Download AUROREAN™ POLICY SERVER 7000 AND 3000 SERIES Data Sheet

AUROREAN™ POLICY SERVER 7000 AND 3000 SERIES
•
Policy management
—
•
Ensures high availability for mobile users, telecommuters and site-to-site connections
Initiates fail-over to an alternative server in the event of hardware failure or service
unavailability
TollSaver™
—
—
Flexible VPN Management
Controls authentication requests, runtime monitoring and remote troubleshooting
Authenticates clients and servers against the embedded database, any standard
RADIUS server or through SecurID® ACE/Server®
AutoLink recovery™
—
—
•
Execute network management operations from anywhere in the enterprise VPN
Operational control
—
—
•
Enables monitoring of the global virtual network from a network operations center
Provides active reporting on clients and servers with standards-based MIB II and a
private VPN MIB
Remote administration
—
•
Controls user and group-based management of connection policies, ISP choices,
network privileges, and security parameters
Centralized monitoring
—
—
•
Data Sheet
Simplifies network access and automatically selects optimum ISP connection
Reduces administrative requirements by regularly updating POP database
Total Control for the Enterprise VPN
The Aurorean Policy Server is the nucleus of the virtual network management architecture. A scalable platform
Enterasys’ Aurorean Policy Server
enables both centralized and
remote management of enterprise
developed uniquely for global VPN management, the Aurorean Policy Server provides centralized authentication,
policy-based access control, configuration management, fault management and performance optimization for the
enterprise VPN.
VPNs.
The central authority for administering, maintaining and controlling user and group profiles, the Aurorean Policy
Server defines dialing characteristics, access rights, administrative elements, security settings, cost policies and
system-wide VPN parameters. Policies are checked and updated during every VPN session, then locked down
and enforced in the VPN client.
Aurorean Policy Server can be securely administered from anywhere on the virtual network. Web-based
configuration and SNMP monitoring agents allow for centralized management of distributed nodes.
Detailed reports and analysis tools enable the network administrator to optimize VPN use by monitoring
tunnel performance, availability, utilization and cost. Administrators can drill down to the individual user
session or distributed Network Gateway, and analyze overall usage trends from the entire VPN. System level
redundancy combined with AutoLink Recovery technology provide high availability across the virtual network.
Access Control/Policy Management
Hardware Platform
User and group level profiles
ISP choice, ISP prioritization, custom ISP weightings, manual
dial-up override, 800-number usage, protocol choice
(IPSEC v. PPTP), password handling
Group-based NAT / Firewall Traversal for IPSEC
Encryption
800 MHz processor (APS-7000); 566 MHz processor (APS3000),
128 MB RAM (APS-7000); 64 MB RAM (APS-3000)
10/100Base-T Ethernet LAN port
CDROM drive
Floppy disk drive
90-135, 180-265 VAC (40/63 Hz) AC voltage and frequency
(auto-switching)
125W DC power supply
1U rack-mount chassis
— 4.3 cm (1.7") x 41.5 cm (16.35") x 55.9 cm (22")
— 10.4 kg (23 lbs)
Ambient Temperature: 10° to 25° C (50° to 77° F)
Non-operating Humidity: 95%, non-condensing at 35° C (95° F)
PPTP: Microsoft Point-to-Point Encryption (MPPE), 40- or
128-bit
IPSEC: ARCFOUR 40- or 128-bit; DES (56-bit), Triple-DES
(168-bit)
Safety: UL 1950, CSA 22.2, CE TUV/GS to EN60950
EMC: FCC 47 CFR Parts 2 and 15 Class A, EMC, VCCI Class
A ITE, CISPR 22 Class A
Authentication Services
Aurorean User List (MS-CHAP)
Two factor authentication (token card, etc)
Any standard RADIUS server*
*RADIUS compatibility includes Microsoft’s NT Domain, Novell’s
BorderManager™ Enterprise Edition 3, RSA’s SecurID® (ACE/Server)®, and
Axent’s Defender.
Regulatory Compliance
Key Management
Internet Key Exchange (IKE)
MPPE
IP Client Address Allocation
ORDERING INFORMATION
Policy-based dynamic address pools (local subnet or virtual
network)
Static user addressing
RADIUS server allocation
APS-7000
Aurorean 7000 Policy Server
APS-3000
Aurorean 3000 Policy Server
Management Databases
TollSaver – telephone rate tables, ISP POP phone number
lists, calling area information, corporate remote access
server phone number lists
Prescriber™ – diagnostic scripts database
Configuration parameters – users, groups, policies and profiles
Connection statistics – usage, performance and error logging
Management Reports
VPN Usage (users logged in, tunnel server activity, session
duration, user and server traffic loads)
Failure Summary (alarms, alerts and problem notifications)
Performance Summary (overall VPN utilization, server
throughput)
Log files for creating customized reports of system events
and messages
Detailed accounting and authentication data to RADIUS server
High Availability
Automatic tunnel fail-over to alternate policy server
Embedded Watchdog Timer for auto-restart of database
processes and auto-server reboot
SNMP Monitoring
Aurorean, Prescriber and TollSaver are
trademarks or registered trademarks of
Enterasys Networks, a Cabletron
Systems Company. All other products
or services mentioned are identified by
the trademarks or service marks of their
respective companies or organizations.
SecurID and ACE/Server are registered
trademarks of RSA Security, Inc.
BorderManager is a trademark of Novell
NOTE: Enterasys Networks reserves
the right to change specifications
without notice. Please contact your
representative to confirm current
specifications.
Standard MIB II support
VPN MIB for monitoring user events, authentication
attempts, process events, system status
Compatible with standard network management applications
Policy Server System Capacity
40,000 authentication requests/hour for APS-7000
20,000 authentication requests/hour for APS-3000
© 2001 Enterasys Networks, Inc. All rights reserved.
Lit. #9012180-1 3/01
enterasys.com