Allot NetEnforcer AC-1000 Series Hardware Manual Download

Page: 3 / 97

NetEnforcer

AC-1000 Series

Policy Based Bandwidth Management

Hardware Guide

P/N D362001 R2

Summary of Contents for NetEnforcer AC-1000 Series

Page 1: ......

Page 2: ......

Page 3: ...NetEnforcer AC 1000 Series Policy Based Bandwidth Management Hardware Guide P N D362001 R2...

Page 4: ......

Page 5: ...OF REVENUE OR ANTICIPATED PROFITS OR LOST BUSINESS EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES Copyright Copyright 1997 2007 Allot Communications All rights reserved No part of this document ma...

Page 6: ...Important Notice AC 1000 Series Hardware Guide iv Printing History First Edition July 2006 Second Edition September 2007...

Page 7: ...s 1 8 Accessories Area 1 11 Cabling 1 14 AC 1000 Series Copper 1 14 AC 1000 Multi Mode SX Fiber 1 16 AC 1000 Series Single Mode LX5 LX20 ZX Fiber 1 17 Connectors 1 18 Bypass Units 1 19 AC 1010 Bypass...

Page 8: ...ancy 4 18 Active Redundancy for the AC 1020 4 18 Active Redundancy for the AC 1040 4 18 Serial Redundancy 4 19 NetEnforcer Failover 4 20 Serial Redundancy in Mesh Topologies 4 21 CHAPTER 5 HARDWARE SP...

Page 9: ...e NetEnforcer AC 802 Copper to the Single Copper Bypass Unit 1 20 Figure 1 10 Single Fiber Bypass Unit Multi Mode 1 21 Figure 1 11 Single Fiber Bypass Unit Single Mode 1 21 Figure 1 12 Connecting NetE...

Page 10: ...Tab AC 1010 NetXplorer Configuration 4 4 Figure 4 3 NIC Tab AC 1020 NetXplorer Configuration 4 7 Figure 4 4 Networking Tab AC 1020 NetXplorer Configuration 4 8 Figure 4 5 NIC Tab AC 1040 NetXplorer C...

Page 11: ...l Bypass Unit CAUTION All AC 1000 Series models only function when the appropriate Bypass Unit is connected to it This is to ensure continuous service in the event of failure NOTE AC 1000 NetEnforcer...

Page 12: ...20 fiber or ZX fiber interface connectors The AC 1020 may be ordered with an upgradable throughput of 155 Mbps 310 Mbps 622 Mbps 1 Gbps or 2 Gbps The NetEnforcer AC 1040 is a carrier grade unit intend...

Page 13: ...t is separated into four areas as shown below Figure 1 1 Front Panel AC 1000 Series The front panel of NetEnforcer is laid out as follows LCD panel described on page 1 6 The Link Connections area Powe...

Page 14: ...1 AC 1000 Series Hardware NetEnforcer AC 1000 Hardware Guide 1 4 AC 1000 Series Front Panels AC 1010 Front Panels Figure 1 2 Front Panel AC 1010 Copper AC 1020 Front Panel Figure 1 3 Front Panel AC 10...

Page 15: ...Series Hardware NetEnforcer AC 1000 Hardware Guide 1 5 AC 1040 Front Panels Figure 1 4 Front Panel AC 1040 Copper CAUTION CLASS 1 LASER PRODUCT DANGER Invisible laser radiation when opened AVOID DIREC...

Page 16: ...l On Off Enter Up Arrow Display Area Select Power Indicator Active Indicator Standby Indicator Left Arrow Right Arrow Down Arrow On Off Enter Up Arrow Display Area Select Power Indicator Active Indica...

Page 17: ...nforcer is the primary system If you have one NetEnforcer this should be the normal state of the LED If you have two NetEnforcers configured in Parallel Redundancy mode this NetEnforcer is the primary...

Page 18: ...it LED indicates that neither links nor activities were detected Table 1 2 External Internal LED Conditions AC 1010 1020 Link Status Indicators AC 1040 Ext Int LED NetEnforcer Status Green A lit green...

Page 19: ...ersonnel only To avoid shock do not perform any servicing other than those contained in the unpacking instructions Should you need to you can replace one of the power supplies while NetEnforcer is con...

Page 20: ...X 20 Transceiver SFP ZX AC DC AC 1040 Copper AC DC CAUTION The power entry modules AC supply option include two fuses T2A 250 V 5 x 20 mm at each power entry One is a spare fuse for replacement purpos...

Page 21: ...Enforcer management Operating through the Management port denies management access to the device from Internal or External ports Moreover when there is a problem in the regular network for example a D...

Page 22: ...ing amber LED indicates that traffic is detected on the interface Off An unlit LED indicates that neither links nor activities were detected Table 1 4 Management LED Conditions AC 1010 1020 Management...

Page 23: ...e product to the power line make sure that the protective ground terminal of the device is connected to the safety ground conductor of the mains power cord The mains plug should only be inserted in a...

Page 24: ...rt Ethernet Cat 6 Included P N C411011 RJ 45 To NetEnforcer Console Port Ethernet Cat 6 Included P N C002005B RJ 45 Primary NetEnforcer Internal Eternal to Bypass Unit Internal External Ethernet Cat 6...

Page 25: ...Chapter 1 AC 1000 Series Hardware NetEnforcer AC 1000 Hardware Guide 1 15...

Page 26: ...N C411011 RJ 45 To NetEnforcer Console Port Ethernet Cat 6 Included P N C002005B RJ 45 Primary NetEnforcer to Bypass Unit Internal External Built In Built In NetEnforcer Backup Connector to Bypass Uni...

Page 27: ...1011 RJ 45 To NetEnforcer Console Port Ethernet Cat 6 Included P N C002005B RJ 45 Primary NetEnforcer to Bypass Unit Internal External 9 125 fiber optic cable Included P N C411015 Dual LC NetEnforcer...

Page 28: ...s Units using Multi Mode fiber SX utilize dual SC Connectors Figure 1 6 Dual SC Connector Multi Mode Fiber NetEnforcer Bypass Units using Single Mode fiber LX5 LX20 and ZX utilize dual LC connectors F...

Page 29: ...Fiber operates with a Double Fiber Bypass and the AC 1020 Copper operates with a Double Copper Bypass The AC 1040 operates with a Multi port Copper Bypass CAUTION A NetEnforcer AC 1000 unit must be co...

Page 30: ...Unit to NetEnforcer Figure 1 9 Connecting the NetEnforcer AC 802 Copper to the Single Copper Bypass Unit To connect the Single Copper Bypass to the NetEnforcer NOTE For important information regardin...

Page 31: ...e Bypass Unit to a switch connector NOTES To connect a secondary NetEnforcer for Parallel Redundancy you need two NetEnforcers and one Bypass Unit Internal and external connectors of the redundant Net...

Page 32: ...ode connections or two quad LC connectors for Single Mode connections along with two D type 9 pin connectors for primary and redundant unit to backup connection The following procedure describes how t...

Page 33: ...5 125 or 9 125 Internal fiber optic cable from the Internal port on the Bypass Unit to a 1 Gbps switch NOTES To connect a secondary NetEnforcer for Parallel Redundancy you need two NetEnforcers and on...

Page 34: ...TE For important information regarding cable and connector types see Cabling on page 1 14 1 Connect the External cable from the To NetEnforcer External port Link 1 on the Bypass Unit to the External p...

Page 35: ...nnector is plugged into the NetEnforcer NOTES To connect a secondary NetEnforcer for Parallel Redundancy you need two NetEnforcers and one Bypass Unit Internal and external connectors of the redundant...

Page 36: ...itch and the router The Double Fiber Bypass Unit includes connectors for connecting to Link 1 and Link 2 on the AC 1020 The Link Connectors area includes either two duplex LC connectors and one built...

Page 37: ...E For important information regarding cable and connector types see Cabling on page 1 14 1 Connect the fiber cable labeled To NetEnforcer External Link 1 from the Bypass Unit to the External port on t...

Page 38: ...lel Redundancy you need two NetEnforcers and one Bypass Unit Internal and external connectors of the redundant NetEnforcer should be connected directly to the network There is no need to connect via t...

Page 39: ...ort on NetEnforcer Link 1 3 Connect the External cable from the External port on the Bypass Unit to a router 100Base T connector 4 Connect the Internal cable from the Internal port on the Bypass Unit...

Page 40: ...5 10R Ensure that each site has a suitable ground Ground all metal racks enclosures boxes and raceways The NetEnforcer equipment should be reliably grounded through the power supply cord Connection t...

Page 41: ...hin the same premises as this equipment There shall be no switching or disconnecting devices in the grounded circuit conductor between the DC source and the point of connection of the grounding electr...

Page 42: ...or and also the point of grounding of the DC system The DC system shall not be grounded elsewhere Powering Up Via LCD Panel NOTE The NetEnforcer and the Bypass Unit have to be fully plugged and connec...

Page 43: ...NetEnforcer AC 1000 Hardware Guide 1 33 The display area of the LCD panel indicates the default view the current bandwidth consumption For example Inbound XXX X Outbound YYY Y You can now proceed to...

Page 44: ......

Page 45: ...connect NetEnforcer to your network 1 Connect the Bypass Unit to NetEnforcer as described in Bypass Units page 1 8 2 Connect the LAN side of your network to the Internal connector of each link on the...

Page 46: ......

Page 47: ...orcer or by using the LCD panel Configuring Via a Terminal or Telnet You can use a standard terminal PC running terminal emulation software connected to the Console port or Telnet via the internet to...

Page 48: ...tEnforcer as described in Powering Up page 1 30 3 At the terminal select Start Programs Accessories and double click on the HyperTerminal icon Enter a name for the session and then to set the com port...

Page 49: ...are prompted for a login and a password 2 Enter admin for the login and allot for the password To change the password see page 3 9 Press Enter The NetEnforcer Setup Menu is displayed NetEnforcer Start...

Page 50: ...y set network configuration parameters at any time To display the current configuration 1 In the NetEnforcer Setup Menu enter 1 List current configuration and press Enter The current network configura...

Page 51: ...Chapter 3 Setting Up the NetEnforcer NetEnforcer AC 1000 Hardware Guide 3 5 Figure 3 3 Current Configuration 2 3 Press Enter to return to the NetEnforcer Setup Menu...

Page 52: ...Parameters You can define network parameters manually To define network parameters manually 1 In the NetEnforcer Setup Menu enter 2 Network configuration and press Enter The Network Configuration men...

Page 53: ...NE Primary name server IP address If you have a Domain Name Server DNS its IP address If you do not have a DNS enter none Secondary name server IP address If you have a second DNS its IP address If yo...

Page 54: ...link speed of the Internal interface 10M or 100M Use M for Mbps The duplex type for the External interface Enter full for full duplex half for half duplex or auto for AutoSensing If you selected full...

Page 55: ...sword To change the users password 1 In the NetEnforcer Setup Menu enter 3 Change password and press Enter The Password screen is displayed Figure 3 5 Password 2 Enter 1 or 2 to specify the type of us...

Page 56: ...orcer Setup Menu enter 4 Set time and press Enter The Time Setup screen is displayed Figure 3 6 Time Setup The current day date system time and time zone are displayed at the top of the screen 2 To ch...

Page 57: ...nd a password 3 At the terminal press Enter The system boots up and you are prompted for a login and a password 4 Enter root for the login and bagabu for the password and then press Enter 5 Enter pass...

Page 58: ...econds NOTE When you are configuring NetEnforcer and there is no activity for more than 30 seconds the display area returns to the default view and any modifications to parameters that were not saved...

Page 59: ...ort can be configured via the LCD To configure NIC settings 1 With the display area displaying the default view press the Select button The main menu is displayed as follows Main menu 1 NIC Settings 2...

Page 60: ...splay area displaying the default view press the Select button The Main menu is displayed 2 Press the down arrow once to display the following Main menu 2 Setup IP 3 Press the Select button The displa...

Page 61: ...left and right arrow buttons to move between the digits 9 Press the Enter button The display area indicates the following S ave C ancel 10 Use the arrow buttons to select whether to save the settings...

Page 62: ...e arrow buttons to select whether to enter Bypass mode and press the Enter button NetEnforcer switches to Bypass mode and after a few moments the display area displays its default view the current ban...

Page 63: ...isplaying the default view press the Select button The Main menu is displayed 2 Press the down arrow five times to display the following Main menu 6 Shutdown 3 Press the Select button The display area...

Page 64: ...t view 1 With the display area displaying the default view press the Select button The Main menu is displayed 2 Press the down arrow six times to display the following Main menu 7 Exit 3 Press the Ent...

Page 65: ...ring the AC 1010 via the NetEnforcer 1 Configure the Management Port interface via the LCD on the front panel of the NetEnforcer 2 Log into the NetEnforcer via the Management Port or Telnet see page 3...

Page 66: ...set redundancy mode go config network redund_mode Options are o parallel o serial For example go config network redund_mode parallel To toggle redundancy go config network bypass_unit Options are o en...

Page 67: ...configure in the Navigation Pane 3 Select Configuration from the drop down menu 4 Open the NIC tab and in the Action on Failure field set INTERNAL1 and EXTERNAL1 to fail paired port Figure 4 1 NIC Tab...

Page 68: ...you can view the changes from the Configuration tab For more information concerning NetEnforcer configuration via NetXplorer see the NetXplorer Operation Guide Configuring the AC 1020 via the NetEnfo...

Page 69: ...mands To set the interfaces go config nic Options are o internal1 MODE SPEED o internal2 MODE SPEED o external1 MODE SPEED o external2 MODE SPEED For example go config nic internal1 full 100 To set re...

Page 70: ...ble For example go config network bypass_unit enable Configuring the AC 1020 via NetXplorer 1 Log into NetXplorer 2 Right click the NetEnforcer you wish to configure in the Navigation Pane 3 Select Co...

Page 71: ...igure 4 3 NIC Tab AC 1020 NetXplorer Configuration 5 Set INTERNAL2 and EXTERNAL2 to No Action in the Action on Failure field 6 Open the Networking tab and set the Redundancy Mode as required to Parall...

Page 72: ...uration tab For more information concerning NetEnforcer configuration via NetXplorer see the NetXplorer Operation Guide Configuring the AC 1040 via the NetEnforcer 1 Configure the Management Port inte...

Page 73: ...2 MODE SPEED o internal3 MODE SPEED o internal4 MODE SPEED o external1 MODE SPEED o external2 MODE SPEED o external3 MODE SPEED o external4 MODE SPEED For example go config nic internal1 full 100 To s...

Page 74: ...xample go config network bypass_unit enable Configuring the AC 1040 via NetXplorer 1 Log into NetXplorer 2 Right click the NetEnforcer you wish to configure in the Navigation Pane 3 Select Configurati...

Page 75: ...NIC Tab AC 1040 NetXplorer Configuration 5 Set INTERNAL2 EXTERNAL2 INTERNAL4 and EXTERNAL4 to No Action in the Action on Failure field 6 Open the Networking tab and set the Redundancy Mode as require...

Page 76: ...e 4 6 Networking Tab AC 1040 NetXplorer Configuration 8 Click Save The system will reboot After rebooting you can view the changes from the Configuration tab For more information concerning NetEnforce...

Page 77: ...pass Unit The Primary NetEnforcer handles the traffic and the Secondary NetEnforcer is designed to stand by as long as the Primary NetEnforcer is active Only if for any reason the Primary NetEnforcer...

Page 78: ...following tables Standby LED Active LED Power LED Analysis Primary Unit OFF ON ON Primary NetEnforcer is in Active mode Secondary Unit ON OFF ON Secondary NetEnforcer is ready to take over Primary Uni...

Page 79: ...take control and become the active unit under the following conditions Upon a Primary subsystem failure During booting of the Primary NetEnforcer platform When booting is completed the Primary unit au...

Page 80: ...he Primary connector of the Bypass Unit 4 Designate the other NetEnforcer to be the Secondary and connect one end of the Backup cable to the Backup connector of the Secondary NetEnforcer 5 Connect the...

Page 81: ...or network topologies where both links are active in load balancing mode Failover In the event that one of the links fails due to router switch or line malfunction the network redundancy mechanism for...

Page 82: ...unit The corresponding port is connected to the Internal port of the AC 1020 The External port of the AC 1020 is connected to the external port of the bypass unit while its corresponding port connect...

Page 83: ...is in bypass mode There is no probe is standby mode When the active probe moves to bypass the passive probe switches to active Even if the previously active probe recovers it will remain in bypass Th...

Page 84: ...ality will be maintained In the unlikely situation where the Secondary unit fails it will go in to bypass mode bypassing the failed NetEnforcer Network connectivity will maintain but all NetEnforcer f...

Page 85: ...rio Serial Redundancy in Mesh Topologies Serial Redundancy can support mesh topology configurations In the network diagram described below each of the NetEnforcer units should be able to handle two li...

Page 86: ...000 Hardware Guide 4 22 Figure 4 10 Serial Redundancy Mesh Scenario In a network configuration with four network interfaces each of the NetEnforcer units must have eight network interfaces The AC 1040...

Page 87: ...h 17 32 in 440 mm Depth 14 76 in 375 mm Weight Copper 24 9 lbs 11 3 kg Fiber 25 3 lbs 11 48 kg NOTE The weight of the Copper Bypass Unit is 3 86 lbs 1 75 kg and the weight of the Fiber Bypass Unit is...

Page 88: ...Chapter 5 Hardware Specifications NetEnforcer AC 1000 Hardware Guide 5 2 Operating Environment Temperature 32 F to 104 F 0 to 40 C Humidity 5 to 95 non condensing...

Page 89: ...0 3 3 1995 EN 55024 1998 A1 01 FCC 47 CFR part 15 subpart B class A ICES 003 1997 class A VCCI 2002 class B NEBS GR 1089 Core Safety IEC 60950 1999 with Japanese deviations EN 60950 2000 NEBS GR 1089...

Page 90: ......

Page 91: ...rks the NetEnforcer can be separated from the NetXplorer server by a firewall for security reasons To enable the communication between the NetXplorer and NetEnforcers the following ports in the Firewa...

Page 92: ......

Page 93: ...u trafic uniquement vers des l ments passifs permettant ainsi au r seau de fonctionner Le NetEnforcer de s rie AC 1000 associe une conception de classe transporteur une redondance des l ments fondamen...

Page 94: ...les Pour garantir une protection continue contre les incendies toujours remplacer un l ment par un composant du m me type et de m me intensit Avant de retirer le couvercle d connecter le produit de l...

Page 95: ...d alimentation c c est raccord au conducteur de masse D RIVATION Afin de garantir la continuit du service en cas de panne toute unit NetEnforcer AC 1000 doit tre reli e une unit de d rivation adapt e...

Page 96: ...60 Hz L alimentation c c quant elle s adapte automatiquement des tensions de 48 ou 60 V c c Cet quipement est destin une utilisation dans un espace acc s limit et par un personnel d ment qualifi Pour...

Page 97: ...ndeur 375 mm 14 76 in Poids Cuivre 11 3 kg 24 9 lbs Fibre optique 11 48 kg 25 3 lbs REMARQUE L unit de d rivation en cuivre p se 1 75 kg 3 86 lbs celle en fibre optique p se 1 94 kg 4 28 lbs Sp cifica...

Search results

Summary of Contents for NetEnforcer AC-1000 Series

Reviews:

Related manuals for NetEnforcer AC-1000 Series

Brands by name

Popular brands

Allot NetEnforcer AC-1000 Series, Hardware Manual

Search results

Summary of Contents for NetEnforcer AC-1000 Series

Reviews:

Related manuals for NetEnforcer AC-1000 Series

Brands by name

Popular brands