Specifications
1-5
VPN 3000 Series Concentrator Getting Started
78-15733-03
Chapter 1 Understanding the VPN 3000 Concentrator
Software Features
Network Addressing
Support
• DNS (Domain Name System)
• Client address assignment:
–
DHCP (Dynamic Host Configuration Protocol), including DDNS host
name population and configurable giaddr
–
Internally configured client IP address pools
–
RADIUS
Authentication and
Accounting Servers
• Internal authentication server
• Support for external authentication servers:
–
RADIUS
–
RADIUS with Password Expiration (MSCHAPv2)
–
NT Domain
–
Kerberos (Active Directory)
–
RSA Security SecurID
–
TACACS (administrator only)
• LDAP Authorization
• Authentication server testing
• X.509 Digital Certificates
• RADIUS accounting
Certificate Authorities
• Entrust
• Veri Si g n
• Microsoft Windows 2000
• RSA Keon
• Netscape
• Baltimore
Security Management
• Group and user profiles
• Data traffic management, by means of:
–
Filters and rules (including RADIUS-based Access Control Lists)
–
IPSec Security Associations
–
NAT (Network Address Translation), many-to-one, also called PAT
(Port Address Translation)
–
Network lists
–
WebVPN
–
Access Control List, including file shares and Web URL filtering
VPN Feature Description