Multi-Homing Security Gateway User’s Manual
Chapter 1: Introduction
PLANET’s Multi-Homing Security Gateway, MH-1000 integrated with cutting-edge technology including
Load Balancing, VPN and Firewall for central sites to establish office network and connect with branch
offices, remote dial up and tele-workers. It is designed for business requiring application-based network
solution at low-capital investment and is perfectly catering to the needs of small and medium sized business.
Built-in multiple WAN interfaces can prevent your Internet connection from failure, and also reduces the risks
of potential shutdown if one of the Internet connections fails. Moreover, it allows you to perform
load-balancing by distributing the traffic through two WAN connections.
In addition to a multi-homing device, PLANET’s Multi-Homing Security Gateway provides a complete
security solution in a box. The policy-based firewall, content filtering function and VPN connectivity with
3DES and AES encryption make it a perfect product for your network security. Bandwidth management
function is also supported to offers network administrators an easy yet powerful means to allocate network
resources based on business priorities, and to shape and control bandwidth usage.
1.1 Features
♦
WAN Fail-over:
Auto failover feature can be configured for a second connection to ensure redundant
connectivity when the primary line fails.
♦
Load Balancing:
MH-1000 provides the ability to balance the workload by distributing incoming traffic
across the two connections.
♦
DNS inbound load balance:
The MH-1000 can be configured to reply the WAN2 IP address for the
DNS domain name request if WAN1 fails.
♦
VPN Connectivity:
The security gateway support PPTP and IPSec VPN. With DES, 3DES and AES
encryption and SHA-1 / MD5 authentication, the network traffic over public Internet is secured.
♦
PPTP Server:
The MH-1000 also provides PPTP server feature, the remote user can connect to
MH-1000 PPTP server without too many complex setting and to access the LAN resource.
♦
Content Filtering:
The security gateway can block network connection based on URLs, Scripts (The
Pop-up, Java Applet, cookies and Active X).
♦
SPI Firewall:
Built-in Stateful Packet Inspection (SPI) can determine if a data packet is allowed through
the firewall to the private LAN.
♦
Denial of Service (DoS):
The MH-1000 protects against hackers attack by DoS, it can allow private LAN
securely connected to the Internet.
♦
Quality of Service (QoS):
Network packets can be classified based on IP address and TCP/UDP port
number and give guarantee and maximum bandwidth with three levels of priority.
♦
Dynamic Domain Name Service (DDNS):
The Dynamic DNS service allows users to alias a dynamic IP
address to a static hostname.
- 1 -