Service gateway ESR-21
- Data routing
- Hardware acceleration
- Multiprotocol Label Switching (MPLS)
- Construction of secure network perimeter (NAT, Firewall)
- Intrusion prevention and detection (IPS/IDS)
- Service Level Agreement (SLA)
- Filtering of network data by various criteria (including filtering by applications)
- Organization of secure network tunnels between different offices of a company
- Remote connection of staff members to an office
- Internet channel management and bandwidth allocation within an office using QoS
- Organization of redundant connection (by means of wires or 3G/LTE modem)
- Subscriber termination and bandwidth shaping BRAS (IPoE)
The key elements of ESR service routers are data processing hardware acceleration means that ensure a high level of performance. Hardware and software processing is distributed among the units of the device.
ESR-21 are universal service routers designed to meet the requirements of the energy and oil and gas industries. ESR-21 has additional RS-232 ports that can be used for remote console access to adjacent equipment (AUX mode), connection of wired and GSM modems.
- 8x10/100/1000BASE-T (LAN/WAN)
- 4x10/100/1000BASE-X SFP (LAN/WAN)
- 3xSerial (RS-232)
- 1xConsole (RJ-45)
- 1xUSB 2.0
- 1xUSB 3.0
- Firewall/NAT/routing (1518B frames) - 2.5 Gbps, 307k pps
- Firewall/NAT/routing (70B frames) - 190 Mbps, 320k pps
- Firewall/NAT/routing (IMIX) - 1.35 Gbps, 246k pps
- L2 switching (1518B frames) - 2.5 Gbps, 212k pps
- IPsec VPN (1456B frames) - 0.50 Gbps,43k pps
- IPsec (IMIX)- 290 Mbps, 54k pps
- IPS/IDS 10k rules - 146 Mbps, 32.2 kpps
- MPLS (1518B frames) - 3.62 Gbps, 299k pps
- VPN tunnels - 250
- Static routes - 11k
- Concurrent sessions - 256k
- VLAN support - up to 4k VLANs in accordance with 802.1Q
- BGP routes - 2.5M
- BGP neighbors - 1k
- OSPF routes - 300k
- RIP routes - 10k
- ISIS routes - 30k
- MAC address table - 2k entries per bridge
- FIB size - 1,4M
- VRF Lite - 32
- USB 3G/4G/LTE modem
- E1 TopGate SFP
- DialUp modem (only ESR-21)
- PPTP/PPPoE/L2TP/OpenVPN/IPsec XAUTH
- L2TP/PPTP/OpenVPN/IPsec XAUTH
- IPsec: «policy-based» and «route-based» modes
- DMVPN
- DES, 3DES, AES, Blowfish, Camellia
- IKE MD5, SHA-1, SHA-2 message authentication
- IPoGRE, EoGRE
- IPIP
- L2TPv3
- LT (inter VRF-lite routing)
- Packet switching (bridging)
- LAG/LACP (802.3ad)
- VLAN (802.1Q)
- Logical interfaces
- LLDP, LLDP MED
- MAC-based VLAN
- NAT, Static NAT, ALG
- Static routes
- RIPv2, OSPFv2/v3, IS-IS, BGP dynamic protocols
- Route filtering (prefix list)
- VRF
- Policy Based Routing (PBR)
- BFD for BGP, OSPF, static routes
- Subscriber termination
- White/black URL lists
- Quotas for traffic volume, session time, network applications
- HTTP/HTTPS Proxy
- HTTP/HTTPS Redirect
- Session accounting via Netflow protocol
- Interaction with ААА, PCRF serveres
- Bandwidth management by offices, SSID and user sessions
- User authentication by MAC or IP address
- Intrusion Detection/Prevention system (IPS/IDS)1
- Interaction with Eltex Distribution Manager for obtaining licensable content — rule sets distributed by Kaspersky SafeStream II2
- Web filtering by URL, by content (cookies, ActiveX, JavaScript)
- Zone-based Firewall
- Firewall based on L2/L3/L4 fields and applications
- Support for access control lists (ACL) based on L2/L3/L4 fields
- Protection against DoS/DDoS attacks and notification on them
- Logging of attack and rule triggering events
- Up to 8 priority queues per port
- L2 and L3 traffic prioritization (802.1p (CoS), DSCP, IP Precedence (ToS))
- RED, GRED congestion avoidance algorithms
- Priority re-marking mechanisms
- Policy-map
- Bandwidth management (shaping)
- Hierarchical QоS
- Session labeling
- Static IP addresses
- DHCP client
- DHCP Relay Option 82
- Embedded DHCP, 43, 60, 61, 150 options support
- DNS resolver
- IP unnumbered
- VRRP v2,v3
- Tracking based on VRRP or SLA test
- VRRP parameters management
- PBR parameter management
- Interface administration status management
- Static route enabling and disabling
- AS-PATH and preference attribute management in route-map
- WAN interfaces load balancing, data stream redirection, channel switching during QoS control
- Firewall sessions backup
- Support for standard and extended SNMP MIB, RMONv1
- Embedded Zabbix agent
- Authentication methods: local, RADIUS, TACACS+, LDAP
- Protection against configuration errors
- Automatic configuration recovery), ability to restore the default factory configuration
- CLI
- Syslog
- System resource usage monitoring
- Ping, traceroute (IPv4/IPv6), packet information in the console output
- Firmware upgrade, configuration upload and download via TFTP, SCP, FTP, SFTP, HTTP(S)
- Support for NTP
- Netflow v5/v9/v10 (exporting of URL statistics for HTTP, host for HTTPS)
- Local control via RS-232 console port (RJ-45)
- Remote control via Telnet, SSH (IPv4/IPv6)
- Displaying information on services/processes
- Local/remote router configuration storage
- Eltex SLA
Channel parameters evaluation:- Delay (one-way/two-way)
- Jitter (one-way/two-way)
- Packet loss (one-way/two-way)
- Packet Error Rate
- Out-of-order delivery
- Maximum power consumption - 20 W
-
Power supply:
- 220 V AC +-20%, 50 Hz
- Operating temperature - from -10 to +40 °С
- Storage temperature - from -40 to +70 °С
- Operating humidity - no more than 80%
- Storage humidity - from 10% to 95%
- Dimensions (mm) - 430х225х44
- Weight - 3.15 kg
- Service life - at least 15 years
Functionality for firmware version 1.8.1
1Activated by the license
|
SFP modules (doesn't included in basic package) |
|
|
1 fiber |
Part Number |
|
SFP 1.25 GE module, 3 km, SM, 1 fiber, TX/RX 1310/1550 SC set, DDM |
FH-SB3512CDS3 / FH-SB5312CDS3 |
|
SFP 1.25 GE module, 3 km, SM, 1 fiber, TX/RX 1310/1550 LC set, DDM |
FH-SB3512CDL3 / FH-SB5312CDL3 |
|
SFP 1.25 GE module, 20 km, SM, 1 fiber, TX/RX 1310/1550 SC set, DDM |
FH-SB3512CDS20 / FH-SB5312CDS20 |
|
SFP 1.25 GE module, 20 km, SM, 1 fiber, TX/RX 1310/1550 LC set, DDM |
FH-SB3512CDL20 / FH-SB5312CDL20 |
|
SFP 1.25 GE module, 20 km, SM, 1 fiber, TX/RX 1310/1550 SC set, DDM, INDUSTRIAL |
FH-SB3512IDS20 / FH-SB5312IDS20 |
|
SFP 1.25 GE module 40 km, SM, 1 fiber, TX/RX 1310/1550 LC set, DDM |
FH-SB3512CDL40 / FH-SB5312CDL40 |
|
SFP 1.25 GE module 40 km, SM, 1 fiber, TX/RX 1310/1550 SC set, DDM |
FH-SB3512CDS40 / FH-SB5312CDS40 |
|
SFP 1.25 GE module 80 km, SM, 1 fiber, TX/RX 1490/1550 LC set, DDM |
FH-SB4512CDL80 / FH-SB5412CDL80 |
|
SFP 1.25 GE module 80 km, SM, 1 fiber, TX/RX 1490/1550 SC set, DDM |
FH-SB4512CDS80 / FH-SB5412CDS80 |
|
SFP 1.25 GE module 120 km, SM, 1 fiber, TX/RX 1490/1550 LC set, DDM |
FH-SB4512CDL120 / FH-SB5412CDL120 |
|
SFP 1.25 GE module 120 km, SM, 1 fiber, TX/RX 1490/1550 SC set, DDM |
FH-SB4512CDS120 / FH-SB5412CDS120 |
|
SFP 1.25 GE module 160 km, SM, 1 fiber, TX/RX 1490/1550 LC set, DDM |
FH-SB4512CDL160 / FH-SB5412CDL160 |
|
2 fibers |
|
|
SFP 1.25 GE module 550 m, MM, 2 fibers, 850 nm, LC, DDM |
FH-S8512CDL05 |
|
SFP 1.25 GE module 2 km, ММ, 2 fibers, 1310 nm, LC, DDM |
FH-S3112CDL2 |
|
SFP 1.25 GE module 20 km, SМ, 2 fibers, 1310 nm, LC, DDM |
FH-S3112CDL20 |
|
SFP 1.25 GE module 40 km, SМ, 2 fibers, 1310 nm, LC, DDM |
FH-S3112CDL40 |
|
SFP 1.25 GE module 80 km, SМ, 2 fibers, 1550 nm, LC, DDM |
FH-S5512CDL80 |
|
SFP 1.25 GE module 120 km, SМ, 2 fibers, 1550 nm, LC, DDM |
FH-S5512CDL120 |
|
SFP 1.25 GE module 160 km, SМ, 2 fibers, 1550 nm, LC, DDM |
FH-S5512CDL160 |
|
SFP transceivers with RJ-45 interface |
|
|
SFP transceiver of 10/100/1000 BASE-T |
FH-ST2 |
During the warranty period the manufacturer ensures technical support and free-of-charge repair at the Enterprise which is situated in Novosibirsk.
As part of the warranty service, technical support is provided on the first-in first-out principle.
The priority support packages of 8/5 and 27/7 types are subjects to additional charges.
