Datasheet
4
•
Multiprotocol Label Switching (MPLS)
Layer 2 VPN: establishes simple Layer 2
point-to-point VPNs across a provider network
using only MPLS LDPs; requires no routing and
therefore decreases complexity, increases
performance, and allows VPNs of non-routable
protocols; uses no routing information for
increased security; supports Circuit Cross Connect
(CCC), Static Virtual Circuits (SVCs), Martini draft,
and Kompella-draft technologies
•
Policy routing: allows custom filters for
increased performance and security; supports
ACLs, IP prefix, AS paths, community lists, and
aggregate policies
Security
•
Access control list (ACL): supports powerful
ACLs for both IPv4 and IPv6; ACLs are used for
filtering traffic to prevent illegal users from
accessing the network, or for controlling network
traffic to save resources; rules can either deny or
permit traffic to be forwarded; rules can be based
on a Layer 2 header or a Layer 3 protocol header;
rules can be set to operate on specific dates or
times
•
TACACS+: is an authentication tool using TCP
with encryption of the full authentication request
that provides added security
•
MAC authentication: provides simple
authentication based on a user's MAC address;
supports local or RADIUS-based authentication
•
Network login: standard IEEE 802.1x allows
authentication of multiple users per port
•
RADIUS: eases security access administration by
using a password authentication server
•
Network address translation (NAT):
supports one-to-one NAT, many-to-many NAT, and
NAT control, enabling NAPT to support multiple
connections; supports backlist in NAT/NAPT, a
limit on the number of connections, session log,
and multi-instance
•
Secure Shell (SSHv2): uses external servers to
securely login into a remote device or securely
login into MSR from a remote location; with
authentication and encryption, it protects against
IP spoofing and plain text password interception;
increases the security of SFTP transfers
•
Unicast Reverse Path Forwarding (URPF):
allows normal packets to be forwarded correctly,
but discards the attaching packet due to lack of
reverse path route or incorrect inbound interface;
prevents source spoofing and distributed attacks
Convergence
•
Internet Group Management Protocol
(IGMP): is used by IP hosts to establish and
maintain multicast groups; supports v1, v2, and
v3; utilizes Any-Source Multicast (ASM) or
Source-Specific Multicast (SSM) to manage IPv4
multicast networks
•
Protocol Independent Multicast (PIM): is
used for IPv4 and IPv6 multicast applications;
supports PIM dense mode (PIM-DM), sparse mode
(PIM-SM), and source-specific mode (PIM-SSM)
•
Multicast Source Discovery Protocol
(MSDP): is used for inter-domain multicast
applications, allowing multiple PIM-SM domains to
interoperate
•
Multicast Border Gateway Protocol
(MBGP): allows multicast traffic to be forwarded
across BGP networks, separate from unicast traffic
Integration
•
Embedded NetStream: local and global server
load balancing module improves traffic distribution
using powerful scheduling algorithms, including
Layer 4 to 7 services; monitors the health status of
servers and firewalls
•
Embedded VPN firewall: provides enhanced
stateful packet inspection and filtering; provides
advanced VPN services with Triple DES (3DES)
and Advanced Encryption Standard (AES)
encryption at high performance and low latency,
Web content filtering, and application
prioritization and enhancement
Additional information
•
OPEX savings: a common operating system
simplifies and streamlines deployment,
management, and training, thereby cutting costs,
as well as reducing the chance for human error
associated with having to manage multiple
operating systems across different platforms and
network layers
•
High reliability: provides a state-of-the-art
unified code base
•
Faster time to market: engineering
efficiencies allow new and custom features to be
brought rapidly to the market with better initial and
ongoing stability
•
Green initiative support: provides support for
RoHS and WEEE regulations