Description
Most network administrators rely solely on a “Firewall” to secure their IP networks. Some network administrators go one step further and also deploy an additional “Network Traffic Sniffer” which monitors and flags the transmitted and received data anomalies. However, very few network administrators actually plans for an eventuality after a “Firewall” has been breached and the “Network Traffic Sniffer” has recorded anomalies in the data that is being transmitted and received.
The VCL-2702 “Network Isolation Switch” provides the last-line-of-defence in the event of a network security breach. The VCL-2702 “Network Isolation Switch” can be used in conjunction with a “Firewall”, “Network Traffic Sniffer” and multiple VCL-2143 “Network-MouseTrαp(s)™ / Advanced Honeypot” to automatically initiate a series of defensive actions that would have been planned by the network administrator, in the event of a network security breach.
Such actions would include:
- Disconnecting the Local Area Network (LAN) from the Wide Area Network (WAN).
- Disconnecting only a specific data storage device (SAN / NAS), or Server from the local network.
- Generating “Audio-Visual Alarms”,
- Sending “SNMP Traps”,
- Sending “Network Security Alerts” to a centralized NMS,
Features & Highlights:
Fail-Safe. Never itself becomes a point of failure.
- The equipment maintains data connectivity if the port was put in the operational mode, even in power down condition or upon control card failure.
- The network port shall continue to remain in isolated mode if the port was put in the isolation mode prior to power down or control card failure.
The VCL-2702 is available in two variants.
- Single Port Network Isolation Switch,
- 1U, 19-Inch Rack Mount Version
- May be used where only one port is required to be isolated from the network
- Available with 1G Electrical, 1G Optical and 10G Optical Interfaces
- Muti-Port Network Isolation Switch,
- 6U, 19-Inch Rack Mount Version
- May be used where multiple 1G and 10G ports are required to be isolated from the network
- Available with 1G Electrical, 1G Optical and 10G Optical Interfaces
Single-Port Network Isolation Switch:
Number of Ethernet Ports | 2 |
Interface Orientation | 1 x 1G / 10G Gigabit Ethernet Interface towards Network. 1 x 1G / 10G Gigabit Ethernet Interface towards Protected Equipment. |
Guaranteed Maximum Data Throughput | 1000 Mbps on 1G Port 10,000 Mbps on the 10G Interface |
Interface Types | 10/100/1000 BaseT Electrical 1000Base-X Optical 10GBASE-SR 10GBASE-LR 10GBASE-ER 10GBase-LX4 10GBase-WAN |
Conformity | IEEE-802.3 |
Local / Remote Communication Options:
- Telnet / SSH (option to disable clear text communication)
- CLI Control Interface (HyperTerminal or VT100)
Management and Control Ports:
- Serial Management Port – USB
- 10/100 BaseT for remote management
- 10/100 BaseT Control Interface – For switching using SNMP Traps
- Serial Control Interface – RS232 – For switching using scripted commands
- Serial Control Interface – RS485 – For switching using scripted commands
Multi-Port Network Isolation Switch:
Number of Ethernet Ports | Up to 36 (In any mix of 1G and 10G Interfaces). (4 Interfaces per card) |
Interface Orientation | Up to 36 x 1G/10G Gigabit Ethernet Interface towards Network. Up to 36 x 1G/10G Gigabit Ethernet Interface towards Protected Equipment. |
Guaranteed Maximum Data Throughput | 1000 Mbps on 1000 Mbps connection. |
Interface Types | 10/100/1000 BaseT Electrical 1000Base-X Optical 10GBASE-SR 10GBASE-LR 10GBASE-ER 10GBase-LX4 10GBase-WAN |
Conformity | IEEE-802.3 |
External Trigger Inputs:
- Single Port Version: 8 x External Alarm Trigger Inputs (Contact Open / Contact Close)
- Multi Port Version: 2 x External Alarm Trigger Inputs (Contact Open / Contact Close)
External Alarm Outputs:
- Single Port Version: 1 x 12V DC Visual Alarm and 1 x 12V DC Audio Alarm
- Multi Port Version: 1 x Dry Contact External Alarm Relay Output