LANCOM
IAP-321-3G
Scope of features: as of LCOS version 8.5x
LANCOM Dynamic VPN
Enables VPN connections from or to dynamic IP addresses. The IP address is communicated via the ICMP or UDP protocol in
encrypted form. Dynamic dial- in for remote sites via connection template
Dynamic DNS
Enables the registration of IP addresses with a Dynamic DNS provider in the case that fixed IP addresses are not used for the
VPN connection
Specific DNS forwarding
DNS forwarding according to DNS domain, e.g. internal names are translated by proprietary DNS servers in the VPN. External
names are translated by Internet DNS servers
VPN throughput (max., AES)
1416- byte frame size UDP
55 Mbps
1416- byte frame size UDP
55 Mbps
256- byte frame size UDP
14 Mbps
IMIX
24 Mbps
Firewall throughput (max.)
1518- byte frame size UDP
80 Mbps
1518- byte frame size UDP
80 Mbps
256- byte frame size UDP
20 Mbps
Content Filter (optional)
Demo version
Activate the 30- day trial version after free registration under http://www.lancom.eu/routeroptions
URL filter database/rating server
Worldwide, redundant rating servers from IBM Security Solutions for querying URL classifications. Database with over 100
million entries covering about 10 billion web pages. Web crawlers automatically search and classify web sites to provide nearly
150,000 updates per day: They use text classification by optical character recognition, key word searches, classification by word
frequency and combinations, web- site comparison of text, images and page elements, object recognition of special characters,
symbols, trademarks and prohibited images, recognition of pornography and nudity by analyzing the concentration of skin tones
in images, by structure and link analysis, by malware detection in binary files and installation packages
HTTPS filter
Filtering of HTTPS requests.
Categories/category profiles
Filter rules can be defined in each profile by collecting category profiles from 58 categories, for example to restrict Internet
access to business purposes only (limiting private use) or by providing protection from content that is harmful to minors or
hazardous content (e.g. malware sites). Clearly structured selection due to the grouping of similar categories. Content for each
category can be allowed, blocked, or released by override
Override
Each category can be given an optional manual override that allows the user to access blocked content on a case- by- case basis.
The override operates for a limited time period by blocking the category or domain, or a combination of both. Optional
notification of the administrator in case of overrides
Black- /whitelist
Lists that are manually configured to explicitly allow (whitelist) or block (blacklist) web sites for each profile, independent of the
rating server. Wildcards can be used when defining groups of pages or for filtering sub pages
Profiles
Timeframes, blacklists, whitelists and categories are collected into profiles that can be activated separately for content- filter
actions. A default profile with standard settings blocks racist, pornographic, criminal, and extremist content as well as
anonymous proxies, weapons/military, drugs, SPAM and malware
Time frames
Timeframes can be flexibly defined for control over filtering depending on the time of day or weekday, e.g. to relax controls
during break times for private surfing
Flexible firewall action
Activation of the content filter by selecting the required firewall profile that contains content- filter actions. Firewall rules enable
the flexible use of your own profiles for different clients, networks or connections to certain servers
Individual display pages (for blocked,
error, override)
Response pages displayed by the content filter in case of blocked sites, errors or overrides can be custom designed. Variables
enable the inclusion of current information such as the category, URL, and rating- server categorization. Response pages can be
issued in any language depending on the language set in the user's web browser
Redirection to external pages
As an alternative to displaying the device's own internal response pages to blockings, errors or overrides, you can redirect to
external web servers
License management
Automatic notification of license expiry by e- mail, LANmonitor, SYSLOG or SNMP trap. Activation of license renewal at any time
before expiry of the current license (the new licensing period starts immediately after expiry of the current license)
Statistics
Display of the number of checked and blocked web pages by category in LANmonitor. Logging of all content- filter events in
LANmonitor; log file created daily, weekly or monthly. Hit list of the most frequently called pages and rating results. Analysis of
the connection properties; minimum, maximum and average rating- server response time
Notifications
Messaging in case of content- filter events optionally by e- mail, SNMP, SYSLOG or LANmonitor
Wizard for typical configurations
Wizard sets up the content filters for a range of typical scenarios in a few simple steps, including the creation of the necessary
firewall rules with the corresponding action
Max. users
Simultaneous checking of HTTP traffic for a maximum of 100 different IP addresses
VPN