The Draytek Vigor2832 is an ADSL2/2+ multi-WAN security firewall that router provides a flexible solution for small to medium sized businesses requiring high performance and network security in an easy to manage router.
The multi-WAN interfaces include an ADSL2/2+ interface; a Gigabit Ethernet WAN interface and a USB port for 3G/4G mobile dongles. The Vigor2832 can connect to the Internet through any of these interfaces, or with a combination of interfaces for Load Balance and/or Failover functions.
The Vigor2832 router supports business features including an object-oriented SPI (Stateful Packet Inspection) firewall, IPv6, 32 VPN tunnels, 10 SSL VPN tunnels, tag-based VLAN, multiple subnets, etc.
Additional network security features include DoS Defence to protect the network from DoS attacks from the Internet and Content Security Management (CSM) that includes APP enforcement, URL and Web Content Filter (WCF) as well as DNS Filter functions. WCF is an optional service that can be enabled to protect network users from undesirable website content.
The Vigor2832 router can be rack mounted using a 1RU rack mount bracket on a standard 19” rack or cabinet.
- Multi-WAN with 1 x built-in ADSL2+ modem, 1 x Gigabit Ethernet WAN port, 1 x USB WAN for Multi-WAN Load Balance and Failover
- 4 x Gigabit LAN ports with 50,000 NAT sessions
- Gigabit Ethernet LAN for network virtualization with up to 4 virtual network on one device
- Object-based SPI Firewall with Content Security Management (CSM)
- Supports QoS functions
- 32 x VPN and 10 x SSL VPN tunnels with Load Balance and Redundancy for VPN
- 2 x USB ports supporting 3G / 4G modem, FTP server or network printer
- Supports Smart Monitor Traffic Analyzer (up to 30-nodes)
- Supports VigorACS SI Central Management (TR-069)
- Supports IPv6 standard
- 2 years back to base warranty
1. WAN Connectivity
The Vigor2832 router supports 3 types of WAN Interfaces: an ADSL2+ WAN, a Gigabit Ethernet WAN and a USB port (WAN 3) for a supported USB 3G/4G USB modem.
With between 2 to 3 WAN interfaces connected, you can configure the router for Load Balancing or Failover. For example you can have the ADSL2+ as your primary Internet connection and have a failover connection over an attached 4G USB modem.
2. Load Balance / Route Policy
The Load Balance/Route Policy in the Vigor2832 router allows outgoing Internet traffic to be directed to the desired WAN interface based on matching criteria for the data flow. For example traffic to a mail server may need to be sent through a particular service provider associated with one of the WAN connections.
3. LAN and VLAN
The Vigor2832 has 4 x Gigabit LAN ports and supports 50,000 NAT sessions.
The Vigor2832 supports both Port-based and 802.1q Tagged VLANs. Port based VLANs allow the assignment of a VLAN and IP subnet to each router LAN port. On the other hand, 802.1q Tagged VLANs can extend up to 8 VLANs and any of the four IP subnets to an attached switch.
4. Quality of Service (QoS)
QoS functions allow the network administrator to set priorities based on types of traffic to ensure time critical traffic types are treated with higher priorities. For example real-time traffic such as VoIP or Video Conferencing can be prioritised as these have less tolerance over delays caused by network congestion.
The traffic type can be assigned to each of the three QoS classes and reserved bandwidth allocated.
The Vigor2832 has powerful firewall features including object-oriented SPI (Stateful Packet Inspection) firewall, DoS (Denial of Services), CSM (Content Security Management) and WCF (Web Content Filter).
Stateful Packet Inspection (SPI) Firewall monitors incoming and outgoing packets at layer 3 (OSI model) and passes or blocks the data packets based on the configuration.
The DoS feature protects the network for unwanted access requests from DoS attackers.
CSM enables network administrators to control and manage IM (Instant Messenger) and P2P (Peer-to-Peer) applications. For instance, you can keep network users from accessing inappropriate contents and ensure that network traffic flow is not affected by undesirable traffic types.
With WCF, all websites are classified into 64 categories; network administrators can select these categories to protect the users from undesirable website content. DrayTek uses the CYREN WCF database for Vigor 2832, and each router includes a free 30 day trial license.
The object-based firewall provides flexibility by using Objects in the firewall settings. Objects can be created and placed in groups for IP, service type, keyword, file extension, etc. This allows a filter rule to be applied to many IP addresses, reducing number of firewall filters required. In addition these objects and groups can be reused for other firewall settings resulting in reduced amount of work required to create multiple firewall rules.
Firewall rules can be applied according to a Time Schedule to control access to the Internet or network services according to predetermined time slots. Up to 4 time schedules can be applied to each firewall filter rule. For example social media can be restricted during work hours and be allowed during off work hours in a company.
6. VPN & SSL-VPN
Vigor2832 supports up to 32 simultaneous VPN tunnels, of major protocols such as IPSec/PPTP/L2TP, and 10 tunnels of SSL VPN protocol. The dedicated VPN co-processor supports the hardware encryption of AES/DES/3DES, hardware key hash of SHA-1/MD5, and LDAP authentication, and ensures that VPN traffic is secure and performance is maximised.
The SSL technology allows secure Web encryption such as those used for on-line banking. With the Vigor2832, you can create SSL VPN in Full Tunnel mode or Proxy mode.
Furthermore, since the Vigor2832 supports multi-WAN of DSL, Ethernet and 3G/4G, you can create VPN Trunking for VPN Load Balance and VPN Backup. For instance, you can use a number of connections to a site to increase the bandwidth, or have a backup connection when the primary connection fails.
7. Remote Access Management
The Vigor2832 includes a number of management options to provide both local and remote access to monitor and manage the router.
The TR-069 feature integrates with the DrayTek’s VigorACS-SI centralised management system. This can be used to allow system integrators or network administrators to configure, monitor and manage the Vigor2832 remotely from the comfort of their offices or homes. It can also be used to Auto-Provision the Vigor2832 remotely by sending configuration data to the router. There are 3 wizards: a Configuration Wizard, a VPN Wizard and a Firmware Upgrade Wizard. These allow network administrators to carry out complex tasks quickly and easily.
Alarm & Log Management features ensure real time notifications and alerts to specified phone numbers or email accounts for any faults or issues of the connected CPEs.
A number of diagnostic functions are available for the network administrators to monitor and troubleshoot network issues. These include Data Flow Monitor, Traffic Graph and Syslog Explorer, etc.
Like all Vigor routers, Vigor2832 supports management options include HTTP, HTTPS, FTP, SSH, Telnet and SNMP.