Monday, February 06, 2012   
  Search  
 
 
Register  Login  
SSN » Network Appliances  
      

AG-series

The key features of AG-series includes P2P/IM management, dataflow optimization, all layer QoS, multi-link and load balancing, subscriber access authentication and authorization, with embedded security modules such as firewall, IPS, VPN, etc. Those highly integrated features are all policy based and provide our customers the best network efficiency and security with ease of management.

Featuring:

  • wirespeed NAT/NAPT
  • Multi-Link and Load Balance
  • Policy based, wirespeed Layer 2-7 Traffic Management, QoS
  • wirespeed Firewall, VPN, IPS, etc.
  • AAA, NAC, etc.
  • Policy based, wirespeed security control.
  • Policy based, subscriber-application bandwidth guarantee
  • Subnet based, VLAN based, IP based access and security policy

AceNet's Series
The AG-series, built by AceNet's proprietary SSPP(Service Session Policy Processor)provides wirespeed performance of DPI (deep packet inspection), stateful session control, Subscriber AAA and security, etc. These highly integrated features can provide the best network efficiency and security. The technology of the core chip, SSPPTM, can process up to 32Gbps dataflow with 250K new session connection rate and maximum latency of 0.022ns. With such a world class leading technology, AG-series was built to eliminate the bottleneck of Gigabit performance with simultaneous feature functioning that most of the vendor cannot overcome. The SSPPTM chip is the world's first leading all layer streaming based processor chip that equips with several major engine, such as L4-L7 DPI engine, all layer policy engine, stateful session engine, and traffic control engine to boost up the network efficiency for all layers. Those engines implies the ASIC based, wire-speed features of P2P traffic management, L7 QoS, all layer bandwidth/session management, link and server load balance, AAA, network access control, AAA, and security (firewall, IPS, DoS, etc.). Besides, the programmability of this chip also provides the future L7 application expansion, such as future P2P features or localized P2P application. Moreover, since the chip is performed in wire-speed, it is also so much capable of filtering certain low bandwidth application for processing, such as Instant Message(IM) management. Thus, AG-series are also capable of managing and recording voice, chat and file transfer of the IM application for further analysis.

Strengthen the network security in no time:

  • The SSPP chip of AG series can map the users/group and provides the detail policy programming.
  • Through the subscriber authentication and host management, the whole network, including topology and hosts are subject to security compliant right away.
  • Through the user behavior control and session control, AG series avoid the flooding of warms.
  • Through the intranetwork inspection, AG-series prevent attack from local hosts.
  • Through the traffic management of P2P and IPTV, the available bandwidth can be increased instantly.

Building the complete security network

AG-series support the combination of multi-functions to provide multi-layer security for the entire network. It also support multi working mode(transparent, router and NAT) to seamlessly be integrated into the original network topology. This ensures the security and manageability instantly and guarantees the return of investment. With AceReporter, the AG-series can be centrally managed. The report provides the analysis and log of the AG-series and network so that any irregular situation will be reported and prevented right away.

Multi-layered traffic control

The AG-series Optimize the network data flow with 3 major factor: bandwidth, QoS and concurrent session. Bandwidth and QoS, which is based on the L4-L7 DPI technology, are the major factors for optimizing the data flow. Where, concurrent session is based on the behavior to monitor and control to ensure the normal network condition. The Optimization is in fact based the combination of the following policies:

  • IP based policy with bandwidth, QoS and concurrent sessions.
  • Subnet based and subnet group based policy with bandwidth, QoS and concurrent sessions.
  • User/group based policy with bandwidth, QoS and concurrent sessions.
  • Schedule based policy with bandwidth, QoS and concurrent sessions.

IP based and subnet based management of the AG-series can control and optimize the traffic, such as the subnet of students in the school campus or a certain department of of a company. Meanwhile, the user based or group based policy control of the AG-series can execute the traffic policy for either single IP (or user) or a group which is not necessary to be in the same subnet. Such user based or group based policy control can further combine with authentication control, such as LDAP, RADIUS, or POP3 authentication. In addition, the schedule based policy control will apply the corresponding policy automatically according to the time or date. For example, 8am to 6pm (working hours) could apply a certain policy and the rest of the day could apply the other. Such schedule based policy apply different policies in different time zone to optimize the network efficiency according to the periodically network behavior.

The above multiple factors of the traffic control can effectively recognize the known application, detect the abnormal traffic and response to protect the network in real time. For the known application, bandwidth control and QoS can be applied. For the abnormal traffic or behavior, total session limit or burst bandwidth control can be applied to guarantee the network quality.

AceNet's DPI technology:
The DPI module of AceNet's SSPP chip includes the analysis and control of application layer. The analysis function will distinguish the application of the packets to apply the corresponding policy by the execution module. The following graph shows the DPI module distinguish the P2P download application (such as Bit Torrent, eMule, etc.), instant message and P2P streaming playback (e.g. PPlive) and apply the configured policy by execution module, such as blocking the P2P download, allowing instant messages, or bandwidth control of P2P streaming playback.


Wirespeed link load balance:
The network optimization of AG-series also includes the multi-link (or multi-ISP) traffic load balance which of course supports the multi WAN access for different ISP or expansion of bandwidth. Both Multi-link load balance and P2P traffic optimization can be applied simultaneously in the AG-series.

Wirespeed stateful firewall:
In addition to the application traffic management mentioned above, AG-series also has the wirespeed stateful firewall embedded to guarantee the network security when any few or all of the above high performance features are active simultaneously.

The deployment of AceNet AG-series
AG series is used to deploy in the exit (gateway) or key position of a network topology to optimize the network efficiency through of the combination of the above managements effectively.


AG-series support transparent mode, router mode and NAT mode. Those modes can function independently for different WAN link if there is multiple link. Applying transparent mode will never impact to the network topology. Network efficiency optimization and combinational management can be seamlessly integrated into the current network without changing any network topology. The AG-series manage and optimize the network traffic in real time by the configured policy.

  • Traffic management(e.g. P2P) of subnet or users
  • Traffic behavior analysis and security control
  • Traffic log and analysis
  • Session based network access record
  • Multi-link load balance

   
 Print   
 
 
Terms Of Use   Privacy Statement  
Copyright 2008 by V-Series International Sdn Bhd  
Downloaded from DNNSkins.com