Service gateway ESR-1700

Mass production

Typical tasks performed by service routers

Data routing
Construction of secure network perimeter (Firewall)
Network attacks prevention and monitoring (IPS/IDS)
Service quality monitoring (SLA)
Filtering of network data by various criteria (including filtering by applications)
Organization of secure network tunnels between different offices of a company
Remote connection of staff members to office
Management and distribution of Internet channel width within an office by using QoS
Organization of redundant connection (by means of wires or 3G/LTE modem)
User termination and bandwidth limiting – BRAS (IPoE)

The family of ESR routers is a universal hardware platform capable of performing a wide range of tasks related to network security, data encryption, user termination etc. The product line includes models that can be used in networks of various sizes - from small enterprise networks to carrier networks and data centers.

Key features

Scalable solution for different fields of application
Flexible service configuration
Interfacing with the equipment of leading manufacturers
Hardware acceleration of data processing

Show all

Packet processor - Broadcom XLP780

Interfaces

4хCombo 10/100/1000BASE-T/ 1000BASE-X
8x10GBASE-R SFP+/1000BASE-X
1xConsole (RJ-45)
2хUSB 2.0

Performance

Firewall/NAT/routing (1518B frames) - 39 Gbps,3210 kpps (4900 kpps for frames less than 1000B)
IPsec VPN (1456B frames) - 17 Gbps, 1463 kpps
IPS/IDS 10k rules - 1370 Mbps, 257 kpps

System features

VPN tunnels - 500
Static routes - 11k
Concurrent sessions - 512k
VLAN support - up to 4k VLANs in accordance with 802.1Q
BGP routes - 2.8M
OSPF routes - 500k
RIP routes - 10k
MAC address table - 128k
FIB size - 3.0M
VRF Lite - 32

Plug-in interfaces

USB 3G/4G/LTE modem
E1 TopGate SFP

Remote Access VPN clients

PPTP/PPPoE/L2TP/OpenVPN/IPsec XAUTH

Remote Access VPN server

L2TP/PPTP/OpenVPN/IPsec XAUTH

Site-to-site VPN

IPsec: «policy-based» and «route-based» modes
DMVPN
DES, 3DES, AES, Blowfish, Camellia encryption algorithms
IKE MD5, SHA-1, SHA-2 message authentication

Tunneling

IPoGRE, EoGRE
IPIP
L2TPv3
LT (inter VRF-lite routing)

L2 functions

Packet switching (bridging)
LAG/LACP (802.3ad)
VLAN (802.1Q)
Logical interfaces
LLDP, LLDP MED
VLAN-based MAC

L3 functions (IPv4/IPv6)

NAT, Static NAT, ALG
Static routes
Dynamic routing protocols RIPv2, OSPFv2/v3, BGP
Route filtering (prefix list)
VRF Lite
Policy Based Routing (PBR)
BFD for BGP, OSPF, static routes

Network security functions

Intrusion Detection/Prevention system (IPS/IDS)¹
Web filtering by URL, by content (cookies, ActiveX, JavaScript)
Zone-based Firewall
Firewall filtering based on L2/L3/L4 fields and applications
Support for access control lists on the base of L2/L3/L4 fields
Protection from DoS/DDoS attacks and notification on them
Logging of attack and rule triggering events

SLA control functions

Eltex SLA
Channel parameters evaluation:
- Delay (one-way/two-way)
- Jitter (one-way/two-way)
- Packet loss (one-way/two-way)
- Packet Error Rate
- Out-of-order delivery
Wellink SLA (wiSLA)¹

BRAS (IPoE)¹

User termination
White/black URL lists
Quotas for traffic volume, session time, network applications
HTTP/HTTPS Proxy
HTTP/HTTPS Redirect
Session accounting via Netflow protocol
Interaction with ААА, PCRF
Bandwidth management by offices, SSID and user sessions
User authentication by MAC or IP address

IP addressing management (IPv4/IPv6)

Static IP addresses
DHCP client
DHCP Relay Option 82
Embedded DHCP server options: 43, 60, 61, 150
DNS resolver
IP unnumbered

Quality of Service (QoS)

Up to 8 priority queues per port
L2 and L3 traffic prioritization (802.1p, DSCP, IP Precedence)
RED, GRED congestion avoidance algorithms
Precedence re-marking mechanisms
Applying policies (policy-map)
Bandwidth management (shaping)
Hierarchical QоS
Session marking

Network reliability assurance means

VRRP v2,v3
Route tracking based on VRRP state
WAN interfaces load balancing, data stream redirection, channel switching during QoS control
Firewall sessions backup

Management and monitoring

Support for standard and extended SNMP MIB, RMONv1
Built-in Zabbix agent
User authentication through a local database via RADIUS, TACACS+, LDAP
Protection from configuration errors, automatic configuration recovery. Ability to reset configuration to factory settings
CLI
Syslog support
System resources usage monitoring
Ping, traceroute (IPv4/IPv6), displaying information on packets in the console
Firmware update, configuration upload and download via TFTP, SCP, FTP, SFTP, HTTP(S)
NTP support
Netflow v5/v9/v10 (exporting of URL statistics for HTTP, host for HTTPS)
Local control via RS-232 (RJ-45)
Remote control via Telnet, SSH (IPv4/IPv6)
Displaying information on services/processes
Local/remote router configuration storage

Physical specifications and ambient parameters

Maximum power consumption - 250 W
Power supply:
- 220 V AC +-20%, 50 Hz
- -36..-72V DC
- Up to two hot-swappable power units
Operating temperature - from -10 to +45 °С
Storage temperature - from -40 to +70 °С
Operating humidity - no more than 80%
Storage humidity - from 10% to 95%
Dimensions (mm) - 440х490х88
Weight - 12 kg
Average service life - 10 years

Functionality for firmware version 1.8.2
¹Activated by the license

Show all

Additional modules (doesn't included in basic package)
PM350-48/12	PM350-48/12 power module, 35-75V DC, 500W
РМ350-220/12	РМ350-220/12 power module, 176-264V AC, 500W

1 fiber	Part Number
SFP 1.25 GE module, 3 km, SM, 1 fiber, TX/RX 1310/1550 SC set, DDM	FH-SB3512CDS3 / FH-SB5312CDS3
SFP 1.25 GE module, 3 km, SM, 1 fiber, TX/RX 1310/1550 LC set, DDM	FH-SB3512CDL3 / FH-SB5312CDL3
SFP 1.25 GE module, 20 km, SM, 1 fiber, TX/RX 1310/1550 SC set, DDM	FH-SB3512CDS20 / FH-SB5312CDS20
SFP 1.25 GE module, 20 km, SM, 1 fiber, TX/RX 1310/1550 LC set, DDM	FH-SB3512CDL20 / FH-SB5312CDL20
SFP 1.25 GE module, 20 km, SM, 1 fiber, TX/RX 1310/1550 SC set, DDM, INDUSTRIAL	FH-SB3512IDS20 / FH-SB5312IDS20
SFP 1.25 GE module 40 km, SM, 1 fiber, TX/RX 1310/1550 LC set, DDM	FH-SB3512CDL40 / FH-SB5312CDL40
SFP 1.25 GE module 40 km, SM, 1 fiber, TX/RX 1310/1550 SC set, DDM	FH-SB3512CDS40 / FH-SB5312CDS40
SFP 1.25 GE module 80 km, SM, 1 fiber, TX/RX 1490/1550 LC set, DDM	FH-SB4512CDL80 / FH-SB5412CDL80
SFP 1.25 GE module 80 km, SM, 1 fiber, TX/RX 1490/1550 SC set, DDM	FH-SB4512CDS80 / FH-SB5412CDS80
SFP 1.25 GE module 120 km, SM, 1 fiber, TX/RX 1490/1550 LC set, DDM	FH-SB4512CDL120 / FH-SB5412CDL120
SFP 1.25 GE module 120 km, SM, 1 fiber, TX/RX 1490/1550 SC set, DDM	FH-SB4512CDS120 / FH-SB5412CDS120
SFP 1.25 GE module 160 km, SM, 1 fiber, TX/RX 1490/1550 LC set, DDM	FH-SB4512CDL160 / FH-SB5412CDL160
2 fibers
SFP 1.25 GE module 550 m, MM, 2 fibers, 850 nm, LC, DDM	FH-S8512CDL05
SFP 1.25 GE module 2 km, ММ, 2 fibers, 1310 nm, LC, DDM	FH-S3112CDL2
SFP 1.25 GE module 20 km, SМ, 2 fibers, 1310 nm, LC, DDM	FH-S3112CDL20
SFP 1.25 GE module 40 km, SМ, 2 fibers, 1310 nm, LC, DDM	FH-S3112CDL40
SFP 1.25 GE module 80 km, SМ, 2 fibers, 1550 nm, LC, DDM	FH-S5512CDL80
SFP 1.25 GE module 120 km, SМ, 2 fibers, 1550 nm, LC, DDM	FH-S5512CDL120
SFP 1.25 GE module 160 km, SМ, 2 fibers, 1550 nm, LC, DDM	FH-S5512CDL160
SFP+
1 fiber
SFP+ 10GE module 3 km, SM, 1 fiber, TX/RX 1290/1310 LC set, DDM	FH-SPB311TCDL3 / FH-SPB191TCDL3
SFP+ 10GE module 20 km, SM, 1 fiber, TX/RX 1330/1270 LC set, DDM	FH-SPB231TCDL20 / FH-SPB321TCDL20
SFP+ 10GE module 40 km, SM, 1 fiber, TX/RX 1330/1270 LC set, DDM	FH-SPB231TCDL40 / FH-SPB321TCDL40
SFP+ 10GE module 60 km, SM, 1 fiber, TX/RX 1330/1270 LC set, DDM	FH-SPB231TCDL60 / FH-SPB321TCDL60
SFP+ 10GE module 80 km, SM, 1 fiber, TX/RX 1490/1550 LC set, DDM	FH-SPB451TCDL80 / FH-SPB541TCDL80
SFP+ 10GE module 100 km, SM, 1 fiber, TX/RX 1490/1550 LC set, DDM	FH-SPB451TCDL100 / FH-SPB541TCDL100
2 fibers
SFP+ 10GE module, 0.3 km, MM, 2 fibers, 850 nm, LC, DDM	FH-SP851TCDL03
SFP+ 10GE module, 20 km, SM, 2 fibers, 1310 nm, LC, DDM	FH-SP311TCDL20
SFP+ 10GE module, 40 km, SM, 2 fibers, 1550 nm, LC, DDM	FH-SP551TCDL40
SFP+ 10GE module, 80 km, SM, 2 fibers, 1550 nm, LC, DDM	FH-SP551TCDL80
SFP+ 10GE module, 100 km, SM, 2 fibers, 1550 nm, LC, DDM	FH-SP551TCDL100
SFP/SFP+ transceivers with RJ-45 interface
SFP transceiver of 10/100/1000 BASE-T	FH-ST2
SFP+ transceiver of 10GBASE-Т	FH-10SFP-T
SFP+ Direct Attach Cable
SFP+ Direct attach cable, 10G, 1m	FH-DP1T30SS01
SFP+ Direct attach cable, 10G, 2m	FH-DP1T30SS02
SFP+ Direct attach cable, 10G, 3m	FH-DP1T30SS03
SFP+ Direct attach cable, 10G, 5m	FH-DP1T30SS05

Descriptions

Datasheet

Documentations

User Manual. Hardware description. Firmware version 1.8.2

User Manual. Functionality description. Firmware version 1.8.2

User Manual. CLI. Firmware version 1.8.2

Intrusion Prevention System

Downloads

Operational lifetime of the ELTEX equipment

Regardless of the operational lifetime stage, Eltex provides a 12 months warranty on all its telecommunication equipment.
During the warranty period the manufacturer ensures technical support and free-of-charge repair at the Enterprise which is situated in Novosibirsk.
As part of the warranty service, technical support is provided on the first-in first-out principle.
The priority support packages of 8/5 and 27/7 types are subjects to additional charges.