Intel Express Routers
The features described below are supported by all Intel Express Routers. The router models are differentiated by the WAN support they provide.
Secure business communication over the Internet – Virtual Private Networks and more
The Internet offers unprecedented savings as a means of long distance corporate communication. In fact, Internet access can easily cost as little as 20% of the cost of a traditional WAN connection. But how do you keep your vital business data secure as it crosses the public domain?
Intel Express Routers provide a simple and inexpensive solution, enabling you to create a highly secure Virtual Private Network (VPN) over the Internet and public Frame Relay and X.25 networks. There’s no need to alter your existing network architecture. Security is provided by using an Intel router for each point at which you connect to the Internet. Powerful encryption keeps your data private. (See the side bar on tunneling for more information.)
Other security features include:
■Data encryption. Encryption is available when used over
■Network Address Translation (NAT). Network Address Translation enhances security by hiding internal IP addresses when data is sent over the Internet or WAN. NAT also provides considerable savings in time and money by eliminating the need to redesign your business’s internal TCP/IP addressing scheme when connecting to the Internet or remote sites with conflicting IP addressing schemes.
Using NAT, an Intel Express Router automatically assigns a unique Internet IP address to each internal LAN address, enabling transparent communication with those outside your corporate network. Alternatively, the router can maintain a pool of unique IP addresses, assigning a temporary address to a workstation whenever it connects over the Internet or WAN. This method requires fewer official Internet IP addresses.
■Authentication – PAP, CHAP. To ensure that Intel Express Routers communicate only with other authorized devices, the routers can be configured to use the Password Authentication Protocol (PAP) or the Challenge Handshake Authentication Protocol (CHAP) when communicating over PPP links. The routers will demand authentication whenever the link is established.
Over ISDN (EuroISDN only) and analog modems, PPP Call Back can be used for authentication. If a user dials in for access to the LAN, the router cuts the connection, then calls back to ensure that it’s an authorized link. PPP Call Back is compatible with the Microsoft Call Back standard.
■Filtering. IP and IPX filtering eliminates unauthorized communication over the WAN or LAN link. By tightly defining filters to pass communication only to and from authorized sources, links remain secure.
Comprehensive cost control of WAN links
Traditionally, WAN link traffic is by far the most expensive cost component of WAN connections. Intel Express Routers help control WAN link costs while also maximizing the avail- able bandwidth for data communication. They do this in a variety of ways:
■Data compression. Data compression allows the trans- mission of more information over the same bandwidth on a WAN connection.
9300 Routers for Frame Relay and PPP. LZS is an industry accepted specification providing typical compression rates of approximately 4:1 and interoperability with other routers. The
This distinctive feature allows compression while running at full bandwidth. X.25 and LAPB compression is supported in an implementation that requires Express Routers at both ends of the connection.
■Filtering. Filtering eliminates unnecessary communication over the WAN link. With tightly defined filters, only essential traffic passes through, thus lowering communication costs. The Intel Express Routers support filters for IP, IPX and bridging.
2