Layer 2 Tunneling Protocol
Layer 2 Tunneling ProtocolLayer 2 Tunneling Protocol
Layer 2 Tunneling Protocol
(L2TP): an industry standard-based traffic encapsulation mechanism supported by many common
operating systems such as Windows® XP and Windows Vista®; will tunnel the Point-to-Point Protocol (PPP) traffic over the IP
and non-IP networks; may use the IP/UDP transport mechanism in IP networks
Generic Routing Encapsulation
Generic Routing EncapsulationGeneric Routing Encapsulation
Generic Routing Encapsulation
(GRE): can be used to transport Layer 2 connectivity over a Layer 3 path in a secured way;
enables the segregation of traffic from site to site
Manual or automatic Internet Key Exchange
Manual or automatic Internet Key ExchangeManual or automatic Internet Key Exchange
Manual or automatic Internet Key Exchange
(IKE): provides both manual or automatic key exchange required for the
algorithms used in encryption or authentication; auto-IKE allows automated management of the public key exchange,
providing the highest levels of encryption
Management
ManagementManagement
Management
Secure Web GUI
Secure Web GUISecure Web GUI
Secure Web GUI
: provides a secure, easy-to-use graphical interface for configuring the module via HTTPS
Command-line interface
Command-line interfaceCommand-line interface
Command-line interface
(CLI): provides a secure, easy-to-use command-line interface for configuring the module via SSH or
a switch console; provides direct real-time session visibility
SNMPv1, v2c, and v3
SNMPv1, v2c, and v3SNMPv1, v2c, and v3
SNMPv1, v2c, and v3
: facilitate centralized discovery, monitoring, and secure management of networking devices
Complete session logging
Complete session loggingComplete session logging
Complete session logging
: provides detailed information for problem identification and resolution
Manager and operator privilege levels
Manager and operator privilege levelsManager and operator privilege levels
Manager and operator privilege levels
: enable read-only (operator) and read/write (manager) access on CLI and Web
browser management interfaces
Remote monitoring
Remote monitoringRemote monitoring
Remote monitoring
(RMON): uses standard SNMP to monitor essential network functions; supports events, alarm, history, and
statistics group plus a private alarm extension group
FTP, TFTP, and SFTP support
FTP, TFTP, and SFTP supportFTP, TFTP, and SFTP support
FTP, TFTP, and SFTP support
: FTP allows bidirectional transfers over a TCP/IP network and is used for configuration updates;
Trivial FTP is a simpler method using User Datagram Protocol (UDP)
Layer 3 routing
Layer 3 routingLayer 3 routing
Layer 3 routing
Static IP routing
Static IP routingStatic IP routing
Static IP routing
: provides manually configured routing; includes ECMP capability
Routing Information Protocol
Routing Information ProtocolRouting Information Protocol
Routing Information Protocol
(RIP): provides RIPv1 and RIPv2 routing
OSPF
OSPFOSPF
OSPF
: includes host-based ECMP to provide link redundancy/scalable bandwidth and NSSA
Border Gateway Protocol 4
Border Gateway Protocol 4Border Gateway Protocol 4
Border Gateway Protocol 4
(BGP-4): Exterior Gateway Protocol (EGP) with path vector protocol uses TCP for enhanced
reliability for the route discovery process, reduces bandwidth consumption by advertising only incremental updates, and
supports extensive policies for increased flexibility, as well as scales to very large networks
Dual IP stack
Dual IP stackDual IP stack
Dual IP stack
: maintains separate stacks for IPv4 and IPv6 to ease transition from an IPv4-only network to an IPv6-only
network design
Policy routing
Policy routingPolicy routing
Policy routing
: allows custom filters for increased performance and security; supports ACLs, IP prefix, AS paths, community
lists, and aggregate policies
Layer 3 IPv6 routing
Layer 3 IPv6 routingLayer 3 IPv6 routing
Layer 3 IPv6 routing
: provides routing of IPv6 at media speed; supports static routes, RIPng, OSPFv3, BGP+,policy route and
PIM-SM/DM
Security
SecuritySecurity
Security
Defense against attacks
Defense against attacksDefense against attacks
Defense against attacks
: Firewall provides defense against various attacks, such as DoS/DDoS, ARP spoofing, large ICMP
packet, address/port scanning, Tracert, IP packets with the Record Route option, static and dynamic blacklists. It also supports
binding of MAC address and IP address, and supports intelligent defense of worm viruses.
Application layer content filtering
Application layer content filteringApplication layer content filtering
Application layer content filtering
: Firewall supports mail filtering, based on SMTP mail address, titles, attachments, and
contents; supports Web page filtering including HTTP URL and content filtering.
Multiple security authentication services
Multiple security authentication servicesMultiple security authentication services
Multiple security authentication services
: Firewall supports RADIUS and HWTACACS authentications, certificate-based (x.509
format) PKI/CA authentication, supports user identity management (different users own different rights to execute commands),
supports levels of user views (users of different levels have different management rights).
Centralized management and auditing
Centralized management and auditingCentralized management and auditing
Centralized management and auditing
:
Firewall provides logging, traffic statistics and
analysis, events monitoring and statistics, and mail
notification of alarms.
QuickSpecs
HP 7500 Advanced VPN Firewall Module
HP 7500 Advanced VPN Firewall ModuleHP 7500 Advanced VPN Firewall Module
HP 7500 Advanced VPN Firewall Module
Overview
DA - 14299 Worldwide — Version 1 — March 26, 2012
Page 2
To Next Page
Loading...
