• Services
• More Products
• More VPN / Firewalls...
• SnapGear Products
  • SnapGear Family
  • SnapGear Family Overview
  • SG300
  • SG560
  • SG565
  • SG580
  • SG640
  • SG720
  • SnapGear Feature Guides
  • SnapGear Features
  • Comparison Matrix
  • SnapGear Warranty-Support
  • Annual Support & Ext Warranty
  • Legacy Product Support Options
  • WebWasher for SnapGear
  • WebWasher URL Filtering
  • WebWasher URL Filtering FAQs
  • URL Filter Categories
  • WebWasher Buyer's Guide
  • Installation & Support
  • L4 Networks Support Services
  • SnapGear User Manual
  • Global Command Center
  • GCC Overview
  • GCC Config Mgmt Tool
  • GCC Admin Tool
  • GCC Security Event Tool
  • GCC SW Update Tool
  • GCC Pricing & Availability

Buy Now SG580

SnapGear (Cyberguard) SG580

The Secure Computing (Cyberguard) SnapGear SG580 is a feature-rich, compact, network security appliance, which consolidates firewall, sophisticated intrusion-prevention, secure VPN access, anti-virus scanning and web content filtering on a single device. This reduces the complexity of network security deployments while lowering administration and maintenance requirements.

The SG580 is well suited to protecting central offices of small to medium-sized enterprises as well as branch offices of large enterprises. It enables offices to easily and safely connect their network of desktops, notebooks, PDAs, web and applications servers to the Internet via business-grade or consumer grade broadband, dedicated circuits from T-1 to T-3 or narrow-band connections (modem/ISDN). The SG580 provides connectivity and security features normally found in enterprise-class solutions.

With the inclusion of 5 Fast Ethernet ports, link fail-over and Internet session load balancing as well as multiple security zones, the SG580 can be deployed in a myriad of environments. Should the primary broadband connection fail, the SG580 can fail over to a secondary link. Internet traffic can be balanced between them, increasing bandwidth for faster web pages and more concurrent downloads. Should there be a complete broadband failure the built-in dial-up connection can be automatically invoked. To further enhance web performance and reduce WAN bandwidth, the SG580 has a built-in Web proxy cache.

The SG580 provides layers of network protection. A powerful stateful-inspection firewall, service-based intrusion detection blocking and advanced Internet connection sharing protect the branch-office network from the Internet.

The SG580 also includes gateway e-mail virus scanning to stop many e-mail borne viruses before they reach desktop systems and servers. Finally, the SG580 also provides security policy enforcement across the network by probing desktops and servers in an attempt to identify vulnerable network services.

The SG580 provides default physical security zones (DMZ, Guest and LAN) on separate Ethernet segments. These can be reconfigured to create three departmental security zones or other custom configurations. If only one WAN connection is required the other can be configured as a fourth security zone. A remote office network can safely become part of a central office network, as the SG580 is also a cost-effective VPN appliance. The SG580 includes industry-standard secure VPN access methods (IPSec, PPTP, L2TP) with hardware-accelerated encryption. It is complementary to the SG710 and CyberGuard TSP appliances for medium to large-scale branch office to head office VPN deployments. For smaller multi-site deployments, the SG580 provides a cost-effective head office solution with SG300 or SG560 appliances installed as VPN end points at remote office locations.

Anti-Virus Features
The CyberGuard SG appliance’s antivirus capabilities shield your LAN from viruses that propagate through email, the web and FTP. An antivirus subscription is not required and virus definitions are automatically kept up-to-date. The CyberGuard SG appliance is equipped with proxies for POP, SMTP, HTTP and FTP that facilitate the transparent scanning of files passing through it. If a virus is detected, the user on your LAN sending or receiving the infected file or email is informed by an error message or error email, and the infected file or email is not delivered to its destination.

Web Cache Features
TWeb browsers running on PCs on your LAN can use the CyberGuard SG appliance’s proxy-cache server to reduce Internet access time and bandwidth consumption. A proxy-cache server implements Internet object caching. This is a way to store requested Internet objects (i.e., data available via HTTP, FTP, and other protocols) on a server closer to the user's network than on the remote site. Typically the proxy-cache server eliminates the need to re-download Internet objects over the available Internet connection when several users attempt to access the same web site simultaneously. The web site’s contents are available in the cache (server memory or disk) and quickly accessible over the LAN rather than the slower Internet link.

The CyberGuard SG appliance’s web cache may also be configured to pass off web transation requests or responses to a third-party ICAP server for processing, using its ICAP client. This is typically used to integrate a third-party virus scanning, content filtering or complete CSM solution, such as WebWasher

	Buy Now
Features	Recommended for:
Full IPSec, PPTP & L2TP VPN client and server Link Fail-over & Load Balancing Intrusion Detection and Prevention DMZ, Guest and LAN security zones Web console for configuration and management Snort IDS/IPS Anti-virus (HTTP, POP, SMTP, FTP) Web Cache	Fully interoperable with CyberGuard SG and TSP appliances and other standards-based security devices SME and large branch offices Central VPN for small multi-site networks Networks with mobile and remote workers Complementary VPN end-point for CyberGuard TSP Appliances Suitable for ADSL, Cable and T1 to T3 circuits Suitable for VPN up to 40Mbps (broadband and LAN-to-LAN)
Specifications
VPN - IPSec VPNC-certified interoperability Peer-to-peer (initiate and terminate) ESP and AH payloads Supports aggressive mode Dead peer detection Compression (deflate / gzip type algorithm) DES 56-bit, 3DES 168-bit, AES 256-bit encryption Hashes HMAC - MD5 and SHA-1 authentication IKE/ISAKMP Diffie-Hellman key exchange Diffie-Hellman Groups (1,2,5) and Oakley Groups (14,15,16) t4096-bits X.509 certificates DER, PEM formats Pre-shared secrets Dynamic IP address end-points Dynamic DNS IPSec support Authentication up t2048-bit for RSA key signatures Multiple subnets NAT traversal Up t200 IPSec tunnels 42 Mbps IPSec 3DES(VPN/firewall) 68 Mbps IPSec 3DES (VPN only) VPN - L2TP IPSec config Wizard L2TP over IPSec Autonomous L2TP Client: NAT, default route via L2TP Server: specify client IP address range VPN - PPTP v2 client and server Pass-through mode als MPPE 40 t128-bit RC4 encryption PAP/CHAP/MS CHAPv2 authentication L2TP & GRE tunneling extensions Up t10 PPTP client tunnels Up t25 PPTP server tunnels Up t12 Mbps RC4 throughput Firewall Dynamic stateful inspection firewall ICSA-certified NAT - static and dynamic NAPT/PAT - port forwarding Connection sharing 200 Mbps firewall performance Intrusion Protection (Snort) Security Policy Enforcement (Nessus) Web proxy cache based on Squid Ant-virus e-mail scanning - ClamAV (V2.3 firmware)	Network Traffic shaping (QoS) IP aliases DHCP - client and server PPPoE (for ADSL support) Bridging (802.1d) RIP, RIPv2, BGP, OSPF RAS (dial-in) Dial on demand Fail-over / high availability Traffic Load Balancing DNS enhanced caching, masquerading, proxy, multiple DNS server proxying 200 Mbps routed throughput 200 Mbps PPPoE throughput Management Logging (local and remote) NTP client and server Web management CLI (Telnet or SSH) device recovery Initial set-up via either static IP address or dynamic IP address (DHCP client) Administratin user accounts RADIUS / TACACS+ Hardware Status LEDs WAN port - 1x10/100BaseT LAN ports - 4x10/100BaseT WAN2, DMZ, Guest, LAN Serial ports - 1 (dial-in, or dial-on-demand) Memory - 16MB Flash, 64MB RAM Real time clock Power - 5V 1.5A Weight - 1lb (500g) Dimensions - 6.5"x4.5"x1" (168mmx115mmx26mm) Operating temperature 0C t40C Storage temperature -20C t70C Humidity 0 t95%, non-condensing Certification - home and office Warranty - 1 year** Ooptional Extended Three Year Warranty **Except where required tbe 2 years by law

Ordering Information
SKU	Base Product
SG580-12-US	This appliance includes 90 days of 24 x 7 support and 1 year of email support and advance replacement hardware warranty service with the one-time option to extend the hardware support to a total of 3 years.
SKU	Tech Support Upgrade and Renewal - 12 Months
SGTS-SG580-12-A	Upgrade and Renewal: SnapGear 24/7 phone and email Support and Maintenance, SG580, 12 Months, (does not include HW warranty extension)
SKU	Hardware Warranty Extension - 24 months
SGHM-SG580-EXT-24	One-Time Hardware Warranty Extension, SG580, 24 Mon. (Must be registered before the initial 12 month warranty expires)
SKU	SnapGear Subscriptions
TRSG-SG580-12	SnapGear TrustedSource Subscription, SG580, 12 Months
WWSG-SG580-12	Webwasher URL Filtering Subscription, SG580, 12 Months

Buy Now

Copyright © 2004-2008 L4Networks™ (contact us) (privacy)