Routefinder, Multi-tech, Who’s – Multi-Tech Systems Multi-Tech RouteFinder RF850 User Manual
Page 7
who’s
Multi-Tech?
•
Stateful Packet Inspection firewall
•
E-mail anti-virus protection
•
Content and spam filtering
•
Secure IPSec and PPTP VPN
RouteFinder?
why
Plug-and-Play Security Appliance
The RouteFinder security appliance plugs in at the Internet connection
of each office. It provides three independent network interfaces (LAN,
WAN and DMZ) that separate the protected office network from the
Internet while offering an optional public network for hosting Web, e-mail
or ftp servers. Each network interface is independently monitored and
visually displayed on the front of the appliance.
State-of-the-Art Firewall Security
The RouteFinder security appliance is ICSA-certified to provide
network layer security utilizing Stateful Packet Inspection,
the sophisticated firewall technology found in large enterprise
firewalls, to protect the network against intruders and Denial of Service
(DoS) attacks. It also uses Network Address Translation (NAT) to hide
internal, non-routable IP addresses and allows internal hosts with
unregistered IP addresses to function as Internet-reachable servers.
In addition to network layer security, the RouteFinder security appliance
provides application level security using SMTP, HTTP, DNS and SOCKS
proxies. It also utilizes filters to block specific Internet content to protect
against viruses, dangerous ActiveX controls, Java, Javascript, and Cookies.
An automatic update feature provides the highest level of security by
automatically downloading and installing the latest system software
and security patches protecting against any newly discovered hacker
attacks with a single click.
E-mail Anti-virus Protection
Computer viruses are one of the leading security threats
to Internet-connected networks. Users can unknowingly
receive and launch dangerous viruses that can damage
data or cause computer crashes. Viruses can also be used as delivery
mechanisms for hacking tools, compromising the security of the network,
even if a firewall is installed.
An optional e-mail virus protection subscription utilizes Kaspersky’s
high-performance, ICSA-tested, anti-virus engine which checks both
incoming and outgoing e-mail for viruses in real-time. Automatic
anti-virus updates are downloaded at user-defined intervals to ensure
protection is current. The e-mail anti-virus protection can be easily
renewed on an annual basis. Ask about our free 30-day evaluation.
Content Filtering
The RouteFinder security appliance supports an optional URL content filtering
subscription. It utilizes SurfControl
®
’s content categorization list, the world’s
largest database of Internet content, which includes 5 million websites covering
over 900 million web pages. Daily updates of categorized sites are available for
download. In addition, it includes URL access and deny
reporting. The subscription can easily be renewed on
an annual basis. Ask about our free 30-day evaluation.
Spam Filtering
A free spam filtering feature protects your network from unsolicited bulk e-mail
utilizing real-time, as well as, user-definable white and black lists. In addition,
the spam filter checks for null sender and bad address patterns in e-mail
addresses. It also utilizes the reverse DNS test, as well as, attachment and
expression filters.
Secure VPN Connections
The RouteFinder security appliance uses IPSec and PPTP industry standard
protocols, data encryption, user authentication, and the Internet to provide
high-performance, secure VPN connections. For LAN-to-LAN connectivity, the
RouteFinder security appliance utilizes the IPSec protocol with strong 3DES and
AES encryption using IKE and PSK key management.
For Client-to-LAN connectivity, Multi-Tech offers optional IPSec client software
allowing road warriors and telecommuters secure access to the company’s internal
network. The RouteFinder security appliance also supports remote users that
want to use the PPTP VPN client built into the Windows operating system. This
provides 40-bit or 128-bit encryption, user name and password authentication.
Reporting
The RouteFinder security appliance includes a suite of integrated monitoring
and reporting tools that help administrators troubleshoot the Internet security
system and report Internet usage to management. This includes reporting on
system uptime, hardware and network utilization. HTTP and SMTP proxy reports
provide information about any actions needed to handle virus-infected e-mails.
The RouteFinder security appliance also disables and logs attempted port scans.
In addition, it provides
accounting reports and a
self-monitor that sends
an e-mail notification of
system-level issues.
Robust, Easy-to-Use Management
The RouteFinder security appliance includes robust management support allowing
a network administrator to securely manage the devices either through a web
browser or at the command line. The browser-based option uses the HTTP or HTTPS
protocol, also known as SSL (Secure Sockets Layer), to provide 128-bit encryption
to secure the management session. The command line interface is accessible via
SSH (Secure Shell) and supports SCP (Secure Copy).
User Authentication
To increase the level of security, user identity can be verified before access to Internet
services is permitted. The RouteFinder security appliance supports authentication
at a local user database as well as at external user databases, like Windows 2000
or Radius server.
Automatic Dial Backup
The RouteFinder security appliance provides a serial port that, when connected
to a dial-up modem or ISDN terminal adaptor, can serve as a backup resource
for Internet access and VPN tunneling if your cable or DSL service goes down.
In addition, the RouteFinder RF860 model includes a built-in modem.
QoS/Bandwidth Allocation
Enabling QoS on the RouteFinder security appliances allows administrators to
customize upstream and downstream bandwidth allocation. Custom priority
rules allow administrators to assign a percentage of available bandwidth based
on the packet’s protocol. These packet filter rules help mold traffic and set
preferential treatment for certain services or host IPs.
Dual WAN Load Balancing, Internet and VPN Failover
The DMZ port, on the RouteFinder security appliance, can also function as a second
WAN port for Internet access. This allows for two separate ISP connections giving
administrators the ability to balance traffic by distributing it over the two links. In
addition, if one port were to go down, the RouteFinder security appliance would
automatically re-route all Internet and VPN traffic to the other connection. The
second WAN port greatly enhances performance and system uptime.
High Availability
Redundancy is the primary method of increasing any systems’ availability. To achieve
high availability, the RouteFinder security appliance utilizes a clustering solution,
where two RouteFinder appliances act in conjunction with each other with one
appliance acting as the main system providing the services and the other acting
as a standby system. If the main system were to go down, it would automatically
failover to the standby system to provide continuous availability without an
interruption of service
RouteFinder SOHO
The RouteFinder SOHO security appliance is ideal
for the small branch office or telecommuter who
needs secure access to the corporate LAN. In addition to
providing one or two WAN Ethernet port(s) for DSL or cable broadband Internet
access, it also offers both client-to-LAN and LAN-to-LAN VPN connectivity based
on the IPSec or PPTP protocols. The RouteFinder SOHO security appliance provides
3DES and AES encryption to ensure that your information remains private.
Go to www.multitech.com/products for more details.
Multi-Tech Systems is an
ISO 9001:2000 certified global
manufacturer of award-winning
telephony, Internet, remote
access, and device networking
products. Since 1970, Multi-Tech
Systems has grown from modest
origins to a company with a
worldwide reputation for reliable
products of innovative design.
This reputation is just as strong
today. New technologies, same
focus: connecting voice and data
over IP networks.