Hamburg Germany

SystoLAN Security Appliance Systola Mühlenhagen 130 Hamburg Germany

Hamburg Germany

SystoLAN

Industrial Security Appliance


SystoLAN

The smallest professionall solution on the marketExcelent performance

Low price


Based on SystoLAN Gateway

Embedded computer

Power over PCI

Processor Intel IXP 4xx 266 / 533 MHz XScale with hardware encryption

2 x Ethernet (10/100 Mbit/s)

32 / 64 MB RAM

16 MB Flash

Auto MDIX

SystoLAN: Hadware


Systola Secure Linux

Protected File System

Firmware consistency check

Hardware watchdog

Optical display

Firewall

VPN

Modes:

Router, PPPoE, PPTP, Stealth

Browser-based administration

SystoLAN: Firmware

DHCP server and Client DNS cache NTP Server and client SNMP compliance Dynamic DNS Syslog client


SystoLAN: Firewall

Stateful inspection NAT DNAT / SNAT Configurable rules Port forwarding SYN-flood protection PING-flood protection Anti-spoofing Firewall in stealth mode Firewall for VPN channels


SystoLAN: VPN

IPsec VPN (DES, 3DES, AES 128,192, 256) L2TP server (also for MS Windows clients) Preshared Key or X.509-Certificates VPN topology:

net to net net to host host to host

VPN for dynamic IPs VPN in Stealth-Mode NAT-T Throughput up to 70 Mbit/s (3DES or AES 256) VPN between overlapping networks


SystoLAN: Antivirus

Kaspersky Labs Scanning engine

Mail and Web traffic protection

Automatic pattern update

Optional component


Stealth Mode

Automatic integration in network structures

Automatic configuration

Does not need an IP address

All services continue to run Firewall VPN Antivirus

Impossible to attack


Firmware: Online Updates

Updates are available through Internet

Integrity check cares for error-free operation

Electronic signature check

Not sensitive to power failures

Update-management over Web-Browser

Direct updates over Internet


Firmware: Offline Updates

SystoLAN Firmware UpdaterSystoLAN Firmware Updater

Uploading

File About

c:\SystoLan\Updates\version2.0

Source Folder:

?

Your Computer192.168.10.1

SystoLAN192.168.10.100

Your computer’s IP address ist set to 192.168.10.1Installation files are found in the source folderUpdate will now begin …Systolan requested an IP leaseLease issued: IP address 192.168.10.100SystoLAN requested install.p7sUploading install.p7sSystoLAN requested jffs2.img.p7sUploading jffs2.img.p7s

Protected file system

Not sensitive to power failures

Electronic signature check


Performance for 266 MHz Processor

Tunnel, router mode Proto Direction Size DES 3DES AES128 AES192 AES256 TCP Send 64 28 29 29 29 28 TCP Send 512 29 29 29 28 28 TCP Send 1400 29 29 28 28 28 UDP Send 64 2,5 -g 188 2,6 -g 185 2,5 -g 188 2,5 -g 186 2,5 -g 188 UDP Send 512 20 -g 186 20 -g 186 20 -g 186 20 -g 183 20 -g 184 UDP Send 1400 54 -g 187 54 -g 189 54 -g 188 54 -g 187 54 -g 188 TCP Receive 64 41 41 41 41 41 TCP Receive 512 41 41 41 41 41 TCP Receive 1400 42 42 42 41 41 UDP Receive 64 3,3 -g 133 3,3 -g 130 3,2 -g 136 3,3 -g 136 3,2 -g 138 UDP Receive 512 26 -g 111 26 -g 90 26 -g 128 26 -g 128 26 -g 126 UDP Receive 1399 68 -g 67 69 -g 14 67 -g 120 68 -g 114 68 -g 113

Transport, router mode Proto Direction Size DES 3DES AES128 AES192 AES256 TCP Send 64 30 30 30 30 30 TCP Send 512 30 30 30 30 30 TCP Send 1400 30 31 30 30 30 UDP Send 64 2,7 -g 175 2,7 -g 175 2,7 -g 175 2,7 -g 175 2,7 -g 176 UDP Send 512 21 -g 173 21 -g 173 21 -g 173 21 -g 173 21 -g 173 UDP Send 1400 57 -g 173 57 -g 173 57 -g 175 57 -g 175 57 -g 176 TCP Receive 64 44 42 43 43 43 TCP Receive 512 44 43 43 43 43 TCP Receive 1400 44 43 43 43 43 UDP Receive 64 3,3 -g 135 3,2 –g 132 3,3 -g 138 3,3 –g 138 3,3 -g 139 UDP Receive 512 26 -g 121 26 -g 95 26 -g 130 26 -g 131 26 -g 129 UDP Receive 1400 68 -g 96 69 -g 20 68 -g 120 69 -g 113 69 -g 111

Transport, Stealth Proto Direction Size DES 3DES AES128 AES192 AES256 TCP Send 64 19 19 19 19 19 TCP Send 512 19 19 19 19 19 TCP Send 1400 19 19 19 19 19 UDP Send 64 1,5 -g 313 1,5 -g 315 1,5 -g 317 1,5 -g 317 1,5 -g 315 UDP Send 512 12 -g 312 12 -g 313 12 -g 315 12 -g 315 12 -g 315 UDP Send 1400 33 -g 315 33 -g 317 33 -g 320 33 -g 319 33 -g 320 TCP Receive 64 25 24 24 24 24 TCP Receive 512 25 24 24 24 24 TCP Receive 1400 25 25 24 24 24 UDP Receive 64 1,75 -g 275 1,75 -g 270 1,75 -g 275 1,75 -g 275 1,75 -g 273 UDP Receive 512 14 -g 258 14 -g 231 14 -g 267 14 -g 267 26 -g 264 UDP Receive 1400 37 -g 228 34 -g 192 37 -g 257 37 -g 253 37 -g 254


Performance for 533 MHz Processor

Tunnel, router mode Proto Direction Size DES 3DES AES128 AES192 AES256 TCP Send 64 38 41 39 39 40 TCP Send 512 39 41 39 39 39 TCP Send 1400 39 41 39 39 39 UDP Send 64 4,3 -g 105 4,3 -g 105 4,3 -g 105 4,3 -g 105 4,3 -g 104 UDP Send 512 33 -g 104 33 -g 105 33 -g 105 33 -g 105 33 -g 104 UDP Send 1400 84 -g 100 75* -g 130 83 -g 100 83 -g 100 83 -g 100 TCP Receive 64 64 62 63 64 62 TCP Receive 512 64 64 62 63 62 TCP Receive 1400 65 64 62 62 63 UDP Receive 64 5,8 -g 67 5,7 -g 80 5,7 -g 70 5,9 -g 65 5,7 -g 67 UDP Receive 512 46 -g 50 46 -g 79 43 -g 60 45 -g 43 45 -g 52 UDP Receive 1399 91 77 * 91 91 91

Transport, router mode Proto Direction Size DES 3DES AES128 AES192 AES256 TCP Send 64 40 42 40 40 40 TCP Send 512 40 42 40 40 40 TCP Send 1400 40 44 40 41 41 UDP Send 64 4,4 -g 102 4,3 -g 100 4,4 -g 102 4,4 -g 102 4,4 -g 102 UDP Send 512 34 -g 102 33 -g 105 35 -g 100 34 -g 102 34 -g 102 UDP Send 1400 83 -g 100 76 -g 120* 83 -g 100 83 -g 100 83 -g 100 TCP Receive 64 66 64 64 64 64 TCP Receive 512 66 66 65 64 64 TCP Receive 1400 66 66 64 64 64 UDP Receive 64 5,8 -g 72 5,9 -g 65 5,9 -g 70 5,9 -g 70 5,9 -g 70 UDP Receive 512 43 -g 58 44 -g 30 44 -g 60 44 -g 58 43 -g 58 UDP Receive 1400 92 80 * 91 91 91

Transport, Stealth Proto Direction Size DES 3DES AES128 AES192 AES256 TCP Send 64 27 27 28 27 27 TCP Send 512 27 27 27 27 27 TCP Send 1400 28 28 27 27 27 UDP Send 64 2,2 -g 215 2,2 -g 200 2,2 -g 210 2,2 -g 210 2,2 -g 210 UDP Send 512 17 -g 215 17 -g 220 17 -g 215 17 -g 210 17 -g 215 UDP Send 1400 47 -g 215 46 -g 220 46 -g 220 47 -g 215 46 -g 220 TCP Receive 64 36 38 36 36 36 TCP Receive 512 37 37 36 36 36 TCP Receive 1400 37 37 36 36 37 UDP Receive 64 2,9 -g 155 2,9 -g 150 2,9 -g 160 2,9 -g 155 2,9 -g 155 UDP Receive 512 23 -g 140 23 -g 115 23 -g 145 23 -g 140 23 -g 135 UDP Receive 1400 61 -g 113 55 -g 60 * 60 -g 125 61 -g 115 61 -g 110


Competitor Prices Comparison

Product SystoLAN 266 Mhz

SystoLAN 533 Mhz

Checkpoint Safe@Office 110

Netscreen 5XT

Sonicwall TZW

Firewall throughput (clear text)

100 22 70 75

VPN throughput (3DES)

40 75 3 20 20

Number of users Unlimited 10 10 25

Number of VPN Tunnels

2, 10, 250 (license model)

5 10 20

Price, € from 320 (PCI) / 420 (Gateway) 660 680 715


Cisco PIX Prices comparison

Model PIX 501 PIX 506E PIX 515E PIX 525 PIX 535

Firewall throughput 20 100 188 330 1740

VPN throughput (3DES) 3 17 63 72 (155) 100 (440)

Number of users 10 50 N/A N/A N/A N/A

Number of VPN tunnels 10 25 2000 2000 2000

Price, € 490 690 1140 2870 7380 24600

Comparable to SystoLAN: – Sonicwall Pro 330 (75Mbit/s, 3DES), price 3600 € and Cisco PIX 515 / 525, prices 2800 € and 7380 €, respectively.


SystoLAN, Application Fields

Industrial network components protection

Remote control and support, ex. automation systems

Branch office connections over VPN

Point-to-Point protection in distributed networks

Common network protection in the Internet


Application Specials

Security based on an independent hardware system

Specialized hardware solution for special applications

Client-independent

High VPN and Firewall throughput

Automatic configuration in Stealth Mode


Hardware Solution Advantages vs. Software Solutions

Does not need to integrate into OS – no version problems

VPN for “exotic“ Systems (MSDOS, OS2, Windows NT etc.)

No drivers needed: black-box principle

Optional drivers for Windows and Linux

Security is not bound to a single system

Common security standard also when using different OSes in an Enterprise


Typical Fields of Usage

Internet-Providers and Communication-Providers VPN services

Hosting-Providers Rack-security

Industry Area security for separate segments

Commercial and governmental companies Internal / external or distributed network security

System-Integrators Remote access for technicians and support

Health-care Connecting medical practitioners to the clinics

POS, lottery, etc.


ATM Bank

GSM/GPRS/UMTS Encryption

Leased Line

VPN gateway /Firewall

GPRS / UMTSnetwork


WLAN Encryption

LAN

WiFi

IPSec VPN tunnles

Internet

http://images.google.de/imgres?imgurl=www.ralf-woelfle.de/elektrosmog/data/antenne.gif&imgrefurl=http://www.ralf-woelfle.de/elektrosmog/e_smog_6.htm&h=219&w=151&prev=/images%3Fq%3Dmobilfunk%26svnum%3D10%26hl%3Dde%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8

http://images.google.de/imgres?imgurl=www.jsu.edu/depart/psychology/jpegs/workstation.jpg&imgrefurl=http://www.jsu.edu/depart/psychology/Facilities.html&h=360&w=480&prev=/images%3Fq%3Dworkstation%26svnum%3D10%26hl%3Dde%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8


Security in Industrial Fields

Car industry Machine building Suppliers Printing Companies etc.


POS Terminal will soon be complex multimedia devices with such interfaces as xDSL, WLAN, etc.

Requirements

Easy integration Secure data transfer High encryption standard

SystoLAN solution

Very small Hardened design Low cost

POS Terminal

POS – Important object with respect to security, often with access to / from a bank. This object needs to be protected.


SystoLAN: Industrial Firewall

Industry uses TCP/IP

Common Standard Uses Windows CE Connecting Back Office and Production

Problems

Not enough security Windows-security problem Viruses, hackers, espionage, etc.

Industrial Firewall Requirements

Cheap Industrial standards Real-Time processing High security standard Industrial control systems utilization

SystoLAN Solution

Very small size System-independent High performance SNMP High reliability


OEM Solutions

Development of special solutions Special function integration Your own corporate design

Special Applications


Integration in other systems

Robots

ATMs

Ecological systems

Machinery

Integration into non-secured systems

WLAN and UMTS – surrounded computers

VPN over GPRS / UMTS: wireless connections for ATMs

Credit Card Terminals

SystoLAN as add-in Module


SystoLAN PCI

2 modes: Power over PCI and Ethernet adapter

Power over PCI In Stealth Mode connects to another Ethernet adapter Automatic configuration OS-independent – PCI is only used for powering Can be used as a router

Ethernet Adapter PCI is used to transfer data Drivers for MS Windows, Linux All SystoLAN functions are accessible


Future Peek

New features (in development)

Certificate Management

Radius-Authentication

WLAN and GPRS support

Central management console

Traffic management (QoS)

POE (Power over Ethernet), for new Processors


Conclusion

External connection security with firewall, VPN, Antivirus

Remote Access via VPN

Certificate-based Authentication

High encryption performance

Compatible with Cisco, Checkpoint, Netscreen etc.

Easy management

Excellent price/performance value

High ROI

Innovative technology

Hardware mobile firewall – power over USB

Stealth Mode

Dynamic DNS support


Hamburg Germany

SystoLAN

Industrial Security Appliance

Date post:	13-Jan-2016
Category:	Documents
Upload:	rasha
View:	28 times
Download:	0 times

Hamburg Germany

Documents