Secure VPN Datasheet.cdr

AnexGATE VPN Concentrator
Create reliable, high performance, scalable VPN
connections across geographies, ISPs, and diverse network devices.
Building a Virtual Private Network over broadband
is the most secure, reliable, and cost-effective way for a
company to transact business across a geographically
distributed area. The AnexGATE VPN Concentrator is
a powerful and flexible remote access solution for
Enterprises. Users can remotely access network
services such as ERP, CRM or Intranet from anywhere
in the world. Branches can securely connect via siteto-site VPN with AnexGATE VPN Concentrator, giving
seamless, secure connectivity to business
applications such as Oracle, Tally, SAP, and others. In
addition the AnexGATE VPN Concentrator can be
configured as a VPN firewall, router, and proxy
segregating VPN and non-VPN traffic ensuring perfect
security. The multiple VPN technologies, clustering
and failover, VPN tunnel, user management, detailed
usage reports of AnexGATE VPN Concentrator helps in
providing secure, authenticated remote branch and
nomadic access to servers located in the HQ or
datacenter.
Regional office
Application Web Database
Servers Servers Servers
e
IPS
Headquarters
cV
Router/
firewall
PN
AnexGATE VPN
Concentrator
Internet
DSL/MPLS
connectivity
100% Uptime
With increasing number of mobile users and remote sites
accessing the essential application servers located in the head
quarter DMZ, the VPN performance and availability becomes
critical. AnexGATE's VPN solution allows you to setup a
clustered, multi-homed environment for high reliability with
multi-ISP load-balancing and failover, ensuring 100% VPN
uptime for all the users.Our customers are currently using
AnexGATE VPN link as a secondary backup to an existing
private leased-line, VSAT, or MPLS. The advanced link failure
detection and routing mechanism of AnexGATE makes it a
smooth transition for all critical branch transactions where
downtime needs to be close to zero. For hardware failover and
load balancing, multiple servers can be configured and the
clients can automatically connect to the available servers. High
availability with VRRP is supported for additional protection
Scalability
Both large and small enterprises use site-to-site VPNs (hub and
spoke) to communicate to their business systems. As sharing of
information grows, the number of VPNs will also grow.
Especially in the area where site-to-site VPNs are created for the
inter-office encrypted VoIP calls and data sharing between
various office locations. Using an SSL VPN to carry VoIP over
TCP actually improves voice quality, according to testing done
by Network World. VPNs can also provide security for VoIP calls
running over Wi-Fi networks, blocking eavesdropping. Some of
AnexGATE’s customers who are using SSL VPN have hundreds
of concurrent users, load-balanced over multiple VPN
Concentrators. These customers are very happy with the
excellent scalability options provided by AnexGATE.
Security
N
VP
L
SS
AnexGATE ACE
Branch office
Alerts
AnexGATE NMS & remote
management
Flexibility
The AnexGATE offers a choice of three independent
VPN technologies which can be enabled
simultaneously, giving you flexibility to provide the
best possible connection type to each remote user or
location. For mobile users PPTP VPN is ideal with builtin PPTP client for laptops. For highest security,
reliability, ease of use and fine-grained control
AnexGATE recommends the use of SSL VPN. Whereas
for interoperability with heterogeneous external
network devices IPSec may be used (AnexGATE
conforms to IPSec/IKE RFCs and is compatible with
Microsoft, Cisco, Nortel, Checkpoint, Netscreen and
The AnexGATE ensures secure data transfer with various
certificate options. Perfect Forward Secrecy allows encryption
keys to change every hour and prevent ciphering option. Client
keys can be locked to source IP address and be password
protected. The AntiVirus/AntiSpam, content filtering, Stateful
Packet Inspection and Intrusion Detection of AnexGATE can
enforce added security needed by customers. NAT traversal lets
users connect from all common ISPs.
SLA Monitoring
The constant monitoring of VPN usage and prioritizing of the
traffic helps the customer make most usage of the link.
Customers can even reserve bandwidth for each VPN client.
Reports
Detailed VPN server usage and top client connectivity reports
are available in graphical or PDF report format.
Managing the AnexGATE VPN Concentrator
The best part about the AnexGATE VPN Concentrator is that your network administrator does not need dozens of
certifications to get it up and keep it running! A comprehensive and easy to use Web GUI lets you create servers, create
users, add routes, and add restrictions very easily. The AnexGATE VPN Concentrator ensures smooth operation by
managing the network operations centrally from a single web interface. No additional management or security tools are
required to be installed, making the network configuration simpler. The easy rollout option with customer-specific default
configurations are hard to match with from devices available from other vendors
Features at a glance
aMultiple virtual VPN servers on the same hardware, for scalability and performance and also able to do failover between
aMultiple VPN servers in the same hardware
aSupport for VRRP, for hardware redundancy o Automatic configuration synchronization between VPN devices supported
aMulti-ISP Load Balance and Failover support
aSupport 3 WAN & 3 LAN ports
aMulti WAN & LAN zones
aProvision to support bandwidth allocation to the connected VPN site to site clients
aVPN setup over broadband / High Speed data card links
aFailover of VPN link over multiple broadband links o The VPN tunnel should pick the working broadband and setup the tunnel
over it o Stateful Firewall with deep packet inspection support
aPerfect Forward Secrecy to prevents ciphering option
aSupport Encryption types: DES, 3DES, AES, Blowfish
aSupport Message integrity: MD-5 and SHA-1
aSupport Password protected Private key for client
aVPN Server/client should support dynamic public IP addresses
aSupport for NAT of VPN traffic
aSite-Site and nomadic SSL/IPSec VPN clients supported and scalable up to 5000+ clients without change in underlying
hardware
aAutomatic RDP/VNC to connected VPN clients supported, for remote support
aPossible to monitor connected / disconnected VPN clients, on a real-time basis
aReporting of VPN clients connecting to the VPN server, with details of data transferred available. o Reports retrievable over a
period of 6 months.
aDaily scheduled reports of the connected VPN clients, its remote IP, time it connected to the VPN server and it total bandwidth
usage to be delivered over email, to multiple configured email addresses
aPossible to generate alert emails when there is a system alarm
aAlarm indication available over SMS, with the configured SMS gateway
aAlarm information available on a web browser, on a real-time basis
VPN Features
Ease of use
Encryption
Client required
Site-to-site VPN
Client-to-site VPN
(road warrior)
Concentrator failover setup
Concentrator
load-balancing setup
Multi-homed concentrator
Multicast traffic
Bridged interface
Routed interface
Certificate based
authentication/PKI
Password authentication/PSK
Works over NAT
Works with dynamic IP
IPSec
Hard
Good
Depends on
peer service
Yes
SSL VPN*
Easy
Good
Yes
Very difficult
Yes
Easy
Very difficult
No
No
No
Yes
Easy
Yes
Yes
Yes
Yes
Yes
PSK
May not work with
all IPSec peers
No
Yes
Yes
Yes
Yes
Yes
Yes
* All Specification and photos are subjected to change without prior notice
Smile Security and Surveillance Pvt. Ltd. (SSSPL)
# 21/2, MRI Building, First Floor, Bhattarahalli, 14 km, Old Madras Road,
Bangalore 560049, INDIA
Phone No: +91-80-2561 477 3 / 4 / 5 / 6 Fax No:+91-80-2561 4666
Email ID:info@anexgate.com
[A Division of SSSPL]
Download PDF