4G VPN Firewall

4G VPN Firewall

The Meizo R68 series industrial 4G LTE M2M router is used to provide fast and stable internet service in PLCs and other M2M applications. The router CPU is using Broadcom chipset, integrated with industrial grade 4G modem, offering WAN, LAN, SIM, VPN, VRRP, WiFi, and Serial port services,...
Chat Now

Product Details

The Meizo R68 series industrial 4G LTE M2M router is used to provide fast and stable internet service in PLCs and other M2M applications. The router CPU is using Broadcom chipset, integrated with industrial grade 4G modem, offering WAN, LAN, SIM, VPN, VRRP, WiFi, and Serial port services, product line supporting the following radio access technologies: LTE, HSPA+, HSPA, UMTS, EVDO, EDGE, CDMA2000, GPRS . By owning automatic connection monitoring and heartbeat detection, make sure the router to be always online.


The 4G rugged router is using Industrial Grade equipment design standards, passed CE, FCC and EMC test, stable and reliable. Multiple VPN encryption protocols as L2TP, IPSec, PPTP and GRE are owned, making it ideal solution for applications in which high data bandwidth and strong stability is required.

image001.jpg

Main Features

Hardware Specifications

Software Functions

● Support public and private APN network

● Dedicated hardware and software watchdog are designed to support system running reliable.

● ICMP detection and Heartbeat detection ensure the router to be always on line.

● Reboot the router remotely via SMS.

● Incorporate Virtual Router Redundancy Protocol (VRRP), facilitating 3G/4G WAN backup services to existing fixed line routers, providing both WAN and router redundancy to critical business applications.

● Offers business grade security and advanced routing features IPSec (3Des and AES), L2TP, PPTP, GRE as standard.

● Low-voltage, over current, over voltage, anti-reverse protection

● Wide Power Input DC7-36V

● Standard RS232/485 interface to connect with serial devices.

● Router Factory Default Settings can be configured freely.

● System logs can be viewed from local or remote.

● Support WLAN(300Mbps 802.11b/g/n)

● Support SNMP v1/v2/v3

● LEDS for status monitoring (showing Power, System, Internet, VPN, Signal strength).


CPU

● RAM:512Mbit FLASH:128Mbit

Power

● Input DC 7-36V(Standard DC12V)

Environment

● Storage temperature:-40℃~80℃

● Work temperature:-30℃~70℃

● Humidity:<95%

Dimension

● Unit size L*W*H:150*116.2*23.8mm

● Metal Shell, IP30

● Package weight:830g

Interface

● 1 SIM card slot

● 2 LAN 10/100Mb RJ45 port

● 1 RS232 or RS485 serial port

Antenna(female)

● ANT1 for Cell, ANT2,3 for WiFi

EMC

● Electrostatic discharge immunity:EN6100-4-2, level 2

● RFEMS:EN6100-4-3, level 2

● Surge:EN6100-4-3, level 2

● PFMF:EN6100-4-6, level 2

● Shockwave immunity:EN6100-4-8, Horizontal / vertical direction 400A/m(>level 2)

Physical property

● Shockproof:IEC60068-2-27

● Drop test:IEC60068-2-32

● Vibration test:IEC60068-2-6

VPN

● IPSec client

● PPTP client

● L2TP server and client

● GRE client

WIFI

● Transmitting power: 17dbm

● Distance:Cover a radius of 100 meters in open area test

● Allow 50 users to access in theory

NAT

● Port Mapping

● Port Triggering

● DMZ

Firewall

● IP filtering

● MAC filtering

● URL filtering

QOS

● Manage uplink/downlink bandwidth via port or IP

Management

● Web

● Telnet

● TR-069 platform

Routing

● Static Routing

● Policy-Based Routing.

● Dynamic Routing


Model

Frequency & Band

Bandwidth(UL/DL)

Consumption

WiFi (-W)

Serial(-S)

Power

R68A

(cat6, America network)

● FDD-LTE: 2100MHz(B1),1900MHz(B2), 1800MHz(B3), AWS(B4), 850MHz(B5), 2600MHz(B7),700MHz(B12),700MHz(B13), 800MHz(B20), 1900MHz(B25) , 850MHz(B26), 700MHz(B29), 2300MHz(B30),

● TDD-LTE: 2500MHz(B41)
 ● UMTS/HSPA+: 2100MHz(B1), 1900MHz(B2),1800MHz(B3), 1700MHz(B4), 850MHz(B5), 900MHz(B8)

FDD-LTE:50Mbps/300Mbps

DC HSPA+:5.76Mbps/42Mbps


Work:0.46A@12V DC

Peak:0.58A@12V DC

802.11n 300Mbps


Option


RS232/RS485


Option


US/EU standard

Input: AC100~240V

Output: DC12V


Option

R68C

(China & Asia network)


● FDD-LTE: 2100MHz(B1), 1800MHz(B3), 900MHz(B8)

● TDD-LTE: 2600MHz(B38), 1900MHz(B39), 2300MHz(B40), 2500MHz(B41)
 ● UMTS/HSPA+: 2100MHz(B1), 850MHz(B5), 900MHz(B8), 1800MHz(B9)

● TD-SCDMA: B34, B39

FDD-LTE:50Mbps/150Mbps

TDD-LTE:10Mbps/112Mbps

DC HSPA+:5.76Mbps/42Mbps

Work:0.41A@12V DC

Peak:0.50A@12V DC

R68E (Europe & Asia network)

● FDD-LTE: 2100MHz(B1), 1800MHz(B3), 850MHz(B5), 2600MHz(B7), 900MHz(B8), 800MHz(B20)

● TDD-LTE: 2600MHz(B38), 1900MHz(B39), 2300MHz(B40), 2500MHz(B41)
 ● UMTS/HSPA+: 2100MHz(B1), 1900MHz(B2), 850MHz(B5), 800MHz(B6), 900MHz(B8),

FDD-LTE:50Mbps/150Mbps

TDD-LTE:10Mbps/112Mbps

DC HSPA+:5.76Mbps/42Mbps

Work:0.41A@12V DC

Peak:0.50A@12V DC

R68J

(cat6, Japan & Australia network)

● FDD-LTE: 2100MHz(B1), 1800MHz(B3), 850MHz(B5), 2600MHz(B7), 900MHz(B8), 800MHz(B18), 800MHz(B19), 1500MHz(B21), 700MHz(B28),

● TDD-LTE: 2600MHz(B38), 1900MHz(B39), 2300MHz(B40), 2500MHz(B41)

● WCDMA: 2100MHz(B1), 850MHz(B5), 850MHz(B6), 900MHz(B8), 1700MHz(B9), 850MHz(B19)

● TD-SCDMA: B39

FDD-LTE:50Mbps/300Mbps

TDD-LTE:10Mbps/112Mbps

DC-HSPA+: 5.76Mbps/42Mbps


Work:0.46A@12V DC

Peak:0.58A@12V DC


Applications

Advertising machine upgrade contents via 4G Router

Background

Advertising machines are widely installed in airport, mall and subway station. It brings good result to the operators, but at the same time, the runners have to update the advertisements more frequently than before. But traditional upgrade way is time consuming and costly. Is there better solution for the operators? Of course yes

Meizo Industrial 4G M2M modem/router is ideal for advertising machines

● A leading developer of Cloud based wireless M2M solutions

● Multi year track record of deploying cloud based systems

● Comprehensive range of 2G / 3G / 4G Modems for M2M

● Designed for Product Developers, Systems Integrators and Enterprise Customers

● Wide Coverage - No expensive construction as required by fiber or DSL.

● Fast transmission – upgrade quickly for large data flows.

● Easy installation & maintenance - Quick and easy installation with existing IP infrastructure

● Independent - Avoid the customer's firewall


Solutions

image003(001).jpg

network security basics

Why Security is needed

The security has become very essential due to widespread use of internet in our daily life. Initially internet was developed for connectivity purpose. Now all the critical information related to banking, business correspondence, money transactions, online purchasing happens with the use of internet. Hence it is very important to protect subscriber personal information, confidential data, passwords, credit or savings card information (used for online purchasing) etc.

Today internet is evolving very fast and use of application specific online contents has become predominant on various networks. Security companies are working on different ways to handle security related aspects.


Types of Security

Security can be divided into three types viz. computer security, network security and internet security.

Computer security: It is related to collection of tools developed to protect data available in the computer.

Network security: It is related to protect data during their transmission.

Internet Security: It is related to protect data during their transmission over a collection of inter-connected network of networks (i.e. internet).


Attack Sources

There are two attack source types viz. active attack and passive attack.
The active attack involves writing data to the network in order to steal identity of traffic sender as well as other information. Active attacks include spoofing, ARP poisoning, smurf attacks, SQL injection, buffer overflow etc.
Passive attack involves reading data from the network in order to breach confidentiality. Passive attacks include port scanning, eavesdropping, reconnaissance etc.

Network attack types

image005(001).jpg

As shown in the figure-1 there are three ways to sniff the network viz. internal sniffer, external sniffer and wireless sniffer. Sniffing can be run on all the layers of OSI stack.
In internal sniffer type, hacker can run the tools on the LAN to capture the network traffic directly.
In external sniffer type, hacker can attack through the firewall from outside of the LAN to steal the network information. This is possible with the use of spoofing techniques and analysis of intercepted network packets.
In wireless sniffer type, hacker just sits nearby to the wireless network and penetrate to hack the network information. The packet sniffer software tools designed to capture and analyze the network related issues are being utilized by the hackers. Wireless networks are evolving quite rapidly in the internet infrastructure. The common wireless networks are based on WLAN, zigbee, bluetooth, GSM, 3G, LTE, z-wave etc.


Layered Security and attack mitigation methods

image006(001).jpg

As we have learnt in article on OSI and TCPIP basics, TCPIP packet contains informations required to establish the network connection. It contains source IP address, destination IP address, port numbers, sequence numbers, protocol type etc. All these fields are very important for network layer of OSI stack to function properly.

As mentioned TCPIP protocol basically helps in reliable packet transmission over ethernet. It does not provide any mechanism to ensure network data security. It is the responsibility of the upper network layers to ensuer packet is not tempered over transmission path. Figure-2 depicts OSI layers and what information at each layers hackers can steal by way of sniffing.

Let us understand points to mitigate network security attacks:
 ➨Avoid using insecure protocols like basic HTTP authentication and telnet.
 ➨If you have to use an insecure protocol, try tunneling it through something to encrypt the sensitive data.
 ➨Run ARPwatch.
 ➨Try running tools like sniffdet and Sentinel to detect network cards in promiscuous mode that may be running sniffing software.
 ➨Use wireless networks which has built-in security algorithms such as WEP, WPA etc.
 ➨Use very strong password consisting of upper and lower case letters, numbers and symbols
 ➨Do not reveal user-ID to any one.  
 ➨Use secured application layer security protocols such as HTTPS, PGP, SMIME etc.


Network Security algorithms

Various algorithms and protocols exists at hardware and software level in order to provide efficient network security. It include cryptography, symmetric key algorithms (DES, 3DES, AES, RC4, RC6, Blowfish), block and stream cipher etc.

Inquiry