uniguardv34-90

UniGuard

Network Element Port Protection!

This single port device is designed to protect firewall/router/application console port access. The device was designed to overcome the weaknesses of RADIUS and TACACS+ for remote access. UniGuard eliminates the problem of the firewall/router/application not being able to contact the RADIUS or TACACS+ server by its own database store of up to 150 users right on board!. UniGuard supports speeds up to 115,2 Kbps and has a built in V.34 internal modem and can be managed by the DDM. Full AES encryption support with UniGuard Client. Now SecurID Ready! Great for ANY remote access application!



General Information

The problem with RADIUS and TACACS+
Routers installed in the field are all connected to a network. When this network fails, the only way to reach the router is to dial into the console port for remote maintenance. This opens up a "back door" to the network which many network managers lock with RADIUS or TACACS+. The problem with these protocols is that they require the network to be functioning in order to contact the security server. This is in direct conflict with the purpose of the console port which is only used when the network is "down". Therefore, RADIUS and TACACS+ provide inadequate security for router console port protection.

The Solution
UniGuard-V34 connects directly to the console port and provides the highest level of protection regardless of the state of the network. This is done by maintaining an internal security database that is updated by a central database on an "as needed" basis. This internal database provides fast, reliable, two factor authentication every time a technician accesses the router. Full session level encryption can be enabled by using a CDI encryption modem at the technician end of the call.

How do I manage all these remote devices?
DDM, Distributed Database Manager , can maintain an unlimited number of UniGuards and or Port Authority devices remotely from a single workstation. This eliminates the need to update each unit individually when there is a database change. This software program automatically maintains the database of each remote device and is capable of down-loading the entire database of units manually or automatically at preset times. Reports can also be extracted automatically.

What can I connect them to?
Anywhere you are afraid to put a non secure modem you can put a UniGuard with confidence! Examples include; Routers, Firewalls, PBX's , remote switches, remote monitoring stations, remote power stations, out of band managers, backup sites, remote systems, and more! Checkout our Cabling Options!

Features

  • Hardware based AES Encrypted access over dial-up or network
  • Centrally managed by CDI DDM
  • Operates with most tokens
  • RSA SecurID ready (no ACE server)
  • Self-contained Database (unlike RADIUS or TACACS+)
  • Power boot remote equipment capablity
  • Available in multi-port versions Port Authority
  • AES Encryption with UniGuard Client Mode
  • Network port option for Client Dial out or remote PPP/Secure TELNET access
  • Cabling options for ease of bulk install
  • Network version provides real time management of device and connected devices, Syslog, Telco availability, hardware encrypted network access.

Ordering Information

UG-V34 AES UniGuard plus Advance Encryption Standards includes built-in V.90 56k modem. Triple-Des compatible. Can be managed by DDM.
UG-V34 AES-IP UniGuard V.90 plus Advance Encryption Standards with IP option installed.  Advance Encryption Standards, allows telnet access and in band management by DDM. Triple-Des compatible.
PCM-US-2 Power Control Module Wall Mount 20AMP (US 115vac) Power cord included
PCM-US-3 Power Control Module Inline 10AMP (US 120vac) Power cord included
PCM-EU-4 Power Control Module Inline 16AMP (EU 230vac type). Power cord included
PCM-EU-6 Power Control Module Inline 5AMP (EU 230vac type). Power cord included
PCM-48VDC Power Control Module - 48VDC 20amp (No power cord required)

International Units add – XXX for country specific power supply and power connector. (country code will be based on international telephone standard for country code… ie US=001, UK=044, Australia=061)

For information about the international telephone standard, visit this link: http://www.consumer.att.com/global/english/country_codes.html 

Specs

Encrypted Speed: Up to 57.6k Baud AES Cipher Feedback
Clear Text Speed: Up to 115.2k Baud Clear text
Cryptographics: AES Self-Synchronizing 8-bit Cipher Feedback  128 bit  (std.) 192 bit & 256 bit available. Unique key generated for each session. Automatic Generation and Distribution of Session Keys.
Standards Compliance: FIPS 197,  FIPS 140-2,  FIPS 81,  FIPS 74, FIPS 46-3
FCC part 68, FCC Part 15, CE, VDE, UL6950
V92
Internal Battery: Maintains Set-up parameters and Keys in RAM
Tamper Switches:

Erases Keys and all data in RAM if unit is opened or tampered.
Interface: Network - 10BaseT RJ45, Telco - RJ11,  Serial - RJ45   
Serial adapters provided for DB9, Application Specific cables available for connection to popular networking equipment
Power Supply:  US – Input 110VAC 60Hz Output 18VAC  CT  25W max.
Global- IN 110-240VAC 50/60Hz Out 12VDC 25W max
Country specific power cord provided
Size: H=1.6in(4 cm) W= 4.1in(10.5cm) L= 7in(17.5cm).
Stand Alone – for rack mount applications, place on shelf
(or use Port Authority-44)
Environmental: Temperature range 0º- 70ºC (32º - 158ºF); Humidity range 20-90% (non-condensing).

 

Diagrams

Click to download:

uniguardv34-90-diagram

Click the image to download a PDF version of the diagram.

The above diagram shows a number of Technicians accessing the maintenance port of remote Routers, Firewalls, and PBX's, each connected to a UniGuard-V34 for authentication or possibly full encryption. The UniGuard Manager will automatically update all the remote UniGuards in the field.

International Approval List

Download the international Approval List