alcatel lucent vpn firewall brick security app model 150

Alcatel-Lucent– Proprietary This document contains proprietary information of

Alcatel-Lucent and is not to be disclosed or used except in Accordance with applicable agreements

Copyright © 2006 Alcatel-Lucent

Unpublished and Not for Publication All rights Reserved

Alcatel-Lucent VPN Firewall Brick™ Security Appliance Model 150 User’s Guide

260-100-001R8.0 Model 150 Brick™ C300698289

User’s Guide C109526590 Issue 2

February 2006 .

Lucent Technologies – Proprietary

Notice Every effort was made to ensure that this information product was complete and accurate at the time of printing. However, information is subject to change. Mandatory customer information Interference information: Part 15 of FCC rules NOTE: This equipment has been tested and found to comply with limits for Class B digital device. Pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instruction, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following: Reorient or relocate the receiving antenna. Increase the separation between the equipment and receiver. Connect the equipment into an outlet on a circuit different from that to which the receiver is connected. Consult the dealer or an experienced radio/TV technician for help.

Alteration or modifications carried out without appropriate authorization may invalidate the user’s right to operate the equipment. Security Statement In rare instances, unauthorized individuals make connections to the telecommunications network. In such an event, applicable tariffs require that the customer pay all network charges for traffic. Alcatel-Lucent and its predecessors cannot be responsible for such charges and will not make any allowance or give any credit for charges that result from unauthorized access. Trademarks Alcatel, Lucent, Alcatel-Lucent, and the Alcatel-Lucent logo are trademarks of Alcatel-Lucent. All other trademarks are the property of their respective owners. VPN Firewall Brick is a trademark of Alcatel-Lucent. Limited Warranty For terms and conditions of sale, contact your Lucent Technologies Account Team. Ordering Information The ordering number for this information product is 260-100-001R8.0. Support Technical support Lucent Technologies Customer Technical Assistance Management (CTAM) center provides a technical assistance telephone number that is moni-tored 24 hours a day. For technical assistance (continental U.S.), call 1-866-LUCENT8 (1-866-582-3688) and select appropriate prompt. For international customers, please call +1 630-224-4672. Developed by Lucent Technologies.

Alcatel-Lucent VPN Firewall Brick™ Model 150


Table of Contents 1. Introduction .......................................................................................................................................... 1

1.1. General ........................................................................................................................................ 1 1.2. Lucent Security Management Server (LSMS) Software Patch ................................................... 1 1.3. Power Supply............................................................................................................................... 1 1.4. USB Port...................................................................................................................................... 1 1.5. LED Indicators ............................................................................................................................ 2 1.6. Handling Brick Components ....................................................................................................... 2

2. Installation............................................................................................................................................ 2 3. Illustrations........................................................................................................................................... 6 4. Specifications ....................................................................................................................................... 8

4.1. Dimensions .................................................................................................................................. 8 4.2. Processor Memory....................................................................................................................... 8 4.3. LAN Interfaces ............................................................................................................................ 8 4.4. Performance................................................................................................................................. 8 4.5. Virtualization............................................................................................................................... 8 4.6. VPN ............................................................................................................................................. 8 4.7. Mean Time Between Failure ....................................................................................................... 8 4.8. Hardware Assisted Encryption .................................................................................................... 8 4.9. Other Ports................................................................................................................................... 8 4.10. Cooling ........................................................................................................................................ 9 4.11. Altitude ........................................................................................................................................ 9 4.12. Environmental ............................................................................................................................. 9 4.13. Power........................................................................................................................................... 9 4.14. Product Safety and Emissions Certifications............................................................................... 9

5. Safety Instructions.............................................................................................................................. 10 6. Maintenance ....................................................................................................................................... 12

6.1. Replacement of Air Filter .......................................................................................................... 12 6.2. Alarm Indication........................................................................................................................ 12

Table of Figures Figure 1: Brackets for mounting on a 19-inch rack with 5 inch uprights ..................................................... 3 Figure 2: Brackets for mounting on a 19-inch rack with 3 inch uprights ..................................................... 4 Figure 3: Brackets for wall mounting ........................................................................................................... 5 Figure 4: Front View..................................................................................................................................... 6 Figure 5: Rear View...................................................................................................................................... 7 Figure 6: Air Filter Replacement ................................................................................................................ 12


1


1. Introduction

1.1. General

A Model 150 Brick® measures approximately 11” (W) x 7.18” (D) x 1.75” (1U) and is intended to be pri-marily a desktop unit. However, two rack-mounting brackets and two wall-mounting brackets are in-cluded for different mounting options. The Model 150 contains four 10/100baseTX ports. The front panel has Power and HD Activity indicator lights and an Alarm light, as well as a link and an activity indicator for each of the four Ethernet ports. See Figure 4 for a depiction of the front panel and Paragraph 1.5 for a description of the light indications. The rear panel has four 10/100baseTX interfaces on the motherboard, which are labeled 0 through 3. The panel also has serial, USB (2) and monitor ports and a power jack. See Figure 5 for a depiction of the rear panel.

NOTE

For installation into networks that are subject to surges, a shielded ethernet cable and/or serial port cable may be needed for regulatory compliance.

1.2. Alcatel-Lucent Security Management Server (SMS) Software Patch

The Model 150 Brick is only supported by SMS, Version 7.2 or later. To upgrade V7.2 with a software patch incorporating the Model 150 software, download the latest patch from the following URL:

https://www.vpn.firewall.brick.alcatel-lucent.com/

1.3. Power Supply

The Model 150 comes with a 12 volt external power supply.

1.4. USB Port

The Model 150 has a USB port for a flash drive or external floppy drive. If a USB floppy drive is to be used, it is recommended that a USB floppy drive with a data transfer rate of 500Kb/s or more be used to obtain a reasonable download speed. A drive that meets this criterion is orderable from Lucent Technologies. Contact your sales representative for further information. If a USB flash drive is to be used, it must be one that is 1)less than 128MB in size, and 2)guaranteed from the manufacturer to be able to function as a bootable device when formatted as FAT. Due to the variety of USB flash drives that are commercially available, and the internal differences between flash drives that seem to be identical from an external view – Lucent Technologies only qualifies that the UsB flash drive orderable from Lucent Technologies will work properly. The user assumes all liability when using any USB flash drive other than the one available from Lucent Technologies. Contact your sales representa-tive for further information.


2


1.5. LED Indicators

Power Light – this light stays green as long as the main power supply is providing power to the Brick. When power is lost, the light will go out. HD Activity Light – this light will flash green when activity is detected on the hard drive. Alarm Light – this light will be off during normal operation. When the temperature of the CPU exceeds specified limits, the CPU power supply will be turned off and this light will be red. When this occurs, the Brick is not functional although the Power, HD Activity, Ethernet Link, and Ethernet Activity lights may still be green. See Paragraph 6.2 for maintenance procedures to be performed if the Alarm light is red. Ethernet Link Lights – these lights will be solid green as long as a link is established on the port. If there is no link, the light will be off. Ethernet Activity Lights – these lights will flash green when activity on the port is detected.

1.6. Handling Brick Components

To prevent damage to components from electrostatic discharge, always follow the proper guidelines for equipment handling and storage. Electronic devices can be easily and permanently damaged due to elec-trostatic discharge during installation and removal. In order to reduce the static potential, the user should be properly grounded through the use of an ap-proved antistatic wrist strap when installing, removing or handling Bricks.

2. Installation

To install a Brick, follow the steps below:

1. Remove the Brick from the carton in which it was shipped. If using as a desktop unit, place on a flat surface near an AC outlet.

2. The standard 19-inch rack-mount kit consists of a left and right mounting bracket designed for both 1" and 1-1/4" mounting hole spacing. The Brick 150 is intended to be installed in a EIA 19" Standard Rack with either 5" deep uprights (see Figure 1) or 3" deep uprights (see Figure 2). The Brick 150 can also be installed in a Telecom Network Bay using 19" to 23" rack adapters.

3. For either wall or rack installation, mount the two brackets using two M5 x .8 x 8 mm panhead screws per bracket. Figure 1 shows the mounting for a 5” deep upright and Figure 2 shows the mounting for a 3” deep upright (front of unit is flush with the front of the upright). Figure 3 shows the mounting for a unit to be wall-mounted.


3


Figure 1: Brackets for mounting on a 19-inch rack with 5 inch deep uprights


4


Figure 2: Brackets for mounting on a 19-inch rack with 3 inch deep uprights


5


Figure 3: Brackets for wall mounting

4. Mount the unit on the rack using two screws per bracket or on the wall using one screw per

bracket.

5. Take the power cord that comes with the unit and connect it to the back. See Figure 5 for the lo-cation of the power jack.

6. Connect the LSMS to one of the Ethernet interfaces on the back (see Figure 5). The following ex-plains the type of Ethernet cable to use:

• Direct connection If you are connecting the LSMS directly to the Brick, use a crossover Ethernet cable.

• Hub/Switch If you are connecting the Brick to the LSMS by means of a hub or switch, use regular Ethernet cables from the LSMS to the hub/switch, and from the hub/switch to the interface on the back.

7. Connect the LANs to the Brick. Insert the Ethernet cable from the LANs into the remaining Ethernet interfaces (see Figure 5).

Keep a record of the interfaces to which the LSMS and the various LANs are connected. You will need this information later when you create security zones and assign them to interfaces.

8. Power the Brick up. It is now ready to be configured, using the LSMS (refer to Configuring and Activating a Brick® in the LSMS Administration Guide for instructions).


6


3. Illustrations

Figure 4: Front View


7


Figure 5: Rear View


8


4. Specifications

4.1. Dimensions

Height: 1.75 inches (4.5 cm) (1U) Width: 11 inches (27.9 cm) Depth: 7.18 inches (18.2 cm) Weight: 3 lbs. (1.4 Kg) Shipping Weight: 5 lbs. (2.3 Kg) Rack or Wall Mountable

4.2. Processor Memory

650 MHz Celeron Processor with 128 MB of RAM

4.3. LAN Interfaces

Four 10/100base TX Ethernet Ports

4.4. Performance

For information on the Model 150 Brick® performance specifications, please access the following website: https://www.vpn.firewall.brick.alcatel-lucent.com

4.5. Virtualization

Maximum number of virtual firewalls: 150 Number of VLANs supported: 4,094 VLAN domains: up to 4

4.6. VPN

For information on the maxium number of dedicated VPN tunnels, please access the following website: https://www.vpn.firewall.brick.alcatel-lucent.com

4.7. Mean Time Between Failure

218,999 hours

4.8. Hardware Assisted Encryption

Built-in accelerator chip

4.9. Other Ports

• SVGA Monitor

• DB9 Console

• USB (2)


9


4.10. Cooling

• CPU

• Chassis

• Power Supply

4.11. Altitude

Up to 13,123 feet (4,000 m.)

4.12. Environmental

Operating Temperature: 0° to 50° C. Shock: 2.5g. at 15 – 20 ms on any axis Relative Humidity: 10 – 95% at 40 C. (non-condensing) Vibration: 5g. at 2 – 200 Hz on any axis Non-Operating Temperature: -20° to 70° C. Shock: 35g. at 15 – 20 ms on any axis Relative Humidity: 10 – 95% at 40 C. (non-condensing) Vibration: 5g at 2 – 200 Hz on any axis

4.13. Power

• External AC to DC Power Supply − Rated 50W max.

• Input − CV mode, 100 – 240 VAC, 47 to 63 Hz, 64 watts

• Typical Consumption − 0.28A @ 115V, 0.14A @ 230V

4.14. Product Safety and Emissions Certifications

Safety Listings USA/Canada: CSA Certified to UL60950-1, First Edition and CAN/CSA C22.2 No. 60950-1-03 EU: CE, CB Scheme to EN/IEC 60950 EMC Certifications USA: FCC Part 15, Class B, CISPR Pub. 22 Class B Canada: ICES-003 Class B EU: EN 300-386 V1.3.2; EN 55024, EN 55022 Class B Japan: VCCI, Class B ICSA Certification ICSA V4.0 Firewall Certified ICSA V1.0B IPSec Certified


10


5. Safety Instructions

The exclamation point within an equilateral triangle is intended to alert the user to the presence of important operating and maintenance (servicing) instructions in the literature accompanying the product.

When installing, operating, or maintaining this equipment, basic safety precautions should always be followed to reduce the risk of fire, electric shock, and injury to persons, including the following:

Read and understand all instructions. Follow all warnings and instructions marked on this product. For information on proper mounting instructions, consult the Installation Instructions in this manual. Do not place this product on an unstable cart, stand or table. The product may fall, causing serious

damage to the product. This product should be operated only from the type of power source indicated on the marking label.

If you are not sure of the type of power supply, consult your dealer or local Power Company. Unplug this product from the wall outlet before cleaning. Do not use liquid cleaners or aerosol

cleaners. Use a damp cloth for cleaning. Do not use this product near water, for example, in a wet basement. Never push objects of any kind into this product through slots as they may touch dangerous voltage

points or short-out parts that could result in a risk of fire or electrical shock. Never spill liquids of any kind on the product.

Slots and openings in the unit are provided for ventilation, to protect it from overheating, these openings must not be blocked or covered. This product should not be placed in a built-in installation unless proper ventilation is provided.

To reduce the risk of electrical shock, do not disassemble this product. Service should be performed by trained personnel only. Opening or removing covers and/or circuit boards may expose you to dangerous voltages or other risks. Incorrect re-assembly can cause electric shock when the unit is subsequently used.

Risk of explosion if battery is replaced by an incorrect type. Dispose of used batteries according to the instruction.

This product is equipped with a three-wire grounding type plug, a plug having a third (grounding) pin. This plug is intended to fit only into a grounding type power outlet. This is a safety feature. If you are unable to insert the plug into the outlet, contact your electrician to replace your obsolete outlet. Do not defeat the safety purpose of the grounding type plug. Do not use a 3-to-2-prong adapter at the receptacle. Use of this type adapter may result in risk of electrical shock and/or damage to this product.

Do not allow anything to rest on the power cord. Do not locate this product where the cord will be abused by persons walking on it.

Do not overload wall outlets and extension cords as this can result in the risk of fire or electric shock.

!


11


Unplug this product from the wall outlet and refer servicing to qualified service personnel under the following conditions:

a) When the power supply cord or plug is damaged or frayed. b) If liquid has been spilled into the product. c) If the product has been exposed to rain or water. d) If the product does not operate normally by following the operating instructions. Adjust only

those controls that are covered by the operating instructions because improper adjustment of other controls may result in damage and will often require extensive work by a qualified technician to restore the product to normal operation.

e) If the product has been dropped or the cabinet has been damaged. f) If the product exhibits a distinct change in performance.

Save these instructions for future reference.


12


6. Maintenance

6.1. Replacement of Air Filter

As needed, periodically clean or replace the air filter using the following procedure: 1. Remove the snap-on filter cover from the side of the unit (see Figure 6).

2. Remove the filter and clean or discard. If filter cannot be cleaned, replace with part number 408905024.

3. Replace the cleaned (or new) filter.

4. Replace the snap-on filter cover.

Snap-onFilter Cover

Filter

Front of Unit

Figure 6: Air Filter Replacement

6.2. Alarm Indication

The Alarm light goes on (red) and the CPU power is turned off when the CPU exceeds operating tempera-ture limits. The Brick is not functioning when this condition occurs. The CPU may have overheated be-cause of inadequate ventilation. Clean or replace the air filter, as described in Paragraph 6.1. When the CPU cools, the power will come back on. If the problem was caused by blockage of the fan, a clean air filter should resolve the problem. If the problem persists, please call your service representative.

alcatel lucent vpn firewall brick security app model 150

Documents