<< Назад на страницу выбора модели
MPX/SDX 26100 | ||
Memory | 256 GB | |
Ethernet Ports | 8x 50GE QSFP28; 16x 25G SFP28 | |
Transceivers Support | 50GE QSFP28 Port: 50GE/100GE QSFP28: SR4; 40GE QSFP+: SR4; 25GE SFP28: SR (Adapter required); 10GE SFP+: SR, LR (Adapter required); 25GE SFP28 Port: 25GE SFP28: SR; 10GE SFP+: SR, LR | |
RAID Support | Yes | |
Pay-as-you-grow & Burst Pack License Upgrades | Upgrade option to MPX/SDX 26200, 26160 | |
System Throughput (Gbps) [L7 Throughput] | 100 | |
L7 HTTP Requests/sec | 3,800,000 | |
SSL Transactions/sec (2K Key Certificates) | 140,000 | |
ECDHE transactions/sec | 60,000 | |
SSL Throughput (Gbps) | 51 | |
Compression Throughput (Gbps) | 13 | |
ICA Proxy/SSL VPN Concurrent Users | 20,000 | |
Included Instances, Maximum Instances (on SDX Platforms) | 20, 115 | |
Power Supplies | 2 | |
Input Voltage, Frequency Range | 100-240 VAC full range, 50-60 Hz | |
Optional DC Power Supply | Yes | |
Max Power Supply | 1000W | |
Typical, Max Power Consumption | 540W, 672W | |
Weight (lbs) | 48 | |
Height | 2U | |
Width | EIA 310-D, IEC 60297, DIN 41494 SC48D rack width with mounting brackets | |
Depth | 71.1 cm (28 in) | |
Operating Temperature | 0-45°C (32-113°F) |
Функциональные возможности:
Citrix Gateway
- Provides consolidation of secure remote access infrastructure with one URL
- Provides SAML 2.0 federated identity to provide single sign-on (SSO) across all applications, whether in a data center or in a cloud
- One URL to access any application
- AlwaysON allows auto-reconnect of SSL VPN session when users are moving between networks
- AlwaysON VPN allows to establish a VPN connection before Windows logon that help admin manage the laptop remotely
- Integration with StoreFront allows importing UI changes from StoreFront to Gateway portal and vice versa
- Gateway Insight for monitoring and troubleshooting all Gateway traffic for issues like authentication, EPA, single sign-on failures, etc.
- nFactor authentication for all applications
- Stateless RDP proxy
- Support for Linux (Ubuntu 18 and 16.04)
- Support for Mac (OS X 10.14, OS X 10.15)
- Support for Windows 10, 8, 8.1 and 7 (32bit / 64bit)
- Support for iOS 12 or later. Compatible with iPhone, iPad, and iPod touch
- Support for Android 7.0 and later
Secure Access
- Citrix Virtual Apps and Desktops and Citrix Endpoint Management, formerly XenMobile, integration
- Device certificate scanning
- Single sign-on using NTLM/Kerberos/SAML, etc.
- SmartAccess: Adaptive application and action control enforced on Citrix Virtual Apps and Desktops servers
- SmartControl: Adaptive application and action control enforced on Citrix Gateway, thereby providing centralized policy management and security at the edge
- Integrated Citrix Gateway SSL VPN
- For ADC versions after 11.1, the Standard edition includes (500) Universal licenses, Enterprise or Advanced editions include (1000) Universal licenses, and there are no Universal license requirements with Platinum or Premium editions. For versions previous to Citrix ADC 11.1, the Standard and Enterprise editions include (5) Universal licenses, and the Platinum edition includes (100) Universal licenses
- Endpoint analysis of user device
- SAML 2.0 and nFactor; passwords for single sign on to appications running behind Citrix Gateway
- AAA traffic management
- SAML 2.0 and NTLMv1/2 support for configuring ADC with single sign-on (SSO)
- Support for Active Directory, LDAP, RADIUS, TACACS+, OCSP, Diameter, etc.
Layer 4 Load Balancing (LB)
- Protocols supported: TCP, UDP, FTP, HTTP, HTTPS, DNS (TCP and UDP), SIP (over UDP), RTSP, RADIUS, Diameter, SQL, RDP, IS-IS, SMPP
- Algorithms: Round Robin, Least Packets, Least Bandwidth, Least Connections, Response Time, Hashing (URL, Domain, Source IP, Destination IP, and CustomID), SNMP-provided metric, Server Application State Protocol (SASP)
- Session persistence: Source IP, cookie, server, group, SSL session, SIP CALLID, Token-based, SESSIONID, Diameter AVP
- Session protocols: TCP, UDP, SSL_TCP, Multi-path TCP, SPDY
- Server monitoring: Ping, TCP, URL, ECV, scriptable health checks, Dynamic Server Response Time
- Link load balancing
Layer 7 Content Switching
- Policies: URL, URL Query, URL Wildcard, Domain, Source/ Destination IP, HTTP Header, Custom, HTTP and TCP Payload Values, UDP, Diameter AVP
- Switch requests based on protocol of incoming packets
Database Load Balancing
- Support for Microsoft SQL Server and MySQL
- Switching algorithms include SQL query parameters such as user and database names and command parameters
- Token-based load balancing provides advanced configuration for persistence and fault-tolerant deployments
TriScale Clustering
- inScale-Outin with clustering up to 32 Citrix ADC appliances into single system image and up to 3 Tbps throughput
- Configuration Coordinator node for centralized management and synchronization
- Compatible with Pay-As-You-Grow and Burst Pack performance upgrades
- Traffic distribution mechanisms include: Equal Cost Multiple Path (ECMP), Link- sets, and Cluster Link Aggregation Group (CLAG)
- Available on Citrix ADC MPX, SDX, and VPX
- Modules may be configured on all nodes in a cluster or using “spotted VIPS,” in which they are added only to a select subset of nodes
e-based Policy Enforcement
- Trigger ADC policies based upon connections per second, packets per second, or bandwidth used
- Source or destination-based upon header or payload information
Traffic Domains
- Allows overlapping IP addresses
- Provides separate routing flows within a single appliance
- Enables basic multi-tenancy implementations
Admin Partitioning
- Independent instances that share resources on the appliance
- Maximum number of 512 admin partitions per appliance
Global Server Load Balancing (GSLB)
- Algorithms: site health, geographic proximity, network proximity, connections, bandwidth, AG-E SSL, VPN users
- Site health checking on status, connection load, packet rate, SNMP-provided metrics
Surge Protection and Priority Queuing
- Adaptive rate control for TCP connections and HTTP requests
- Prioritized transaction dispatch for critical application requests
Carrier-grade Network Address Translation
- Support for: Full-cone NAT, Deterministic NAT, Endpoint-Independent Mapping and Filtering, Hairpinning
- Application Layer Gateways: FTP, TFTP, ICMP, SIP, RTSP, PPTP, GRE
Subscriber-aware Traffic Steering
- Policy control interface: Gx, RADIUS
TCP Optimization
- Multiplexing, buffering, connection keep-alive, windows scaling, selective acknowledgement, fast ramp, TCP Westwood
- AppCompress
- Gzip-based compression for HTTP traffic AppCache3
- Caching for static and dynamic application content
- HTTP GET and POST method support
- Policies defined based upon HTTP header and body values
DoS Attack Defense
- Continue service to legitimate users while protecting against attacks such as SYN Flood, HTTP DoS, and Ping of Death
- ICMP and UDP rate control
Content Rewriting and Response Control
- Policy-based bidirectional rewriting of HTTP header and payload elements
- Policy-based redirection of incoming requests
- Body URL rewrite
- Responder module
- Custom responses and redirects
- Policy-based routing
- Network aware policies
SSL Encryption
- Supports Thales nShield and SafeNet HSM integration
DNSSEC
- DNS proxy
- Authoritative DNS
- DNS signing
Packet Filtering
- Layer 3 and 4 Access Control Lists (ACL)
- Network Address Translation (NAT)
- IPv4/IPv6 Network Address Translation (NAT)
Citrix Web App Firewall with Hybrid Security Model
- Positive security model protects against: buffer overflow, CGI- BIN parameter manipulation, form/hidden field manipulation, forceful browsing, cookie or session poisoning, broken ACLs, cross-site scripting (XSS), command injection, SQL injection, error triggering sensitive information leak, insecure use of cryptography, server misconfiguration, back doors and debug options, rate-based policy enforcement, well known platform vulnerabilities, zero-day exploits, cross site request forgery (CSRF), credit card and other sensitive data leakage prevention
- Negative security model with automatically updated signatures to protect against L7 and HTTP application vulnerabilities
- Integrates with third-party scanning tools
- Common event format (CEF) logs
- XML security: XML denial of service (xDoS)
- XML SQL injection and cross site scripting, XML message validation, format checks, WS-I basic profile compliance, XML, xPath injection attachment check, xQuery Injection protection
- WSDL scan prevention
- Attachment checks
- URLtransformation
- Cookie proxy and encryption
- SOAP array attack protection
IP Reputation Service
- Enhanced service that provides a continuously updated list of malicious IP addresses in near realtime
Cloud Connector for Citrix Networking
- Network connectivity protection via IPSec security
- Datacenter extension through GRE-based network bridging
Support for Citrix Endpoint Management MDM
- Front end optimization scalable to over 100,000 concurrent users
- Citrix Gateway connector for Exchange ActiveSync provides a device level authorization service
- Application level policy controlled SSL VPN tunneling for mobile clients
Network Integration
- Static routes, monitored static routes, weighted static routes
- OSPF, RIP1/2, BGP2
- VLAN 802.1Q
- Link Aggregation 802.3ad
- Stateful IPv6 to IPv4 network address translation and DNS64
- Static and stateless network address translation from IPv4 to IPv6
High Availability
- Active/Passive
- Active/Active
- VRRP
- ECMP
- Connection mirroring
User Interface
- Graphical application visualizer
- Secure web-based GUI
- CLI, Telnet, SSH, Console
- Real-time performance dashboard
- LB, GSLB Application Firewall and configuration wizards for monitoring
- Citrix Virtual Apps configuration wizards
Policy Management
- AppExpert Visual Policy Builder
- Policy extensibility via HTTP service callouts
- AppExpert templates
- AppExpert Visualizers
Command Center
- Centralized configuration and management of over 200 Citrix ADC appliances
Citrix Application Delivery Management (ADM)
- Citrix ADM is a software solution enabling traffic visibility; it includes HDX Insight and Web Insight and is based on AppFlow
- HDX Insight parses ICA sessions to provide troubleshooting, network analysis, and end-to-end performance for Citrix Virtual Apps and Desktops sessions. Historical data included in Premium Edition
- Web Insight monitors real-time web application traffic and assists capacity planning and helps ensure SLAs
- AppFlow Standards-based NetFlow/IPFIX (Internet Protocol Flow Information Export) solution
- Supported by leading performance monitoring and management vendors
- Provides transaction level visibility for HTTP, SSL, TCP, and SSL/TCP flows
Action Analytics
- Aggregates real-time traffic statistics and enables their use in setting dynamic policies
- Charting and analysis utilities using HDX Insight
Third-party Management Support
- SNMPv1, SNMPv2, and SNMPv3: Citrix ADC MIB and MIB-II support
- Microsoft System Center Operations Management (SCOM) support
- Comtrade support with Management Pack for Citrix ADC
- Microsoft System Center Virtual Machine Manager (SCVMM) support
- XML/SOAP API for automated application-driven configuration
Real-time Consolidated Logging
- Offloads logging from application server to a central location
Native Web Interface
- Integrated Web Interface Server for Citrix Virtual Apps and Desktops
- Supports JAVA environments with MPX and VPX platforms running Citrix ADC nCore OS
- Authentication methods include: LDAP, RADIUS, NTLM, TACACS+, Client Certificate
- Manage HTTPS requests via included SSL VPN
- Wizards-based configuration through Citrix ADC GUI
- Login page customization
- Includes Smart Access, smooth roaming, STA server redundancy, and session reliability
Web Cache Redirection
- Automatically direct requests with content not cached on ADC to cache farm
- N-tier multilayer load balancing support of cache servers