SLA control functions
- Eltex SLA
- Channel parameters evaluation:
- Delay (one-way/two-way)
- Jitter (one-way/two-way)
- Packet loss (one-way/two-way)
- Packet Error Rate
- Out-of-order delivery
- Wellink SLA (wiSLA)1
BRAS (IPoE)1
- User termination
- White/black URL lists
- Quotas for traffic volume, session time, network applications
- HTTP/HTTPS Proxy
- HTTP/HTTPS Redirect
- Session accounting via Netflow protocol
- Interaction with ААА, PCRF
- Bandwidth management by offices, SSID and user sessions
- User authentication by MAC or IP address
IP addressing management (IPv4/IPv6)
- Static IP addresses
- DHCP client
- DHCP Relay Option 82
- Embedded DHCP server options: 43, 60, 61, 150
- DNS resolver
- IP unnumbered
Quality of Service (QoS)
- Up to 8 priority queues per port
- L2 and L3 traffic prioritization (802.1p, DSCP, IP Precedence)
- RED, GRED congestion avoidance algorithms
- Precedence re-marking mechanisms
- Applying policies (policy-map)
- Bandwidth management (shaping)
- Hierarchical QоS
- Session marking
Network reliability assurance means
- VRRP v2,v3
- Route tracking based on VRRP state
- WAN interfaces load balancing, data stream redirection, channel switching during QoS control
- Firewall sessions backup
Management and monitoring
- Support for standard and extended SNMP MIB, RMONv1
- Built-in Zabbix agent
- User authentication through a local database via RADIUS, TACACS+, LDAP
- Protection from configuration errors, automatic configuration recovery. Ability to reset configuration to factory settings
- CLI
- Syslog support
- System resources usage monitoring
- Ping, traceroute (IPv4/IPv6), displaying information on packets in the console
- Firmware update, configuration upload and download via TFTP, SCP, FTP, SFTP, HTTP(S)
- NTP support
- Netflow v5/v9/v10 (exporting of URL statistics for HTTP, host for HTTPS)
- Local control via RS-232 (RJ-45)
- Remote control via Telnet, SSH (IPv4/IPv6)
- Displaying information on services/processes
- Local/remote router configuration storage
Physical specifications and ambient parameters
- Maximum power consumption – 27 W
- Power supply:
- Operating temperature – from 0 to +40 °С
- Storage temperature – from -40 to +70 °С
- Operating humidity – no more than 80%
- Storage humidity – from 10% to 95%
- Dimensions (mm) – 267х160,5х43,6
- Weight – 1 kg
- Average service life – 10 years
Specifications
Packet processor – Broadcom NS+ (BCM58625)
Interfaces
- 8×10/100/1000BASE-T (LAN/WAN)
- 1×10/100/1000BASE-X SFP (LAN/WAN)
- 1xConsole (RJ-45)
- 3xFXS
- 1xFXO
- 2xUSB 2.0
Performance
- Firewall/NAT/routing (1518B frames) – 1.1 Gbps, 91 kpps
- IPsec VPN (1456B frames) – 0.14 Gbps,12 kpps
- IPS/IDS 10k rules – 30.19 Mbps,7.16 kpps
System features
- VPN tunnels – 10
- Static routes – 1k
- Concurrent sessions – 4k
- VLAN support – up to 4k VLANs in accordance with 802.1Q
- BGP routes – 800k
- OSPF routes – 300k
- RIP routes – 10k
- MAC address table – 2k entries per bridge
- FIB size – 800k
- VRF Lite – 32
Plug-in interfaces
Remote Access VPN clients
- PPTP/PPPoE/L2TP/OpenVPN/IPsec XAUTH
Remote Access VPN server
- L2TP/PPTP/OpenVPN/IPsec XAUTH
Site-to-site VPN
- IPsec: «policy-based» and «route-based» modes
- DMVPN
- DES, 3DES, AES, Blowfish, Camellia encryption algorithms
- IKE MD5, SHA-1, SHA-2 message authentication
Tunneling
- IPoGRE, EoGRE
- IPIP
- L2TPv3
- LT (inter VRF-lite routing)
L2 functions
- Packet switching (bridging)
- LAG/LACP (802.3ad)
- VLAN (802.1Q)
- Logical interfaces
- LLDP, LLDP MED
- VLAN-based MAC
L3 functions (IPv4/IPv6)
- NAT, Static NAT, ALG
- Static routes
- Dynamic routing protocols RIPv2, OSPFv2/v3, BGP
- Route filtering (prefix list)
- VRF Lite
- Policy Based Routing (PBR)
- BFD for BGP, OSPF, static routes
Network security functions
- Intrusion Detection/Prevention system (IPS/IDS)1
- Web filtering by URL, by content (cookies, ActiveX, JavaScript)
- Zone-based Firewall
- Firewall filtering based on L2/L3/L4 fields and applications
- Support for access control lists on the base of L2/L3/L4 fields
- Protection from DoS/DDoS attacks and notification on them
- Logging of attack and rule triggering events
