Great Mobility and Productivity
The BiGuard Gigabit Dual-WAN SSL/IPSec VPN SME Appliance Series integrates cutting-edge SSL VPN technology for
SMEs to establish private encrypted tunnels, without the need for VPN software pre-installation on client PCs, through the
public Internet to securely access corporate resources from any location, such as a branch office, hotel, home, cyber café, or
even a public kiosk. It offers corporate-class advanced SSL VPN connections such as Network Extender, Transport Extender,
and Application Proxy. Remote users using different kinds of browsers, platforms and operating systems can all access files in
the central office. External business partners or business travelers, even using just MS Outlook Web Access (OWA), can be
authorized to access the corporate network from a remote site as if they never left the office. A business traveler using a
mobile device like a PDA can access the corporate network, the SOHO or a freelancer on a Macintosh can even connect his
Mac to customers’ networks to remotely collaborate on a project. Secure remote Intranet access with BiGuard Gigabit
Dual-WAN SSL/IPSec VPN SME Appliance Series is possible via any device from anywhere any time.
Powerful Gigabit Connectivity
Not only sharing files, checking e-mail, and downloading documents, but also remote access to applications like Enterprise
Resources Planning (ERP) applications or remote surveillance; all of which are needed by today’s SMEs and enterprise
departments for diverse remote access needs. Billion continues to provide advanced enterprise-class BiGuard SSL VPN
appliances. Imbedded with high-performance CPUs, the BiGuard Gigabit Dual-WAN SSL/IPSec VPN SME Appliance Series
features Gigabit capability for LAN, WAN and DMZ ports, enabling faster transmission speeds, no matter for remote access,
internal connections or outbound networking. This design gives small-and-medium sized enterprises an edge in today’s
business environments where mobile workers, business partners and traveling employees are increasingly on the road, and
for whom connectivity problems and data security should be the last thing on their mind.
Flexibility, Scalability and Resilience
Both SSL VPN and IPSec VPN are remote access solutions and complementary technologies. The BiGuard Gigabit
Dual-WAN SSL/IPSec VPN SME Appliance Series offers both IPSec VPN and SSL VPN capabilities combined in a single
platform. This design provides excellent deployment flexibility to SMEs for meeting the requirements of both remote access
and Lan-to-Lan branch office connections. Load balancing and auto fail-over features are integrated to ensure optimal
bandwidth sharing for multiple PCs in your office, or provide network redundancy in case one connection should fail. All of
these are to keep your business online for mission-critical or important Internet-based applications.
Single Box with Low Cost of Ownership
Billion’s BiGuard Gigabit Dual-WAN SSL/IPSec VPN SME Appliance Series integrates SSL VPN, IPSec, firewall and router
functions in one single box. Thanks to integrated IPSec VPN access technology, the additional cost for deploying extra
platforms for IPSec VPN is eliminated. Aimed at a low total cost of ownership, the BiGuard SSL VPN box is affordable for
SMEs. IT administrators no longer need to buy an extra device to manage remote Intranet access, nor install and maintain
additional equipment for data security. The integrated router and firewall functions provide administrators with a perfect
solution to manage all connections and file sharing of remote access. It is easier to simply integrate these functions into one
BiGuard SSL VPN device instead of buying several independent networking devices.
Ease of Management
Managing various groups of remote users for certain access applications and policies and maintaining the user accounts in a
SME are a hassle for IT administrators. Group Account Setting featured in the BiGuard Gigabit Dual-WAN SSL/IPSec VPN
SME Appliance Series address administrators’ concerns. AD/LDAP Account Import makes it easy for IT administrators of
enterprises to manage intranets by importing existing accounts from AD/LDAP servers into a BiGuard SSL VPN device. IT
administrators configure the gateway to control the resources and applications available to different groups of users. Access
policies, authorizations and authentication mechanisms can all be set up as well. After this setting, each user will have an
easy-to-manage Personalized Web Portal, which displays the applications according to the user’s access settings.
Comprehensive Security
The security of remote access is even more concerned by IT administrators. The BiGuard Gigabit Dual-WAN SSL/IPSec VPN
SME Appliance Series supports rich advanced security features. The support of cache cleaner function makes sure that the
user’s data will be cleaned up without record after user’s log out from a remote site. The End Point Security (EPS) function
enables IT administrators to check the identity of a remote PC and its security policy settings when a user logs in from that
device. Granular Access Control makes setting up different users allowed to access different applications possible. One-Time
Password enforces the user to input different password every time when log in. Access Policy settings enable administrators
to set up different users with different access rules. Strong firewall security provides access protection from hackers and other
attacks. Access security with the BiGuard Gigabit Dual-WAN SSL/IPSec VPN SME Appliance Series, no matter locally or from
remote sites, is assured with these comprehensive security features.
Management Options for Growth
A total SSL VPN solution is made possible by offering optional support: SSL VPN Tunnel Upgrades, BiGuard’s Central
Management System, and BiGuard One-Time Password (OTP). In case of a growing need for remote access, just upgrade
the BiGuard SSL VPN gateway by adding more SSL VPN tunnels. The Central management System enables
administrators in the head office or service providers to centrally manage all the BiGuard SSL VPN devices,
which enable remote configuration from a central site to save on maintenance efforts. In addition, the
BiGuard OTP, a car-key sized token, is used to create a two-factor authentication by using a
dynamically generated 6-digit PIN. Combined with your existing static password this results
in a greatly reduced risk of unauthorized access to corporate network resources by
intruders. The Feature and Firmware Upgrades and Billion
Care
services
are also available for a certain duration from purchase date
and continues optionally after that.
Features & Specifications
Gigabit Dual-WAN SSL/IPSec VPN SME
Appliance Series
BiGuard S6000
Gigabit Dual-WAN SSL/IPSec VPN Security Gateway
BiGuard S3000
Gigabit Dual-WAN SSL/IPSec VPN Security Gateway
TEL: +886-2-29145665
FAX: +886-2-29186731, +886-2-29182895
E-mail: [email protected]
www.billion.com
Billion Electric Co., Ltd.
8F, No. 192, Sec. 2, Chung Hsing Road,
Hsin Tien City, Taipei County, Taiwan
Key Features
• Dual WAN
• Auto fail-over and load balancing
• Device redundancy for high availability
• Both LAN and WAN Gigabit connectivity
• SSL VPN gateway plus solid router
functions
• Clientless connectivity
• Wide range of web browsers supported
• Rich in SSL VPN access connections
• Granular access policy management
• Windows / Linux / Macintosh supported
• Mobile devices supported
• AD / LDAP account import
• Group account setting
• WOL (Wake On LAN)
• Personalized web portal
• Data encryption, user authentication
and access control
• End Point Security (EPS) checking
• Host security checking
• IPSec VPN capabilities
• Robust firewall security
• Quality of Service control
Other Options
• Instant
Chat
Support 24 x 7 Service
• Feature and Firmware Upgrades
• BiGuard SSL VPN Tunnel Upgrades
• BiGuard Central Management System
• BiGuard One-Time Password
IPSec VPN
• 30 IPSec VPN tunnels
• IP Authentication Header (AH)
• Internet Key Exchange (IKE)
• IP Encapsulating Security Payload (ESP)
authentication and Key Management
• Dynamic VPN (FQDN) support
• Authentication (MD5/SHA-1)
• Supports remote access and office-to-
• DES/3DES encryption
office IPSec connections
• AES 128/192/256 encryption
Availability and Resilience
• Load balancing
• Automatic fail-over and VPN fail-over
- Traffic management
• High availability (device redundancy)
- Protocol binding
Logging and Monitoring
• Centralized logs
• E-mail alerts and intrusion logs
• System log
• System status monitoring
Network Protocols and Features
• Static IP, PPPoE and DHCP client
• DHCP server
connection to ISP
• SNTP
• NAT, static routing and RIP1/2
• SNMP
• Dynamic Domain Name System (DDNS)
• Multi-NAT
• Router mode
• Transparent bridging
• Virtual server
• Port-based VLAN
Hardware Specifications
Physical Interface
• 2 x 10/100/1000Mbps Gigabit WAN ports
• 2 x USB 2.0 hosts (future extension)
• 8 x 10/100/1000Mbps Gigabit LAN ports
• RS232 console port
• 1 x RS232 Serial port
• Power switch
• Reset button
Physical Specifications
• 1U rack-mount
• Dimensions: 19" x 8.27" x 1.73"
(482 x 210 x 44mm with bracket)
(390 x 210 x 44mm without bracket)
Power Requirements
• Input Voltage (Operation):
• Efficiency: 80% @115Vac/60Hz or
90 to 264VAC full range
230Vac/50Hz at max. load
• Input Frequency (Operation):
• Output power: 12V/3.5A (42W)
47 to 63Hz
• Power Supply MTBF 100,000 hours
• Input Current:
at 25°C (110Vac & 220Vac)
Max. 0.95A @115Vac/60Hz at max. load
Operating Environment
• Operating temperature: 0 to 40°C
• Humidity: 20 to 95% non-condensing
• Storage temperature: -20 to 70°C
Support and Services
*2
• Feature and Firmware Upgrades for 1 year • Hardware Warranty for 1 year
SSL VPN
Access Connections
• Network Extender
• Application Proxy
• Standalone Network Extender client
• Personalized Web Portal
• Transport Extender (TCP / UDP)
• Single Sign-On (SSO)
• Network Place • SSL hardware accelerator
Applications & Management
• Network File Share (CIFS)
• WOL (Wake On LAN)
• Supports Citrix
• AD / LDAP account import
• Terminal services (RDP5, RDP6)
• Account membership
• File Transfer Protocol (FTP)
• Granular user policy management
• Telnet • Supports mobile devices (Microsoft
• Supports MS Outlook Web Access (OWA)
Windows Mobile 5.0 / 6.0 or compatible)
• Virtual Network Computing (VNC)
• Supports MS IIS NTLM
• Secure Shell (SSH, SSHv2) support
(NT LAN Management) authentication
• SRDP (Single Remote Desktop Protocol) • SSL event log and monitor
• Web based data (HTTP, HTTPS)
Security
• User access control
• Digital certificate
• Web cache cleaner
• Authentication domains: RADIUS,
• End Point Security (EPS) checking
LDAP, Active Directory, NT Domain
,
• Host security checking
Local database
• Self-Signed certificate • SSL encryption
Compatible Web Browsers
*1
• Microsoft Internet Explorer 6.0 and
• Firefox 1.5 and newer versions
newer versions
• Safari 2.0 and newer versions
• Netscape 7.0 and newer versions
• Mozilla 1.7 and newer versions
• Opera 9.0 and newer versions
• Sun JRE 1.3 and newer versions
Supported Operating Systems
*1
• Microsoft Windows, Linux, and Apple Macintosh
Firewall & Content Filtering
• Stateful Packet Inspection (SPI)
• Intrusion detection
• Denial of Service (DoS) prevention
• URL filter
• Packet filter
• Java Applet/Active X/Cookie
blocking
Quality of Service Control
• Supports DiffServ approach
• Traffic prioritization and bandwidth
management based on IP protocol,
port number and IP address
Web-Based Management
• Easy-to-use web based user interface
• Multi-language web interface
• Group account settings on access
• Remote dial-in configuration (RS-232)
applications
(CLI for RS-232 port)
• Firmware upgrades through web-based
• Supports BiGuard CMS for centralized
interface
management
• Local and remote management through
HTTP and HTTPS
*
Notes:
1. Please refer to http://www.billion.com/product/biguard/sslvpnbrowser.htm for updates of all supported browsers and OS platforms.
2. Users are strongly recommended to register the products on www.biguard.com in order to be able to use the update feature and firmware upgrades.
Recommended organizations
Concurrent SSL VPN tunnels
Concurrent NAT sessions
Processor / Flash
Memory
Medium-sized enterprises with 500 to 1,000 employees
Up to 200, basic 50 tunnels
120,000
Multi-Core MIPS64 / 64MB
1GB
Small and medium sized businesses with 150 to
500 employees, or enterprise departments
Up to 50, basic 10 tunnels
80,000
Multi-Core MIPS64 / 64MB
512MB
V.123008
Copyright © Billion Electric Co., Ltd. All rights reserved.
