Application and Characteristic

¡´ SSL VPN Module: The Nortel SSL VPN Module 1000 offers fully-featured third-generation Secure Sockets Layers (SSL) VPN services on the Nortel VPN Router. Available as an option on the Nortel VPN Router 1750, 2700 and 5000 models, the SSL VPN module delivers new tightly-integrated SSL/IPSec services to enterprises, while enabling Nortel VPN Router customers to incrementally add SSL remote access into their existing Nortel VPN Router devices. SSL is a convenient secure remote access alternative to IPSec that leverages the native capabilities of widely deployed Web browsers and avoids the need to install and administer client tunneling software on remote PCs. The SSL VPN Module 1000 incorporates dedicated SSL processor, memory and accelerator hardware to deliver uncompromising levels of performance and scalability without adversely impacting other key functions on the Nortel VPN Router platform. SSL services can take advantage of common user profiles, authentication techniques and management already in place for IPSec users to minimize administrative overhead. An integrated Universal Access Portal further front-ends and simplifies the VPN user experience by transparently invoking the most appropriate VPN access (IPSec or SSL) based on a user¡¦s access needs.

¡´ Stateful firewall: The Nortel VPN Router stateful firewall combines an easy-to-use interface with rich filtering rule sets to provide multiple lines of defense for an enterprise¡¦s private network. With extensive logging, a wide range of application layer gateways (ALGs) and built-in protection against hacker attacks, the Nortel VPN Router stateful firewall delivers wire-speed throughput while protecting the enterprise network and its data from unauthorized access. The Nortel VPN Router stateful firewall can further be combined with VPN termination and network address translation (NAT) services to flexibly apply filtering policies to data sent across either tunneled or non-tunneled interfaces.

¡´ Endpoint security through VPN Tunnel Guard: Nortel¡¦s VPN Tunnel Guard helps to prevent end-user PCs from becoming a vehicle for viruses or other unwanted intrusions through the VPN tunnel. Available as a standard VPN Router feature, Tunnel Guard enables the administrator to define endpoint security policies for end-user PCs connecting to the VPN Router. It then ensures all remote users/devices are inspected for compliance to the security policy before allowing access through the VPN tunnel. VPN Tunnel Guard can enforce endpoint security for both client-based (IPSec) and clientless (SSL) VPN endpoints.

¡´ Secure routing services: Standards-based IP routing services enable the Nortel VPN Router to be integrated into an existing router network, or be deployed on its own to build a highly redundant and flexible secure network. With support for Open Shortest Path First (OSPF), Routing Information Protocol (RIPv1 and v2), Border gateway Protocol (BGP-4) and Virtual Route Redundancy Protocol (VRRP), the Nortel VPN Router can dynamically route traffic around failed connections or devices, as well as load balance traffic across parallel paths ¡X whether for tunneled or non tunneled traffic. Secure Routing Technology (SRT) on the Nortel VPN Router avoids complex encapsulation protocols and associated overhead when forwarding IP traffic through secure IP VPN tunnels. The Nortel VPN Router additionally offers industry-standard Data Link Switching (DLSw) services to transport and encrypt SNA traffic over public or private IP networks.

¡´ Bandwidth management / Quality of Service: Powerful Quality of Service (QoS) features allow the Nortel VPN Router to deliver on the promise of highly-optimized IP networks. With advanced services ¡XDifferentiated Services (DiffServ), RSVP and sophisticated queue management ¡X the Nortel VPN Router can ensure that service levels are met for any mission-critical data. The Nortel VPN Router can prioritize traffic not only by IP traffic type, but also prioritize by users, groups and VPN tunnels, allowing fine granularity in QoS control. By reserving minimum guaranteed bandwidth, the Nortel VPN Router ensures that an individual user¡¦s bandwidth is preserved in a multi-user environment.

¡´ LAN/WAN flexibility: With integrated support for 10/100/1000 Mbps Ethernet, frame relay, PPP, T1 and E1 CSU/DSU, V.35, X.21, ADSL, ISDN and V.90 modem interfaces, the Nortel VPN Router offers great flexibility in its placement within the enterprise network. It can act as the primary WAN/Internet access device via frame relay, dial-up or leased line connection or be connected to an existing WAN or Internet access device via its standard Ethernet interface. Dial back-up services allow traffic to be sent over an alternate connection in case the primary WAN or LAN link fails.

¡´ Comprehensive management services: A rich set of integrated management tools makes it easy for enterprises or service providers to configure and monitor Nortel VPN Router devices. These include¡G

    ¡½ Provisioning ¡X The Nortel VPN Router Multi-Element Manager (formerly known as Contivity Configuration Manager

       [CCM]) allows multi-element provisioning of up to 2,500 Nortel VPN Router systems across a large network

       infrastructure.Embedded Web-based and command-line interfaces allow quick configuration of single Nortel VPN

       Router devices.

    ¡½ Remote management options ¡X Allow the Nortel VPN Router to be provisioned from a data center or network

       operations center (NOC).

    ¡½ Easy Install Utility ¡X Provides automated set-up of a remote VPN Router via a Web browser, eliminating the need for

       an on-site installer.

    ¡½ Fault management ¡X SNMP, alarm monitor and historical fault browser quickly detect problems.
    ¡½ Accounting ¡X A rich set of security and system logging tools lets administrators track all transactions and events.