Encryption & Firewall solutions

Encryption, Firewall, 104 Protocol Encryptor, Network Intrusion Detection

VCL-MX-5010-R: MPLS Router

Description

VCL-MX-5010-R, router is an intelligent MPLS (Multiprotocol Label Switching) router which can be used to securely inter-connect multiple LAN networks over a WAN link using a choice of secure routing protocols including MPLS VPN and IPSec. The VCL-MX-5010-R is a ruggedized routing equipment that is embedded with advanced routing and cyber security features which make it suitable for installations in critical infrastructure such as utilities, sub-stations, smart-grid distribution systems, airports and railways that require high reliability industrial equipment. It may also be installed in IT networks of financial institutions such as banks and corporate networks for Wide Area Applications.

VCL-MX-5010-R is password protected with capabilities that meet and exceed the most demanding cyber-security requirements, including the currently applicable NERC specifications.

Data Sheet Firewall and Router Equipment

Interfaces:

  • 12 x 100/1000Base-T (1G) Interfaces (RJ45)
  • 12 x SFP 1G Optical (1G) Interfaces (SFP)
    Any 12 interfaces are usable. May be selectively configured either as a WAN interface or LAN Interface.
  • 1 x 10/100/1000Base-T, RJ-45
  • 2 x 10/100Base-T, RJ-45
  • 1 x RS-232 (V.24)
  • 1 x RS-485

Related Links

Ultimate Network Reliability Solution

Short Video (2 Mins 14 sec)

Ultimate Network Reliability Solution

Detailed Video (7 Mins 19 sec)

Highlights:

  • High-reliability hardware
  • Suitable for installation in sub-stations, SCADA and industrial networks / harsh environments
  • Support for Ethernet, Fast Ethernet, Gigabit Ethernet, Optical Ports
  • Secure Boot
  • MPLS VPN
  • High security across WAN connection includes IPsec Encrypted Tunneling
  • DNS Forwarding, Dynamic DNS, DNS Repeater
  • DHCP Server and Relay
  • IP based access control
  • Centralized management for easier deployment
  • Network Flow Monitoring
  • Easy installation and management
  • LDAP user authentication support for OpenVPN Clients
  • Export logs locally or on a Syslog server
  • Traffic Shaper
  • L2TPv3, L2VPN, L3VPN
  • VXLAN
  • SPAN (port mirroring)
  • Network Emulator
  • Packet forwarding rate: 24 MPPS
  • MACVLAN - Pseudo Ethernet
  • Conntrack Sync
  • Link Aggregation
  • Integrated threat control includes prevention of network attacks
  • Intelligent protection of endpoints includes authentication, authorization and control
  • On-demand network services
  • Improved user experience
  • Centralized management for easier deployment
  • Telnet
  • SSH (Secure Access Control) with encrypted password
  • High Availability & Hardware Failover Redundancy using VCL-SafeComm-E
  • VCL-MX-5010-R offers a wide range of VPN technologies ranging from modern SSL VPN's to IPsec. Site-to-Site setups are possible and with the integrated OpenVPN client configuration exporter. The client can be configured remotely within minutes
  • Network Flow Monitoring
  • Granular control over state table
  • Infrastructure neutral
  • Easy installation and management
  • LDAP user authentication support

Routing Features and Capabilities:

  • CLI based
  • IPv4 and IPv6
  • OSPF v2 and v3
  • BGPv4, IS-IS
  • RIP v1 and RIP v2
  • ARP, IP Forwarding
  • VRRP redundancy protocol
  • Layer 3 Routing
  • Static IPv4 routing, Static IPv6 routing, Inter-VLAN based routing
  • TCP/IP, UDP, DHCP, MPLS, QoS
  • Supports 802.1Q VLAN
  • System access authentication via RADIUS
  • Detailed system logging
  • Multiple IP address supported
  • LLDP, NTP, PPPoE, STP, SNMP, NAT
  • BFD (Bidirectional forwarding detection)
  • DHCPv4 and DHCPv6 prefix delegation
  • Q-in-Q
  • Route Reflector (Add Software Option).

Firewall Features and Capabilities:

  • Policy-based routing (PBR)
  • Rule based firewall with IP, port-based matching criteria
  • Zone based firewall for Layer 2/3 Security
  • IPsec Site-to-Site Tunnels, GRE
  • Per Frame / Packet Authentication
  • Support VoIP Protocols
  • Whitelist and Blacklist Options
  • Network Flow Monitoring
  • Stateful Inspection Firewall
  • MAC Layer Filtering
  • VPN
  • 6in4 (SIT), IPIP, IPIP6, IP6IP6

Specifications:

Integrated Storage Drive 16GB High Performance SATA Drive
Additional Storage Options M.2 SATA - 256GB, 512GB, 1TB SSD
Power Supply Dual (1+1) Redundant Power Inputs *(Power Supply Options)
Indicators and Alarms 2 x Power Supplies
2 x External Alarm Inputs for Failover Redundancy
2 x Dry Contact Alarm Relay Outputs (NO/NC)
Processor Quad core up to 2.4 Ghz
DDR 8 GB
Performance Ruggedized System
MTBF (hours) 101292
IP Level Protection IP20
Power Consumption @ 48V DC 18 Watts
Power Consumption @ 80~240, 50/60Hz V AC 24 Watts

Ingress / Egress Firewall rules:

  • Port based, MAC based, filtering of packets based on source address and destination address
  • IP domain based
  • Protocol based filtering: FTP, SMTP, HTTP, SNMP, UDP, ICMP, DNS, DHCP, ARP etc.
  • URL based

Hash Algorithms:

  • MD5, AES-XCBC
  • SHA 1, SHA 256, SHA 512

Encryption Algorithms:

  • AES-128, AES-192, AES-256
  • 3DES, DES
  • 256 bit AES-GCM with 256 bit ICV
  • Camellia 128, 192, 256
  • Blowfish 128, 192, 256

Typical deployments:

  • Utilities - Power, Oil and Gas Installations
  • Industrial Applications
  • Campus IP Networks, for all types of data, voice and video over IP applications
  • Meshed networks
  • Metro Ethernet and VPLS networks
  • Cloud applications

CE Compliance:

  • Low Voltage Directive 2014/35/EU
  • Electromagnetic Compatibility 2014/30/EU

Other Regulatory Compliances:

  • RoHS
  • CE Marking
  • Complies with FCC Part 68 and EMC FCC Part 15
  • Telcordia GR-1089 Surge and Power Contact

Data Sheet

Data Sheet Firewall and Router Equipment