SlideShare una empresa de Scribd logo

Netaxess - Technical document for sify

N
navancnx200
1 de 30
Descargar para leer sin conexión
Technical document for ISP First of all we would like to thanks you for giving us opportunity to test our product more, I am just briefing you what more we have on the product and how you can use the same for various application .for various Indian telecom operator we have developed special feature Like VRRP and IPSEC and GRE and VLAN, content-filtering (domain filtering and URL filtering and again we have developed concept for failover based on keep alive. I am briefing you just about telexcell what we used to do and how old we are?? In one sentence what we can say we mainly used to work with ISP and always prefer the case also to route through ISP. Again we have already experience of working with Various ISP, so we have experience of support and services what ISP used to hope and again . “We align technology to business goals. That's the solution, not the technology itself " Mahendra Lalwani | MD TelExcell Information Systems Ltd. is one of the leading Value Added Distributor with track record of launching industries most innovative wireless, access control, security and networking products. We are one of the pioneers to introduce Networking and Communication Products in the country. TelExcell main focus is Wireless & Security, which is implied in all of our innovative and often unique leading solutions which meet the common and specialist requirements of customers. Where possible TelExcell have a direct relationship with manufacturers, avoiding many of the issues that can occur if a distribution company is used. The direct relationship ensures the highest quality logistics, technical knowledge and technical support across the entire sales cycle. TelExcell reviews the security environment as a whole and advises organizations on the best practices and applications to meet legal and company obligations. It constantly reviews new technologies to satisfy the emerging customer requirements. We have the best choice of voice and data solutions available to successfully excel your business. TelExcell are renowned for introducing unique and emerging technologies into India. We are one of the pioneers in introducing Networking and Communication Products in the country starting our operations way back in 1993.
Our business is focused on three solutions areas: ------------------------------------------------------------------------------------------------------------ ---------------------------------------------------------------------------- Communications TelExcell installs, and maintains communications solutions, such as the latest in unified communications, contact center, network security, wireless, IP & traditional telephony, and more. We offer a complete services portfolio, including system maintenance plans and remote monitoring services. Infrastructure TelExcell provides planning, installation, and maintenance services for all types of data infrastructures from structured cabling to wireless networks to CATV, and the latest in integrated networking solutions such as routers, switches, and security applications. Products Telexcell’ portfolio includes all the key technologies required to build today’s high performance networks including: Switching IP Telephony Routing Unified Communications Wireless Mobility Access Network Security RF Connectivity Access Storage
Coming to product overview I am just listing down the application where we can do the same and again brief overview of what we used to support and how can we use the same to design the solution 1. IPSEC site to site application
WAN WAN Internet LAN LAN ` ` ` Brief about IPSec VPN Settings are settings that are used to create virtual private tunnels to remote VPN gateways. The tunnel technology supports data confidentiality, data origin authentication and data integrity of network information by utilizing encapsulation protocols, encryption algorithms, and hashing algorithms. • VPN enable item VPN protects network information from ill network inspectors. But it greatly degrades network throughput. Enable it when you really need a security tunnel. It is disabled for default. • Max. Number of tunnels item Since VPN greatly degrades network throughput, the allowable maximum number of tunnels is limited. Be careful to set the value for allowing the number of tunnels can be created simultaneously. Its value ranges from 1 to 80. • Tunnel name Indicate which tunnel that is focused now. • Method IPSec VPN supports two kinds of key-obtained methods: manual key and automatic key exchange. Manual key approach indicates that two end VPN gateways setup authenticator and encryption key by system managers manually. However, IKE approach will perform automatic Internet key exchange. System managers of both end gateways only need set the same pre-shared key. Function of Buttons More... To setup detailer configuration for manual key or IKE approaches by clicking the "More" button. IPSEC consist of two phase 1. IKE Phase I: the parameter are used to encrypted the Key and to start the communication between two site and again that key does not get decrypted by any
third party , we used to configure how encrypted and which method we need to follow for authentication etc 2. IKE Phase II The parameter which we used to configure is used to encrypt the data. To create a IPSec tunnel between two location both IKE 1 and Ike II phase need to be same on both side. Configuration parameter a. b.
c. 2. As IPsec server( Access-server )
chennai HYd Ipsec client Ipsec client software software WAN Bangalore NA-3G-VWR NA-3G-VWR delhi WAN Internet LAN LAN IPSEC server ` Ipsec client software ` Jaipur ` For retail segment we can use netaxcess router and then we can configure the same as IPsec server and mean dynamic access server and for remote site we can use same netaxcess boxes or we can ask customer to use IPSEC client software for the same to reduce the CAPEX and OPEX.
Configuration detail for access server 2.
3. For customer having at central side firewall and behind that mapped private ip addressed on IPSec server for security purpose. As customer like Bank normally what they used to do they used to IPSec devices behind firewall and again from firewall to IPSec server that used to map public ip address to private ip address for security reason. As in this case normally for remote site used to have user between 20 to 30, so for that kind of customer we can use Netaxcess router to reduce the cost and we can at remote site. delhi WAN Bangalore 192.168.1.177 203.110.80. NA-3G-VWR Cisco router 67 switch 192.168.1.1 firewall 115.80.x.x WAN Internet 192.168.123.25 4 IPSEC server LAN LAN 192.168.8.1 On firewall customer used to map 203.110.84.69 to 192.168.1.177 ` ` 192.168.8.2 192.168.8.3 192.168.8.4 ` Configuration detail On netaxcess router
On Cisco router Current configuration : 4084 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname yourname ! boot-start-marker boot system flash c1841-advipservicesk9-mz.124-13b.bin boot-end-marker ! logging buffered 51200 warnings enable password cisco ! no aaa new-model ip cef ! ! no ip dhcp use vrf connected ip dhcp excluded-address 192.168.8.1 192.168.8.9 ip dhcp excluded-address 192.168.8.101 192.168.8.254
! ip dhcp pool ccp-pool1 network 192.168.8.0 255.255.255.0 domain-name cisco.com default-router 192.168.8.1 ! ! ip domain name yourdomain.com ip name-server 4.2.2.2 ip name-server 8.8.8.8 ! ! ! username cisco123 privilege 15 secret 5 $1$6DW6$G6JVPN9Uqyoo6/vddSGzL. ! ! ! ! crypto isakmp policy 1 encr 3des hash md5 authentication pre-share group 2 crypto isakmp key cisco123 address 0.0.0.0 0.0.0.0 crypto isakmp keepalive 10 ! ! crypto ipsec transform-set ankit esp-3des esp-md5-hmac ! crypto dynamic-map dynamic 11 set security-association lifetime seconds 28800 set transform-set ankit set pfs group2 match address 103 ! ! crypto map remotesite 11 ipsec-isakmp dynamic dynamic ! ! ! interface FastEthernet0/0 description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$ ip address 192.168.1.177 255.255.255.0 duplex auto speed auto crypto map remotesite
! interface FastEthernet0/1 description $ES_LAN$ ip address 192.168.8.1 255.255.255.0 ip nat inside ip virtual-reassembly duplex auto speed auto no keepalive ! ip route 0.0.0.0 0.0.0.0 192.168.1.1 ! ! ip http server ip http access-class 23 ip http authentication local no ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ip nat inside source list 101 interface FastEthernet0/0 overload ! access-list 101 deny ip 192.168.8.0 0.0.0.255 192.168.0.0 0.0.255.255 access-list 101 permit ip 192.168.8.0 0.0.0.255 any access-list 103 permit ip 192.168.8.0 0.0.0.255 192.168.0.0 0.0.255.255 access-list 103 deny ip 192.168.8.0 0.0.0.255 any no cdp run ! ! ! ! control-plane ! ! banner exec ^C % Password expiration warning. ----------------------------------------------------------------------- Cisco Configuration Professional (Cisco CP) is installed on this device and it provides the default username "cisco" for one-time use. If you have already used the username "cisco" to login to the router and your IOS image supports the "one-time" user option, then this username has already expired. You will not be able to login to the router with this username after you exit this session. It is strongly suggested that you create a new username with a privilege level of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword> Replace <myuser> and <mypassword> with the username and password you want to use. ----------------------------------------------------------------------- ^C banner login ^C ----------------------------------------------------------------------- Cisco Configuration Professional (Cisco CP) is installed on this device. This feature requires the one-time use of the username "cisco" with the password "cisco". These default credentials have a privilege level of 15. YOU MUST USE CISCO CP or the CISCO IOS CLI TO CHANGE THESE PUBLICLY-KNOWN CREDENTIALS Here are the Cisco IOS commands. username <myuser> privilege 15 secret 0 <mypassword> no username cisco Replace <myuser> and <mypassword> with the username and password you want to use. IF YOU DO NOT CHANGE THE PUBLICLY-KNOWN CREDENTIALS, YOU WILL NOT BE ABLE TO LOG INTO THE DEVICE AGAIN AFTER YOU HAVE LOGGED OFF. For more information about Cisco CP please follow the instructions in the QUICK START GUIDE for your router or go to http://www.cisco.com/go/ciscocp ----------------------------------------------------------------------- ^C ! line con 0 login local line aux 0 line vty 0 4 privilege level 15 password cisco login transport input telnet line vty 5 15 access-class 23 in privilege level 15 login local
transport input telnet ! scheduler allocate 20000 1000 end yourname# 4. GRE solution based for site to site and again for hub and Spoke location
5. Solution Based on L2TP and PPTP We used for this protocol to design solution who does not used to make so much expense and again they do not want separate client software and want to use window Xp VPN client to connect
L2TP Client using XP client software HYD L2TP Tunnel L2TP client delhi Internet WAN LNS server Bangalore NA-3G-VWR NA-3G-VWR L2TP tunnel/PPTP 203.110.80. 115.80.x.x 67 WAN 192.168.123.25 4 LAN LAN 192.168.8.1 L2TP Tunnel L2TP client ` using XP or vista or 7 ` 192.168.8.2 Jaipur 192.168.8.3 192.168.8.4 ` 6. For backup solution where Cisco router or any other router is their. Let say customer is having Cisco router or any router and have terminated bandwidth on Ethernet or E1 and in that case let say his link got some problem then all his services will going to be get affected and many time what happen customer cannot afford ISDN as backup and cost and again NT1 boxes cost too much and again it cost to much on him and again many time what happen ISP does not used to have feasibility and he cannot provide ISDN connectivity and in that case we can use 3 G technology as hardware cost is less than ISDN and again cost of charges of 3 G is also less then ISDN and again customer is going to get hardware level redundancy also .
In above case let say E1 or Ethernet used to get down then all traffic will automatically going to be route through 3 G router. We used to support VRRP on our router, so using that functionality we can make the thing workable.
7.let say customer want to terminated VSAT or Ethernet link on same router and want to use 3 G technology as backup , for failover we have developed a special feature for Failover and again these failover is based on keep alive and as what used to happen in normal case Ethernet port does not used to get down and but let say there is problem in network or fiber cut or any thing , for these type of scenario to over come with these what we can do we can configure any ip address on router so that it can ping on regular interval and so if router will not get ping response through Ethernet path and it will dial 3 G backup and then it will connect and get connect and so all traffic will move through 3 G.
3G wireless CDMA Internet Backup NA-3G-VWR 203.110.80. 67 primary WAN ethernet LAN 192.168.8.1 l ` 192.168.8.2 192.168.8.3 192.168.8.4
3G wireless CDMA VSAT DISH Internet Backup NA-3G-VWR 203.110.80. 67 primary WAN ethernet LAN 192.168.8.1 l ` 192.168.8.2 192.168.8.3 192.168.8.4
For ATM Connectivity The following security is built in the proposed solution for ISP using CDMA technology as ISP used to have LNS and AAA in network, so we can use the infrastructure to design the solution. The LNS also acts like a firewall and basic firewall policies can be defined in the LNS. The Remote Terminal communicates directly with the Host in an IP call through the Customer Firewall and their router. The Access Control List (ACL) is setup in the Bank router and adds to the security. The AN-AAA user id and AN-AAA password gets authenticated at the AN-AAA to assign UATI to the AT. UATI is Unicast Access Terminal Identifier that uniquely identifies the AT during data call.
PPP user id and PPP password gets authenticated at PDSN to assign IP to the AT and also subnet locking is implemented to avoid misutilization of EVDO HSD+ network. Since the communication is using IP addresses, there is no need for TPDU handling. Different type of Authentications in 3 G technology which customer can 1) IS 856 air interface Authentication. 2) IS 856 RAN Authentication (performed by RAN) 3) ISP Authentication (between the user and PDSN) 4) Home Agent Authentication (between the user and home agent) IS 856 Air Interface Authentication Air Interface Authentication eliminates the need to perform authentication with the AAA servers (i.e., Access Authentication) every time the AT opens a connection. It works as follows: Perform ephemeral session key establishment-- Diffie-Hellman algorithm is used for session key exchange. Authenticate the Access Atempts—The AT signs the access channel packets to prove it is the true owner of the session. SHA-1 is applied to the AC packet, the authentication key and a time stamp to generate the signature. IS 856 RAN Authentication
IS 856 RAN Authentication is also called as AN-AAA Authentication. In the AN-AAA authentication AN-AAA credentials (i.e., AN-AAA username and AN-AAA password) has to be configured both in the AT and AN-AAA. When ever the AT wants to establish session, AN-AAA requests for username and password. AN-AAA authenticates the username and password by using CHAP algorithm and AN-AAA returns the IMSI that has been configured against the username and password. ISP Authentication ISP Authentication is also called as PPP Authentication. PDSN Authenticates the AT before going to assign IP to the User. Home Agent Authentication The HA Authenticates the registration request using the Mobile Number-Home agent shared key. The following figure shows the Broadband+ Authentications all together. Hardware ID Authentication Hardware ID Authentication is based on ESN/MEID of the device. Hardware ID is unique to the user device so this type of Authentication is useful in avoiding the cloning problems. End-to-End Security True data protection should be implemented from data owner to data owner (for example a remote access employee computer to employer’s server.) A Broadband+ 1xRTT network protects data over the air, but once outside the carrier’s network, public information network systems (i.e. the internet) carry data unprotected. Broadband+ 1xRTT security should be complemented with a VPN security protocol for true data protection. Qualcomm’s MSM software provides direct support for SSL. VPN software support is available for both laptops and PDAs.
Now let say BANK have taken Already VSAT Link for ATM connectivity for Backup purpose we can propose 3 G technology and in this way we can achieve 99.9 % uptime.
8. For customer who wants to block specify web site and want to block based on content or word we can use netaxcess router for the same. a. Domain Filter let you prevent users under this device from accessing specific URLs. b. URL Blocking will block LAN computers to connect to pre-define Web. c. Packet filtering is also their, so we can communication not to happen between A and B computer.

Recomendados

Netaxcess na 3 g-mpvn
Netaxcess na 3 g-mpvnNetaxcess na 3 g-mpvn
Netaxcess na 3 g-mpvn
navancnx200
 
tplink manual best
tplink manual best tplink manual best
tplink manual best
bhandaridaka
 
Globesurferx.1 (Quantum-Wireless.com)
Globesurferx.1 (Quantum-Wireless.com)Globesurferx.1 (Quantum-Wireless.com)
Globesurferx.1 (Quantum-Wireless.com)
Ari Zoldan
 
Wireless LAN Security, Policy, and Deployment Best Practices
Wireless LAN Security, Policy, and Deployment Best PracticesWireless LAN Security, Policy, and Deployment Best Practices
Wireless LAN Security, Policy, and Deployment Best Practices
Cisco Mobility
 
Introduction to Small Business Server 2003 Part 2
Introduction to Small Business Server 2003 Part 2Introduction to Small Business Server 2003 Part 2
Introduction to Small Business Server 2003 Part 2
Robert Crane
 
Wireless LAN Design and Deployment of Rich Media Networks
Wireless LAN Design and Deployment of Rich Media NetworksWireless LAN Design and Deployment of Rich Media Networks
Wireless LAN Design and Deployment of Rich Media Networks
Cisco Mobility
 
Understanding CleanAir Technology to improve enterprise WLAN spectrum management
Understanding CleanAir Technology to improve enterprise WLAN spectrum managementUnderstanding CleanAir Technology to improve enterprise WLAN spectrum management
Understanding CleanAir Technology to improve enterprise WLAN spectrum management
Cisco Mobility
 
Deploying the Cisco Mobility Services Engine for Advanced Wireless Services
Deploying the Cisco Mobility Services Engine for Advanced Wireless ServicesDeploying the Cisco Mobility Services Engine for Advanced Wireless Services
Deploying the Cisco Mobility Services Engine for Advanced Wireless Services
Cisco Mobility
 

Recomendados

Netaxcess na 3 g-mpvn
Netaxcess na 3 g-mpvnNetaxcess na 3 g-mpvn
Netaxcess na 3 g-mpvn
navancnx200
 
tplink manual best
tplink manual best tplink manual best
tplink manual best
bhandaridaka
 
Globesurferx.1 (Quantum-Wireless.com)
Globesurferx.1 (Quantum-Wireless.com)Globesurferx.1 (Quantum-Wireless.com)
Globesurferx.1 (Quantum-Wireless.com)
Ari Zoldan
 
Wireless LAN Security, Policy, and Deployment Best Practices
Wireless LAN Security, Policy, and Deployment Best PracticesWireless LAN Security, Policy, and Deployment Best Practices
Wireless LAN Security, Policy, and Deployment Best Practices
Cisco Mobility
 
Introduction to Small Business Server 2003 Part 2
Introduction to Small Business Server 2003 Part 2Introduction to Small Business Server 2003 Part 2
Introduction to Small Business Server 2003 Part 2
Robert Crane
 
Wireless LAN Design and Deployment of Rich Media Networks
Wireless LAN Design and Deployment of Rich Media NetworksWireless LAN Design and Deployment of Rich Media Networks
Wireless LAN Design and Deployment of Rich Media Networks
Cisco Mobility
 
Understanding CleanAir Technology to improve enterprise WLAN spectrum management
Understanding CleanAir Technology to improve enterprise WLAN spectrum managementUnderstanding CleanAir Technology to improve enterprise WLAN spectrum management
Understanding CleanAir Technology to improve enterprise WLAN spectrum management
Cisco Mobility
 
Deploying the Cisco Mobility Services Engine for Advanced Wireless Services
Deploying the Cisco Mobility Services Engine for Advanced Wireless ServicesDeploying the Cisco Mobility Services Engine for Advanced Wireless Services
Deploying the Cisco Mobility Services Engine for Advanced Wireless Services
Cisco Mobility
 
Symmetry SSI5200 (quantumwimax.com)
Symmetry SSI5200 (quantumwimax.com)Symmetry SSI5200 (quantumwimax.com)
Symmetry SSI5200 (quantumwimax.com)
Ari Zoldan
 
Fixed IP Data Sims
Fixed IP Data SimsFixed IP Data Sims
Fixed IP Data Sims
3gnetworks
 
Alcatellucentsdn2013
Alcatellucentsdn2013Alcatellucentsdn2013
Alcatellucentsdn2013
deepersnet
 
Vpn setup guide
Vpn setup guideVpn setup guide
Vpn setup guide
AClarida
 
Tranzeo EL-900 Outdoor AP/ Router/ Bridge (quantumwimax.com)
Tranzeo EL-900 Outdoor AP/ Router/ Bridge (quantumwimax.com)Tranzeo EL-900 Outdoor AP/ Router/ Bridge (quantumwimax.com)
Tranzeo EL-900 Outdoor AP/ Router/ Bridge (quantumwimax.com)
Ari Zoldan
 
Ericsson Connected Home Solution
Ericsson Connected Home SolutionEricsson Connected Home Solution
Ericsson Connected Home Solution
Ericsson France
 
Network Configuration Example: Configuring VPLS Pseudowires on MX Series Devi...
Network Configuration Example: Configuring VPLS Pseudowires on MX Series Devi...Network Configuration Example: Configuring VPLS Pseudowires on MX Series Devi...
Network Configuration Example: Configuring VPLS Pseudowires on MX Series Devi...
Juniper Networks
 
resume_sanjay_parmar
resume_sanjay_parmarresume_sanjay_parmar
resume_sanjay_parmar
Sanjay parmar
 
Understanding senetas layer 2 encryption
Understanding senetas layer 2 encryptionUnderstanding senetas layer 2 encryption
Understanding senetas layer 2 encryption
Senetas
 
Setup NanoStation M2 (NSM2) in AP WDS mode (Access Point with WDS) for Wi-Fi ...
Setup NanoStation M2 (NSM2) in AP WDS mode (Access Point with WDS) for Wi-Fi ...Setup NanoStation M2 (NSM2) in AP WDS mode (Access Point with WDS) for Wi-Fi ...
Setup NanoStation M2 (NSM2) in AP WDS mode (Access Point with WDS) for Wi-Fi ...
Tũi Wichets
 
Telesemana webinar enero 22 2013
Telesemana webinar enero 22 2013Telesemana webinar enero 22 2013
Telesemana webinar enero 22 2013
Rafael Junquera
 
PPT
PPTPPT
PPT
Videoguy
 
Ip tunneling and vpns
Ip tunneling and vpnsIp tunneling and vpns
Ip tunneling and vpns
DAVID RAUDALES
 
Ranks ITT Profile Presentation
Ranks ITT Profile PresentationRanks ITT Profile Presentation
Ranks ITT Profile Presentation
Rubaiath Rahman
 
1ip Tunneling And Vpn Technologies 101220042129 Phpapp01
1ip Tunneling And Vpn Technologies 101220042129 Phpapp011ip Tunneling And Vpn Technologies 101220042129 Phpapp01
1ip Tunneling And Vpn Technologies 101220042129 Phpapp01
Hussein Elmenshawy
 
Hybrid fiber powerline communicatiion (hfpc)
Hybrid fiber powerline communicatiion (hfpc)Hybrid fiber powerline communicatiion (hfpc)
Hybrid fiber powerline communicatiion (hfpc)
Broto Santoso
 
How–To setup Wi-Fi Client Router Mode as [CPE] connect to [WISP AP] & Using E...
How–To setup Wi-Fi Client Router Mode as [CPE] connect to [WISP AP] & Using E...How–To setup Wi-Fi Client Router Mode as [CPE] connect to [WISP AP] & Using E...
How–To setup Wi-Fi Client Router Mode as [CPE] connect to [WISP AP] & Using E...
Tũi Wichets
 
Wan and VPN Solutions
Wan and VPN SolutionsWan and VPN Solutions
Wan and VPN Solutions
XO Communications
 
Widhop product datasheet
Widhop product datasheetWidhop product datasheet
Widhop product datasheet
Ercole Rovida
 
Ixia anue maximum roi from your existing toolsets
Ixia anue maximum roi from your existing toolsetsIxia anue maximum roi from your existing toolsets
Ixia anue maximum roi from your existing toolsets
responsedatacomms
 
Vpn rsvp
Vpn rsvpVpn rsvp
Vpn rsvp
Swarup Kumar Mall
 
IRJET- A Survey of Working on Virtual Private Networks
IRJET- A Survey of Working on Virtual Private NetworksIRJET- A Survey of Working on Virtual Private Networks
IRJET- A Survey of Working on Virtual Private Networks
IRJET Journal
 

Más contenido relacionado

La actualidad más candente

Symmetry SSI5200 (quantumwimax.com)
Symmetry SSI5200 (quantumwimax.com)Symmetry SSI5200 (quantumwimax.com)
Symmetry SSI5200 (quantumwimax.com)
Ari Zoldan
 
Vpn setup guide
Vpn setup guideVpn setup guide
Vpn setup guide
AClarida
 
Tranzeo EL-900 Outdoor AP/ Router/ Bridge (quantumwimax.com)
Tranzeo EL-900 Outdoor AP/ Router/ Bridge (quantumwimax.com)Tranzeo EL-900 Outdoor AP/ Router/ Bridge (quantumwimax.com)
Tranzeo EL-900 Outdoor AP/ Router/ Bridge (quantumwimax.com)
Ari Zoldan
 
resume_sanjay_parmar
resume_sanjay_parmarresume_sanjay_parmar
resume_sanjay_parmar
Sanjay parmar
 
Setup NanoStation M2 (NSM2) in AP WDS mode (Access Point with WDS) for Wi-Fi ...
Setup NanoStation M2 (NSM2) in AP WDS mode (Access Point with WDS) for Wi-Fi ...Setup NanoStation M2 (NSM2) in AP WDS mode (Access Point with WDS) for Wi-Fi ...
Setup NanoStation M2 (NSM2) in AP WDS mode (Access Point with WDS) for Wi-Fi ...
Tũi Wichets
 
Telesemana webinar enero 22 2013
Telesemana webinar enero 22 2013Telesemana webinar enero 22 2013
Telesemana webinar enero 22 2013
Rafael Junquera
 
Hybrid fiber powerline communicatiion (hfpc)
Hybrid fiber powerline communicatiion (hfpc)Hybrid fiber powerline communicatiion (hfpc)
Hybrid fiber powerline communicatiion (hfpc)
Broto Santoso
 
How–To setup Wi-Fi Client Router Mode as [CPE] connect to [WISP AP] & Using E...
How–To setup Wi-Fi Client Router Mode as [CPE] connect to [WISP AP] & Using E...How–To setup Wi-Fi Client Router Mode as [CPE] connect to [WISP AP] & Using E...
How–To setup Wi-Fi Client Router Mode as [CPE] connect to [WISP AP] & Using E...
Tũi Wichets
 
Ixia anue maximum roi from your existing toolsets
Ixia anue maximum roi from your existing toolsetsIxia anue maximum roi from your existing toolsets
Ixia anue maximum roi from your existing toolsets
responsedatacomms
 

La actualidad más candente (20)

Symmetry SSI5200 (quantumwimax.com)
Symmetry SSI5200 (quantumwimax.com)Symmetry SSI5200 (quantumwimax.com)
Symmetry SSI5200 (quantumwimax.com)
 
Fixed IP Data Sims
Fixed IP Data SimsFixed IP Data Sims
Fixed IP Data Sims
 
Alcatellucentsdn2013
Alcatellucentsdn2013Alcatellucentsdn2013
Alcatellucentsdn2013
 
Vpn setup guide
Vpn setup guideVpn setup guide
Vpn setup guide
 
Tranzeo EL-900 Outdoor AP/ Router/ Bridge (quantumwimax.com)
Tranzeo EL-900 Outdoor AP/ Router/ Bridge (quantumwimax.com)Tranzeo EL-900 Outdoor AP/ Router/ Bridge (quantumwimax.com)
Tranzeo EL-900 Outdoor AP/ Router/ Bridge (quantumwimax.com)
 
Ericsson Connected Home Solution
Ericsson Connected Home SolutionEricsson Connected Home Solution
Ericsson Connected Home Solution
 
Network Configuration Example: Configuring VPLS Pseudowires on MX Series Devi...
Network Configuration Example: Configuring VPLS Pseudowires on MX Series Devi...Network Configuration Example: Configuring VPLS Pseudowires on MX Series Devi...
Network Configuration Example: Configuring VPLS Pseudowires on MX Series Devi...
 
resume_sanjay_parmar
resume_sanjay_parmarresume_sanjay_parmar
resume_sanjay_parmar
 
Understanding senetas layer 2 encryption
Understanding senetas layer 2 encryptionUnderstanding senetas layer 2 encryption
Understanding senetas layer 2 encryption
 
Setup NanoStation M2 (NSM2) in AP WDS mode (Access Point with WDS) for Wi-Fi ...
Setup NanoStation M2 (NSM2) in AP WDS mode (Access Point with WDS) for Wi-Fi ...Setup NanoStation M2 (NSM2) in AP WDS mode (Access Point with WDS) for Wi-Fi ...
Setup NanoStation M2 (NSM2) in AP WDS mode (Access Point with WDS) for Wi-Fi ...
 
Telesemana webinar enero 22 2013
Telesemana webinar enero 22 2013Telesemana webinar enero 22 2013
Telesemana webinar enero 22 2013
 
PPT
PPTPPT
PPT
 
Ip tunneling and vpns
Ip tunneling and vpnsIp tunneling and vpns
Ip tunneling and vpns
 
Ranks ITT Profile Presentation
Ranks ITT Profile PresentationRanks ITT Profile Presentation
Ranks ITT Profile Presentation
 
1ip Tunneling And Vpn Technologies 101220042129 Phpapp01
1ip Tunneling And Vpn Technologies 101220042129 Phpapp011ip Tunneling And Vpn Technologies 101220042129 Phpapp01
1ip Tunneling And Vpn Technologies 101220042129 Phpapp01
 
Hybrid fiber powerline communicatiion (hfpc)
Hybrid fiber powerline communicatiion (hfpc)Hybrid fiber powerline communicatiion (hfpc)
Hybrid fiber powerline communicatiion (hfpc)
 
How–To setup Wi-Fi Client Router Mode as [CPE] connect to [WISP AP] & Using E...
How–To setup Wi-Fi Client Router Mode as [CPE] connect to [WISP AP] & Using E...How–To setup Wi-Fi Client Router Mode as [CPE] connect to [WISP AP] & Using E...
How–To setup Wi-Fi Client Router Mode as [CPE] connect to [WISP AP] & Using E...
 
Wan and VPN Solutions
Wan and VPN SolutionsWan and VPN Solutions
Wan and VPN Solutions
 
Widhop product datasheet
Widhop product datasheetWidhop product datasheet
Widhop product datasheet
 
Ixia anue maximum roi from your existing toolsets
Ixia anue maximum roi from your existing toolsetsIxia anue maximum roi from your existing toolsets
Ixia anue maximum roi from your existing toolsets
 

Similar a Netaxess - Technical document for sify

Eng.Abd Elrhman.pdf
Eng.Abd Elrhman.pdfEng.Abd Elrhman.pdf
Eng.Abd Elrhman.pdf
INOGHOST
 
Eng.Abd Elrhman.doc
Eng.Abd Elrhman.docEng.Abd Elrhman.doc
Eng.Abd Elrhman.doc
INOGHOST
 
Virtual Private Networks
Virtual Private NetworksVirtual Private Networks
Virtual Private Networks
Divam Goyal
 
Draft Juniper Experience First Networking | Slideshare
Draft Juniper Experience First Networking | SlideshareDraft Juniper Experience First Networking | Slideshare
Draft Juniper Experience First Networking | Slideshare
Selena829218
 
Open Programmable Architecture for Java-enabled Network Devices
Open Programmable Architecture for Java-enabled Network DevicesOpen Programmable Architecture for Java-enabled Network Devices
Open Programmable Architecture for Java-enabled Network Devices
Tal Lavian Ph.D.
 
csevpnppt-170905123948 (1).pdf
csevpnppt-170905123948 (1).pdfcsevpnppt-170905123948 (1).pdf
csevpnppt-170905123948 (1).pdf
HirazNor
 
Intel and IP Infusion Deliver Deterministic NFV Performance
Intel and IP Infusion Deliver Deterministic NFV PerformanceIntel and IP Infusion Deliver Deterministic NFV Performance
Intel and IP Infusion Deliver Deterministic NFV Performance
Dhiman Chowdhury
 

Similar a Netaxess - Technical document for sify (20)

Vpn rsvp
Vpn rsvpVpn rsvp
Vpn rsvp
 
IRJET- A Survey of Working on Virtual Private Networks
IRJET- A Survey of Working on Virtual Private NetworksIRJET- A Survey of Working on Virtual Private Networks
IRJET- A Survey of Working on Virtual Private Networks
 
Final Project.pptx
Final Project.pptxFinal Project.pptx
Final Project.pptx
 
V P N
V P NV P N
V P N
 
Banking and ATM networking reports
Banking and ATM networking reportsBanking and ATM networking reports
Banking and ATM networking reports
 
Eng.Abd Elrhman.pdf
Eng.Abd Elrhman.pdfEng.Abd Elrhman.pdf
Eng.Abd Elrhman.pdf
 
Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730
Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730
Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730
 
VIRTUAL PRIVATE NETWORKS BY SAIKIRAN PANJALA
VIRTUAL PRIVATE NETWORKS BY SAIKIRAN PANJALAVIRTUAL PRIVATE NETWORKS BY SAIKIRAN PANJALA
VIRTUAL PRIVATE NETWORKS BY SAIKIRAN PANJALA
 
Eng.Abd Elrhman.doc
Eng.Abd Elrhman.docEng.Abd Elrhman.doc
Eng.Abd Elrhman.doc
 
OVNC 2015-THE NEW IP - Open Networking Architecture with SDN & NFV
OVNC 2015-THE NEW IP - Open Networking Architecture with SDN & NFVOVNC 2015-THE NEW IP - Open Networking Architecture with SDN & NFV
OVNC 2015-THE NEW IP - Open Networking Architecture with SDN & NFV
 
Virtual Private Networks
Virtual Private NetworksVirtual Private Networks
Virtual Private Networks
 
Scalable Enterprise Ready Neutron Networking with Nuage Networks
Scalable Enterprise Ready Neutron Networking with Nuage NetworksScalable Enterprise Ready Neutron Networking with Nuage Networks
Scalable Enterprise Ready Neutron Networking with Nuage Networks
 
Draft Juniper Experience First Networking | Slideshare
Draft Juniper Experience First Networking | SlideshareDraft Juniper Experience First Networking | Slideshare
Draft Juniper Experience First Networking | Slideshare
 
En35793797
En35793797En35793797
En35793797
 
Ip tunnelling and_vpn
Ip tunnelling and_vpnIp tunnelling and_vpn
Ip tunnelling and_vpn
 
Open Programmable Architecture for Java-enabled Network Devices
Open Programmable Architecture for Java-enabled Network DevicesOpen Programmable Architecture for Java-enabled Network Devices
Open Programmable Architecture for Java-enabled Network Devices
 
csevpnppt-170905123948 (1).pdf
csevpnppt-170905123948 (1).pdfcsevpnppt-170905123948 (1).pdf
csevpnppt-170905123948 (1).pdf
 
Virtual Private Networks (VPN) ppt
Virtual Private Networks (VPN) pptVirtual Private Networks (VPN) ppt
Virtual Private Networks (VPN) ppt
 
Public Internet WAN
Public Internet WANPublic Internet WAN
Public Internet WAN
 
Intel and IP Infusion Deliver Deterministic NFV Performance
Intel and IP Infusion Deliver Deterministic NFV PerformanceIntel and IP Infusion Deliver Deterministic NFV Performance
Intel and IP Infusion Deliver Deterministic NFV Performance
 

Netaxess - Technical document for sify

  • 1. Technical document for ISP First of all we would like to thanks you for giving us opportunity to test our product more, I am just briefing you what more we have on the product and how you can use the same for various application .for various Indian telecom operator we have developed special feature Like VRRP and IPSEC and GRE and VLAN, content-filtering (domain filtering and URL filtering and again we have developed concept for failover based on keep alive. I am briefing you just about telexcell what we used to do and how old we are?? In one sentence what we can say we mainly used to work with ISP and always prefer the case also to route through ISP. Again we have already experience of working with Various ISP, so we have experience of support and services what ISP used to hope and again . “We align technology to business goals. That's the solution, not the technology itself " Mahendra Lalwani | MD TelExcell Information Systems Ltd. is one of the leading Value Added Distributor with track record of launching industries most innovative wireless, access control, security and networking products. We are one of the pioneers to introduce Networking and Communication Products in the country. TelExcell main focus is Wireless & Security, which is implied in all of our innovative and often unique leading solutions which meet the common and specialist requirements of customers. Where possible TelExcell have a direct relationship with manufacturers, avoiding many of the issues that can occur if a distribution company is used. The direct relationship ensures the highest quality logistics, technical knowledge and technical support across the entire sales cycle. TelExcell reviews the security environment as a whole and advises organizations on the best practices and applications to meet legal and company obligations. It constantly reviews new technologies to satisfy the emerging customer requirements. We have the best choice of voice and data solutions available to successfully excel your business. TelExcell are renowned for introducing unique and emerging technologies into India. We are one of the pioneers in introducing Networking and Communication Products in the country starting our operations way back in 1993.
  • 2. Our business is focused on three solutions areas: ------------------------------------------------------------------------------------------------------------ ---------------------------------------------------------------------------- Communications TelExcell installs, and maintains communications solutions, such as the latest in unified communications, contact center, network security, wireless, IP & traditional telephony, and more. We offer a complete services portfolio, including system maintenance plans and remote monitoring services. Infrastructure TelExcell provides planning, installation, and maintenance services for all types of data infrastructures from structured cabling to wireless networks to CATV, and the latest in integrated networking solutions such as routers, switches, and security applications. Products Telexcell’ portfolio includes all the key technologies required to build today’s high performance networks including: Switching IP Telephony Routing Unified Communications Wireless Mobility Access Network Security RF Connectivity Access Storage
  • 3. Coming to product overview I am just listing down the application where we can do the same and again brief overview of what we used to support and how can we use the same to design the solution 1. IPSEC site to site application
  • 4. WAN WAN Internet LAN LAN ` ` ` Brief about IPSec VPN Settings are settings that are used to create virtual private tunnels to remote VPN gateways. The tunnel technology supports data confidentiality, data origin authentication and data integrity of network information by utilizing encapsulation protocols, encryption algorithms, and hashing algorithms. • VPN enable item VPN protects network information from ill network inspectors. But it greatly degrades network throughput. Enable it when you really need a security tunnel. It is disabled for default. • Max. Number of tunnels item Since VPN greatly degrades network throughput, the allowable maximum number of tunnels is limited. Be careful to set the value for allowing the number of tunnels can be created simultaneously. Its value ranges from 1 to 80. • Tunnel name Indicate which tunnel that is focused now. • Method IPSec VPN supports two kinds of key-obtained methods: manual key and automatic key exchange. Manual key approach indicates that two end VPN gateways setup authenticator and encryption key by system managers manually. However, IKE approach will perform automatic Internet key exchange. System managers of both end gateways only need set the same pre-shared key. Function of Buttons More... To setup detailer configuration for manual key or IKE approaches by clicking the "More" button. IPSEC consist of two phase 1. IKE Phase I: the parameter are used to encrypted the Key and to start the communication between two site and again that key does not get decrypted by any
  • 5. third party , we used to configure how encrypted and which method we need to follow for authentication etc 2. IKE Phase II The parameter which we used to configure is used to encrypt the data. To create a IPSec tunnel between two location both IKE 1 and Ike II phase need to be same on both side. Configuration parameter a. b.
  • 6. c. 2. As IPsec server( Access-server )
  • 7. chennai HYd Ipsec client Ipsec client software software WAN Bangalore NA-3G-VWR NA-3G-VWR delhi WAN Internet LAN LAN IPSEC server ` Ipsec client software ` Jaipur ` For retail segment we can use netaxcess router and then we can configure the same as IPsec server and mean dynamic access server and for remote site we can use same netaxcess boxes or we can ask customer to use IPSEC client software for the same to reduce the CAPEX and OPEX.
  • 8. Configuration detail for access server 2.
  • 9. 3. For customer having at central side firewall and behind that mapped private ip addressed on IPSec server for security purpose. As customer like Bank normally what they used to do they used to IPSec devices behind firewall and again from firewall to IPSec server that used to map public ip address to private ip address for security reason. As in this case normally for remote site used to have user between 20 to 30, so for that kind of customer we can use Netaxcess router to reduce the cost and we can at remote site. delhi WAN Bangalore 192.168.1.177 203.110.80. NA-3G-VWR Cisco router 67 switch 192.168.1.1 firewall 115.80.x.x WAN Internet 192.168.123.25 4 IPSEC server LAN LAN 192.168.8.1 On firewall customer used to map 203.110.84.69 to 192.168.1.177 ` ` 192.168.8.2 192.168.8.3 192.168.8.4 ` Configuration detail On netaxcess router
  • 10.
  • 11. On Cisco router Current configuration : 4084 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname yourname ! boot-start-marker boot system flash c1841-advipservicesk9-mz.124-13b.bin boot-end-marker ! logging buffered 51200 warnings enable password cisco ! no aaa new-model ip cef ! ! no ip dhcp use vrf connected ip dhcp excluded-address 192.168.8.1 192.168.8.9 ip dhcp excluded-address 192.168.8.101 192.168.8.254
  • 12. ! ip dhcp pool ccp-pool1 network 192.168.8.0 255.255.255.0 domain-name cisco.com default-router 192.168.8.1 ! ! ip domain name yourdomain.com ip name-server 4.2.2.2 ip name-server 8.8.8.8 ! ! ! username cisco123 privilege 15 secret 5 $1$6DW6$G6JVPN9Uqyoo6/vddSGzL. ! ! ! ! crypto isakmp policy 1 encr 3des hash md5 authentication pre-share group 2 crypto isakmp key cisco123 address 0.0.0.0 0.0.0.0 crypto isakmp keepalive 10 ! ! crypto ipsec transform-set ankit esp-3des esp-md5-hmac ! crypto dynamic-map dynamic 11 set security-association lifetime seconds 28800 set transform-set ankit set pfs group2 match address 103 ! ! crypto map remotesite 11 ipsec-isakmp dynamic dynamic ! ! ! interface FastEthernet0/0 description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$ ip address 192.168.1.177 255.255.255.0 duplex auto speed auto crypto map remotesite
  • 13. ! interface FastEthernet0/1 description $ES_LAN$ ip address 192.168.8.1 255.255.255.0 ip nat inside ip virtual-reassembly duplex auto speed auto no keepalive ! ip route 0.0.0.0 0.0.0.0 192.168.1.1 ! ! ip http server ip http access-class 23 ip http authentication local no ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ip nat inside source list 101 interface FastEthernet0/0 overload ! access-list 101 deny ip 192.168.8.0 0.0.0.255 192.168.0.0 0.0.255.255 access-list 101 permit ip 192.168.8.0 0.0.0.255 any access-list 103 permit ip 192.168.8.0 0.0.0.255 192.168.0.0 0.0.255.255 access-list 103 deny ip 192.168.8.0 0.0.0.255 any no cdp run ! ! ! ! control-plane ! ! banner exec ^C % Password expiration warning. ----------------------------------------------------------------------- Cisco Configuration Professional (Cisco CP) is installed on this device and it provides the default username "cisco" for one-time use. If you have already used the username "cisco" to login to the router and your IOS image supports the "one-time" user option, then this username has already expired. You will not be able to login to the router with this username after you exit this session. It is strongly suggested that you create a new username with a privilege level of 15 using the following command.
  • 14. username <myuser> privilege 15 secret 0 <mypassword> Replace <myuser> and <mypassword> with the username and password you want to use. ----------------------------------------------------------------------- ^C banner login ^C ----------------------------------------------------------------------- Cisco Configuration Professional (Cisco CP) is installed on this device. This feature requires the one-time use of the username "cisco" with the password "cisco". These default credentials have a privilege level of 15. YOU MUST USE CISCO CP or the CISCO IOS CLI TO CHANGE THESE PUBLICLY-KNOWN CREDENTIALS Here are the Cisco IOS commands. username <myuser> privilege 15 secret 0 <mypassword> no username cisco Replace <myuser> and <mypassword> with the username and password you want to use. IF YOU DO NOT CHANGE THE PUBLICLY-KNOWN CREDENTIALS, YOU WILL NOT BE ABLE TO LOG INTO THE DEVICE AGAIN AFTER YOU HAVE LOGGED OFF. For more information about Cisco CP please follow the instructions in the QUICK START GUIDE for your router or go to http://www.cisco.com/go/ciscocp ----------------------------------------------------------------------- ^C ! line con 0 login local line aux 0 line vty 0 4 privilege level 15 password cisco login transport input telnet line vty 5 15 access-class 23 in privilege level 15 login local
  • 15. transport input telnet ! scheduler allocate 20000 1000 end yourname# 4. GRE solution based for site to site and again for hub and Spoke location
  • 16.
  • 17. 5. Solution Based on L2TP and PPTP We used for this protocol to design solution who does not used to make so much expense and again they do not want separate client software and want to use window Xp VPN client to connect
  • 18. L2TP Client using XP client software HYD L2TP Tunnel L2TP client delhi Internet WAN LNS server Bangalore NA-3G-VWR NA-3G-VWR L2TP tunnel/PPTP 203.110.80. 115.80.x.x 67 WAN 192.168.123.25 4 LAN LAN 192.168.8.1 L2TP Tunnel L2TP client ` using XP or vista or 7 ` 192.168.8.2 Jaipur 192.168.8.3 192.168.8.4 ` 6. For backup solution where Cisco router or any other router is their. Let say customer is having Cisco router or any router and have terminated bandwidth on Ethernet or E1 and in that case let say his link got some problem then all his services will going to be get affected and many time what happen customer cannot afford ISDN as backup and cost and again NT1 boxes cost too much and again it cost to much on him and again many time what happen ISP does not used to have feasibility and he cannot provide ISDN connectivity and in that case we can use 3 G technology as hardware cost is less than ISDN and again cost of charges of 3 G is also less then ISDN and again customer is going to get hardware level redundancy also .
  • 19.
  • 20. In above case let say E1 or Ethernet used to get down then all traffic will automatically going to be route through 3 G router. We used to support VRRP on our router, so using that functionality we can make the thing workable.
  • 21. 7.let say customer want to terminated VSAT or Ethernet link on same router and want to use 3 G technology as backup , for failover we have developed a special feature for Failover and again these failover is based on keep alive and as what used to happen in normal case Ethernet port does not used to get down and but let say there is problem in network or fiber cut or any thing , for these type of scenario to over come with these what we can do we can configure any ip address on router so that it can ping on regular interval and so if router will not get ping response through Ethernet path and it will dial 3 G backup and then it will connect and get connect and so all traffic will move through 3 G.
  • 22.
  • 23.
  • 24. 3G wireless CDMA Internet Backup NA-3G-VWR 203.110.80. 67 primary WAN ethernet LAN 192.168.8.1 l ` 192.168.8.2 192.168.8.3 192.168.8.4
  • 25. 3G wireless CDMA VSAT DISH Internet Backup NA-3G-VWR 203.110.80. 67 primary WAN ethernet LAN 192.168.8.1 l ` 192.168.8.2 192.168.8.3 192.168.8.4
  • 26. For ATM Connectivity The following security is built in the proposed solution for ISP using CDMA technology as ISP used to have LNS and AAA in network, so we can use the infrastructure to design the solution. The LNS also acts like a firewall and basic firewall policies can be defined in the LNS. The Remote Terminal communicates directly with the Host in an IP call through the Customer Firewall and their router. The Access Control List (ACL) is setup in the Bank router and adds to the security. The AN-AAA user id and AN-AAA password gets authenticated at the AN-AAA to assign UATI to the AT. UATI is Unicast Access Terminal Identifier that uniquely identifies the AT during data call.
  • 27. PPP user id and PPP password gets authenticated at PDSN to assign IP to the AT and also subnet locking is implemented to avoid misutilization of EVDO HSD+ network. Since the communication is using IP addresses, there is no need for TPDU handling. Different type of Authentications in 3 G technology which customer can 1) IS 856 air interface Authentication. 2) IS 856 RAN Authentication (performed by RAN) 3) ISP Authentication (between the user and PDSN) 4) Home Agent Authentication (between the user and home agent) IS 856 Air Interface Authentication Air Interface Authentication eliminates the need to perform authentication with the AAA servers (i.e., Access Authentication) every time the AT opens a connection. It works as follows: Perform ephemeral session key establishment-- Diffie-Hellman algorithm is used for session key exchange. Authenticate the Access Atempts—The AT signs the access channel packets to prove it is the true owner of the session. SHA-1 is applied to the AC packet, the authentication key and a time stamp to generate the signature. IS 856 RAN Authentication
  • 28. IS 856 RAN Authentication is also called as AN-AAA Authentication. In the AN-AAA authentication AN-AAA credentials (i.e., AN-AAA username and AN-AAA password) has to be configured both in the AT and AN-AAA. When ever the AT wants to establish session, AN-AAA requests for username and password. AN-AAA authenticates the username and password by using CHAP algorithm and AN-AAA returns the IMSI that has been configured against the username and password. ISP Authentication ISP Authentication is also called as PPP Authentication. PDSN Authenticates the AT before going to assign IP to the User. Home Agent Authentication The HA Authenticates the registration request using the Mobile Number-Home agent shared key. The following figure shows the Broadband+ Authentications all together. Hardware ID Authentication Hardware ID Authentication is based on ESN/MEID of the device. Hardware ID is unique to the user device so this type of Authentication is useful in avoiding the cloning problems. End-to-End Security True data protection should be implemented from data owner to data owner (for example a remote access employee computer to employer’s server.) A Broadband+ 1xRTT network protects data over the air, but once outside the carrier’s network, public information network systems (i.e. the internet) carry data unprotected. Broadband+ 1xRTT security should be complemented with a VPN security protocol for true data protection. Qualcomm’s MSM software provides direct support for SSL. VPN software support is available for both laptops and PDAs.
  • 29. Now let say BANK have taken Already VSAT Link for ATM connectivity for Backup purpose we can propose 3 G technology and in this way we can achieve 99.9 % uptime.
  • 30. 8. For customer who wants to block specify web site and want to block based on content or word we can use netaxcess router for the same. a. Domain Filter let you prevent users under this device from accessing specific URLs. b. URL Blocking will block LAN computers to connect to pre-define Web. c. Packet filtering is also their, so we can communication not to happen between A and B computer.