VCL Products > Routers > VCL-MX-5040-R: MPLS Router

VCL-MX-5040-R: MPLS Router

Get Data Sheet

VCL-MX-5040-R, the router, is an intelligent MPLS (Multiprotocol Label Switching) router that can be used to securely interconnect multiple LAN networks over a WAN link using a choice of secure routing protocols, including MPLS VPN, IPsec, and Open VPN. The VCL-MX-5040-R is a ruggedized OSI model routing equipment that is embedded with advanced routing and cybersecurity features, which make it suitable for installations in critical infrastructure such as utilities, substations, smart grid distribution systems, airports, and railways that require high reliability industrial equipment. It may also be installed in IT networks of financial institutions such as banks and corporate networks for Wide Area Applications.

Highlights:

High-reliability hardware
CPU-based, modular architecture
Suitable for installation in substations, SCADA, and industrial networks/harsh environments
Supports for Ethernet, Fast Ethernet, Gigabit Ethernet, Optical Ports
Secure Boot
MPLS VPN
High security across WAN connection includes IPsec.
Encrypted Tunneling
DNS Forwarding, Dynamic DNS, DNS Repeater
DHCP Server and Relay
IP-based access control
Centralized management for easier deployment
Network Flow Monitoring
Easy installation and management
LDAP user authentication support for OpenVPN clients.
Export logs locally or on a Syslog server.
L2TPv3, L2VPN, L3VPN
VXLAN
Packet forwarding rate: 635.36 MPPS
SPAN (port mirroring)
Supports L2 & L3 service on all interfaces
Supports frame size from 64 to 9216 bytes
MACVLAN—Pseudo Ethernet
Conntrack Sync
Link Aggregation
Integrated threat control includes prevention of network attacks.
Intelligent protection of endpoints includes authentication, authorization, and control.
On-demand network services
Improved user experience
Telnet
SSH (Secure Access Control) with encrypted password
High Availability & 1+1 Hardware Failover Redundancy using VCL-SafeComm-OE
VCL-MX-5040-R offers a wide range of VPN technologies ranging from modern SSL VPN's to IPsec. Site-to-site setups are possible with the integrated OpenVPN client configuration exporter. The client can be configured remotely within minutes.
Transport of multiple services
Broadband support
Granular control over state table
Infrastructure neutral
Network Emulator
Support out-of-band management through the management port/console.
In-service/remote software upgrade

Routing Features and Capabilities:

CLI-based
Static and Dynamic IP addressing
IPv4 and IPv6
OSPFv2 and OSPFv3
BGPv4, IS-IS
RIP v1, RIP v2, and RIPng
ARP, IP Forwarding, IPCP
VRRP redundancy protocol
Layer 2, Layer 3 Routing
Static IPv4 routing, static IPv6 routing, Inter-VLAN-based routing
MPLS Dynamic (LDP) & Static
RSVP (MPLS-TE)
TCP/IP, UDP, QoS, WRED
Supports 802.1Q VLAN
System access authentication via RADIUS
Detailed system logging
Multiple IP addresses supported
LLDP, NTP, PPPoE, STP, SNMP, NAT
BFD (Bidirectional Forwarding Detection)
IP gateway routing
DHCPv4 and DHCPv6
PIM
Q-in-Q
Router Reflector (Add Software Option)
6in4 (SIT), IPIP, IPIP6, IP6IP6
EAPoL (802.1x)
IGMPv1, v2, and v3, Multicast
PIM SSM (Protocol Independent Multicast—Source Specific Multicast)
QoS, Traffic Shaper—supported algorithms: Drop Tail, Fair Queue, FQ-CoDel

Firewall Features and Capabilities:

Policy-based routing (PBR)
Rule-based firewall with IP and port-based matching criteria
Zone-based firewall for Layer 2/3 security
IPsec Site-to-Site Tunnels, GRE
Access Lists
Per Frame/Packet Authentication
Support Voice over IP (VoIP) Protocols
Whitelist and Blacklist Options
Stateful Inspection Firewall
MAC Layer Filtering
VPN
Protection from DDoS and SYN attacks

Technical Specifications:

Integrated Storage Drive: Internal, onboard 1TB High Performance SATADrive
Additional Storage: Optional—120GB, 240GB, 500GB, and 2TB SSD
Power Supply: Dual (1+1) Redundant Power Inputs *(Power Supply Options)
Indicators: 2 x Power Supply Indicators
Architecture: CPU-based & Modular Architecture
Processor: 12 cores or higher
Clock Speed: Normal—2.1 GHz, Burst Mode—3.2GHz
Cache, Buffers: 16MB or higher
RAM (DDR 3L): 64GB (upgradable to 128GB)
Performance: Rugged System
MTBF (hours): 210240
IP Level Protection: IP20
Max. Power Consumption @ 110/220, 50/60Hz VAC: 600 Watts
Cooling: Active fan tray

Service Ports:

IP Phones (Voice)
PMU
RTU
ICCP (Inter Control Centre Communications Protocol)
AMR (Automatic Meter Reading)
AGC (Automatic Generation Control Software) Substation Analysis.
SCED (Security Constraints Economic Dispatch)
DTPC / Teleprotection (Distance and Differential Protection)
TWFL (Travelling Wave Fault Locator)
Video Conferencing

Ingress/Egress Firewall rules:

Port-based, URL-based, user-based, and MAC-based, filtering of packets based on source address and destination address
IP domain-based RFC filtering
Protocol-based filtering: FTP, SMTP, HTTP, RPC, SNMP, UDP, ICMP, DNS, DHCP, ARP, etc.

Hash Algorithms:

MD5, AES-XCBC
SHA 1, SHA 256, SHA 512

Encryption Algorithms:

AES-128, AES-192, AES-256
3DES, DES
256-bit AES-GCM with 256-bit ICV
Camellia 128, 192, 256
Blowfish 128, 192, 256

CE Compliance:

Electromagnetic Compatibility 2014/30/EU

Other Regulatory Compliances:

RoHS
CE Marking
Complies with FCC Part 68 and EMC FCC Part 15

Interfaces:

6 x 100GE interfaces, OR
12 x 40GE interfaces, OR
24 x 10/1GE interfaces, OR
Any combination of the interfaces mentioned here, not exceeding an aggregate of 600G

Throughput:

Router: Up to 540 Gbps
IPsec: Up to 450 Gbps
MPLS: Up to 510 Gbps

UNMS (Unified Network Management System)

Secure (supports TLS/SSL for encrypting connections between devices)
Permission-based security
Uses Software Defined Perimeter (SDP); the username/password login is replaced with Single-Packet Authorization (SPA), and the receiving device cannot be seen by hackers. This introduces an additional layer of security and is beneficial with or without SSL/TLS.
Guaranteed message delivery (no data loss or duplication of data)

IP/MPLS Routers VCL-MX-5040-R