2 All Right Reserved, Copyright(c) FUJITSU Ltd.2005

Bandwidth Control FunctionBandwidth Control Function

Allocate bandwidth by judging address, port #, applications or URLsSuited for VoIP applications or streaming applications (RTSP/RTP) Dynamically allocate bandwidth settings for dates, day of the week or timeBi-directional traffic control (BTC) achieves traffic control for inboundand outbound traffic.

Efficient use of limited bandwidth and assuring response for mission-critical applications

QoS control for:DB/Application 50%Web 30%VoIP 20%

Network

VoIP

DB/Application server

Web server

IPCOM S series

IPCOM S1000/S1200

Bandwidth Control function

Bandwidth Control function

Even allocationof bandwidth

3 All Right Reserved, Copyright(c) FUJITSU Ltd.2005

Traffic Monitoring & AnalysisTraffic Monitoring & Analysis

support QoS (bandwidth control) policy creation, and make large reduction in introduction cost

Obtains traffic status, and supports bandwidth control setting

obtain network status

traffic analysis

bandwidth control policy creation

traffic discovery function

operationLifecycle on QoS control

Automatic detection of protocol & service in the network

IPCOM S1000/S1200

Operation by bandwidth control policy

Collected Information:- Bandwidth usage- Packet size distribution- Protocol statistics- Service/application

statistics

IPCOM S1000/S1200

Bandwidth Control function

Bandwidth Control function

4 All Right Reserved, Copyright(c) FUJITSU Ltd.2005

Link LoadLink Load--balancing Functionbalancing FunctionDistribution of bi-directional (outbound & inbound) trafficSupports various distribution method to select the most appropriate WANWAN line status monitoring enables early detection of traffic route failureStable line quality and highly reliable encryption communication provided by QoS control and IPSec-VPN function

Internet

Provider A

Provider B

IPCOM S1000/S1200

WWW sites

Internet

Provider A

Provider B

inbound load-balancing

IPCOM S1000/S1200

outbound load-balancing

WWW sites

IPCOM S1000/S1200

Link Load-balancing function

Link Load-balancing function

6 All Right Reserved, Copyright(c) FUJITSU Ltd.2005

IPsecIPsec--VPN FunctionVPN FunctionVPN functionality for secure internet use

Secure VPN environment by IPsec tunneling functionHigh availability IPsec-VPN communication environment by 2 types of systems

Hub and spoke type, which connects branches through centersMesh type between branches

Stable communication by avoiding path MTU problems using path MTU discovery functionQuick restoration of communication by automatic recovery of SA at destination server reboot

DB/Application server

Web server

Internet

IPsec tunneling

IPCOM S seriesIPCOM S series

* SA (Security Association) is a parameter definition required for IPsec communication.

IPsec-VPN functionIPsec-VPN function

IPCOM S1000/S1200

7 All Right Reserved, Copyright(c) FUJITSU Ltd.2005

– Special software not required at client. Low cost introduction and operation is enabled.

– By using encryption and authentication, secure remote access is realized on insecure networks such as internet.

Low cost ‘anytime, anywhere’ connection solution for a secure traffic

SSL-VPN functionSSL-VPN function

SSLSSL--VPN FunctionVPN Function

IPCOM S1200

SSL communication termination (decryption)Check access right to internal network based on client

authentication / user authenticationIPCOM connects to internal network on behalf of users

IntranetIntranet

SSL encryption

InternetInternet

Achieves high security and convenience

Protect from the threat of tapping or tampering

Achieves reliable and highly expandable network environment, by seamlessly integrating multiple functions such as router function, Firewall function, or bandwidth control function, etc.

IPCOM S1200

SSL-VPN systemSSL-VPN system

Web server

DMZ

8 All Right Reserved, Copyright(c) FUJITSU Ltd.2005

SSL Accelerator FunctionSSL Accelerator FunctionSecure communication by Built-in SSL accelerator

Improve performance of web servers by off-loading encryption / decryption processes of web servers to IPCOMStable and highly reliable system with built-in SSL accelerator.Support SSLv2, SSLv3, and TLSv1

Web server

Network

HTTP

SSL acceleratorｰ

HTTPS( Encrypted data )

Load-balancing

IPCOMS2000/S2200

SSL Accelerator functionSSL Accelerator function

IPCOM S1200

9 All Right Reserved, Copyright(c) FUJITSU Ltd.2005

Unit Redundancy FunctionUnit Redundancy FunctionResume communication by switching to standby unit when trouble happens on active side.

Monitoring each other by heart-beat message,while synchronizing connection and control information via synchronization path

If trouble happens on active unit, service will be switched to standby unit and resumes a communication

Method of monitoring other unit- Heart beat- Synchronization path monitoring- Data synchronization

Layer 2switch

IPCOM S1200 Network

active

standby

Synchronization

Layer 2switch

Layer 2switch

Layer 2switch

Layer 2switch

IPCOM S1200

resumes communication

Layer 2switch

Layer 2switch

Layer 2switch

troubleSynchronization

Network

IPCOM S1200

High Reliability function

High Reliability function

10 All Right Reserved, Copyright(c) FUJITSU Ltd.2005

Operation ManagementOperation ManagementOperation/Monitoring of IPCOM by a single PCCentralized monitoring by SNMP monitoring serverStores logging information (syslog) in an external server

SNMP trapsyslog

Command operation terminal(Operation management CLI issue )

Operation status monitoring

Web browser(QoS monitor function )

Traffic monitoringWeb browser

(Traffic detection function )

TrafficDiscovery

Trouble monitoringWeb browser

(Event monitor function )

SNMP monitoring server/log server

Systemadministrator

e-mail

Error display on LCD panel

error notification

IPCOM administration PC

-event info.-logging info.-event info.-logging info.

IPCOM S1000/S1200

Operation Management function

Operation Management function