System Description

Security

Stateful inspection firewall engine

FTP, H.323, and RPC (SUN and Microsoft) ALG support

Application commands for FTP, SMTP, & HTTP

Firewall logging and authentication

Firewall interaction with NAT & VPN

Standard and Extended Access Control Lists

Denial of Service (DoS) protection

AAA for firewall, Console, Telnet, SSHv2, PPP and VPN users

AAA per-interface configuration

AAA debugging

Dynamic Firewall configuration

Onboard URL filtering

PPP

Sync and asynchronous communications modes accepted

Authentication of peer entities via Password Authentication Protocol (PAP)

Challenge Handshake Authentication Protocol (CHAP)

Microsoft Challenge Handshake Authentication Protocol (MS-CHAP)

IP Address can be assigned from remote device, and the device will support IP address assignment to a remote device. Pools can be configured locally or from a separate server (DHCP).

Multilink PPP (MLPPP): RFC-1990

Multi-Class MLPPP: RFC-2686

Point-to-Point Protocol over Ethernet (PPPoE) and sub-interface monitoring

Remote Auto Install over PPP

Frame Relay

DTE support for User Network Interface (UNI) over Frame Relay PVC connections

10-bit DLCI addressing using a 2-byte DLCI header

Per DLCI IP QoS support

Rate enforcement (CIR) with automatic rate fallback via traffic/adaptive shaping when the network is congested. Automatically restores normal rates when congestion removed

Congestion control: Backward and Forward Explicit Congestion Notification (BECN/FECN)

Standard LMIs: ILMI, ANSI Annex D, CCITT Annex A and:

Auto option for LMI detection/adaptation

None option for directly connecting XSRs

1-6 Overview

Page 26
Image 26
Enterasys Networks XSR-3150 manual Security, Frame Relay