DCME All-in-one Gateway
DCME All-in-one Gateway
DCME is a new generation of high-performance security gateway using multi-core high-performance processor, combined with a dedicated ASIC chipset. With superior performance and powerful data processing capabilities, DCME works via wire-speed throughput and industry-leading number of new connectivity compared with the traditional firewall and broadband router. DCME integrates broadband router, firewall, switch, VPN, traffic management and control, network security, wireless controller and easy configuration. It is ideal for small and medium enterprises, schools, government, chain shops, medium-sized Internet cafes, operators and other complex network.
Key Features and Highlights
Strong performance under advanced hardware architecture
DCME multi-core security gateway uses multi-core processors, a dedicated ASIC high-speed switching engine making the entire hardware platform to run on high-speed Ethernet architecture. This high-performance design makes the machine born with superior processing performance and provides a guarantee for depth detection data traffic shaping and stable operation of the security and defense, firewall / VPN, IPv6, and other rich upper layer software functionality.
Accurate flow control and behavior management
DCME provides accurate flow control policies based on applications, IP addresses, subscribers, protocols, etc, and set maximum, minimum, guaranteed bandwidth on uplink and downlink. Over 200 protocols can be identified via DCME to set bandwidth guarantee, bandwidth control based on the specified protocol. With an accurate NAT session limit, the threat of high session numbers caused by multi-process download-tools and virus attacks.
Rich firewall functions
DCME has a powerful anti-attack capability. With detailed statistics and accurate analysis on various packets such as ARP, IP, ICMP, TCP, UDP, and other types of packets, attacks can be found and blocked including SYN Flood, DDoS, IP packet fragmentation attacks, IP address scanning attacks, etc. And alarm information can be provided to make your network management more secure.Based on the advanced state detection technology, DCME provides powerful anti-ARP ARP mechanisms including IP + MAC binding, ARP scanning technology, trusted ARP-learning, ARP-filtering. IP/MAC binding and anti-anti-ARP mechanism between clients and devices can be done automatically.
A highly integrated access controller
DCME security gateway can be used as an access controller to set up a wireless network with DCN AP devices. Based on smart management cluster technology, DCME can monitor RF value in the location of each AP and adjust the signal power and channel of each AP automatically according to user number or load balance policy. At the same time, it can reduce the interference of wireless signals to realize load balance and stability of the wireless network and provide a perfect solution for middle/small wireless networks and branches of a large enterprise.
Efficient and easy management and maintenance
DCME security gateway adopts a full graphic management Web page. Only three steps are needed to connect DCME to the network with the configuration wizard.
Various monitoring measures, including performance monitoring, failure alarming, virus/attack warning, etc, and statistics and ranking information based on bandwidth and session are supported to the management and maintenance easily.
Specifications
|
Item |
DCME-320-L |
DCME-320(R2) |
DCME-520 |
DCME-720 |
|||
|
Hardware |
|||||||
|
CPU |
Architecture |
Intel Multi-core |
|||||
|
Frequency |
1GHz |
1.2GHz |
2.0GHz |
2.4GHz |
|||
|
Memory |
2G DDR III |
4G DDR III |
|||||
|
FLASH |
NA |
64G SSD |
|||||
|
Interface |
10/100/1000M Base-T |
8 |
8 |
9 |
17 |
||
|
SFP/RJ45 Combo |
NA |
2 |
4 |
4 |
|||
|
Management port |
1 RS-232 (RJ-45) console, 2 USB2.0 port |
||||||
|
Led |
Power/ system Run/ port status |
||||||
|
Temperature |
Operating 0℃-40℃ Storage -20℃-65℃ |
||||||
|
Humidity |
Operating 10%-85% Non-condensing Storage 5%-95% Non-condensing |
||||||
|
Power Supply |
Redundancy |
No |
Yes |
||||
|
Range |
AC 100~240V, 47~63Hz |
||||||
|
Performance |
|||||||
|
Suggested Concurrent users |
150 |
450 |
2000 |
5000 |
|||
|
Suggested Export Bandwidth |
100M |
250M |
1500M |
2800M |
|||
|
Bidirectional Throughput |
64 bytes |
135Mbps |
185Mbps |
480Mbps |
850Mbps |
||
|
1518 bytes |
2000Mbps |
2800Mbps |
4500Mbps |
6000Mbps |
|||
|
NAT |
New session per second |
8000 |
10000 |
30,000 |
40,000 |
||
|
Max concurrent session |
100K |
300K |
500K |
1000K |
|||
|
VPN |
IPSec Throughput |
100M |
200M |
500M |
800M |
||
|
Max IPSec channel |
10 |
20 |
300 |
1000 |
|||
|
Max L2TP access users |
10 |
20 |
100 |
500 |
|||
|
Max SSL VPN access users |
10 |
20 |
100 |
500 |
|||
|
Max Web authentication users |
100 |
300 |
1500 |
3000 |
|||
|
Wi-Fi Access Controller |
Default manageable APs |
2 |
4 |
12 |
24 |
||
|
Maximum manageable APs |
32 |
64 |
512 |
1024 |
|||
|
Software Features |
Description |
|
Working mode |
Routing/ NAT/ Bridge |
| Network | PPPoE client, PPPoE chap / pap / any three authentication methods, PPPoE client reconnection |
| DHCP Server, Client, relay | |
| DNS server, proxy | |
| DDNS | |
|
Routing |
Static routing, static routing with priority, RIP |
| PBR (based on source address, source port, a destination address, protocol, and other strategies), support next-hop IP or interface | |
| Equivalent multi-route load balancing, and bandwidth load automatically adjust the proportion of each route, to achieve load balancing based on the line. | |
| Multilink backup function, schedule link state detection, and automatic switching and back between links | |
|
NAT |
Source NAT Static / Dynamic |
| 1:1 NAT1: N NATN: N NATServer Load BalancingMulti-protocol NAT ALG | |
|
Deep packet inspection |
Control and rate-limit on Popular P2P application including BT, eMule, eDonkey |
| Control and rate-limit on popular IM applications including Yahoo, GTalk, etc. | |
| URL filtering, QQ audit | |
|
QoS |
IP-based bandwidth control |
| Application-based bandwidth control | |
| Flow-based bandwidth control | |
| Bandwidth guarantee, bandwidth reservation, flexible bandwidth allocation | |
| 2 levels of bandwidth control (IP and application bandwidth control, port-based) | |
|
Attack protection |
ARP attack defense mechanisms (arp learning, free arp, arp protection) |
| IP-MAC binding, manual and automatic | |
| DoS, DDoS attack protection | |
| Flood protection: ICMP flood, UDP flood, SYN flood | |
| DNS queries flood protection: DNS queries & DNS recursive query flooding attack protection | |
| Malformed packet protection | |
| IP anomaly detection, TCP anomaly detection | |
| IP address scanning attack prevention, port scan protection | |
| Denial of Service Protection: Ping of Death, Teardrop, IP fragmentation, IP options, Smurf or Fraggle, Land, ICMP big packet | |
|
Session control |
based on interface, source IP, destination IP, and applications (new sessions per second and the number of concurrent sessions) |
| Timing session control | |
|
Access controller |
802.11, 802.11a, 802.11b, 802.11g, 802.11n, 802.11d, 802.11h, 802.11i, 802.11e, 802.11k |
| CAPWAP | |
| Wi-Fi management, configuration, monitor | |
|
System |
Dual image |
| Firmware upgrade via WEB and TFTP | |
| Configuration backup and restore | |
| SNMPv1/v2 | |
| HTTPS\HTTP\TELNET\SSH | |
| NTP | |
| Web configuration wizard | |
| WEB authentication | |
| Object management based on IP addresses, protocols, schedule, and interface | |
|
Log and monitor statistics |
Monitoring and statistics on interface traffic |
| Monitoring and statistics on IP traffic | |
| Monitoring and statistics on session number based on IP address | |
| Monitoring and statistics on bandwidth and session number based on applications | |
| Monitoring and statistics on the number of attacks | |
| Monitoring and statistics on IP, application, and attacks based on Security domain | |
|
Event log / traffic log / configuration log / alarm log / security log |
|
| USB log backup | |
| High reliability | Support link load balancing, link backup |
| Multiple link failure detection mechanism |
Typical Application
Typical Application 1: Export Gateway, integrates functions of a broadband router, firewall, traffic management and control, network security.
Typical Application 2: Build VPN Connection between headquarters and branches
Ordering Information
|
Product Name |
Description |
| DCME-320-L | DCME-320-L integrated gateway, with features of broadband router, firewall, switch, VPN, traffic management and control, network security, wireless controller, with ports of 8*10/100/1000M Base-T, 1*Console, 2*USB2.0. default with 2 units AP license, support controlling max.32 APs, suggest a maximum of 300 users. |
| DCME-320 (R2) | DCME-320(R2) integrated gateway, with features of broadband router, firewall, switch, VPN, traffic management and control, network security, wireless controller, with ports of 8*10/100/1000M Base-T, 2* 1000M Combo, 1*Console, 2*USB2.0. default with 4 units AP license, support controlling max.64 APs, suggest a maximum of 500 users. |
| DCME-520 | DCME-520 integrates gateway, with features of broadband router, firewall, switch, VPN, traffic management and control, network security, wireless controller, with ports of 9*10/100/1000M Base-T, 4* 1000M Combo, 1*Console, 2*USB2.0. default with 12 units AP license, support controlling max.512 APs, suggest a maximum of 2000 users. |
| DCME-720 | DCME-720 integrates gateway, with features of broadband router, firewall, switch, VPN, traffic management and control, network security, wireless controller, with ports of 17*10/100/1000M Base-T, 4* 1000M Combo, 1*Console, 2*USB2.0. Suggest a maximum of 5000 users. |
| DCME-AC-10 | AP management upgrade license (license for 10 APs) |