Adtran Netvanta 2830 User manual

NetVanta 2830

Unified Threat Management

The NetVanta 2830 applies Unified Threat

Management (UTM) Firewall technology

against a comprehensive array of attacks,

combining intrusion prevention, anti-virus

and anti-spyware with the application-level

control of Application Intelligence and

Control. With advanced routing, stateful

high-availability and high-speed IPSec and

SSL VPN technology, the NetVanta 2830 adds

security, reliability, functionality and produc-

tivity to branch offices, central sites and

distributed mid-enterprise networks, while

minimizing cost and complexity.

The NetVanta 2830 revolutionizes network

security, utilizing a breakthrough multi-core

design and patented Reassembly-Free Deep

Packet Inspection™ (RFDPI) technology*

from SonicWALL. Overcoming the limitations

of existing security solutions, the NetVanta

2830 scans the entirety of each packet for

current threats in real time. Its high-speed,

multi-core processing platform enables

deep packet inspection without adversely

impacting the performance of mission-critical

networks and applications.

Hardware

This security appliance offers Gigabit

Ethernet WAN and LAN interfaces, along with

four additional Gigabit interfaces that can be

configured for redundant WAN links or for

additional LAN or DMZ networks.

Reassembly-Free Deep Packet Inspection

Due to its unique design, the RFDPI engine

is not memory limited because it does not

“proxy” traffic, which frees up resources for

fast inspection of tens of thousands of simul-

taneous data streams of unlimited size. This

real-time inspection method can analyze

files and content going across any port in any

direction with extremely low latency, without

reassembling packets or application content

while still blocking malware. This design leads

to efficient and reliable high performance

inspection and an improved user experience.

Application Intelligence and Control

Application Intelligence and Control offers

granular application-level access controls to

manage bandwidth and prevent leaks of sensitive

or proprietary information.

Administrators can define policy-based

blocking or restrictions of specific applications,

such as bandwidth-intensive streaming audio,

video and peer-to-peer programs. This includes

the restriction of application specific file types

(e.g., EXE, PIF, SRC, VBS). In addition, outbound

transmissions can also be blocked based on

sensitive, proprietary or watermarked data.

Virtual Private Networking (VPN)

Advanced IPSec and SSL VPN connectivity

options provide secure, high-speed office-to-

office and individual remote user access. The

NetVanta 2830 has no restrictions on the number

of users on the LAN and can support up to 75

simultaneous site-to-site VPN tunnels with the

High Availability (HA) upgrade.

PortShield Port Security

This unit offers port-level security for flexible

protection from traffic on the WAN and devices

inside your network by easily grouping ports into

logical units.

Disaster Recovery

Automated failover and failback ensures contin-

uous uptime of VPN tunnels by diverting traffic

over alternate WAN connections in the event of

primary connection failure.

Configuration

Intuitive configuration wizards simplify even

the most complicated tasks, including VPN

set-up, NAT configuration and public server

configuration.

Management and Reporting

ViewPoint is an easy-to-use Web-based reporting

tool that fully complements the NetVanta UTM

appliance by providing insight into the health

of the network including both performance and

security. For additional management capabilities,

the Global Management System (GMS) provides

comprehensive management and reporting tools

for simplified configuration, enforcement and

management from a central location.

*U.S. Patent 7,310,815–A method and apparatus for data stream

analysis and blocking.

Product Features

■ Unified Threat Management

(UTM) security appliance

■ Uncompromising

performance

■ Reassembly-Free Deep

Packet Inspection™

■ Application Intelligence

and Control

■ Advanced IPSec and SSL

VPN

■ PortShield port-level security

■ Automated failover and

failback

■ Intuitive Web-GUI configura-

tion wizards

■ Viewpoint for Network

Health Reporting

■ Limited lifetime warranty

Interfaces

■ WAN: RJ-45 10/100/1000Base-T Ethernet interface

■ LAN: Five RJ-45 10/100/1000Base-T Ethernet interface

■ USB: Two USB 2.0 interfaces

■ Console: RJ-45 10/100Base-T Ethernet interface

Firewall

■ Nodes Supported: Unrestricted

■ UTM Throughput: 150 Mbps

■ Stateful Throughput: 775 Mbps

■ GAV Throughput: 160 Mbps

■ IPS Throughput: 275 Mbps

■ IMIX Throughput: 235 Mbps

■ Maximum Connections:

❍ 225,000

■ Maximum UTM Connections:

❍ 125,000

■ New Connections/Sec: 4,000

■ Denial of Service (DoS) protection

❍ 22 classes of DoS

❍ DDOS

❍ Scanning attacks

Virtual Private Network (VPN)

■ VPN Features:

❍ Dead Peer Detection

❍ DHCP over VPN

❍ IPSec NAT Traversal

❍ Redundant VPN Gateway

❍ Route-based VPN

■ 3DES/AES Throughput: 300 Mbps

■ Site-to-Site VPN Tunnels: 75

■ Encryption/Authentication/DH Group

❍ DES 128-bit encryption

❍ 3DES 192-bit encryption

❍ AES 256-bit encryption

❍ MD5/SHA1/DH Group 1, 2, 5, 14

■ Key Management

❍ Manual/Preshared

❍ IKE, IKE2 (ISAKMP/Oakley)

❍ PKI (X.509) Certificates

❍ L2TP over IPSec

■ Certificate Support

❍ Verisign

❍ Thawte

❍ Cybertrust

❍ RSA Keon

❍ Entrust

❍ Microsoft CA for NetVanta to NetVanta VPN

❍ SCEP

■ Global VPN Client

❍ Included Licenses: 2

❍ Maximum License: 25

❍ Microsoft Windows 2000, Windows XP,

Vista 32/64-bit, Windows 7

■ SSL VPN

❍ Included Licenses: 2

❍ Maximum License: 25

❍ Microsoft Windows 2000/XP/

Vista 32/64-bit/Windows 7

❍ Mac OSX 10.4+

❍ Linux FC3+/Ubuntu 7+/OpenSUSE

NetVanta 2830

Unified Threat Management

Security Services

■ Deep Packet Inspection Services

❍ Gateway Anti-Virus, Anti-Spyware

Intrusion Prevention, and Application Intelligence

and Control

■ Content Filtering Services (CFS)

❍ HTTP URL, HTTPS IP, keyword and content

scanning, ActiveX, Java Applet, and cookie

blocking

■ Enforced Client Anti-Virus and Anti-Spyware

❍ HTTP/S, SMTP, POP3, IMAP and FTP, Enforced

McAfee™ Client Email attachment blocking

Switching

■ VLAN Interfaces: 25

Network Address Translation

■ Basic NAT (1:1), NAPT (Many:1), and Port Translation,

Transparent mode

Protocols

■ IPv6 Ready

■ OSPF, RIP (v1 and v2), Static Routes

■ TCP/IP, UDP, ICMP, HTTP, HTTPS, IPSec, ISAKMP/IKE,

SNMP, DHCP, PPPoE, L2TP, PPTP, RADIUS, IEEE 802.3

Management and Monitoring

■ Local CLI, Web GUI (HTTP, HTTPS), SNMP v2

■ Global management with NetVanta GMS

Environment

■ Operating temperature: 40° to 105°F (5° to 40°C)

■ Relative humidity: 10 to 95%, non-condensing

Physical

■ Chassis: 1U, rack-mountable

■ Dimensions: 1.75” H, 17” W, 10.25” D

■ Weight: 8.05 lbs.

■ Power: 100-240 VAC, 50/60Hz, 42 W

■ Memory

❍ Flash: 512 MB Compact Flash

❍ RAM: 512 MB

Agency Approvals

■ FCC Class A, CES Class A, CE, C-Tick, VCCI,

Compliance MIC, UL, cUL, TUV/GS, CB, NOM, RoHS,

WEEE

Ordering Information

Equipment Part #

NetVanta 2830 & 1 Yr Threat Protection 1700238G1

NetVanta 2830 High Availability Unit 1700238G1#HA

NetVanta 2830 High Availability Unit Upgrde 1950238G1#HA

NetVanta 1 YR Continuous Threat Protection 1950238G1#Y1

NetVanta 2 YR Continuous Threat Protection 1950238G1#Y2

NetVanta 3 YR Continuous Threat Protection 1950238G1#Y3

ADTRAN, Inc.

Attn: Enterprise Networks

901 Explorer Boulevard

Huntsville, AL 35806

P.O. Box 140000

Huntsville, AL 35814-4000

256 963-8000 voice

256 963-8699 fax

General Information

800 9ADTRAN

info@adtran.com

www.adtran.com

Pre-Sales

Technical Support

800 615-1176 toll-free

application.engineer@adtran.com

www.adtran.com/support

Where to Buy

877 280-8416 toll-free

channel.sales@adtran.com

www.adtran.com/where2buy

Post-Sales

Technical Support

888 423-8726

support@adtran.com

www.adtran.com/support

ACES Installation &

Maintenance Service

888 874-ACES

aces@adtran.com

www.adtran.com/support

International Inquiries

256 963-8000 voice

256 963-6300 fax

international@adtran.com

www.adtran.com/international

For the regional office

nearest you, visit:

www.adtran.com/regional

61700238G1-8A November 2010

2010 ADTRAN, Inc.

ADTRAN is an ISO 9001, ISO 14001,

and a TL 9000 certified supplier.

ADTRAN believes the information in

this publication to be accurate as of

publication date, and is not responsi-

ble for error. Specifications subject to

change without notice. ADTRAN and

NetVanta are registered trademarks

of ADTRAN, Inc. and its affiliates in

the U.S. and certain other countries.

All other trademarks mentioned in

this document are the property of

their respective owners.

TL19.1270

Table of contents

Other ADTRAN Firewall manuals

ADTRAN

ADTRAN NetVanta 2730 User manual

ADTRAN

ADTRAN Advanta 2100 User manual

ADTRAN

ADTRAN NetVanta 2300 User manual

ADTRAN

ADTRAN 1202361L2 Manual

ADTRAN

ADTRAN NetVanta 2050 User manual

Popular Firewall manuals by other brands

D-Link

D-Link NetDefend DFL-260E manual

NETASQ

NETASQ U30 PRODUCT PRESENTATION AND INSTALLATION

SonicWALL

SonicWALL Email Security 7.0 8000 Getting started guide

D-Link

D-Link DFL-500 Quick install guide

ZyXEL Communications

ZyXEL Communications ZyWall quick start guide

3Com

3Com SECPATH U200-CS installation manual

Andrisoft

Andrisoft wanguard 6.2 user guide

Cisco

Cisco MX400 installation guide

Stonesoft

Stonesoft FW-105 series installation instructions

Fortinet

Fortinet FortiGate FortiGate-5001 quick start guide

PaloAlto Networks

PaloAlto Networks ION 1200 Series Hardware reference

Draytek

Draytek Vigor2960 Quick start quide

Cisco

Cisco 5505 - ASA Firewall Edition Bundle Hardware installation guide

Juniper

Juniper JSA7800 Hardware guide

Cisco

Cisco RV110W datasheet

Fortinet

Fortinet FortiDB-1000B quick start guide

Fortinet

Fortinet FortiGate-200 quick start guide

SonicWALL

SonicWALL Email Security 800 Getting started guide

ADTRAN NetVanta 2830 User manual

Popular Firewall manuals by other brands