Ru En
Designer and manufacturer of communication equipment
Russia (GMT +7)

Service gateway ESR-3200

Mass production
Typical tasks performed by service routers
  • Data routing
  • Construction of secure network perimeter (Firewall)
  • Intrusion prevention and detection (IPS/IDS)
  • Service quality monitoring (SLA)
  • Filtering of network data by various criteria (including filtering by applications)
  • Organization of secure network tunnels between different offices of a company
  • Remote connection of staff members to office
  • Management and distribution of Internet channel width within an office by using QoS
  • Organization of redundant connection (by means of wires or 3G/LTE modem)
  • Subscriber termination and bandwidth limiting – BRAS (IPoE)
The family of ESR routers is a universal hardware platform capable of performing a wide range of tasks related to network secu- rity, data encryption, subscriber termination, etc. The product line includes models that can be used in networks of various sizes — from small enterprise networks to carrier networks and data centers.

Performance
The key elements of ESR service routers are data processing hardware acceleration means that ensure a high level of perfor- mance. Hardware and software processing is distributed among the units of the device.

Functional areapurpose
  • Scalable solution for different fields of application
  • Flexible service configuration
  • Interfacing with the equipment of leading manufacturers
  • Hardware acceleration of data processing

Specifications
Documents and files
Warranty
Interfaces
  • 12х1000BASE-X/10GBASE-R/25GBASE-R (LAN/WAN)
  • 1хConsole RS-232 (RJ-45)
  • 1хOOB
  • 1хUSB 2.0
  • 1хmicroSD card slot 
Performance
  • Firewall/NAT/routing (1518B frames) - 47.103 Gbps; 3878k pps
  • Firewall/NAT/routing (70B frames) - 2.251 Gbps; 3802k pps
  • IPsec VPN (1456B frames) - 3.207 Gbps; 275k pps
  • IPS/IDS 10k rules - 1.57 Gbps; 367k pps
  • MPLS (1518B frames)1
System features
  • VPN tunnels - 500
  • Static routes - 11k
  • Concurrent sessions - 512k
  • VLAN support - up to 4k active VLANs in accordance with 802.1Q
  • BGP routes - 5M
  • OSPF routes - 500k
  • RIP routes - 10k
  • MAC table -16k
  • FIB size – 1.7M
  • VRF Lite – 32

Plug-in interfaces
  • E1 TopGate SFP
Remote Access VPN clients
  • L2TP/PPTP/OpenVPN/IPsec XAUTH
Remote Access VPN server
  • L2TP/PPTP/OpenVPN/IPsec XAUTH
Site-to-site VPN
  • IPsec: “policy-based” and “route-based” modes
  • DMVPN
  • DES, 3DES, AES, Blowfish, Camellia encryption algorithms
  • IKE MD5, SHA-1, SHA-2 message authentication
Tunneling
  • IPoGRE, EoGRE
  • IPIP
  • L2TPv3
  • LT (inter VRF-lite routing)
L2 functions
  • Packet switching (bridging)
  • LAG/LACP (802.3ad)
  • VLAN support (802.1Q)
  • Logical interfaces
  • LLDP, LLDP MED
  • MAC-based VLAN
L3 functions (IPv4/IPv6)
  • NAT, Static NAT, ALG
  • Static routes
  • Dynamic routing protocols RIPv2, OSPFv2/v3, IS-IS, BGP
  • Route filtering (prefix list)
  • VRF Lite
  • Policy Based Routing (PBR)
  • BFD for BGP, OSPF, static routes
BRAS (IPoE)2
  • Subscriber termination
  • White/black URL lists
  • Quotas for traffic volume, session time, network applications
  • HTTP/HTTPS Proxy
  • HTTP/HTTPS Redirect
  • Session accounting via Netflow protocol
  • Interaction with ААА, PCRF servers
  • Bandwidth management by offices, SSIDs and user sessions
  • User authentication by MAC or IP address
Network security functions
  • Intrusion Prevention/Detection system (IPS/IDS)2
  • Interaction with Eltex Distribution Manager for obtaining licensable content — rule sets, distributed by Kaspersky SafeStream II1
  • Web filtering by URL, by content (cookies, ActiveX, JavaScript)
  • Zone-based Firewall
  • Filtering based on L2/L3/L4 fields and applications
  • Support for access control lists (ACL) based on L2/L3/L4 fields
  • Protection against DoS/DDoS attacks and notification on them
  • Logging of attack and rule triggering events
 Quality of Service (QoS)
  • Up to 8 priority queues per port
  • L2 and L3 traffic prioritization (802.1p (CoS), DSCP, IP Precedence (ToS))
  • RED, GRED congestion avoidance algorithms
  • Precedence re-marking mechanisms
  • Applying policies (policy-map)
  • Bandwidth management (shaping)
  • Hierarchical QоS
  • Session marking
IP addressing management (IPv4/IPv6)
  • Static IP addresses
  • DHCP client
  • DHCP Relay Option 82
  • Embedded DHCP server, 43, 60, 61, 150 options support
  • DNS resolver
  • IP unnumbered
Network reliability assurance means
  • VRRP v2,v3
  • VRRP or SLA tracking
    • Managing VRRP Profiles
    • Managing PBR Profiles
    • Interface Status Management
    • Activation and deactivation of a static route
    • Managing the AS-PATH attribute and preference in route map
  • WAN interfaces load balancing, data stream redirection, channel switching during QoS control
  • Firewall sessions backup
Management and monitoring
  • Support for standard and extended SNMP MIB, RMONv1
  • Embedded Zabbix agent
  • Authentication methods: local, RADIUS, TACACS+, LDAP
  • Protection against configuration errors
  • Automatic configuration recovery), ability to restore the default factory configuration
  • CLI
  • Syslog
  • System resource usage monitoring
  • Ping, traceroute (IPv4/IPv6), packet information in the console output
  • Firmware upgrade, configuration upload and download via TFTP, SCP, FTP, SFTP, HTTP(S)
  • Support for NTP
  • Netflow v5/v9/v10 (exporting of URL statistics for HTTP, host for HTTPS)
  • Local control via RS-232 console port (RJ-45)
  • Remote control via Telnet, SSH (IPv4/IPv6)
  • Displaying information on services/processes
  • Local/remote router configuration storage
SLA control functions
  • Eltex SLA
  • Channel parameters evaluation:
    • Delay (one-way/two-way)
    • Jitter (one-way/two-way)
    • Packet loss (one-way/two-way)
    • Packet Error Rate
    • Out-of-order delivery
MPLS
  • LDP
  • L2VPN VPWS
  • L2VPN VPLS Martini Mode
  • L2VPN VPLS Kompella Mode
  • L3VPN MP-BGP
Physical specifications and ambient parameters
  • Maximum power consumption - 118 W
  • Maximum noise level - 42 dB
  • Power supply:
    • 100–240 V AC, 50–60 Hz;
    • 36–72 V DC
    • Up to two hot-swappable power modules
  • Operating temperature - from -10 to +45 °С
  • Storage temperature - from -40 to +70 °С
  • Operating humidity - no more than 80%
  • Storage humidity - from 10% to 95%
  • Dimensions (mm) - 430 х 44 х 330
  • Weight - 5 kg
  • Average service life - 15 years

Functionality for firmware version 1.14.5
1To be measured later
2Activated by the license
Operational lifetime of the ELTEX equipment
In development
1
Pre-production
2
Mass production
3
Mass production is over
4
Sold out
5
Support is over
6
Regardless of the operational lifetime stage, Eltex provides a 12 months warranty on all its telecommunication equipment.
During the warranty period the manufacturer ensures technical support and free-of-charge repair at the Enterprise which is situated in Novosibirsk.
As part of the warranty service, technical support is provided on the first-in first-out principle.
The priority support packages of 8/5 and 27/7 types are subjects to additional charges.
News

Помогите сделать
сайт лучше