Alcatel-Lucent VPN Firewall Portfolio manual

with Alcatel-Lucent SMS

The Alcatel-Lucent VPN Firewall portfolio offers flexible deployment options to suit enterprise network strategies and users’ diverse needs.

Implement large-scale VPN support with high-performance packet processing

VPN Firewall Brick® platforms deliver the performance needed to provide vital security and VPN services for thousands of enterprise users. High-capacity packet- processing capabilities help maximize user efficiency and productivity with up to 1.7 Gbps VPN throughput and a full 4.75 Gbps firewall throughput.

Portfolio-wide scalability helps protect expanding user populations cost effectively. A single VPN Firewall Brick® unit can support up to 4 million simultaneous sessions and over 20,000 simultaneous VPN tunnels. Its highly efficient operating system contributes to these outstanding processing capabilities by freeing memory for session and policy management.

Streamline firewall deployment, configuration and management

VPN Firewall Brick® platforms can be installed and working at any network location. These flexible bridging firewalls work as quickly as a physical connection can be made. There’s no need to re- segment the network, worry about downtime during network conversion to the new topology or wait as hosts are directed to a new gateway. Alcatel-Lucent SMS software delivers:

•Sophisticated IP services management capabilities with low operating costs to manage security, not individual devices – easy security deployment, management and maintenance with centrally controlled VPN Firewall Brick® clients

•Scalability to rapidly provision and manage up to 20,000 VPN Firewall Brick® platforms and 500,000 IPSec Client users from one console – fewer devices to maintain and fewer people to maintain them

•Seamless integration of firewall, VPN, bandwidth management, virtual LAN (VLAN) and virtual firewall policy management – centralized realtime monitoring, robust logging and customized reporting capabilities

•Integrated Denial of Service protections, Intrusion Detection/Prevention facilities and Bell Labs-developed Intelligent Cache Management capabilities maximizes uptime and mitigates impacts of network attacks

Leverage high-availability bandwidth management for consistent service quality

VPN Firewall Brick® platforms can increase both network security and quality of service through uniquely granular bandwidth management. They incorporate – at no extra charge – robust implementation of class-based queuing (CBQ) technology for committed-rate bandwidth control and traffic prioritization. Bandwidth limits to help defend against flood attacks, and bandwidth guarantees to enhance end-user experiences, are enforced at the server and user levels. Traffic can be classified by physical interface, virtual firewall, policy rule and session, enabling simplified yet precisely targeted security implementations.

Sustain business continuity with carrier-class reliability and availability

A high-availability architecture is built into every component of the Alcatel-Lucent VPN Firewall portfolio. There is no single point of failure solution-wide. All VPN Firewall Brick® models support native subsecond failover to a standby unit. In an outage, services continue uninterrupted. Out-of-band management capabilities help ensure continued service even if communications are lost due to a network outage. For added reliability, Alcatel-Lucent SMS software can be distributed across multiple geographically dispersed operations centers for active/active network redundancy. This enables immediate disaster recovery in the event of a catastrophe at the primary management location.

3