With the adoption of wireless LANs (WLANs), people in distributed
departments within medium to large organizations benefit from the
ability to access information when away from a desk. Staff can
respond to requests while in the warehouse or conference room
improving efficiency and customer service. This is true whether it's
marketing, sales, finance or HR. The benefits of WLANs are not
restricted to medium to large businesses but local data access
mobility is very useful in healthcare, retail, finance, and
hospitality and manufacturing. Today timely and secure data
transactions are critical. If inventory, patient test results,
financial reports and other sensitive data are not available when
and where needed, it can seriously impact business success. Today
many businesses also place staff where the business is generated.
Therefore mobile employees, satellite and temporary offices are very
common for long and short-term projects.
Create an instant secure office network
The SG565 is CyberGuard's all-in-one Wireless Workgroup Security and
Data Access Appliance. It is a feature-rich, desktop, network
security and data access device designed for today's business that
requires access to and collection of time-critical data wherever
their staff or customers may be. The SG565 allows businesses to
create a unique wireless and wired local network. Not only does it
provide a wireless access point with secure Internet access and
site-site access to the central office, it also supports network
attached file storage and network printing - all in one appliance.
In effect the SG565 creates the instant office network using off the
shelf peripherals. Providing network storage via the SG565 is a
simple as plugging in a USB hard drive or USB flash device into one
of the available USB ports. Printing is just as easy using USB
printers and standard desktop network printing services. This in
many cases eliminates a number of server computers. It enables
enterprises to deploy remote or temporary office networks with major
IT infrastructure instantly available to carry on secure business.
Comprehensive Security and Internet Uptime
The SG565 is well suited to protecting branch offices of medium
sized enterprises as well as other sites such as gas stations,
retail stores, medical clinics, hotels and so on. The SG565 enables
small office networks to easily connect their wired desktop or
wireless notebook PCs to the Internet via broadband (ADSL, cable,
SHDSL, T-1 and T-2 circuits, etc.) or narrow-band (modem or ISDN).
Should the broadband connection fail the SG565 can fail over to a
second broadband connection or the narrowband backup connection,
ensuring uptime. By providing five separate security zones, the
SG565 can support DMZs, guest networks, multiple LANs and WANs. The
SG565 unifies defenses to combat blended threats into a single
device converging firewall, intrusion protection, threat containment
(vulnerability scanning/blocking), with the capability of performing
gateway anti-virus e-mail scanning. High availability is achievable
by installing a pair of SG565 appliances for load balancing or hot
standby.
VPN capabilities for Remote Access and Multi-site Access
A remote office network can safely become part of a central office
network, as the SG565 is also a cost-effective VPN end point device.
The SG565 includes industry-standard secure VPN access methods
(IPSec, PPTP, L2TP) with hardware-accelerated encryption. It is
complementary to the CyberGuard SG710 and CyberGuard TSP families of
firewall/VPN appliances for medium to large-scale branch office to
head office VPN deployments.
Features:
* Robust steel casing for medium enterprise and retail environments
* Full IPSec and PPTP VPN
* Intrusion Protection and Anti-virus (V 2.3)
* Network file storage and printing (USB)
* No per-user licensing or restrictions
* Wi-Fi WLAN and wired 10/100 LAN
* Highly interoperable with leading brands
* No third-party client software required
* Complementary VPN end-point for CyberGuard Premium Appliances
* Suitable for routing ADSL/Cable up to T1 & E1
* VPN up to 35Mbps (broadband & LAN-to-LAN)
Specifications
VPN - IPSec
*IPSec configuration Wizard
*VPNC-certified interoperability
*Peer-to-peer (initiate and terminate)
*ESP payload (AH manual config)
*Supports aggressive mode
*Dead peer detection
*Compression (deflate / gzip type algorithm)
*DES 56-bit, 3DES 168-bit, AES 256-bit encryption
*Hashes HMAC -MD5 and SHA-1 authentication
*IKE/ISAKMP Diffie-Hellman key exchange
*Diffie-Hellman Groups (1,2,5) and Oakley Groups (14,15,16) to
4096-bits
*X.509 certificates DER, PEM formats
*Pre-shared secrets
*Dynamic IP address end-points
*Dynamic DNS IPSec support
*Authentication up to 2048-bit for RSA key signatures
*Multiple subnets
*NAT traversal
*Up to 150 IPSec tunnels
*30 Mbps 3DES (VPN/firewall)
*35 Mbps AES (VPN/firewall)
VPN -L2TP
*L2TP over IPSec
*Autonomous L2T
*Client: NAT, default route via L2TP
*Server: specify client IP address range
VPN - PPTP
*v2 client and server
*Pass-through mode also
*MPPE 40 to 128-bit RC4 encryption
*PAP/CHAP/MS CHAPv2 authentication
*L2TP & GRE tunneling extensions
*Up to 25 PPTP client tunnels
*Up to 50 PPTP server tunnels
*Up to 7 Mbps RC4 throughput
Anti-Virus
*Anti-virus e-mail scanning (v3.1 firmware)
Firewall
*Dynamic Stateful inspection firewall
*ICSA-certified
*NAT -static and dynamic
*NAPT/PAT -port forwarding
*Connection sharing
*Intrusion Protection (Snort)
*120 Mbps firewall performance
*Threat Containment (Nessus based)
*Vulnerability Scan/Block
Network
*Traffic shaping (QoS)
*IP aliasesDHCP -client and server
*PPPoE (for ADSL support)
*Bridging (802.1d)
*RIP, RIPv2, OSPF, BGP
*RAS (dial-in)
*Dial on demand (dial out)
*Fail-over (link-link) / high availability (device-device)
*DNS enhanced caching, masquerading, proxy, multiple DNS server
proxying
*120 Mbps throughput (bi-directional)
Management
*Logging (local and remote)
*NTP client and server
*Web management
*SNMP MIB-II (partial)
*CLI (Telnet) management
*Initial set-up via static IP address or dynamic IP address (DHCP
client)
*Administration user accounts
*RADIUS / TACACS+
Wifi
*802.11 b/g
*WEP 64/128
*WPA TKIP/AES Preshared Key (Personal)
*WPA X.509 / Enterprise (future firmware release)
*Access control list (allow or deny specified MACs)
*Option to limit bridging between clientsBridged or routed mode for
Access Point Mode
*Client Mode (future firmware release)
NAS (Network Attached Storage)
*Samba 3.0 based
*USB HD or USB-key (flash) storage supported
*Advertise storage to LAN as Windows shares (public or per user)
*Easy to use, always on, file-server for a small office.
*Can work with FAT32, ext3 (journaled) disks
*CLI tools to format & partition USB HD?s.
*Rsync (backup management), ftp (future release)
*USB storage can be used for web-cache (squid), print spooling,
logging.
Printing
*Supports business (network aware) USB printers
*Provide centralized print services to a small office
*Flexible spooling options (network & USB disk)
Hardware
*Status LEDs
*WAN port -10/100BaseT
*WAN port-External USB DSL modems
*LAN ports -4x10/100BaseT -DMZ, LAN zones, 2nd WAN, etc.
*WLAN -IEEE802.11b/g Access Point -802.11b:CCK, DQPSK, DBPSK
-802.11g:OFDM
*Dual Dipole Antennae
*2.4GHz -2.4385GHz
*RF Power -19dBm@11Mbps -15dBm@54Mbps
*Radio Sensitivity -70dBm@54Mbps -83dBm@11Mbps
*Serial ports -1 (dial-in, or on-demand)
*Memory -16MB Flash, 64MB RAM
*USB External Storage (HHD or Flash)
*USB printers (Host drivers)
*Real time clock
*Power -5V 1.5A
*Weight -1lb (500g)
*Dimensions -8.1"x4.7"x1" (206mmx120mmx26mm)
*Operating temperature 0C to 40C
*Storage temperature -20C to 70C
*Humidity 0 to 95%, non-condensing
*Certification -home and office
*Warranty -1 year
