advertisement
Vigor 2910VG Series Router
Firewall
Broadband Router & Firewall
3G (Cellular) Modem support
(Firmware Upgradable)
Content Filtering (by matched keyword or data type)
SurfControl Web Site Category Filtering
Ethernet Virtual LAN segmentation (common/distinct)
Configurable QoS Features (For traffic prioritisation)
VPN Dial-in/dial-out (up to 16 tunnels)
802.11g Wireless LAN ('G' Model only)
Selectable Secondary WAN Port for backup
Twin Voice-over-IP Phone Ports ('V' model only)
USB Port for Printer sharing or 3G Modem connection
Highly configurable but easy to install and monitor
Overview
Vigor 2910 VG Router Firewall
The Vigor 2910 VG is a router firewall which provides a great balance of security, VPN, routing and optional VoIP/Wireless facilities. Content filtering helps protect against inappropriate web usage or time wasting using either keyword matching or Surfcontrol web site categorisation (Subject to subscription).
Optional 3G Cellular data increases the product's flexibility too, allowing you to make use of cellular networks for broadband-like HSDPA networks without needing a fixed line. This can be used for backup or your primary Internet feed. Alternatively, a switchable Ethernet port can be used as a secondary WAN port to a second broadband connection, for example.
The Vigor 2910VG model provides 802.11g connectivity for your laptops or other wirelessly connected PCs.
The Vigor 2910 supports several independent levels of wireless security to protect your data. In addition,
WDS mode can be used to provide repeating or bridging to a secondary router to increase wireless coverage or set up a secondary remote site (within range) where cables cannot be practically run.
The Vigor 2910's VPN facilities provide up to 16 simultaneous tunnels. These tunnels can be encrypted and authenticated with ind ustry standard methods, making your data secure as it passes over the public
Internet. VPNs are ideal for both remote office linking and teleworker connections to access branch or head office resources.
3G
3G Cellular Data Features
The Vigor 2910's USB port can host a compatible 3G modem or cellphone for access to the cellular network for full Internet Access. Most UK networks now provide high speed HSDPA data connections at up to 3.6Mb/s download speed. The 3G connection can be used as your primary/only Internet access, or as backup to your main ADSL line connection. This is not only ideal for homes or offices which don't want to pay fixed line + broadband rental, but also for temporary locations, or those to where fixed lines aren't available.
With the Wireless LAN of the Vigor 2910VG your local users can be connected wirelessly to the router, so instant free 'hotspots' can be deployed quickly and easily. Mains power is required for the router's PSU, but this could be from a mobile generator or equivalent so you need to plan for this.
Page 1 of 5 ©2008 SEG. Reproduction prohibited without written permission. 11.06.09
Supported Modems / Phones
Huawei E220 (As used by Vodafone, T-Mobile, 3)
Huawei E270
Huawei E172
Option Globesurfer iCon 7.2 (not '225' or '7.2s)
Nokia N70
Nokia N95
Nokia 6233
Nokia N95
Telstra HSDPA USB Modem
4G System XSPlug P3
Zapp Telemodem Z020
Option Globesurfer iCON
4G System XSPlug P3
ZTE AC8700 3G
Benq EF91
LG U8380
Telstra Next G 3G USB
ZTE AC8700
Additional Modem Support is added continuously or you can request specific models .
A USB connection cable is required for your phone (not supplied).
The Vigor 2910 and 3G cellular modem setup is ideal for:
Backup to your primary Internet feed (ADSL, cable etc.)
Providing lower cost broadband than a fixed line solution
Areas without fixed line broadband access
Compatible with a wide range of 3G modems/phones
Temporary Locations
Mobile Homes
Locations on the move - coaches, trains
Fairgrounds & temporary exhibitions
Outdoor locations (the router and modem itself must be indoors!)
Disaster Planning & High Availability
WLAN
Wireless LAN Features
The Vigor 2910 VG with built-in Wireless LAN allow you to use your wireless equipped computers or laptops wirelessly, without needing a cable back to the router; this provides convenience and mobility in your home or office. By adding an additional Vigor 2700 wireless model, you can expand the wireless range using WDS
(in repeater mode) and for increasing range potential, DrayTek have a range of directional aerials (see
'accessories').
Page 2 of 5 ©2008 SEG. Reproduction prohibited without written permission.
11.06.09
802.11b & 802.11g Compatibility
802.11g Super-G Wireless LAN (Total bandwidth up to 108Mb/s)
WEP & WPA Wireless Encryption
WDS - Wireless Distribution System for expanding wireless networks
Optional Higher-Gain Aerials
Wireless Security Features :
WEP, WPA and WPA2 Wireless Security & Encryption
WLAN Isolation - Isolate WLAN from wired LAN
SSID Stealthing
Restricted access list for clients (by MAC address)
Time Scheduling (WLAN can be disabled at certain times of day)
802.1x User Authentication (via Radius Server, EAP-TLS Mode)
VoIP
Voice over IP
The Vigor2910 VG provides twin phone ports for VoIP (Voice-over-IP). VoIP enables you to use your existing broadband capacity to carry regular voice calls to suitably equipped remote sites, for example another Vigor VoIP enabled router or to any other compatible hardware/software products, worldwide. The
Vigor2910 VG supports the industry standard 'SIP' system for compatibility with other vendors' produdcts.
The calls between the two sites in the example above are, of course, free of charge because they are making use of your existing always-on ADSL connection, but cost isn't the only advantage; using VOIP means that you have additional call capacity in your home or office, without tying up your regular phone line. Using a
VoIP-PSTN gateway service, such as DrayTEL you can also fully integrate with the PSTN, making and receiving calls to and from any regular phone number, worldwide.
2nd WAN
Secondary WAN Port
The primary 'WAN' interface (the connection to the outside world) is 10/100BaseT Ethernet. This can connect to any Ethernet based router IP or
Internet feed which might typically be fed via
Leased Line, cable modem, ADSL, Satellite system
- anything which is then terminated in Ethernet.
In addition, one of the LAN Ethernet ports can be selected as a secondary WAN (Internet) Interface.
The second interface can be used as the primary interface, backup failover for the primary WAN port, load balancing or just for increased total bandwidth. This allows you to use two Internet feeds simulataneously to provide higher total capacity, or rule-based routing over two feeds
(load balancing). If you do not have a second
WAN feed, you can use the 2nd WAN port as a regular LAN port instead.
Page 3 of 5 ©2008 SEG. Reproduction prohibited without written permission.
11.06.09
Specification
Vigor 2910 Router Specification
Combination Ethernet router, VPN Device, Firewall and Load-Balancer
Primary Ethernet WAN Interface
Selectable secondary WAN Interface
Load Balancing across both WAN ports with automatic or user-defined policies
WAN Backup using secondary WAN in case of primary WAN failure
Four-Port 10/100BaseT autosensing Ethernet interface with manual speed over-ride (one port switchable to WAN2 port)
Printer Port - built-in USB port compatible with most standard printers and any Windows 98SE, 2000 or XP client PC.
Internet Firewall facilities featuring :
Automatic Keep-state facility for tracking packets and denying unsolicitied incoming data
Selectable DoS/DDoS protection
IP Address anti-spoofing
User-configurable packet-filtering
NAT/PAT for Automatic LAN/WAN Mapping and Security
NAT Port Redirection with automatic internal ranging
NAT Port Forwarding (Up to 200 IP ports)
QoS (Quality of Service) assurance with 8 selectable levels & Diffserv support
Internet Content Filtering:
URL Keyword Filtering - Whitelist or Blacklist specific sites or keywords in URLs
Surfcontrol Support - Block Web sites by category (subject to subscription)
Prevent accessing of web sites by using their direct IP address (thus URLs only)
Blocking automatic download of Java applets and ActiveX controls
Blocking of web site cookies
Block http downloads of file types :
Binary Executable : .EXE / .COM / .BAT / .SCR / .PIF
Compressed : .ZIP / .SIT / .ARC / .CAB/. ARJ / .RAR
Multimedia : .MOV / .MP3 / .MPEG / .MPG / .WMV / .WAV / .RAM / .RA / .RM / .AVI / .AU
Time Schedules for enabling/disabling these restrictions
Block P2P (Peer-to-Peer) file sharing programs (e.g. Kazza, WinMX etc. )
Block Instant Messaging programs (e.g. IRC, MSN/Yahoo Messenger)
VPN facilities :
High performance VPN supports up to 32 simultaneous VPN tunnels.
Dial-in or dial-out, LAN-to-LAN or Teleworker-to-LAN
Protocol support for PPTP, L2TP, IPSec
MD-5 & SHA-1 Authentication
Encryption : MPPE, DES/3DES & AES
Hardware Co-processor for VPN Encryption
PFS (Perfect Forward Secrecy) - Adds additional key protection
Pre-shared/IKE keying & PKI (X.509) certificate support
IKE Phase 1 Agressive/Standard Modes & Phase 2 Selectable lifetimes
Radius Support for dial-in teleworker profiles
Compatible with other leading 3rd party vendor VPN devices
Page 4 of 5 ©2008 SEG. Reproduction prohibited without written permission.
11.06.09
VoIP Facilities
Voice calls carried over existing ADSL connection
Two VOIP ports (RJ11 to BT type sockets)
Automatic QoS Assurance for Voice-over-IP Calls - VoIP given highest priority
SIP Standard Compliant
VoIP Codecs : 8Kb/s-64Kb/s
Registration with multiple SIP Registrars at the same time
Distinctive Ring for incoming calls on different accounts
Automatically select different SIP providers depending on destination called - New!
Manually select SIP provider for outgoing calls by user-defined prefix - New!
Hotline Facility - connects to a fixed destination when you lift the handset - New!
Do Not Disturb - Phones can be set to not ring according to a time schedule (e.g. at night) -
New!
Speed Dial (Phone Book) for quick dialling
Caller ID on phone ports (UK Standard Compliant)
Integration with the PSTN via ITSP (e.g. DrayTel) enabling you to make/recieve calls from regular phone lines
Connect any standard analogue phone into the phone ports
UK Standard Call progress Tones (Ring, Busy cadence etc.)
Adjustable Gain (volume) for voice tx/rx
Log of incoming/outgoing calls & realtime Status reporting
DTMF Transmission : In-Band, Out-of-Band (RFC2833), SIP Info
Low latency queuing (LLQ), Random Early Detection
G.168 Line Electrical Echo cancellation & Jitter Buffer (125 ms)
Support for VoIP through VPN tunnels
Built-in Call Handling (PBX) Facilities:
Intercom (call) between local voice/phone ports - New!
SIP Compliant Call Diversion (Forwarding) - Always, Busy or No-Answer
DND (Do Not Disturb) with automatic time schedule - New!
Call Waiting - New!
Call Transfer - New!
T.38 Fax Facilities
Outbound NAT Proxy / STUN Server Support
Wireless Features :
802.11g Super-G Wireless LAN (Total bandwidth up to 108Mb/s)
Twin gain aerials provide diversity and optimum coverage
Optional Higher-Gain Aerials
Backward compatible with 802.11b (11Mb/s) and regular 802.11g (54Mb/s) standards
Wireless Security Features :
WEP, WPA and WPA2 Wireless Security & Encryption - New!
WLAN Isolation - Isolate WLAN from wired LAN - New!
SSID Stealthing
Restricted access list for clients (by MAC address)
Time Scheduling (WLAN can be disabled at certain times of day)
802.1x User Authentication (via Radius Server, EAP-TLS Mode)
Optional Username/Password Required for Wireless Users
WDS (Wireless Distribution system) for WLAN Bridging and Repeating
Wireless Client Rate control - New!
Wireless VLAN - Set inclusive/Exclusive wireless groups - New!
Active Client list in Web Interface
Dynamic DNS Posting, compatible with popular services
DHCP Server facility with pre-settable allocations and alien lock-out
Support for non-NAT public subnets (multiple public IP addresses)
LAN Side IP address range and built-in DHCP server/relay is fully configurable
RIP & Static Routing configurable
Diagnostic Facilities:
SNMP Reporting/Monitoring - compatible with industry standard tools
Comprehansive Syslog logging/monitoring (DrayTek Syslog tool supplied)
Ping & TraceRoute from WUI - New!
Real Time Data Flow Monitor, with instant block (cut of any user immediately!) - New!
VPN Passthrough for VPN client/server running behind the router
Page 5 of 5 ©2008 SEG. Reproduction prohibited without written permission.
11.06.09
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project