Solutions & Services
Network Solutions
eServices
Integration
Web Develpment
Win32 Development
Process Analysis
IT Security
Microsoft Certified Partner

IBM Business Partner

HP Business Partner

 

 
Secure Computing - SG580

Enterprise class Linux based Firewall/VPN/Router appliance.

Description Price Qnty
SG580 Firewall/VPN/Router/WAP Appliance 12Month Support/Warranty $817.52  
SG580 Firewall/VPN/Router/WAP Appliance 12Month Support/Warranty $1107.92  

First Name*                                                                    
Last Name*                            
Phone*                                                                       
Company Name*                     
Email Address*                                                                
Street Address*                     
City, State, Zip*                                                              ,        ,       

* Denotes a required field

SG580

CyberGuard's SG580 is a feature-rich, compact, network security appliance, which consolidates firewall, sophisticated intrusion-prevention, secure VPN access, and web content filtering on a single device. This reduces the complexity of network security deployments while lowering administration and maintenance requirements. The SG580 is well suited to protecting central offices of small to mid-sized enterprises as well as branch offices of large enterprises. It enables offices to easily and safely connect their network of desktops, notebooks, PDAs, web and applications servers to the Internet via business- and consumer-grade broadband, dedicated circuits from T-1 to T-3 or narrow-band connections (modem/ISDN).

The SG580 provides connectivity and security features normally found only in enterprise-class solutions. With the inclusion of five Fast Ethernet ports, link fail-over and Internet session load balancing as well as multiple security zones, the SG580 can be deployed in a myriad of environments. Should the primary broadband connection fail, the SG580 can fail over to a secondary link. Internet traffic can be balanced between links, increasing bandwidth for faster web page delivery and more concurrent downloads. Should there be a complete broadband failure, the built-in dial-up connection can be invoked automatically. To further enhance web performance and reduce WAN bandwidth, the SG580 has a built-in Web proxy cache.

The SG580 provides layers of network protection. A powerful stateful-inspection firewall, service-based intrusion detection blocking and advanced Internet connection sharing protect the branch-office network from the Internet.

An intrusion detection system adds an extra security layer by detecting suspicious activity through a database of thousands of attack signatures. It can alert an administrator so that countermeasures can be implemented quickly before the network is compromised. It can also be configured to respond by adjusting the firewall automatically, effectively preventing intrusions. Finally, the SG580 also provides security policy enforcement across the network by probing desktops and servers in an attempt to identify vulnerable network services. Systems that are deemed vulnerable are blocked from Internet access or access to other security zones. This reduces the possibility of staff spreading viruses, worms and Trojans.

The SG580 provides default physical security zones (DMZ, Guest and LAN) on separate Ethernet segments. The DMZ segment can be used for publicly accessible servers (e-mail, file download); the Guest segment enables mobile staff or visitors to have general Internet access only, while the LAN segment connects the entire office network. These can be reconfigured to create three departmental security zones or other custom configurations. If only one WAN connection is required the other can be configured as a fourth security zone.

A remote office network can safely become part of a central office network, since the SG580 is also a cost-effective VPN appliance. The SG580 includes industry-standard secure VPN access methods (IPsec, PPTP, L2TP) with hardware-accelerated encryption. It is complementary to the SG710 and CyberGuard TSP appliances for VPN deployments at mid- to large-sized branch offices and head office. For smaller multi-site deployments, the SG580 provides a cost-effective head office solution with smaller CyberGuard appliances installed as VPN endpoints at remote office locations. Mobile and remote workers can also gain access to the central location across the Internet by using an SG300 device or through VPN client software.

Features:

 * Full IPsec, PPTP & L2TP VPN client and server
* Link fail-over & load balancing
* Intrusion detection and prevention
* DMZ, Guest and LAN security zones
* Web console for configuration and management
* Fully interoperable with CyberGuard SG and TSP appliances and other standards-based security devices
* Complementary VPN endpoint for CyberGuard TSP appliances
* Suitable for ADSL, Cable and T1 to T3 circuits
* Suitable for VPN up to 45Mbps (broadband and LAN-to-LAN)

Specifications


VPN - IPsec

* VPNC-certified interoperability
* Peer-to-peer (initiate and terminate)
* ESP and AH payloads
* Supports aggressive mode
* Dead peer detection
* Compression (deflate / gzip type algorithm)
* DES 56-bit, 3DES 168-bit, AES 256-bit encryption
* Hashes HMAC - MD5 and SHA-1 authentication
* IKE/ISAKMP Diffie-Hellman key exchange
* Diffie-Hellman Groups (1,2,5) and Oakley Groups (14,15,16) to 4096-bits
* X.509 certificates DER, PEM formats
* Pre-shared secrets
* Dynamic IP address endpoints
* Dynamic DNS IPsec support
* Authentication up to 2048-bit for RSA key signatures
* Multiple subnets
* NAT traversal
* Up to 200 IPsec tunnels
* 40 Mbps IPsec 3DES(VPN/firewall)
* 45 Mbps IPsec AES (VPN/firewall)

VPN - L2TP

* IPsec config Wizard
* L2TP over IPsec
* Autonomous L2TP
* Client: NAT, default route via L2TP
* Server: specify client IP address range

VPN - PPTP

* v2 client and server
* Pass-through mode also
* MPPE 40 to 128-bit RC4 encryption
* PAP/CHAP/MS CHAPv2 authentication
* L2TP & GRE tunneling extensions
* Up to 80 PPTP client tunnels
* Up to 120 PPTP server tunnels
* Up to 12 Mbps RC4 throughput

Firewall

* Dynamic stateful inspection firewall
* ICSA-certified
* NAT - static and dynamic
* NAPT/PAT - port forwarding
* Connection sharing
* 200 Mbps firewall performance
* Intrusion Protection (Snort)
* Security Policy Enforcement (Nessus)
* Web proxy cache based on Squid

Network

* Traffic shaping (QoS)
* IP aliases
* DHCP - client and server
* PPPoE (for ADSL support)
* Bridging (802.1d)
* RIP, RIPv2, BGP, OSPF
* RAS (dial-in)
* Dial on demand
* Fail-over / high availability
* Traffic Load Balancing
* DNS enhanced caching, masquerading, proxy, multiple DNS server proxying
* 200 Mbps routed throughput
* 200 Mbps PPPoE throughput

Management

* Logging (local and remote)
* NTP client and server
* Web management
* CLI (Telnet) management
* Initial setup via either static IP address or dynamic IP address (DHCP client)
* Administration user accounts
* RADIUS / TACACS+

Hardware

* Status LEDs
* WAN port - 1x10/100BaseT
* LAN ports - 4x10/100BaseT
* WAN2, DMZ, Guest, LAN
* Serial ports - 1 (dial-in, or dial-on-demand)
* Memory - 16MB Flash, 64MB RAM
* Real time clock
* Power - 5V 1.5A
* Weight - 1lb (500g)
* Dimensions - 6.5"x4.5"x1" (168mmx115mmx26mm)
* Operating temperature 0C to 40C
* Storage temperature -20C to 70C
* Humidity 0 to 95%, non-condensing
* Certification - home and office
* Warranty - 1 year

home | about us | solutions & services | products | case studies | contact us | 281-880-0738

Copyright © 2002 - 2006, PC.Solutions.Net.
All rights reserved. Privacy Policy | Terms of Use