Thiết bị mạng DrayTek Vigor2960F

Model:Vigor2960F
Lượt xem: 3636
7.100.000 đ

Thông số kỹ thuật

Thiết bị mạng DrayTek Vigor2960F

VPN server, Firewall, Load Balancing DrayTek Vigor2960F

The Vigor2960 Series serves as a VPN gateway and a central firewall for multi-site offices and tele-workers. With its high data throughput of two-Gigabit Ethernet, Dual WAN, VPN trunking and 4 Gigabit Ethernet LAN ports, the device facilitates productivity of versatile business operations. To secure communications between sites is the establishment of VPN tunnels up to 200 simultaneous tunnels.

-       Manage ultra fast high-speed Internet

-       Support IPv6 network for the next generation Internet

-       Business Continuity by Dual WAN Load-balancing/failover

-       PPPoE quota setting and MAC address filter

-       Support inbound load balance

-       200 VPN & 50 SSL VPN tunnels for the secure remote access

-       Central VPN Management (CVM)

-       Support VPN Trunk failover mode

-       Up-to 400Mbps site-to-site VPN throughput (IPsec)

-       Advanced firewall for the network security

-       SMS, Email Alert and Notification object profiles for WAN/VPN connection

-       USB port supports USB temperature sensor

-       Working with TR-069 based VigorACS SI for the central management

-       Smart Monitor Traffic Analyzer (Up to 200 nodes)

 Specifications

WAN Protocol

Ethernet

PPPoE, PPTP, DHCP client, static IP, L2TP*, Ipv6

Dual WAN

Outbound Policy based Load Balance

Allow your local network to access Internet using multiple Internet connections with high-level of Internet connectivity availability.

Two dedicated Ethernet WAN ports (Gigabit WAN) 

WAN fail-over or load-balanced connectivity.

VPN

Protocols

PPTP, IPsec, L2TP, L2TP over IPsec.

Up to 200 connections simultaneously

LAN to LAN, remote access (teleworker-to-LAN), dial-in or dial-out.

VPN trunking

VPN load-balancing and VPN backup.

LDAP/Active Directory

Lightweight directory access protocol.  The enterprises use LDAP/Active Directory authentication technology to allow administrator, IT personnel and users to be authenticated when trying to access company's intranet environment.

NAT-traversal (NAT-T)

VPN over routes without VPN pass-through.

PKI certificate

Digital signature (X.509).

IKE authentication

Pre-shared key; IKE phase1 aggressive/standard modes & phase 2 selectable lifetimes.

Authentication

Hardware-based MD5, SHA-1.

Encryption

MPPE and hardware-based AES/DES/3DES.

RADIUS client

Authentication for PPTP remote dial-in.

DHCP over IPsec

Because DrayTek add a virtual NIC on the PC, thus, while connecting to the server via IPSec tunnel, PC will obtain an IP address from the remote side through DHCP protocol, which is quite similar with PPTP.

GRE over IPsec

GRE is used when IP packets need to be sent from one network to another without being parsed by any intervening routers

Dead Peer Detection (DPD)

When there is traffic between the peers, it is not necessary for one peer to send a keep-alive to check for liveness of the peer because the IPSec traffic serves as implicit proof of the availability of the peer.

Smart VPN software utility

Provided free of charge for teleworker convenience (Windows 7/XP including 32/64 bit).

Easy of adoption

No additional client or remote site licensing required.

Industrial-standard interoperability

Compatible with other leading 3rd party vendor VPN devices.

CVM 

CVM, central VPN management, manages VPN tunnels easily.

Content Filter

IM/P2P blocking

Java applet, cookies, active X, compressed, executable, multimedia file blocking.

Web content filter

Web content filter

Dynamic URL filtering database.

Time schedule control

Set rule according to your specific office hours.

Firewall

Stateful Packet Inspection (SPI)

Outgoing/Incoming traffic inspection based on connection information.

Content Security Management(CSM)

Appliance-based gateway security and content filtering

Multi-NAT

You have been allocated multiple public IP address by your ISP. You hence can have a one-to-one relationship between a public IP address and an internal/private IP address. This means that you have the protection of NAT (see earlier) but the PC can be addressed directly from the outside world by its aliased public IP address, but still by only opening specific ports to it (for example TCP port 80 for an http/web server).

Port redirection

The packet is forwarded to a specific local PC if the port number matches with the defined port number. You can also translate the external port to another port locally.

Open Ports

As port redirection (above) but allows you to define a range of ports.

DMZ Port

-This opens up a single PC completely. All incoming packets will be forwarded onto the PC with the local IP address you set. The only exceptions are packets received in response to outgoing requests from other local PCs or incoming packets which match rules in the other two methods.

-The precedence is as follows : Port Redirection > Open Ports > DMZ

Policy-based IP packet filter

The header information of an IP packet (IP or Mac source/destination addresses; source /destination ports; DiffServ attribute; direction dependent, bandwidth dependent, remote-site dependent.

DoS/DDoS prevention

Act of preventing customers, users, clients or other computers from accessing data on a computer.

IP address anti-spoofing

Source IP address check on all interfaces only IP addresses classified within the defined IP networks are allowed.

Object-based Firewall

Utilizes object-oriented approach to firewall policy

Notification

E-mail alert and logging via syslog.

Bind IP to MAC address

Flexible DHCP with 'IP-MAC binding'.

User/Rule base

User base integrates LDAP/Active Directory authentication to enforce policies.

System Management

Web-based user interface (HTTP or HTTPS)

Integrated web server for the configuration of routers via Internet browsers with HTTP or HTTPS

Quick start wizard

Let administrator adjust time zone and promptly set up the Internet (PPPoE, PPTP, Static IP, DHCP).

User Administration

RADIUS user administration for dial-in access (PPP/PPTP and ISDN CLIP)

CLI(Command Line Interface, Telnet/SSH)

Remotely administer computers via the telnet.

DHCP client/relay/server

Provides an easy-to configure function for your local IP network.

Dynamic DNS

When you connect to your ISP, by broadband or ISDN you are normally allocated an dynamic IP address. i.e. the public IP address your router is allocated changes each time you connect to the ISP. If you want to run a local server, remote users cannot predict your current IP address to find you.

Administration access control

The password can be applied to authentication of administrators.

Configuration backup/restore

If the hardware breaks down, you can recover the failed system within an acceptable time. Through TFTP, the effective way is to backup and restore configuration between remote hosts.

Port-based VLAN

Create separate groups of users via segmenting each of the Ethernet ports. Hence, they can or can't communicate with users in other segments, as required.

Built-in diagnostic function

Dial-out trigger, routing table, ARP cache table, DHCP table, NAT sessions table, data flow monitor, traffic graph, ping diagnosis, trace route.

NTP client/call scheduling

The Vigor has a real time clock which can update itself from your browser manually or more conveniently automatically from an Internet time server (NTP). This enables you to schedule the router to dial-out to the Internet at a preset time, or restrict Internet access to certain hours. A schedule can also be applied to LAN-to-LAN profiles (VPN or direct dial) or some of the content filtering options.

Tag-based VLAN (802.1Q)

By means of using a VLAN ID, a tag-based VLAN can identify VLAN group membership. The VLAN ID provides the information required to process the traffic across a network.Furthermore, the VLAN ID associates traffic with a specific VLAN group.

Firmware upgrade via TFTP/HTTP/TR-069

Using the TFTP server and the firmware upgrade utility software, you may easily upgrade to the latest firmware whenever enhanced features are added.

User Management

Dial-in access management (PPTP/L2TP and mOTP) and LDAP/Active Directory integration.

Remote maintenance

With Telnet/SSL, SSH (with password or public key), browser (HTTP/HTTPS), TFTP or SNMP, firmware upgrade via HTTP or TFTP.

Wake On LAN

A PC on LAN can be woken up from an idle/stand by state by the router it connects when it receives  a special 'wake up' packet on its Ethernet interface.

Logging via syslog

Syslog is a method of logging router activity.

SNMP management

SNMP management via SNMP v1/v2, MIB II.

External Device

Auto-detection mechanism to manage Vigor devices such routers/ switches/APs

Smart Monitor Traffice Analyzer

Support 200 PC Users

-        Sản xuất tại Đài loan.

-        Bảo hành: 12 tháng.

 

ƯU ĐIỂM KHI KHÁCH HÀNG MUA HÀNG TẠI NGÔI SAO SÀI GÒN

Bán hàng chính hãng, hàng mới 100%

HỔ TRỢ CÀ THẺ KHI KHÁCH HÀNG KHÔNG MANG TIỀN MẶT

ZALO: 0938 878 113 - 0919 234 459 - 0909 118 334 - 0938 944 113 - 0973 877484 - 0938 878 956 - 028.62.896.113 

MUA HÀNG: GÒ VẤP (đối diện siêu thị Emat hàn quốc)

Đ/C: 485/4 Phan Văn Trị, Phường 5, Quận Gò Vấp, Hồ Chí Minh 

MUA HÀNG: Tân Bình (gần ngã tư bảy Hiền)

Đ/C: 1036/10 CMT8, Phường 5, Q. Tân Bình, Hồ Chí Minh

Mua HàngThủ Đức ( gần chợ Thủ Đức)

Đ/C: 778 Kha Vạn Cân, P.Linh Đông, QThủ Đức, Hồ Chí Minh

MUA HÀNG: QUẬN 12 (ngã tư nước đá)

Đ/C: Nguyễn Ảnh Thủ, Quận 12, Hồ Chí Minh

Mail: ngoisaosaigon99@gmail.com    Fax:  028.62.896.100

TÀI KHOẢN CÁ NHÂN: PHẠM THỊ TRẦM

STK: 0071 004 93 0055 Ngân Hàng VIETCOMBANK CN TP.HCM

STK: 6400 205 13 0083 Ngân Hàng AGRIBANK CN TP.HCM

STK: 0601 254 22449 NGÂN HÀNG SACOMBANK CN TP.HCM

STK: 105 000 858 455 NGÂN HÀNG VIETINBANK CN TP.HCM

STK: 21021 4849 200 734  NGÂN HÀNG EXIMBANK CN TP.HCM 

STK: 153 17337  NGÂN HÀNG ACB CN VĂN LANG TP.HCM 

Nhận xét về sản phẩm

Đăng ký nhận khuyến mãi

Kết nối:

BÁN MÁY PHÁT ĐIỆN, MÁY CẮT CÒ, MÁY CHẤM CÔNG, MÁY BÀO ĐÁ, MÁY XỚI ĐẤT, DỘNG CƠ NỔ