VigorPro 5510
 
|
Overview
The VigorPro 5510 is a Dual WAN broadband router with Load Balance and Fail-Over. There are advanced features supporting secure network management (Firewall, CSM, Anti-Virus, Anti-Intrusion & Anti-Spam), bandwidth management (QoS, Session Limitation & Bandwidth Control), remote data access (VPN & SSL VPN), etc., making this router ideal broadband access devices for SOHO and business users.
The VigorPro 5510 is designed with object-based SPI (Stateful Packet Inspection) firewall to detect malicious packets, such as Denial of Service (DoS) attacks, and prevent these from jeopardizing the internal home or office network thus ensuring upmost network security and reliability.
Unlike DrayTek normal firewalls, the VigorPro 5510 deploys the unique MSSI™ (Multi-stack Stateful Inspection) mechanism. With MSSI™, VigorPro 5510 inspects packet streams, compares any suspected content or behavior with build-in database in real-time, and provide inline Anti-Virus, Anti-Spam, Anti-Trojan and Anti-Intrusion protection.
The Content Security Management (CSM) feature allows control of access to websites based on their content; for instance, websites with obscene or objectionable content can be blocked by the parents to ensure safe browsing by young children in the family. Furthermore, peer-to-peer applications that tend to consume big bandwidth and sessions can be managed easily by ticking the CSM options.
The VigorPro 5510 supports 200 x LAN-to-LAN VPN tunnels secure remote data access, such as inter office, or home-office communication with strong VPN functionality with all major VPN protocols: PPTP, IPSEC, L2TP and L2TP over IPSEC, including advanced DES, 3DES encryption engine and IKE automated key management, etc.
The dual WAN feature allows to create dual VPN tunnel for VPN load balance and fail-over.
Without the necessity of installing VPN client, Remote Desktop application, or File Explore on individual PC, the Secure Socket Layer (SSL) virtual private network (VPN) facility lets remote workers connect to the office network at any one time. SSL is supported by standard web browsers such as Firefox and Internet Explore. For users of small offices and teleworkers who need to access head office internal applications, file server and file sharing, VigorPro 5510 allows up to 50 concurrent SSL sessions.
The VigorPro 5510 supports up to 150 PC users for Smart Monitor. It can capture, filter and analyze network information for different purposes by integrating with VigorPro 5510. With Smart Monitor, the administrator can adopt the content that user cares and restore the data to readability information and produce various reports for reference.
Features
- Anti-Virus
- Scan SMTP, POP3, HTTP, IMAP, FTP
- Scan ZIP / GZIP / BZIP2
- Scan Encrypted VPN Tunnels
- Automatic Virus Signature Update
- Automatic Alert when Signature Update Service Expired
- Real-time E-mail / Syslog Alert when Virus is Detected
- Block Fragmented Mail
- Block Multiples Sessions Download
- Anti-Intrusion
- Rule-based Detection List
- Pass / Disallow / Reset when Intrusion is Detected
- Automatic Intrusion Signature Update
- Automatic Alert When Signature Update Service Expired
- Real-time E-mail / Syslog Alert when Under Attack
- Anti-Spam
- Real-time Scan SMTP, POP3
- Multi Language Detection
- Multi Type (Graphic, Document, HTML) Detection
- Single / Double Byte Coding Detection
- Black / White List
- Automatic Alert When License Expired
- Real-time Syslog Alert when Spam is Detected
- Dual-WAN
- Outbound Policy-based Load-balance
- BoD (Bandwidth On Demand)
- WAN Connection Fail-over
- Ethernet WAN Protocol
- DHCP Client
- Static IP
- PPPoE
- PPTP
- L2TP
- Internet Features
- Internet Fail-Over via 3G USB Modem
- WAN IP Alias for each WAN : 32
- Firewall
- Object-based & Policy-based Firewall
- SPI ( Stateful Packet Inspection ) with new FlowTrack Mechanism
- Multi-NAT
- Port Redirection
- Open Port
- Address Mapping
- DMZ Host
- True IP DMZ Host
- DoS / DDoS Protection
- IP Address Anti-Spoofing
- E-mail Alert
- VLAN (Virtual LAN)
- Bind IP to MAC Address
- CSM (Content Security Management)
- IM (Instant Messenger) Filter (e.g. MSN / Yahoo Messenger etc.)
- Web IM Application Filter (e.g. eMessenger / WebMSN / WebYahooIM etc.)
- VoIP Application Filter (e.g. Skype / Gizmo etc.)
- P2P (Peer-to-Peer) Filter (e.g. BitTorrent / eMule / KazzaA etc.)
- Protocol Filter (e.g. FTP / HTTP / POP3 etc.)
- Web Application Filter :
- Tunneling Filter (e.g. Socks4 / Socks5 / RealTunnel / UltraVPN etc.)
- Streaming Filter (e.g. FlashVideo / SilverLight / PPStream / PPLive etc.)
- Remote Control Filter (e.g. VNC / TeamViewer / WindowLiveSync etc.)
- Web HD Filter (HTTP Upload / MS SkyDrive / OfficeLive / GDoc Uploader etc.)
- Streaming Filter (e.g. FlashVideo / SilverLight / PPStream / PPLive etc.)
- URL Content Filter (Whitelist or Blacklist specific sites or keywords in URLs)
- Web Content Filter (Whitelist or Blacklist specific sites or keywords in web page)
- File Extension Filter (e.g. Image / Video / Audio / Compression files etc.)
- GlobalView Web Content Filter ( Powered by
)
(e.g. Child Protection / Gambling / Porn & Sexually / Travel / Game / Sports etc.)
- VPN and Remote Access
- Up to 0 Concurrent VPN Tunnels (incoming or outgoing)
- Protocol :
- PPTP
- IPSec
- L2TP
- L2TP over IPSec
- Encryption :
- MPPE
- Hardware-based AES
- Hardware-based DES
- Hardware-based 3DES
- Authentication
- Hardware-based MD5
- Hardware-based SHA-1
- IKE Authentication :
- Pre-shared Key
- Digital Signature (X.509)
- LAN-to-LAN
- Teleworker-to-LAN
- RADIUS (Remote Authentication Dial In User Service) Client for dial-in teleworker
- LDAP (Lightweight Directory Access Protocol) Client for dial-in teleworker
- DHCP over IPSec
- Dead Peer Detection (DPD)
- NAT-Traversal (NAT-T)
- VPN Load Balance
- VPN Fail Over
- VPN Pass-through
- SSL VPN
- Up to 50 SSL VPN Tunnels
- SSL Web Proxy
- Encryption :
- AES (128 bits) and 3DES
- RC4 (128 bits)
- DES
- SSL Application :
- VPN (Virtual Network Computing)
- RDP (Remote Desktop Protocol)
- Samba Application
- Bandwidth Management
- QoS (Quality of Service) :
- Class-based Bandwidth Guarantee by User-Defined Traffic Categories
- DiffServ Code Point Classifying
- 4-level Priority for Each Direction (Inbound / Outbound)
- Bandwidth Borrowed
- Session Limitation
- Bandwidth Limitation
- QoS (Quality of Service) :
- USB Applications
- 3.5G USB Modem (can only act as WAN2)
- Printer Sharing
- Network Feature
- Supported Software :
- Smart Monitor : Up to 150 PCs
- VigorACS SI
- IP Version: IPv4
- IGMP Proxy / Snooping
- DHCP Client / Relay / Server
- Dynamic DNS
- NTP (Network Time Protocol) Client
- Time Scheduling
- RADIUS Client
- LDAP Client
- DNS Cache / Proxy
- UPnP
- Wake on LAN
- Routing Protocol :
- Static Routing
- RIP V2
- Supported Software :
- Network Management
- Web-based User Interface (HTTP / HTTPS)
- Management Session Timeout
- Quick Start Wizard
- CLI (Command Line Interface)
- Telnet
- Administration Access Control
- Configuration Backup / Restore
- Built-in Diagnostic Function :
- System Status
- Online Status
- Dial-out Trigger
- Routing Table
- ARP Cache Table
- DHCP Table
- NAT Sessions Table
- Traffic Graph
- Ping Diagnosis
- Trace Route
- AI/AV Top 10
- Web Firewall Syslog
- Firmware Upgrade :
- TFTP
- FTP
- Web-based User Interface
- TR-069
- Logging via Syslog
- SNMP Management MIB-II
- TR-069
Specifications
|
Technical Specifications of VigorPro 5510
|
|||
| Hardware Interface | WAN | 2x 10/100 Base-Tx RJ-45 ports | |
| LAN | 5x 10/100/1000 Base-Tx RJ-45 ports | ||
| USB | 1x USB HUB 1.1 for connecting to USB printer or 3G USB Modem(3G only can act as WAN2) | ||
| Anti-Virus | File Filter | ||
| Defense Viruses, Worms and Trojan | |||
| Scan SMTP | |||
| Scan POP3 | |||
| Scan HTTP | |||
| Scan IMAP | |||
| Scan FTP | |||
| Scan ZIP / GZIP / BZIP2 | |||
| Scan Ownself VPN Tunnels | |||
| Automatic update latest virus signature to device | |||
| Automatic alert for signature update service expiry | |||
| Real-time Syslog / Mail Alert for the virus detection | |||
| Anti-Intrusion | Rule-based Detection List | ||
| Pass / Disallow / Reset while Intrusion is Detected | |||
| Automatic update latest intrusion signature to device | |||
| Automatic alert when signature update service expired | |||
| Real-time Syslog / Mail Alert when attacked | |||
| Anti-Spam | Real-time scan SMTP, POP3 | ||
| Automatic alert when license expired | |||
| Real-time syslog alert when spam is detected | |||
| Multi Language Detection | |||
| Multi Type (graphic, document, HTML) Detection | |||
| Single / Double byte Coding Detection | |||
| No User Limitation | |||
| Black / White List | |||
| Dual-WAN | Outbound Policy-based Load-balance | ||
| Bandwidth on Demand (BoD) | |||
| WAN Connection Fail-over | |||
| SSL VPN | Up to 50 SSL VPN Tunnels | ||
| SSL Web Proxy | |||
| Web Application (10 URLs) | |||
| VPN | Up to 200 VPN Tunnels | ||
| LAN-to-LAN, Teleworker-to-LAN | |||
| DHCP over IPSec | |||
| NAT-Traversal (NAT-T) | |||
| Dead Peer Detection (DPD) | |||
| VPN Pass-through | |||
| Protocol | PPTP | ||
| IPSec | |||
| L2TP | |||
| L2TP over IPSec | |||
| Encryption | MPPE | ||
| Hardware-based AES / DES / 3DES | |||
| Authentication | Hardware-based MD5 | ||
| SHA-1 | |||
| IKE authentication | Pre-shared Key | ||
| Digital Signature (X.509) | |||
| Firewall | Transparent Mode | ||
| Multi-NAT, DMZ Host, Port-redirection and Open Port | |||
| Policy-based Firewall | |||
| SPI (Stateful Packet Inspection) | |||
| DoS / DDoS Prevention | |||
| IP Address Anti-spoofing | |||
| E-Mail Alert and Logging via Syslog | |||
| Bind IP to MAC Address | |||
| Time Schedule Control | |||
| CSM | IM / P2P Applications Blocking | ||
| URL Keyword Filter (Whitelist and Blacklist) | |||
| GlobalView Web Content Filter ( Powered by ) |
|||
| Network Features | DHCP Client / Relay / Server | ||
| Dynamic DNS | |||
| NTP Client | |||
| Call Scheduling | |||
| RADIUS Client | |||
| DNS Cache / Proxy | |||
| UPnP | |||
| Routing Protocol | Static Routing | ||
| RIP V2 | |||
| IGMPv2 Proxy | |||
| Network Management | Web-based User Interface (HTTP / HTTPS) | ||
| Quick Start Wizard | |||
| Command Line Interface (CLI, Telnet / SSH *) | |||
| Administration Access Control | |||
| Configuration Backup / Restore | |||
| Built-in Diagnostic Function | |||
| Firmware Upgrade via TFTP / FTP | |||
| Logging via Syslog | |||
| SNMP Management with MIB-II | |||
| Bandwidth Management | Class-based Bandwidth Guarantee by User-defined Traffic Categories | ||
| DiffServ Code Point Classifying | |||
| 4-level Priority for Each Direction (Inbound / Outbound) | |||
| Bandwidth Borrowed | |||
| Bandwidth / Session Limitation | |||
| Support Smart Monitor | Up to 150 PCs | ||
| Temperature | Operating : 0°C ~ 45°C | ||
| Storage : -25°C ~ 70°C | |||
| Humidity | 10% ~ 90% (non-condensing) | ||
| Max. Power | 15 Watt | ||
| Dimension | L273 * W166 * H44.6 (mm) | ||
| Power | AC 100~240V, 50/60Hz | ||
Application
Conventional firewalls are bind to today's attacks, and also cannot detect inappropriate e-mail and Web content. The most common solution is a complex, costly collection of independent systems to deal with each of these threats along with network-level intrusions and attacks.
Figure 1. Front Panel
SSL VPN Application
Without the necessity of installing VPN client on individual PC, the Secure Socket Layer (SSL) virtual private network (VPN) facility lets remote workers connect to the office network at any one time. SSL is supported by standard web browsers such as FireFox and IE. For users of small offices and teleworkers who need to access enterprises's internal applications, file server and file sharing, VigorPro5510 UTM series allow up to 50 concurrent SSL sessions.
Figure 2. SSL VPN Application
Network-level Protection
Conventional way to protect against virus or malicious program, requires each host to install software on the host. To install software on a large number of hosts is a time consuming process. To evaluate the vulnerabilities, both scan engine and database of virus pattern need constant upgrade. It is very costly and annoying for IT personnel with high maintenance. VigorPro 5510 works as firewall as well as Internet gateway, it will block any attacks at the point of network entry. Through the web user interface, the network administrator can monitor and instruct the VigorPro 5510 to look for all hosts inside network edge before threats intrude.
Figure 3. Network-level Protection
Hardware-accelerated, Real-time Response
The VigorPro 5510 employs an unique, hardware-accelerated architecture that provides the ability to perform real-time security without slowing down critical network applications, such as Web traffic. Software-based anti-virus solutions, which are designed for scanning non-real-time email messages, are too slow to be used to scan Web traffic or other real-time network applications.
Figure 4. Hardware-accelerated, Real-time Response
Content-based Inline Inspection
Conventional firewalls only inspect packets connection behavior to against any connection-based attack. While the content-based threats today. such as virus, worms, Trojans or banned content, which spread faster and do more damage. Conventional firewalls bypass the widely spread content-based threat and expose internal network to outside world. VigorPro 5510 deploys DrayTek's unique MSSI™ (Multi-stack Stateful Inspection) mechanism. With MSSI™ , VigorPro 5510 inspects packet streams, compares any suspected content or behavior with build-in database in real-time, and provide inline anti-virus and anti-intrusion protection.
Figure 5. Content-based Inline Inspection
3G Application
DrayTek supports 3G HSDPA USB Modem via USB port of VigorPro 5510 from firmware version V3.2.2 and above. It is a good application for the mobile sharing environment.
For 3G mobile communication through Access Point is popular more and more, VigorPro 5510 adds the function of 3G network connection for such purpose. By connecting 3G USB Modem to the USB port of VigorPro 5510, it can support HSDPA/UMTS/EDGE/GPRS/GSM and the future 3G standard (HSDPA, etc). VigorPro 5510 series with 3G USB Modem allows you to receive 3G signals at any place such as your car or certain location holding outdoor activity and share the bandwidth for using by more people. Users can use four LAN ports on the router to access Internet.
Figure 6. 3G Application
Accessories
Figure 7. Accessories