 |
|
| |
| BANDIT™ Frequently
Asked Questions |
|
|
|
| Q |
What
is a BANDIT? |
|
| A |
The
BANDIT™ stands for Broadband Access
Network Device for Intelligent Termination. "Broadband" is
defined as agnostic to different broadband
access methods, such as xDSL, cable, T1,
and wireless network link. "Intelligent," in
this context, refers to multi-function
customer premises equipment (CPE) that
supports IP routing, Virtual Private Network
(VPN) gateways, IPsec security, legacy
data protocols (ALC, bisync, X.25, SDLC,
etc.), and dial backup. |
|
|
| |
| Q |
What
does the BANDIT™ do? |
|
| A |
The
BANDIT™ is a single, multi-function
CPE that replaces the need for multiple
single-function units. Its capabilities
and features include IP routing (static,
RIP V1/V2), FRAD, IPsec VPN gateway, built-in
firewall, NAT, DHCP, support for legacy
data protocols (SDLC, X.25, ALC, polled
async, and bisync), and dial backup. |
|
|
| |
| Q |
What
is the BANDIT's target market? |
|
| A |
The
BANDIT™ is the ideal solution for
enterprise customers, carriers, and vertical
markets. Enterprise customers are attracted
to its robust feature set and strong price/performance/functionality
ratio. Carriers benefit when migrating
their Frame Relay networks to support
other value-added services, such as broadband
and IP-based VPNs. Vertical markets, such
as the transportation and banking industries,
can quickly and easily migrate their legacy
systems and specialized protocols to standards-based
IP networks. |
|
|
| |
| Q |
What
are the key applications the BANDIT™ supports? |
|
| A |
Given
its flexible architecture and the rich
feature set, the BANDIT™ supports
a wide range of applications that fit the
requirements of different categories of
customers (e.g., enterprise and carrier).
The key applications are:
- Broadband connectivity for remote/branch
office over public IP and Frame Relay
networks
- Encryption for IP VPNs and built-in
firewall functionality
- Migration of legacy data networks
to IP based infrastructure
- Dial backup capability for load
sharing and disaster recovery
- Managed router services that can
be configured and managed remotely
from a carrier's centralized network
operation center (NOC)
|
|
|
| |
| Q |
How
many simultaneous tunnels does the BANDIT™ support? |
|
| A |
The
BANDIT™ terminates up to 30 separately
encrypted tunnels at one time. A hardware
accelerator for encryption ensures that
there is no reduction in throughput, even
when all tunnels are active. |
|
|
| |
| Q |
Do
I need to have a BANDIT™ at both
ends of a network to support IP encryption? |
|
| A |
No.
the BANDIT™ supports standards-based
IPsec encryption using Data Encryption
Standard (DES) and triple-DES (3DES).
The BANDIT™ interoperates with other
standards-compatible IPsec software clients,
as well as other vendors' VPN gateways.
This flexibility allows carriers and enterprise
customers to deploy a wide variety of
network technologies and topologies to
meet every need for secure communication
over the Internet. |
|
|
| |
| Q |
How
does the BANDIT™ protect a site
from hackers? |
|
| A |
The
BANDIT™ provides several security
features that work together to protect
customer networks and IT assets. IP-based,
encrypted tunnels leave hackers little
opportunity to break into the Intranet.
Also, authentication, access control lists
(ACLs), and IP address filtering ensure
access from and to only authorized and
trusted locations. In addition, dynamic
network address translation (NAT) and
DHCP not only provide a different kind
of protection, but are also used in tandem
to enhance the security of encrypted tunnels. |
|
|
| |
| Q |
Does
the BANDIT™ support authentication? |
|
| A |
The
BANDIT™ supports several authentication
protocols such as PAP, CHAP, and HMAC
MD-5 /HMAC SHA-1. In addition, the BANDIT™ supports
both IKE and ISAKMP key exchange protocols
that are based on RSA certificates (public
keys). |
|
|
| |
| Q |
How
does the BANDIT™ support legacy
protocols? |
|
| A |
A
wide range of legacy data protocols perfected
in Encore Networks' earlier line of Frame
Relay Access Devices (FRADs) is the basis
of the BANDIT™ product. Terminals
and hosts using Airline Link Control (ALC);
asynchronous and synchronous polled protocols
such as IBM's SDLC and bisync; and X.25
packet switching can communicate over
the Internet through the same encrypted
tunnels used by IP or over Frame Relay
networks. |
|
|
| |
| Q |
How
does dial backup work? |
|
| A |
The
BANDIT™ contains an integral V.90
modem that can dial out or accept calls
on a standard voice-grade phone line.
Typically, the BANDIT™ recognizes
the loss of the DSL service, cable modem,
or other primary line, and calls a Remote
Access Server (RAS) in much the same way
a PC calls into an Internet Service Provider
(ISP). In fact, the call may be placed
to an ISP, or to a RAS owned by the user's
organization. The routing function in
the BANDIT™ identifies the new path,
DHCP obtains an IP address for the duration
of the backup connection, and traffic
resumes automatically within a short period
of time. If the RAS supports compression,
the internal modem negotiates to turn
it on for the session, potentially doubling
the throughput of a connection. |
|
|
| |
| Q |
How
do I configure and manage a BANDIT™ router? |
|
| A |
The
BANDIT™ includes a comprehensive set
of network management capabilities, diagnostics
features, and plug-and-play configuration
functions that simplify deployment and
keep overall operating expenses low.
The intuitive
menu-driven craft interface makes configuration
a snap and reduces the need for training.
The operator picks the next step with
one key stroke. Only those few parameters
that are unique to each device, such
as its name, require typing. There are
no commands to learn. The same interface
is accessible from a terminal on the
dedicated serial port, via Telnet, or
through the integral modem port.
Three
levels of passwords restrict a user
to read-only privileges or limited control,
or allow full control, regardless of
the access method. Full SNMP support
eases integration with existing Office
System Solution (OSS) systems. Also,
guaranteed delivery of critical SNMP
trap messages ensures that important
event reports are preserved during network
outages.
Remote
diagnostics include traffic monitoring
on any port, extensive statistics, data-scope
analysis of protocols, and test configurations,
such as loop-backs. All management functions
are controllable from the NOC. |
|
|
| |
| Q |
Are
there limitations on topologies or configurations
of the network? |
|
| A |
None.
In fact, the BANDIT's architecture is
fully symmetrical. That is, any port may
be configured for any purpose. For example,
the serial port can emulate a terminal
controller with a polled async protocol,
or it can operate at 2 Mbps on an IP/PPP
link to the Internet. It is possible to
configure the modem port as the primary
network link. This flexibility allows
a user with a BANDIT™ in a regional
office to set up encrypted tunnels to
dozens of smaller office branches, mobile
workers, or home offices. Users at the
remote sites can communicate not only
with the regional office, but also with
any other location that has an encrypted
tunnel established. The BANDIT™ switches
or routes traffic amongst the tunnels
it terminates. |
|
|
| |
| Q |
What
are the BANDIT's different configuration
options? |
|
| A |
The
BANDIT™ comes standard with two Ethernet
LAN ports, and a V.90 modem port for dial
backup. Two optional serial ports, available
separately, provide support for legacy
data support, as well as T1 and fractional
T1 termination via built-in CSU capability. |
|
|
| |
| Q |
What
is the BANDIT's list price? |
|
| A |
The
BANDIT's pricing depends on the configuration
and on the customer's application. Please
contact your Encore Networks sales representative
for more information. |
|
|
| |
| Q |
How
do I order a BANDIT? |
|
| A |
To discuss
BANDIT™ pricing options and details
about placing an order, call Encore Networks
at 703- 318-7750, or send an email to sales@encorenetworks.com |
|
|
|
| |
|
|
