NetGear unveils dual-band firewall with VPN security
NetGear has unveiled the SXRN3205 ProSafe Wireless-N Virtual Private Network (VPN) firewall, which the company claims is the first to combine dual band 5.0/2.4GHz Wireless-N with SSL and IPsec VPN.
Overview
Optimal, Secure Connection for Your Network
NETGEAR’s SRXN3205 ProSafe® Wireless-N VPN Firewall offers two types of virtual private network (VPN) tunnels, Secure Sockets Layer (SSL) and IP security (IPsec), for optimal secure connection to your network. SSL VPN tunnels provide clientless remote access to your corporate data for individual access anywhere and anytime without a software client. IPsec VPN tunnels deliver both secure site-to-site tunnels and legacy remote access support, connecting multiple offices together, as well as clientbased remote access. Backed by a sophisticated firewall, the SRXN3205 is a high-performance, SNMP-manageable security solution that furnishes multidimensional security including denial-ofservice (DoS) protection, stateful packet inspection (SPI), URL keyword filtering, logging, and reporting. Four Gigabit LAN ports in conjunction with an integrated dual band Wireless N Access Point keep your data moving at top speed.
http://gallery.techarena.in/data/513/prosafe.jpg
Secure
The SRXN3205 Wireless-N VPN Firewall takes care of all your security needs, with support of up to 5 SSL VPN tunnels and 5 IPsec VPN tunnels simultaneously, hacker protection via SPI firewall, DoS attack protection, and multiple VPN pass-through. SYSLOG and email reporting enable thorough network monitoring. The SSL VPN tunnels support industry-strength encryption algorithms and features such as automatic cache cleanup after session termination to ensure protection and privacy of your
sensitive data. The SRXN3205 Wireless-N VPN Firewall provides optimal value and defense against network security threats.
Wireless Access
NETGEAR’s SRXN3205 Wireless-N VPN Firewall delivers the coverage and speed advantages of 802.11n wireless networks. Designed to deliver the superior wireless network that your clients want, the SRXN3205 makes it easy to move up to 802.11n. Operating in either 2.4 GHz or 5.0 GHz radio bands, the SRXN3205 provides the flexibility to transition from legacy networks. Select the 2.4 GHz radio band to gain superior wireless connection while maintaining support for existing 802.11g and 802.11b networks. Wireless- N clients on this network will experience excellent throughput and range, while legacy clients will continue to function. For the full benefits of Wireless-N, select the 5.0 GHz radio band to create an overlay network that does not interfere with existing 802.11g and 802.11b networks. In sum, NETGEAR’s SRXN3205 offers:
Up to 10x the coverage and 15x the speed of 802.11g networks
Dual Band 2.4/5.0 GHz operation for maximum 802.11g/b backwards compatibility or superior Wireless-N throughput and range
Wireless access security features including WPA, WPA2, rogue AP detection and 802.1x with RADIUS support
Easy to Use
Auto Detect connects to your ISP quickly; the user-friendly Web-based ProSafe Control Center configuration screen and install assistant reduce setup time. With SSL VPN tunnels, users can quickly and securely access company data with just a Web browser. The IPsec VPN wizard automates IPsec VPN configuration and secure remote makes it simple to connect to multiple sites. Support for DHCP (client and server) as well as PPPoE allows for widespread deployment. The SRXN3205 is compatible with Windows®, UNIX®, Macintosh®, and Linux® OS.
Use a simple Web browser to build an SSL VPN tunnel - no separate client software needed!
http://gallery.techarena.in/data/513...m_srxn3205.jpg
NetGear VPN security Specification
Specification
Wireless
- IEEE 802.11n draft 2.0 spec, 2.4 GHz and 5.0 GHz
- IEEE 802.11a 5.0 GHz
- IEEE 802.11g, IEEE 802.11b, 2.4 GHz
- Wi-Fi Protected AccessTM (WPA, WPA2) with TKIP and AES
- Wired Equivalent Prviacy (WEP) 64 bit, 128-biy encryptions for IEEE 802.11b and 802.11g
- IEEE 802.1x RADIUS authentication with EAP TLS, TTLS, PEAP
- 2 dipole antennas
- 1 patch antenna
- Three (3) reverse SMA antenna connectors
SPI Firewall
Stateful packet inspection
- prevents DoS attacks
- stealth mode
- user support: unrestricted
Keyword filtering on:
- address
- service (FTP, SMTP, HTTP, RPL, SNMP, DNS, ICMP, NNTP, POP3, SSH)
- protocol
- Web UTL port / service blocking
- ActiveX, Java, Javascript
IPsec VPN Functionality
- 5 dedicated IPsec VPN tunnels
- Manual and Internet Key Exchange Security Association (IKE SA) assignment
- - preshared key signature
- - RSA/DSA signature
- Key life & IKE lifetimes time settings
- Perfect forward secrecy
- Diffie-Hellman groups 1 and 2
- Oakley Support
- Operating modes
- - main
- - aggressive
- Fully qualified domain name (FQDN support) for dynamic IP address VPN connections
IPsec Support
- DES (56 bit), 3DES(168 bit), AES (256 bit) encryption algorithm
- MD5 or SHA-1 hashing algorithm
- ESP support
- PKI features with x.509 v.3 certificate support
- Remote access VPN (client-to-site), site-to-site VPN
- IPsec NAT traversal (VPN pass-through)
SSL VPN Functionality
5- dedicated SSL VPN tunnels
- SSL version support: SSLv3 and TLS1.0
- SSL encryption support: DES, 3DES, ARC4, AES (ECB, CBC, XCBC, CNTR) 128/256 bit
- SSL message integrity: MD5, SHA-1, MAC-MDS/SHA-1, HMAC-MD5/SHA-1
- Certificate Support:
- RSA
- Diffie-Hellman
- Self-signed
Routing Modes of Operation
- Many-to-one Multi-network Address Translation (NAT)
- Classical routing
IP Address Assignment
- Static IP address assignment
- Internal DHCP server of LAN
- DHCP client on WAN
- PPoE client support
Throughput
- LAN-to-WAN: 60 Mbps
- Connections: 20,000 concurrent sessions
- VPN throughput: 20 Mbps
HW Specifications
- Dimensions: 252.7 x 179.5 x 35.1 mm (9.95 x 7.07 x 1.38 in)
- Weight: 1.34 kg (2.95 lb)
- Processor speed: 300 MHz
- Memory: 64 MB RAM, 16 MB flash
- Power supply: Output 12V/18W
Environmental Specifications
- Operating temperature: 0° - 40° C (32° - 104° F)
- Operating humidity: 90% maximum relative humidity
Physical Interfaces
- 1 Gigabit Ethernet RJ45 WAN
- 4 Gigabit Ethernet RJ45 LAN
Management Features
Administration Interface
- SNMP (v2c) support
- Web graphic user interface
- Secure Sockets Layer (SSL) remote management
- User name and password protected
- Secure remote management support authenticated through IP address (or IP address range) and password
- Configuration changes/upgrades through Web GUI
Logging
Functions
- VPN Wizard to simplify configuration of IPsec VPNs
- Auto Detect to automatically detect ISP address type (static, dynamic, PPPoE)
- Port range forwarding
- Port triggering
- Enable/disable WAN ping
- DNS proxy
- MAC address cloning/spoofing
- Network Time Protocol NTP support
- Diagnostic tools (ping, DNS lookup, trace route, other)
- Port/service
- Auto-Uplink on switch ports
- L3 Quality of Service (QoS)
- LAN-to-WAN and WAN-to-LAN (ToS)
Package Contents
- ProSafe Wireless-N VPN Firewall (SRXN3205)
- Two (2) 5 dBi antennas and one (1) 3 dBi antenna
- Ethernet cable
- Power adapter
- User guide
- Resource CD with single-user ProSafe VPN Client Software license
- Warranty/support information card
NETGEAR Related Products
Software
- VPN01L and VPN05L ProSafe VPN Client Software
Adapters
- RangeMax™ Wireless Notebook
- Adapter (WN511B)
- RangeMax™ Wireless USB 2.0
- Adapter (WN111)
- RangeMax™ Dual Band Wireless
- USB 2.0 Adapter (WNDA3100)
Ordering Information
- North America: SRXN3205-100NAS
- Asia: SRXN3205-100AUS
- Europe: SRXN3205-100EUS
ProSupport Service Packs Available
- PMB0331-100 (US)
- PMB0331 (non-US)
- PRR0331