1. Products
1. Introduction
Boda Bo Yu firewall BDCOM Secutor F1607, Data Communication Co., Ltd. of Shanghai Boda for small and medium businesses and enterprise branch office users to the development of a Fast firewall. Products with network processing
NP device architecture, integration, technology development. Advanced structure, low power consumption, no noise, excellent performance, reliable, safe, powerful, and so on.
Boda Bo Yu firewall BDCOM Secutor F1607 offers seven 10/100M Ethernet port, which integrates the four exchange port. Flexible division of LAN, WAN, DMZ areas. Support for routing, bridge, mixed and other modes. Product powerful set of state detection packet filtering, address translation, intrusion detection, worm blocking, application proxy, content filtering, VPN, user authentication, broadband access and bandwidth control, log auditing and many other functions in one.
Boda Bo Yu firewall BDCOM Secutor F1607 price and performance of its SMEs and enterprise branch offices to meet the user's Internet access, private network access control, VPN and other network security needs, for the user to build a secure, widely , solid, efficient, convenient network.
2. Product Photos (abbreviated)
3. Product Features
NP architecture, outstanding performance: product using the new NP architecture, communication interface integrated into the NP processor, breaking the traditional PCI bus architecture IPC performance bottleneck. Optimization hardware and software design, which greatly enhance the data processing capabilities, real high-speed forwarding. Expedite the processing of hardware chip support VPN, VPN packet forwarding performance of up to 70M;
Lightweight quiet, low power consumption, stable and reliable: Product integration with embedded hardware design, structure compact, low power, fanless, quiet, clean, low point of failure can be a long and stable operation;
Built-in 4 Switch: Product Integration 4 10/100M Ethernet switch port, chip-level rapid exchange. Cluster can be directly subordinate switch hub or working group can also be used to directly connect to the server;
Powerful, value for money: product applications for small and medium characteristics, enhanced Internet broadband access and bandwidth control, anti-virus and worm attacks, internet access control and content filtering, VPN, and logging and auditing features, comprehensive security firewall upgrade platform.
4. Product Promotion Manager
Borda Network Security Product Manager: Wang Lei
It is because of Bo Dabo Royal firewall BDCOM Secutor F1607 with the above-mentioned features and advantages, which once introduced by a majority of the customers, is Bo Dabo Royal 1000 Series firewall in a top-selling products, are widely used in finance, government, education, military, business internet access, private network access control and VPN networking and other occasions.
5. Product Specifications
Large wire-speed packet forwarding capability 1518byte, 64byte packet 15M
The maximum number of 200,000 concurrent connections
Hardware VPN performance 70M
Policy Number 2000
1000 VPN Tunnels
Processor Processor Intel IXP NP
128MB RAM
8MB flash memory
Network Interface 10/100M Ethernet ports, 7
Serial port 1 RJ45 port
Built-in 220V power supply
Static power consumption ≤ 10W
Operating Temperature 0 ~ 50 degrees Celsius
Humidity 10 ~ 95% (non-condensing)
Dimensions 440 (W) x165 (deep) x40 (high) mm (19 inch, 1U)
6. Business Information
Contact: Please Borda headquarters and Shanghai, Beijing, Guangzhou, Wuhan, Chengdu, Shenyang, Xi'an, Lanzhou, Nanjing nine platforms and Shijiazhuang, Tianjin, Taiyuan, Hohhot, Harbin, Changchun, Yinchuan, Xining, Urumqi, Zhengzhou, Hefei, Jinan, Hangzhou, Fuzhou, Chongqing, Nanning, Guiyang, Nanchang, Changsha, Kunming, Haikou, etc. around the office. Contact details, visit the Bardon site www.bdcom.com.cn or call 021-50800666.
Media Reference price: 58,000 yuan
Website: www.bdcom.com.cn
2. Typical applications
1. Topology
Typical applications for SMEs network topology diagram
2. Programme Description
In the internal LAN and external Internet access for SMEs to deploy Boda Bo Yu edge firewall BDCOM Secutor F1607.
Broadband access
F1607 model with routing, WAN port connected to the Internet, to support multiple broadband access options, including a fixed IP and dynamic IP green means the PPPoE dial-up methods.
Configure the default route, all point to the next level of communication outside the gateway. If the F1607 at the same time as a special network access or VPN access, you can use static routing or source routing strategy for different types of communication point to a different exit or the next hop.
If multi-line access, you can configure load balancing, the traffic balance to a different line up. F1607 set the balance to support the weight, for example, using two ISP lines, including a bandwidth of 1M, another a bandwidth of 512K, the set flow equilibrium can be 512K 1M lines and assumed line flux ratio is set to 67% : 33%. Flow balance is based on the state, that is, the same connection all traffic will be constant from one line to go, so, even for complex communication, F1607 should also ease.
In F1607 the WAN interface configured source address translation, the internal private network IP addresses into fixed or dynamic WAN interface IP address of public network, it can use IP Pool ways to use a ISP assigned address.
F1607 supports DHCP Server and DNS functions, for small-scale network, internal users can automatically assign IP addresses dynamically, gateway, DNS and other parameters, simplifying network configuration and management.
Built-in 4 switch
F1607 for the exchange of the 4 LAN ports, which can be achieved between the chip-level fast forward. For small to medium sized users, several servers LAN directly through this four LAN port access F1607. Connect the LAN hub or switch users can also aggregates in the F1607. Eliminating the need for a distribution layer switch for the user to save the investment, while simplifying the network topology, reducing the intermediate nodes and the point of failure, but also help to improve the overall performance of the network.
State Inspection Packet Filter
F1607 default packet filtering rules for the full ban, so the need to configure packet filtering firewall rules. Internet access applications for small and medium enterprises, the general configuration single-pass inside to the outside can say, for the internal LAN to the external Internet, do not do all the basic communications restrictions, returned from the external Internet communications based on the state test. The so-called state test is based on dynamic maintenance of the firewall state table of contents forward or reject packets. State table records sent from the protected network of state information packets, firewalls according to the table of contents of return data packets to judge, Zhiyou and Zhuangtai table recorded Xiangguan the legitimate return packets Caipiyunxu Jinru protected network. Forward this mechanism more efficient; than the static router ACL rules more secure; configuration is also easier to use.
F1607 supports based on source and destination IP addresses, source and destination TCP / UDP port of the packet filtering rules, can effectively control the specific application, such as control MSN, OICQ so.
F1607 supports time-based packet filtering rules to control access of SMEs to provide a convenient. Mon-Fri 9:00-18:00, such as the prohibition of MSN, OICQ.
Taking into account the video, voice has been used widely, F1607 H.323 in terms of packet filtering and other agreements are also thoughtful and careful design, can be a good support for video, voice and other data transmission.
Content Filtering
To further enhance access control, F1607 support URL, DNS filtering, you can visit the URL and the DNS domain name on the effective filter time can be combined with strategies such as work hours prohibit access to certain work-related music, film and television website.
F1607 is also built-in Web content filtering database classification, can be common sex, violence, politics, gaming, securities class page block.
Bandwidth control
F1607 supports based on TCP / UDP / IP / ICMP / time, bandwidth control, limit the communication bandwidth and the guaranteed minimum bandwidth to ensure the message, OA, ERP, business and other important systems and voice, video and other real-time communications that require high bandwidth and priority.
Anti-worm and intrusion
Start the built-in F1607 IDS, intrusion can be detected 33 common classes, and start the linkage inside the firewall, intrusion can be found in the log, warning, and IP block, reducing the impact of network and equipment. If the network uses third-party IDS devices, F1607 and its conduct can be linked.
F1607 also has the unique worm blocking feature is an effective complement IDS functions. Firewall packets per unit time of a particular type of statistical information to analyze and judge whether they are worm attack behavior, such as being judged as worm attacks, the F1607 will be decisive for packet discard processing.
VPN access
F1607 can provide VPN access that can be used to connect higher-level network, or VPN for mobile users dial. Agreement commonly used VPN Ipsec and PPTP.
As the F1607 with NP processors, support for encryption hardware DES/3DES/AES so, so, VPN will not affect the performance of Internet access, but also to guarantee their performance.
F1607 supports IPSec, NAT penetration, support dynamic IP PPPoE mode access, support VPN, packet filtering, support for PKI, IKE and other key ways. Meet the current complex VPN applications.
Log audit
F1607 log audit provides a wealth of information related to audit logging configuration to provide traffic logs, log management, network monitoring logs, logs and other logging worms, and provide the log store, log statistics query and log alarm functions. Through traffic and audit logs to record the flow of Internet cafe users to access information; through the management and the audit log can record all the personnel management of the firewall operation; through the network monitoring and audit log can record IDS conditions; through the worm and the audit log can record network worm status. In case of violation of security policy or the activities of the illegal attacks and worms, the log will alarm. Administrators can log information, and timely positioning problems on the LAN hosts, a thorough inventory of its order in a timely and complete elimination of worms and attacks on the network.