Enterasys Networks CSX5500, CSX6000, CSX7000 manual Central Site Remote Access Switch

THE CYBERSWITCH

Unique System Features

•IP Security

The CyberSWITCH encryption option implements Encapsulating Security Payload (ESP) protocol. ESP allows you to use CyberSWITCH nodes to implement a Secure Wide Area Network using the Internet as a backbone. ESP provides confidentiality of data transmissions using encryption to assure that packets intercepted during transit through the internet cannot be interpreted.

The CyberSWITCH encryption option supports ESP Tunnel mode, in which an entire IP datagram (including its header) is encrypted and placed in a new IP datagram. This option provides the flexibility to choose which IP addresses must be sent encrypted data, and which may receive plain (unencrypted) data. The CyberSWITCH encryption option provides WAN connectivity for up to 92 B channels (with PRI and/or BRI connections).

•Link Layer Encryption

The CyberSWITCH also provides the ability to do encryption at the PPP layer using Encryption Control Protocol with compatible devices.

•Multiple MAC/IP Addresses

This feature allows two or more nodes to back up each other through the use of the Connection Services Manager (CSM).

With this feature, two or more identically configured CyberSWITCH nodes on the same LAN can be monitored by CSM. Should CSM notice some condition which precludes one of the CyberSWITCH nodes from properly performing its function, it will order the other CyberSWITCH node to take over the other’s duties by taking on its identity (i.e., its MAC and IP addresses).

•Packet Capture

In order to monitor incoming LAN data, the CyberSWITCH packet capture feature will allow you to capture, display, save, and load bridged or routed data packets.

•Protocol Discrimination

It is possible for multiple types of remote devices to use the same line. The system can determine the device type and the protocol encapsulation used by remote devices.

•RS232 Port: Dual Usage

If your installation requires you to process PPP-Async data, this feature allows you to use the RS232 port for either console access or a serial data connection. This dual usage is possible through the CyberSWITCH’s support of Autosense mode (the system default) and Terminal mode:

•Autosense mode determines whether you are trying to connect using a VT emulation or PPP- Async, and connects you appropriately. (VT emulation requires you to perform four car- riage returns to receive a login prompt.)

•Terminal mode assumes that you only want to connect using VT emulation. A login prompt is displayed as soon as the connection is made.

•Security

Security is a key issue for all central site network managers and is a priority with the CyberSWITCHs. The products provide high level features that help prevent unauthorized or inadvertent access to critical data and resources. They support extensive security levels including:

•PPP PAP and CHAP

Central Site Remote Access Switch 33