Cryptographic Module

ideal to support mission- critical applications extending to the branch office.

The XSR-3250 offers nearly ten times the performance speed of the XSR- 1850 and approximately 15 times more VPN tunnels. Coupling these features with the six network interface module (NIM) slots makes the XSR- 3250 ideally suited to a regional office required to terminate up to six T3/E3 or 24 T1/E1 connections. A redundant power supply is included.

The features of each XSR module are summarized in Table 1.

XSR Model	XSR-1805	XSR-1850	XSR-3250
NIM Slots	2	2	6
Fixed 10/100/1000 LAN	2 10/100	2 10/100	3
Ports
Optional Gigabit	N/A	N/A	Mini-GBIC
Ethernet
Redundant Power	No	Option	Standard
Supplies
VPN Accelerator	Embedded	Embedded	Embedded
Flash Memory	8 MB	8 MB	8 MB
	(upgradeable)	(upgradeable)
DRAM	32 MB	64 MB	256 MB
	(upgradeable)	(upgradeable)	(upgradeable)
External Compact Flash	Yes	Yes	Yes

Table 1 - Features At-a-Glance

Some highlighted security features of the XSR modules are:

•Telnet over IPSec or SSHv2-secured remote management of the modules

•Site-to-Site application VPN using IPSec

•Remote access VPN using L2TP over IPSec

•Access control through assigned privilege level

•User, certificate, and host key database files encrypted with a master encryption key

The XSR modules were evaluated as multi-chip standalone cryptographic modules. The metal enclosure physically encloses the complete set of hardware and software components, and represents the cryptographic boundary of each module.

This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

Enterasys Networks XSR-1805, XSR-1850, XSR-3250 manual Cryptographic Module

Cryptographic Module

© Copyright 2003 Enterasys Networks Page 6 of 25