
PLANET reserves the right to change specifications without prior notice. All brand names and trademarks are property of
their respective owners. Copyright © 2013 PLANET Technology Corp. All rights reserved.
6