![ENG_[Routing] SAS500Series_112NL.FH11 - SELEX Elsag](https://img.yumpu.com/3338369/2/500x640/eng-routing-sas500series-112nlfh11-selex-elsag.jpg)
ENG_[Routing] SAS500Series_112NL.FH11 - SELEX Elsag
ENG_[Routing] SAS500Series_112NL.FH11 - SELEX Elsag
ENG_[Routing] SAS500Series_112NL.FH11 - SELEX Elsag
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
The VPN functionality based on the IPSec suite, with a<br />
dedicated encryption coprocessor, completes this product's<br />
range of security features.<br />
MAIN CHARACTERISTICS<br />
<strong>Routing</strong><br />
The SAS router operating system (GAIA) supports: advanced<br />
routing protocols including RIP v1/v2, RIP RFC 2091 (RIP<br />
Triggered) OSPF and BGP-4; Multicast routing protocols<br />
including PIM and SM/DM; Multicast user registration<br />
through IGMP v1 and v2 with snooping functionality; 802.1Q<br />
VLAN tagging; Stateful packet filtering functionality; cache<br />
ACL; VRRP redundancy; ACL based user support with Radius;<br />
802.1x supplicant emulation; IPSLA management (SEmon<br />
compliant Cisco RTTMON, PING extended on SNMP); RADIUS<br />
and TACACS+ for the AAA (Authentication, Authorization,<br />
Accounting) operations of users who access the management<br />
interface; RMON; SNMP v1, v2c, v3 and Secure Telnet<br />
support.<br />
Protocols for Legacy application transport are also supported:<br />
SNA through DLSw v1 and v2; 802.2 (LLC2) also in redundant<br />
mode. The use of standard protocols in the GAIA operating<br />
system has always been a guarantee for the interoperability<br />
of SAS devices with other products on the market.<br />
Security<br />
The Firewall incorporated in the SAS devices integrates a<br />
Cyber Defence Engine that protects the networks through<br />
the application of stateful inspection firewalling functionality.<br />
The Cyber Defence Engine provides automatic protection<br />
against Denial of Service (DoS) attacks such as SYN flooding,<br />
IP smurfing, LAND, ping of Death and all the attacks on<br />
packet reassembly. The entire SAS 500 series support the<br />
following security mechanisms:<br />
• Authentication, Authorization and Accounting functionality<br />
through PAP and CHAP protocols , RADIUS, TACACS +,<br />
Preshared keys and X.509 v.3 digital certificates;<br />
• Logging: Local Log in memory (with the option of remote<br />
download), or SysLog Server logging.<br />
The IPsec-VPN supported standards are:<br />
• IPSec: AH and ESP (tunnel and transport modality);<br />
• Encryption algorithms: DES, TripleDES, AES;<br />
• Data Authentication: MD5, SHA-1;<br />
• Key management: IKE ISAKMP/Oakley.<br />
Quality of Service (QoS)<br />
The technology used by the Secure Access Systems (SAS)<br />
offers to the user a series of advanced tools for the<br />
management of segmented traffic and the control of the<br />
Quality of Service (QoS). The GAIA operating system allows<br />
the application of specific control policies and the verification<br />
of the path and priority parameters for every single<br />
application, ensuring that the traffic has the right level of<br />
priority. These characteristics make SAS routers the ideal<br />
system for the management of critical applications that<br />
require simultaneous management of data, voice and video<br />
traffic.<br />
Management<br />
The devices can be managed locally or from remote consoles.<br />
A specific console port is available for local management.<br />
This enables the configuration of device using an<br />
asynchronous terminal emulator. Remote management is<br />
performed through Telnet or, alternatively, via the SAS-<br />
Manager suite which enables the user to carry out all the<br />
"FCAPS" operations (Fault, Configuration, Accounting,<br />
Performance, Security).<br />
VoIP<br />
The 500 series SAS's support the Analogue/Digital VoIP<br />
Gateway (FXS / FXO, BRI) and either external or integrated<br />
Voice Management. The services supported by the<br />
BRI\Analogue gateway are as follows:<br />
• Registration through MD5 authentication;<br />
• Dial Plan;<br />
• Call Balancing Backup Proxy;<br />
• Authentication Proxy;<br />
• Supplementary services;<br />
• SIP Compact Form;<br />
• SDP in Ack;<br />
• RE-INVITE;<br />
• PRACK (provisional acknowledge);<br />
• Session Progress;<br />
• DTMF tone transport management;<br />
• RingTone Generation;<br />
• Free ISDN line Hunting (only point to point connections);<br />
• Voice Quality.<br />
MAIN FUNCTIONS<br />
Network Protocols:<br />
• IPv4<br />
• IPv6<br />
• ICMP<br />
• TCP<br />
• UDP<br />
• Telnet Client/Server<br />
• IEEE 802.2 (LLC 2)<br />
• PPP<br />
• DLSW v. 1,<br />
• DLSW v. 2 with backup peer<br />
• VLAN Tagging (IEEE 802.1q)<br />
• PEP (Performance Enhancing Proxies)<br />
Network Services:<br />
• DNS (resolver)<br />
• Proxy ARP<br />
• DHCP Client, Server and Relay Agent<br />
• DHCP Relay multiaddress<br />
• Helper Address (generic UDP broadcast)<br />
• Dynamic DHCP over IPSec<br />
• GRE<br />
• SNTP (Simple Network Time Protocol)<br />
• ACL<br />
• Dynamic ACL via Radius (over 802.1x)
Change language