Vpn firewall brick – Alcatel-Lucent VPN Firewall Portfolio User Manual

3

Implement large-scale VPN support with
high-performance packet processing

VPN Firewall Brick

®

platforms deliver the performance

needed to provide vital security and VPN services for
thousands of enterprise users. High-capacity packet-
processing capabilities help maximize user efficiency
and productivity with up to 1.7 Gbps VPN throughput
and a full 4.75 Gbps firewall throughput.

Portfolio-wide scalability helps protect expanding user
populations cost effectively. A single

VPN Firewall

Brick

®

unit can support up to 4 million simultaneous

sessions and over 20,000 simultaneous VPN tunnels.
Its highly efficient operating system contributes to
these outstanding processing capabilities by freeing
memory for session and policy management.

Streamline firewall deployment,
configuration and management

VPN Firewall Brick

®

platforms can be installed and

working at any network location. These flexible
bridging firewalls work as quickly as a physical
connection can be made. There’s no need to re-
segment the network, worry about downtime during
network conversion to the new topology or wait as
hosts are directed to a new gateway. Alcatel-Lucent
SMS software delivers:

• Sophisticated IP services management capabilities with

low operating costs to manage security, not individual
devices – easy security deployment, management and
maintenance with centrally controlled

VPN Firewall

Brick

®

clients

• Scalability to rapidly provision and manage up to

20,000

VPN Firewall Brick

®

platforms and 500,000

IPSec Client users from one console – fewer devices to
maintain and fewer people to maintain them

• Seamless integration of firewall, VPN, bandwidth

management, virtual LAN (VLAN) and virtual firewall
policy management – centralized realtime monitoring,
robust logging and customized reporting capabilities

• Integrated Denial of Service protections, Intrusion

Detection/Prevention facilities and Bell Labs-developed
Intelligent Cache Management capabilities maximizes
uptime and mitigates impacts of network attacks

Leverage high-availability bandwidth
management for consistent service quality

VPN Firewall Brick

®

platforms can increase both network

security and quality of service through uniquely granular
bandwidth management. They incorporate – at no extra
charge – robust implementation of class-based queuing
(CBQ) technology for committed-rate bandwidth control
and traffic prioritization. Bandwidth limits to help defend
against flood attacks, and bandwidth guarantees to
enhance end-user experiences, are enforced at the server
and user levels. Traffic can be classified by physical
interface, virtual firewall, policy rule and session, enabling
simplified yet precisely targeted security implementations.

Sustain business continuity with
carrier-class reliability and availability

A high-availability architecture is built into every
component of the

Alcatel-Lucent VPN Firewall portfolio.

There is no single point of failure solution-wide. All
VPN Firewall Brick

®

models support native subsecond

failover to a standby unit. In an outage, services
continue uninterrupted. Out-of-band management
capabilities help ensure continued service even if
communications are lost due to a network outage. For
added reliability, Alcatel-Lucent SMS software can be
distributed across multiple geographically dispersed
operations centers for active/active network
redundancy. This enables immediate disaster recovery
in the event of a catastrophe at the primary
management location.

Active/Active

Management

VLAN 100

Extranet Server

VLAN 200

SAP Server

VLAN 300

Mail Server

VLAN 400

Public Server

VLAN 400

Public Server

IP Network

Data Center

Services

Network-based

Services

Mobile/IPSec Client

Services

Centralized Management

with Alcatel-Lucent SMS

CPE-based

Services

Existing

Router

Existing

Router

Existing

Router

VPN Firewall

Brick

®

50/150

VPN Firewall

Brick

®

350

VPN Firewall

Brick

®

700

Alcatel-Lucent

Security

Management

Server

Alcatel-Lucent

Security

Management

Server

EMEA NOC

USA NOC

VPN Firewall

Brick

®

1100

VPN Firewall

Brick

®

1200 HS

IPSec

Client

The Alcatel-Lucent VPN Firewall
portfolio offers flexible deployment
options to suit enterprise network
strategies and users’ diverse needs.