Introduction April 22
-
Upload
nick-kovacic -
Category
Documents
-
view
96 -
download
1
Transcript of Introduction April 22
RELIABLE SECURE MANAGED CONNECTIVITY
What Welbeck Does
Unlike older remote access technologies that bring the remote device to the LAN, Welbeck brings the LAN to the device. • Data volumes and LAN
applications are not a problem.
• Remote devices “think” they are on the LAN.
• Integrated FIPS 140-2 compliant AES 256 encryption.
• Integrated traffic shaping and compression – supports VoIP and UC.
• Remote monitoring and management.
Welbeck Secure
LAN Extension
NextGen VPN
MPLS Replacement
Mobile/Remote
BYOD
M2M/IoT
Critical Infrastructure
3
RELIABLE SECURE MANAGED CONNECTIVITY
The World’s Longest Ethernet Cable
Remote office/branch/M2M device
WelbeckAppliance
WelbeckAppliance
HQ office/data center
Welbeck End-to-end Data
Tunnel Over Internet
Any Endpoint Device Any Connection Any Network Gear
WELBECK LAN-TO-LAN LAYER 2 ETHERNET BRIDGE
4
RELIABLE SECURE MANAGED CONNECTIVITY
Remote Management
Remote office/branch/M2M device
WelbeckAppliance
WelbeckAppliance
HQ office/data center
Welbeck End-to-end Data
Tunnel Over Internet
Out-of-Band Management
5
RELIABLE SECURE MANAGED CONNECTIVITY
5
Product Line
WELBECK SECURE SOLUTIONS NORTH AMERICAN PRODUCT LINE Q2 2015 (SPECIFICATIONS MAY CHANGE) INQUIRIES: CALL 855-WELBECK OR EMAIL [email protected]
NetBlazerModel 7
Model 71LW Model 71LC 70 Series(72, 75-01, 78)
Model770
Model 79RServer
VirtualAppliances
Connections USB, WiFI, Ethernet Ethernet & WiFi Ethernet & 3G/4G 4 x GigE; USB 4 x GigE; 2 x USB 6 x GigE *
Tunnels 1 1 1 1 to 8 1 to 25 1 to 1,000 1,000s
Applications Indiv/M2M
Indiv/group/M2M
Indiv/group/M2M
Office/M2M
Office/SmallEnterprise
Enterprise/Data Center/Cloud
Data Center/Cloud
Throughput 17-25 Mbps 25-35 Mbps 25-35 Mbps 85 Mbps 150-250 Mbps 1000 Mbps/1Gig *
AutoConnectTM ✓ ✓ ✓ ✓ ✓ ✓ ✓
Integ’d Failover ✓ ✓ ✓ ✓ ✓ ✓ ✓
Remote Mngt ✓ ✓ ✓ ✓ ✓ ✓ ✓
Dimensions 0.6” x 0.9” x 2.6” 3” x 4” x 1” 3” x 4” x 1” 6.5”x 6.5” x 2.0” 9.0” x 6.9” x 1.7” 1RU x 19” *
Rec’d Users 1 - 3 10 - 20 10 - 20 100 - 250 250+ 1000s *
Power 5VDC@110-140mA 9VDC@500mA 9VDC@500mA 24VDC@250mA [email protected] 100-250VAC 35W
*
RELIABLE SECURE MANAGED CONNECTIVITY
Connectivity & Control
Multisite Redundancy
Full Touch Remote Management
AutoConnect/Full Network Connectivity
Multi-Payload Encapsulation
Dyn IP + Private IP Both Ends of Link
Security & Trust
X509v3 Certs + 512bit TLS Auth
AES256/SHA1 +Dynamic DH Key +Perfect Forward Secrecy
WiFi Client & Uplink +802.11ACL +AES256WPA2
Clientless Operation Per-Client Username/Password
for all deployment types
Built-in L2 and L3 and L4 ACLs
Competitive Positioning
7
RELIABLE SECURE MANAGED CONNECTIVITY
Sample Applications
9
NextGen VPN for Mobile and Remote Easier to use, more secure and more reliable than IPsec VPN Remote monitoring and management of endpoints
MPLS Replacement for Branch and Enterprise Built-in traffic shaping, redundancy and management Private “leased lines” over any last mile medium, including
wireless, cellular, RF, SATCOM and whitespace Machine-to-Machine/Internet of Things
No client required on the M2M/IoT device Interoperable with PLCs, SCADA, access controls, cameras, etc.
RELIABLE SECURE MANAGED CONNECTIVITY
Sample Applications
10
NextGen VPN for Mobile and Remote
MPLS Replacement for Branch and Enterprise
Machine-to-Machine/Internet of Things
RELIABLE SECURE MANAGED CONNECTIVITY
11
• Wired and wireless• USB/Ethernet• WiFi access point/uplink• 2-factor authentication• AES 256 encryption
Welbeck NetBlazer Remote
RELIABLE SECURE MANAGED CONNECTIVITY
Welbeck Enterprise ServerThe remote devices are on the
Enterprise Network with Full LAN Functionality
Remote locationSeveral devices connectwired or wirelessly via theWelbeck 71LW appliance
Branch Office/Workgroup
Welbeck tunnels wired or wirelessly over Internet
9
RELIABLE SECURE MANAGED CONNECTIVITY
13
Welbeck vs Cisco VPN
Cisco VPN: 22 issues• Enable NAT−Traversal (#1 RA VPN)• Enable ISAKMP• Enable/Disable PFS• Clear Old or Existing Security Associations (Tunnels)• Verify ISAKMP Lifetime• Enable or Disable ISAKMP Keepalives• Re−Enter or Recover Pre−Shared−Keys• Mismatched Pre−shared Key• Verify the ISAKMP Identity• Remove and Re−apply Crypto Maps• Verify that sysopt Commands are Present (PIX/ASA Only) • Verify Idle/Session Timeout• Verify that ACLs are Correct and are Binded to Crypto Map• Verify the ISAKMP Policies• Verify that Routing is Correct• Verify that Transform−Set is Correct• Verify Crypto Map Sequence Numbers and Name• Verify the Peer IP Address is Correct• Verify the Tunnel Group and Group Names• Disable XAUTH for L2L Peers• VPN Pool Getting Exhausted• Issues with latency for VPN client traffic.
Source: Cisco TAC - Most Common L2L and Remote Access IPsec VPN Troubleshooting Solutions: IPsec VPN Configuration Does Not Work. http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml
Welbeck set up:• Plug in power• Connect to Internet
THIS IS NOT YOUR GRANDMOTHER’S VPN
RELIABLE SECURE MANAGED CONNECTIVITY
Sample Applications
14
NextGen VPN for Mobile and Remote
MPLS Replacement for Branch and Enterprise
Machine-to-Machine/Internet of Things
RELIABLE SECURE MANAGED CONNECTIVITY
Secure Branch Network
Location B – Large Branch OfficeHead Office/Data Center
Welbeck secureprivate network
over Internet
Location A – Small Office
Welbeck enterprise servers or virtual appliances
RELIABLE SECURE MANAGED CONNECTIVITY
Secure Cloud Access
Cloud Customer BCloud Provider
Welbeck secureprivate network
over Internet
Cloud Customer A
Welbeck enterprise servers or virtual appliances
RELIABLE SECURE MANAGED CONNECTIVITY
Data Center Mesh Network
Location B
Welbeck enterprise server or virtual appliance
Location C
Welbeck secureprivate network
over Internet
Location A
Welbeck enterprise server or virtual appliance
Welbeck enterprise server or virtual appliance
17
RELIABLE SECURE MANAGED CONNECTIVITY
Sample Applications
18
NextGen VPN for Mobile and Remote
MPLS Replacement for Branch and Enterprise
Machine-to-Machine/Internet of Things
RELIABLE SECURE MANAGED CONNECTIVITY
M2M: Industrial and Utility Sensors
19
Secure Data Access & Distribution. Welbeck polls existing utility monitors via Ethernet and RS485 interfaces every 5 minutes. Welbeck encrypts data and pushes encrypted data via commodity Internet or 3G/4G Cellular every 15 minutes. Data is pushed both to central server and to public website.
RELIABLE SECURE MANAGED CONNECTIVITY
Internet of Things: Residential
20
Security Cameras and Alarms.
Welbeck unit on the customer’s premises avoids the need to open a port on the customer firewall, protecting the customer’s Internet connection from intrusion. AES 256 encrypted data is sent via customer’s existing Internet connection to the Welbeck server (physical or virtual) at the security service provider. Both the customer and the service provider can access data securely, including from existing mobile devices, over Welbeck end-to-end secure tunnel.
RELIABLE SECURE MANAGED CONNECTIVITY
M2M/Internet of Things: Commercial
21
Facilities SecurityAccess Controls & IP Cameras. Welbeck connects via Ethernet interface to existing access controls and cameras without modification. Welbeck encrypts and pushes encrypted data feed via Welbeck 3G Cellular connection, providing immediate secure, reliable connectivity without costly wiring.
RELIABLE SECURE MANAGED CONNECTIVITY
Cost/ROI Benefits to the Customer
23
TCO 30-40% of the competition Lower cost to acquire Lower cost to install Lower cost to maintain
High ROI Increased productivity Less down time Superior security
Interoperability Supplement, don’t supplant, existing infrastructure Any device, any transport, any network gear Remote management and NAC compatibility.
RELIABLE SECURE MANAGED CONNECTIVITY
24
CapEx – Equipment Purchase
Equipment Purchase Savings using Welbeck/IpTL vs.
Cisco
$41.4K Savings in Acquisition
Cisco Welbeck/IpTL
24 site+HQ; Non-Redundant Cisco 892+ASA5510/50 vs. M71LW and M79R
$-
$10,000.00
$20,000.00
$30,000.00
$40,000.00
$50,000.00
$60,000.00
RELIABLE SECURE MANAGED CONNECTIVITY
25
OpEx – VPN Recurring Expenses
Recurring Costs Welbeck vs. Cisco
Welbeck/IpTL is less than HALF the cost to operate year-over-year
Cisco Welbeck/IpTL
24 site+HQ; Non-Redundant Cisco 892+AASA5510/50 vs. M71LW and M79R - $50 inet link; cisco smartnet only—no IDS subscriptions
$-
$500
$1,000
$1,500
$2,000
$2,500
$3,000
RELIABLE SECURE MANAGED CONNECTIVITY
26
Leased Line
Internet
$-
$50.00
$100.00
$150.00
$200.00
$250.00
$300.00
$350.00
$400.00
$400.00
$70.00
$330.00
Savings
Cost
$3,960-per-year SAVINGS with Welbeck/IPTL (Multiply per location!)
OpEx – MPLS/Carrier Services
• 1.5mbps 0-mile leased-line - $400/mth• No High-Definition Video• Limited surveillance cameras support• Redundancy is 2x cost
• 80mpbs Fiber Internet - $70/mth• Multichannel HD Video Capable• VoIP/PBX integration• Full site management and control
29