Datasheet
AT-AR320 & AT-AR320S
Dual Ethernet Security Appliance Routers
HARDWARE-BASED DES AND OPTIONAL
3DES ENCRYPTION
The AT-AR320S includes an internal DES encryption
card, providing DES encryption of user data in hard-
ware—a process that is typically ten times faster than
software implementations. By carrying out the encryp-
tion in hardware there is no impact on Firewall per-
formance, so maximum throughput of user data is
maintained. DES encryption and Layer 2 Tunneling
Protocol (L2TP) allow the creation of secure VPNs
(Virtual Private Networks) across insecure cable,
xDSL, and Internet links. 3DES encryption is available
as an option for high security applications.
LOGGING OF FIREWALL EVENTS
The AT-AR320 and AR320S are connected between
the private network (LAN) and the public network—
positioning that provides a single point where all traffic
can be logged and monitored.The AT-AR320 and
AR320S also pro
vide ev
ent tr
igger
s, firewall event-log-
ging, and accounting information to ensure a compre-
hensive security audit trail.
DUAL ETHERNET SECURITY APPLIANCE ROUTERS
CONNECTORS
10T Ports Shielded RJ-45
RS232 Ports D TYPE 9 PIN (female)
LAN Port (Switchable MDI/MDIX)
WAN Port (MDIX)
POWER CHARACTERISTICS
I
nput Voltage 100-240vAC 50-60Hz, 10W
Auto-sensing internal supply
PHYSICAL CHARACTERISTICS
Dimensions 27cm x 20cm x 5cm
Weight 1.7kg
ENVIRONMENTAL CHARACTERISTICS
Operating Temp. 0°C - 40°C
Relative Humidity 10 - 95% non-condensing
ELECTRICAL/MECHANICAL
APPROVALS
Electromagnetic Emissions:
FCC part 15 class A
EN55022 class B
EN50082-1
Safety:
UL, CSA, TUC, CE
EN60950
EN41003
FEATURE SUMMARY
AT-AR320 AT-AR320S
10T Ethernet 2 2
RS232 Asynchronous Port (115kbps) 2 2
Dial-in Support yes yes
I
P/IPX and AppleTalk yes yes
SNMP Management yes yes
Stateful Inspection Firewall yes yes
Prevents Denial-of-Service Attacks yes yes
Internet Access Restriction yes yes
Network Access Rules yes yes
56 bit DES Hardware Encryption no yes
Secure VPN Option no yes
IPsec no yes
ISAKMP Key Management no yes
SecureShell Remote Management yes yes
L2TP (Layer 2 Tunneling Protocol) yes yes
Network Address Translation (NAT) yes yes
Dynamic IP Address Assignment yes yes
RADIUS/TACACS Authentication yes yes
PAP and CHAP Authentication yes yes
Predictor Data Compression yes yes
STAC Data Compression yes yes
IP Multi-homing yes yes
Unlimited LAN Users yes yes
OSPF yes yes
RIP and RIP V2 yes yes
IPX/SPX Spoofing yes yes
Spanning Tree Bridging yes yes
RSVP
yes yes
IP Packet Prioritization yes yes
PPP Multilink yes yes
Dynamic Host Configuration
Protocol (DHCP) yes yes
PPOE yes yes
SSH yes yes
STANDARDS & PROTOCOLS
ENCR
YPTION
RFC 2104
HMAC
RFC 2451 The ESP CBC-Mode Cipher Algorithms
FIPS 180 SHA-1
FIPS 186 RSA
FIPS 46-3 DES
FIPS 46-3
3DES
ETHERNET
RFC 894
Ether
net II Encapsulation
IEEE 802.1D MAC Bridges
IEEE 802.1G
Remote MAC Bridging
IEEE 802.3u 100BASE-T
FRAME RELAY
RFC 1490, 2427 Multiprotocol Interconnect over Frame
Rela
y
ANSI T1S1
Frame relay