• Services
• More Products
• More VPN / Firewalls...
• SnapGear Products
  • SnapGear Family
  • SnapGear Family Overview
  • SG300
  • SG560
  • SG565
  • SG580
  • SG640
  • SG720
  • SnapGear Feature Guides
  • SnapGear Features
  • Comparison Matrix
  • SnapGear Warranty-Support
  • Annual Support & Ext Warranty
  • Legacy Product Support Options
  • WebWasher for SnapGear
  • WebWasher URL Filtering
  • WebWasher URL Filtering FAQs
  • URL Filter Categories
  • WebWasher Buyer's Guide
  • Installation & Support
  • L4 Networks Support Services
  • SnapGear User Manual
  • Global Command Center
  • GCC Overview
  • GCC Config Mgmt Tool
  • GCC Admin Tool
  • GCC Security Event Tool
  • GCC SW Update Tool
  • GCC Pricing & Availability

Buy Now - SG720

SnapGear SG720

The SG720 is the flagship of the SnapGear’s SG Series of firewall/VPN appliances. With multi-megabit throughput, three fast Ethernet ports standard, and two additional gigabit ports, the ICSA-certified SG720 is an excellent solution for branch offices of large organizations, as well as central offices of small to mid-sized enterprises (SME).

The SG720 provides central site VPN, firewall and session load balancing capabilities with the capacity to securely connect hundreds of mobile and remote employees. The SNORT-based IDS adds an extra security layer by detecting attacks and alerting administrator so that countermeasures can be implemented quickly before the network is compromised. With its rich feature set and rack-optimized form factor, the SG720 is a compelling enterprise-class firewall solution at a mid-market price.

The SG720 also includes gateway e-mail virus scanning to stop many e-mail borne viruses before they reach desktop systems and servers.

Flexible Network Configuration with Bandwidth Optimization

The SG720 supports three 10/100 Fast Ethernet (FE) segments and dual GbE ports, extending the total number of Ethernet segments to five. Central and remote networks can connect to the Internet through a variety of broadband (ADSL, SHDSL and Cable) or dedicated high-speed copper (T-1, T-2, fractional T-3 and full T-3) or fiber circuits (OC-1 to OC-3).

The SG720 improves available Internet bandwidth and connection uptime by providing traffic load balancing across dual WAN links while an embedded web proxy cache, based on Squid, further accelerates web page downloads. This makes the SG720 an excellent solution for organizations that are power web users or have many remote offices accessing corporate intranets. Bandwidth can be further optimized through traffic shaping controls. Customers wishing to protect against access to inappropriate web material can purchase an URL content filtering (UCF) subscription service. This works in conjunction with the URL proxy embedded in the SG720 to increase productivity and available bandwidth. The combination supports blocking, monitoring, rating and optional reporting without the need for an on-site URL database.

Fully Integrated IDS Assures Maximum Security

Although all SG firewall/VPN appliances defend against Denial of Service and other common attacks, the SG720 raises the bar by detecting "suspicious" activity before it escalates into a full-blown network intrusion.

Web Cache for Rapid Web Response Time

The SG720 incorporates a powerful web proxy cache to improve web page response time and reduce link loads. Designed to integrate seamlessly with upstream proxy caches provided by ISPs, the SG720 allows complete tuning of the service using the management console GUI and command-line interface. More...

Fail-over and Load-Balancing

Increase uptime and boost performance by connecting the SG720’s two broadband links to different Internet providers, and then combining these into a single “virtualised” high performance connection. A network outage on either link will automatically switch traffic to the operational link via the built-in link fail-over features. The resulting network redundancy makes it possible to reduce by half the number of security appliances required to protect a network while preserving maximum throughout and uptime. The traffic load-balancing feature also boosts the performance of Web transfers and the stability of a company network connected by DSL to the Internet.

Demilitarized Zones (DMZ)

Administrators can improve on-site and remote employee productivity without compromising security by creating DMZs that segment the network into private and public security zones. Typically, the private network will be used to secure “internal” data while the DMZ permits access to e-mail servers, web servers, and other “public” applications and content.

Comprehensive VPN capabilities for Remote Access and Multi-site Access

The SG720 includes a high-performance, VPNC-certified VPN solution for securely connecting branch office networks to the corporate hub using IPsec, PPTP, L2TP, and other industry-standard protocols. Onboard DES, 3DES, and AES cryptographic acceleration ensures excellent VPN throughput, with support for T-3 and OC-1 encrypted connections.

Anti-Virus Features
The CyberGuard SG appliance’s antivirus capabilities shield your LAN from viruses that propagate through email, the web and FTP. An antivirus subscription is not required and virus definitions are automatically kept up-to-date. The CyberGuard SG appliance is equipped with proxies for POP, SMTP, HTTP and FTP that facilitate the transparent scanning of files passing through it. If a virus is detected, the user on your LAN sending or receiving the infected file or email is informed by an error message or error email, and the infected file or email is not delivered to its destination.

Web Cache Features
TWeb browsers running on PCs on your LAN can use the CyberGuard SG appliance’s proxy-cache server to reduce Internet access time and bandwidth consumption. A proxy-cache server implements Internet object caching. This is a way to store requested Internet objects (i.e., data available via HTTP, FTP, and other protocols) on a server closer to the user's network than on the remote site. Typically the proxy-cache server eliminates the need to re-download Internet objects over the available Internet connection when several users attempt to access the same web site simultaneously. The web site’s contents are available in the cache (server memory or disk) and quickly accessible over the LAN rather than the slower Internet link.

The CyberGuard SG appliance’s web cache may also be configured to pass off web transation requests or responses to a third-party ICAP server for processing, using its ICAP client. This is typically used to integrate a third-party virus scanning, content filtering or complete CSM solution, such as WebWasher

Features	Recommended for:
1RU rack mount case for server room/wiring closet Secure IPsec VPN with DES, 3DES and AES IDS for proactive detection and mitigation of network threats Session load balancing and web proxy cache to optimise Internet traffic DMZ support to implement a public server infrastructure Unrestricted, unlimited user license No third-party client software required Web console for configuration and management Fully interoperable with CyberGuard & SnapGear appliances and other standards-based security devices	Mid to large-sized enterprise branch offices requiring a fully integrated firewall/VPN/IDS solution Sites needing a ICSA-certified stateful inspection firewall supporting xDSL, T-1, T-3, OC-1 & OC-3 network configurations Mid-sized, multi-site networks needing a central VPN appliance to connect branch offices and mobile workers Sites requiring a DMZ or the capability to segment a network into separate workgroup or departmental security zones High bandwidth Internet and remote intranet environments
Specifications
IPsec VPN VPNC-certified interoperability Peer-to-peer (initiate and terminate) ESP and AH payloads Supports aggressive mode Dead peer detection Compression (deflate / gzip type algorithm) DES 56-bit, 3DES 168-bit, AES 256-bit encryption Hashes HMAC - MD5 and SHA-1 authentication IKE/ISAKMP Diffie-Hellman key exchange Diffie-Hellman Groups (1,2,5) and Oakley Groups (14,15,16) to 4096-bits X.509 certificates DER, PEM formats Pre-shared secrets Dynamic IP address end-points Dynamic DNS IPsec support Authentication up to 2048-bit for RSA key signatures Multiple subnets NAT traversal 300 Mbps Stateful Packet Inspection Up to 1000 IPsec tunnels 45 Mbps IPsec 3DES (VPN/Firewall) 68 Mbps IPsec 3DES (VPN only) 45 Mbps IPsec AES (VPN/Firewall) 68 Mbps IPsec AES (VPN only) VPN - L2TP IPsec config Wizard L2TP over IPsec Autonomous L2TP Client: NAT, default route via L2TP Server: specify client IP address range VPN - PPTP v2 client and server Pass-through mode also MPPE 40 to 128-bit RC4 encryption PAP/CHAP/MS CHAPv2 authentication L2TP & GRE tunnelling extensions Up to 15 PPTP client tunnels Up to 25 PPTP server tunnels Up to 12 Mbps RC4 throughput IDS & IPS [Snort] Anti-virus (HTTP, POP, SMTP, FTP) Web Cache Ant-virus scanning (no subscription needed) - ClamAV (V2.3 firmware)	ICSA-certified dynamic firewall Routing DHCP - client and server PPPoE (for ADSL support) NAT - static and dynamic NAPT/PAT - port forwarding Connection sharing Anti-intrusion Logging (local and remote) Traffic shaping (QoS) IP aliases NTP client and server Web management CLI (Telnet) management Initial set-up via either static IP address or dynamic IP address (DHCP client) Bridging (802.1d) Administration user accounts RADIUS / TACACS+ DNS enhanced caching, masquerading, proxy, multiple DNS server proxying RAS (dial-in) Fail-over / high availability Dial on demand Line Speed 200 Mbps routed throughput Line Speed 200 Mbps PPPoE throughput Line Speed 200 Mbps firewall throughput 300 Mbps routed throughput (SG710+) 300 Mbps firewall throughput (SG710+) RIP, RIPv2 BGP SSL / HTTPS web management SSH server & client Fail-over Load balancing Intrusion Detection System (IDS) based on Snort Web Proxy Cache / Accelerator based on Squid Status LEDs WAN - Dual 10/100BaseT FE ports DMZ – 4 port 10/100BaseT FE Switch LAN - 4 port 10/100BaseT FE Switch Dual 10/100/1000 GbE ports (SG710+ only) Serial ports - 1 (console, dial-in, or dial-on-demand) Cryptographic acceleration Memory - 32Mb Flash, 128Mb RAM Real time clock Power – Mains AC (100 – 240 Volts) Weight - 4lb (2 Kg) Dimensions – 19” 1RU Operating temperature 0C to 40C Storage temperature -20C to 70C Humidity 5 to 95%, non-condensing Certification - Office Use Warranty - 1 year*, optional Extended Three Year Warranty *Except where required to be 2 years by law

Ordering Information
SKU	Base Product
SG720-12-US	This appliance includes 90 days of 24 x 7 support and 1 year of email support and advance replacement hardware warranty service with the one-time option to extend the hardware support to a total of 3 years.
SKU	Tech Support Upgrade and Renewal - 12 Months
SGTS-SG720-12-A	Upgrade and Renewal: SnapGear 24/7 phone and email Support and Maintenance, SG720, 12 Months, (does not include HW warranty extension)
SKU	Hardware Warranty Extension - 24 months
SGHM-SG720-EXT-24	One-Time Hardware Warranty Extension, SG720, 24 Mon. (Must be registered before the initial 12 month warranty expires)
SKU	SnapGear Subscriptions
TRSG-SG720-12	SnapGear TrustedSource Subscription, SG720, 12 Months
WWSG-SG720-12	Webwasher URL Filtering Subscription, SG720, 12 Months

Buy Now - SG720   

Copyright © 2004-2008 L4Networks™ (contact us) (privacy)