Professional Documents
Culture Documents
UTM Firewalls
AR3050S and AR4050S
Allied Telesis Unified Threat Management (UTM) Firewalls are the
ideal integrated security platform for modern businesses. Powerful
firewall and threat protection is combined with routing and switching,
to provide an innovative high performance solution.
The AR3050S and AR4050S are the ideal choice for high Secure Remote Virtual Private Networks (VPN)
speed Enterprise gateway applications. The UTM Firewalls Allied Telesis UTM Firewalls support IPSec site-to-site VPN
feature an integrated “best of breed” security platform to connectivity to connect one or more branch offices to a
provide up-to-the-minute threat protection, and advanced central office, providing employees company wide with
networking capabilities, meeting the needs of Enterprise consistent access to the corporate network.
networks.
Remote workers can utilize an SSL VPN connection to
High performance encrypt their business data over the Internet, allowing them to
High performance is guaranteed by harnessing the power of utilize all their business resources when working from home,
multi-core processors and application acceleration engines, travelling, or otherwise away from the company premises.
dramatically increasing throughput and enabling sustained
low latency traffic inspection. Easy to manage
The firewalls run the advanced AlliedWare Plus™ fully
featured operating system, with an industry standard CLI.
AT-AR3050S AT-AR4050S
The Graphical User Interface (GUI) provides a dashboard for
Firewall throughput (Raw) 750 Mbps 1,900 Mbps monitoring, showing traffic throughput, security status, and
Firewall throughput (App Control) 700 Mbps 1,800 Mbps application use at a glance. Configuration of security zones,
Concurrent sessions 100,000 300,000 networks and hosts, and rules to limit and manage traffic, as
well as management of advanced threat protection features,
New sessions per second 3,600 12,000
provides a consistent approach to policy management.
IPS throughput 220 Mbps 750 Mbps
IP Reputation throughput 350 Mbps 1,000 Mbps Wireless LAN management
Malware protection throughput 300 Mbps 1,300 Mbps The firewalls feature Allied Telesis Autonomous Wave
VPN throughput 400 Mbps 1,000 Mbps Controller (AWC), which is an intelligent, easy-to-use Wireless
LAN controller that automatically maintains the optimal
Note: All performance values are maximums, and vary depending on system configuration. wireless coverage. AWC is fully integrated with the GUI for
easy setup, management, and monitoring of wireless
Advanced feature licenses access points.
Flexible subscription licensing options make it easy to choose
the right combination of security features to best meet your
business needs. The Firewall license includes App Control,
Web Control and URL Filtering. The Advanced Threat
Protection (ATP) license includes IP Reputation, stream-based
Malware Protection and proxy-based Antivirus.* All other
features are included in the base feature set.
* Antivirus is only available on the AR4050S
Application-aware Firewall
The Allied Telesis UTM Firewalls have a Deep Packet
Inspection (DPI) engine that provides real-time, Layer 7
classification of network traffic. Rather than being limited to
filtering packets based on protocols and ports, the firewall
can determine the application associated with the packet.
This allows Enterprises to differentiate business-critical from
non-critical applications, and enforce security and acceptable
use policies in ways that make sense for the business.
Users simply utilize the OpenVPN ® client on their computer, tablet or other mobile device for easy access email, files, and other
SSL/TLS VPN for secure remote access
corporate digital resources when away from the office.
Primary and secondary VPNs can be configured when using multiple WAN connections, for seamless failover of VPN connec-
Redundant VPN gateway
tivity to a remote site.
Dynamic routing over VPN links ensures no loss of connectivity, as traffic is routed through an alternate link in the event of a
Dynamic routing through VPN tunnels
tunnel failure.
Key Solution
Members
x2
30
advanced threat
0 protection.
x51
M
Company UT
x2
30
office
Master
U
TM
Members
Internet
Integrated protection and secure remote access The powerful combination of features make Allied Telesis
Allied Telesis UTM Firewalls are the ideal integrated security UTM Firewalls the one-stop integrated security platform for
platform for modern businesses. The powerful combination protecting today’s online business activity.
of next-generation firewall and threat protection, along with
secure remote access, and routing and switching, provides Automated network management
a single platform able to connect and protect corporate In addition to protecting and connecting modern networks,
data. the firewalls are fully supported by the Allied Telesis
Autonomous Management Framework (AMF).
This solution shows a UTM Firewall providing site-to-site
IPSec VPN connectivity between corporate offices, while AMF is a sophisticated suite of management tools
also allowing secure SSL VPN access for remote workers, that automate and simplify many day-to-day network
so they enjoy full access to digital company resources when administration tasks. Powerful features like centralized
away from the office. management, auto-backup, auto-upgrade, auto-
provisioning and auto-recovery ensure streamlined
As well as securing remote connectivity, the firewall networking. Growing the network can be accomplished
will simultaneously ensure the security of inbound and with plug-and-play simplicity, and network node recovery is
outbound business data, with advanced threat protection fully zero-touch
features like IP reputation, Malware protection and Antivirus.
Full application control allows this organization to control The AR4050S can operate as the AMF network master,
the applications their people use, and how they use them, storing firmware and configuration backups for up to 20
so security and acceptable use policies can be enforced in other network nodes.
ways that make sense for the business.
Key Solution
Autonomous Wireless LAN solution unscreened electrical equipment, changes to office layout,
Allied Telesis AWC offers solutions for two of the most or neighbouring wireless networks.
common problems with Wireless LANs: initial setup
complexity and on-going performance degradation. Initial When AWC is combined with the firewall functionality in the
WLAN set-up usually requires a site survey to achieve the AR3050S and AR4050S, they become the ideal solution for
best coverage; and performance of WLANs can often branch offices and small businesses to both protect and
change over time as external sources of radio interference manage the office network. AWC is an essential tool for
reduce coverage and bandwidth. These issues can be time- busy network administrators to save time and money when
consuming to identify and resolve. deploying and managing WLANs.
AWC features an intelligent process that automatically Up to 5 TQ or MWS Series wireless APs can be managed
re-calibrates the signal strength and radio channel of each using the built-in AWC functionality. Additionally, the
Access Point (AP) for optimal WLAN performance. This AR4050S can manage a further 20 APs (max 25) with a
re-calibration is performed daily based on measurements feature license, available separately.
taken from each AP to compensate for interference such as
ۼۼCustom web control categories, match criteria and keyword blocking per entity ۼۼNo file size limitations
AR4050S
USB
retainer
slot
Specifications
AR3050S AR4050S
Processor and memory
Security features
Threat protection DoS attacks, fragmented & malformed packets, blended threats & more
Security subscriptions Next-Gen Firewall, Advanced Threat Protection
AR3050S AR4050S
Networking
Routing (IPv4) Static, Dynamic (BGP4, OSPF, RIPv1/v2), source-based routing, policy-based routing, VRF-Lite
Reliability features
Modular AlliedWare Plus operating system
Full environmental monitoring of PSU, fan, temperature and internal voltages.
SNMP traps alert network managers in case of any failure
Variable fan speed control
Hardware characteristics
Input power 90 to 260V AC (auto-ranging), 47 to 63Hz
Max power consumption 23W 27W
LAN ports 8 x 10/100/1000T RJ-45
WAN ports 2 x 1000X SFP / 2 x 10/100/1000T RJ-45 combo
High Availability bypass ports 2 x 10/100/1000T RJ-45
Other ports 1 x USB, 1 x RJ-45 console, 1 x SDHC slot
Product dimensions (H x W x D) 42.5 mm (1.67 in) x 210 mm (8.26 in) x 220 mm (8.66 in)
Packaged dimensions (H x W x D) 36.5 cm (14.37 in) x 26 cm (10.24 in) x 11.5 cm (4.53 in)
Product weight 1.7 kg unpackaged, 2.6 kg packaged
Typical / Max noise 28.4 dBA / 35.1 dBA
Environmental specifications
Operating temperature range 0°C to 50°C (32°F to 122°F). Derated by 1°C per 305 meters (1,000 ft)
Storage temperature range -25°C to 70°C (-13°F to 158°F)
Operating relative humidity range 5% to 80% non-condensing
Storage relative humidity range 5% to 95% non-condensing
Operating altitude 2,000 meters maximum (6,600 ft)
Country of origin
China
IP Reputation,
AT-RKMT-J15 Advanced Threat
Malware Protection AT-FL-AR4-ATP-1YR AT-FL-AR4-ATP-3YR AT-FL-AR4-ATP-5YR
Rack mount kit to install two devices side by side in a Protection Anti-virus
19-inch equipment rack
Management Licenses
AT-RKMT-J14
Rack mount kit to install one device in a 19-inch AR4050S AT-FL-AR4-AM20-5YR AMF Master license for up to 20 nodes for 5 years
equipment rack
AR4050S AT-FL-AR4-AWC20-1YR* WLAN Controller (AWC) license for up to 20 nodes for 1 year
Where xx = 10 for US power cord
20 for no power cord
30 for UK power cord AR4050S AT-FL-AR4-AWC20-5YR* WLAN Controller (AWC) license for up to 20 nodes for 5 years
40 for Australian power cord
50 for European power cord * 5 APs can be managed for free. 25 APs (max) can be managed with the addition of the 20 node license
51 for encryption not enabled
NETWORK SMARTER
North America Headquarters | 19800 North Creek Parkway | Suite 100 | Bothell | WA 98011 | USA | T: +1 800 424 4284 | F: +1 425 481 3895
Asia-Pacific Headquarters | 11 Tai Seng Link | Singapore | 534182 | T: +65 6383 3832 | F: +65 6383 3830
EMEA & CSA Operations | Incheonweg 7 | 1437 EK Rozenburg | The Netherlands | T: +31 20 7950020 | F: +31 20 7950021
alliedtelesis.com
© 2018 Allied Telesis, Inc. All rights reserved. Information in this document is subject to change without notice. All company names, logos, and product designs that are trademarks or registered trademarks are the property of their respective owners.
617-000567 Rev U