Datasheet | Routers
AT-AR441S
Secure ADSL Router
AT-AR441S
Security
Key Features
1 x ADSL port
In addition to hardware-based encryption, the
AT-AR441S comes with other security features,
such as traffic filtering with event logging.Traffic
filtering uses the source and destination address,
port, protocol andTCP packet type to provide
control over traffic that passes through the
AT-AR441S.The AT-AR441S' Stateful Inspection
firewall provides an increased level of security,
and HTTP and SMTP proxies provide improved
control over web and mail communication.
• 1 x Annex B ADSL port
5 x 10/100Base-T ports
1 x PIC
1 x Asynchronous port
• Modular Router – 1 PIC that supports a
range of WAN interfaces
• Integrated encryption engine supporting DES,
3DES and AES
ADSL Business Class
Routing Solution
• 5 x 10/100 Mbps Ethernet switched LAN
ports, any port can also be reconfigured as a
DMZ
The AT-AR441S is a competitively priced,
business-class, secure ADSL router.This desktop,
broadband router allows businesses to take
advantage of cost effective DSL connections
without compromising on bandwidth,
throughput, features, or security.
• SecureVPN capability with IPsec
• Automatic WAN back-up
• Stateful inspection firewall
• QoS
Software Quality of Service
The AlliedWare operating system provides
advanced Quality of Service (QoS) and traffic
shaping features.There are five key QoS features
available on the AT-AR441S:
TM
• SNMP and CLI management
• Web GUI
The AT-AR441S has been designed with the
needs of the branch office or small to medium
business in mind and comes with dying gasp and
the WAN back-up features businesses expect.
• Bandwidth Metering
• RED Curves
• Dying gasp
• Conforms to U-R2
• RoHS compliant
• Mixed Scheduling
The AT-AR441S comes with, or has as optional
extras, all the software features necessary for a
product of this type, such as:
• Optional features available such as:
• IPv6
• Virtual Bandwidth
• Dynamic Application Recognition (DAR)
• An extensiveVPN capability
• Comprehensive ADSL support
• An extensive QoS suite
• BGP-4
Software QoS also supports eight queues per
interface. DAR is used to snoop for session
setup exchanges and dynamically create
classifiers that match the voice and video
packets in the session. For more information,
see the AlliedTelesis Advanced QoS White
Paper available on our website.
• Server Load Balancing
• Multiple routing protocols
• A comprehensive configuration and
management suite
ExtensiveVPN Capability
Flexibility of Modular Routing
The AT-AR441S provides extensive IPsec based
VPN capability, allowing the interconnection of
branch offices, remote tele-workers, and other
users who require secure access to a corporate
network.This capability provides a cost effective
alternative to long-distance dial-in, leased line or
frame-relay connections.The AT-AR441S comes
complete with integrated hardware acceleration
to maximise encryption and throughput during
secure communication.The product is compatible
with industry standard IPsecVPN clients.
A Port Interface Card (PIC) port on the
AT-AR441S provides businesses with a high
degree of flexibility, enabling them to future proof
their investment, obtain additional functionality or
make use of WAN back-up options. For
example, a backup WAN card, such as an ISDN
card, can be installed in the PIC port enabling
businesses to protect themselves against ADSL
downtime.The PIC options available also enable
businesses to achieve a higher LAN density
without purchasing an additional switch.The
AT-AR441S PIC port is compatible with a range
Allied Telesis
AT-AR441S | Secure ADSL Router
RFC 1618 PPP over ISDN
RFC 2403 IPsec Authentication - MD5
RFC 2404 IPsec Authentication - SHA-1
RFC 2405 IPsec Encryption - DES
RFC 2406 ESP - IPsec encryption
RFC 2407 IPsec DOI
Country of Origin
China
RFC 1661 The Point-to-Point Protocol (PPP)
RFC 1701 GRE
RFC 1702 GRE over IPv4
Standards and Protocols
RFC 1762 The PPP DECnet Phase IV Control Protocol
(DNCP)
Software Release 2.9.1
RFC 2408 ISAKMP
BGP-4
RFC 1771 Border Gateway Protocol 4
RFC 1966 BGP Route Reflection
RFC 1997 BGP Communities Attribute
RFC 1998 Multi-home Routing
RFC 2385 Protection of BGP Sessions via the TCP MD5
Signature Option
RFC 2439 BGP Route Flap Damping
RFC 2858 Multiprotocol Extensions for BGP-4
RFC 2918 Route Refresh Capability for BGP-4
RFC 3065 Autonomous System Confederations for BGP
RFC 3392 Capabilities Advertisement with BGP-4
RFC 1812 Router Requirements
RFC 2409 IKE
RFC 1877 PPP Internet Protocol Control Protocol
Extensions for Name Server Addresses
RFC 1918 IP Addressing
RFC 2410 IPsec encryption - NULL
RFC 2411 IP Security Document Roadmap
RFC 2412 OAKLEY
RFC 1962 The PPP Compression Control Protocol (CCP)
RFC 1968 The PPP Encryption Control Protocol (ECP)
RFC 1974 PPP Stac LZS Compression Protocol
RFC 1978 PPP Predictor Compression Protocol
RFC 1989 PPP Link Quality Monitoring
RFC 1990 The PPP Multilink Protocol (MP)
RFC 1994 PPP Challenge Handshake Authentication
Protocol (CHAP)
RFC 3173 IPComp - IPsec compression
IPv6
RFC 1981 Path MTU Discovery for IPv6
RFC 2080 RIPng for IPv6
RFC 2365 Administratively Scoped IP Multicast
RFC 2375 IPv6 Multicast Address Assignments
RFC 2460 IPv6
RFC 2461 Neighbour Discovery for IPv6
RFC 2462 IPv6 Stateless Address Autoconfiguration
RFC 2463 ICMPv6
RFC 2125 The PPP Bandwidth Allocation Protocol (BAP)
/ The PPP Bandwidth Allocation Control Protocol (BACP)
RFC 2131 DHCP
Encryption
RFC 1321 MD5
RFC 2104 HMAC
RFC 2464 Transmission of IPv6 Packets over Ethernet
Networks
RFC 2390 Inverse Address Resolution Protocol
RFC 2516 A Method for Transmitting PPP Over Ethernet
(PPPoE)
RFC 2451 The ESP CBC-Mode Cipher Algorithms
FIPS 180 SHA-1
RFC 2465 Allocation Guidelines for Ipv6 Multicast
Addresses Management Information Base for IP Version
6: Textual Conventions and General Group
RFC 2466 Management Information Base for IP Version
6: ICMPv6 Group
FIPS 186 RSA
RFC 2661 L2TP
FIPS 197 AES
RFC 2822 Internet Message Format
RFC 2878 PPP Bridging Control Protocol (BCP)
RFC 3046 DHCP Relay Agent Information Option
RFC 3232 Assigned Numbers
FIPS 46-3 DES
FIPS 46-3 3DES
RFC 2472 IPv6 over PPP
Ethernet
RFC 2526 Reserved IPv6 Subnet Anycast Addresses
RFC 2529 Transmission of IPv6 over IPv4 Domains
without Explicit Tunnels
RFC 894 Ethernet II Encapsulation
IEEE 802.1D MAC Bridges
IEEE 802.1G Remote MAC Bridging
IEEE 802.1Q Virtual LANs
IEEE 802.2 Logical Link Control
IEEE 802.3ac VLAN TAG
RFC 3993 Subscriber-ID Sub-option for DHCP Relay
Agent Option
ISO 10589, ISO 10589 Technical Corrigendums 1, 2, 3,
ISO Intermediate System-to-Intermediate System
"ISO 8473, relevant parts of ISO 8348(X.213), ISO
8343/
Add2, ISO 8648, ISO 8648, ISO TR 9577 Open System
Interconnection"
ISO 9542 End System to Intermediate System Protocol
"IPX Router Specification", v1.2, Novell, Inc., Part
Number 107-000029-001
RFC 2710 Multicast Listener Discovery (MLD) for IPv6
RFC 2711 IPv6 Router Alert Option
RFC 2851 Textual Conventions for Internet Network
Addresses
RFC 2893 Transition Mechanisms for IPv6 Hosts and
Routers
IEEE 802.3u 100BASE-T
IEEE 802.3x Full Duplex Operation
General Routing
RFC 768 UDP
RFC 3056 Connection of IPv6 Domains via IPv4 Clouds
RFC 3307 Allocation Guidelines for IPv6 Multicast
Addresses
RFC 791 IP
Encapsulation of IPsec Packets
BootP and DHCP parameters
RFC 792 ICMP
RFC 3315 DHCPv6
RFC 793 TCP
RFC 3484 Default Address Selection for IPv6
RFC 3513 IPv6 Addressing Architecture
RFC 3587 IPv6 Global Unicast Address Format
RFC 3596 DNS Extensions to support IPv6
RFC 3810 Multicast Listener Discovery Version 2 (MLDv2)
for IPv6
RFC 826 ARP
RFC 903 Reverse ARP
RFC 925 Multi-LAN ARP
General Routing and Firewall
RFC 3022 Traditional NAT
draft-ietf-ipsec-nat-t-ike-08.txt Negotiation of NAT-
Traversal in the IKE
draft-ietf-ipsec-udp-encaps-08.txt UDP Encapsulation of
IPsec Packets
RFC 950 Subnetting, ICMP
RFC 1035 DNS
RFC 1027 Proxy ARP
RFC 1055 SLIP
Management
RFC 1155 MIB
RFC 1122 Internet Host Requirements
RFC 1144 Van Jacobson's Compression
RFC 1256 ICMP Router Discovery Messages
RFC 1288 Finger
RFC 1332 The PPP Internet Protocol Control Protocol
(IPCP)
RFC 1334 PPP Authentication Protocols
RFC 1377 The PPP OSI Network Layer Control Protocol
(OSINLCP)
RFC 1378 The PPP AppleTalk Control Protocol (ATCP)
RFC 1518 CIDR
RFC 1519 CIDR
RFC 1542 BootP
RFC 1157 SNMP
IP Multicasting
RFC 1075 DVMRP
RFC 1112 Host Extensions
RFC 2236 IGMPv2
RFC 2362 PIM-SM
RFC 2715 Interoperability Rules for Multicast Routing
Protocols
RFC 3973 PIM-DM
draft-ietf-idmr-dvmrp-v3-9 DVMRP
RFC 1212 Concise MIB definitions
RFC 1213 MIB-II
RFC 1493 Bridge MIB
RFC 1643 Ethernet MIB
RFC 1657 Definitions of Managed Objects for BGP-4
using SMIv2
RFC 2011 SNMPv2 MIB for IP using SMIv2
RFC 2012 SNMPv2 MIB for TCP using SMIv2
RFC 2096 IP Forwarding Table MIB
RFC 2576 Coexistence between V1,V2, and V3 of the
Internet-standard Network Management Framework
RFC 2578 Structure of Management Information Version
2 (SMIv2)
RFC 2579 Textual Conventions for SMIv2
RFC 2580 Conformance Statements for SMIv2
RFC 2665 Definitions of Managed Objects for the
IPsec
RFC 1829 Ipsec algorithm
RFC 1828 IP Authentication using Keyed MD5
RFC 2395 Ipsec Compression - LZS
RFC 2401 Security Architecture for IP
RFC 2402 AH - IP Authentication Header
RFC 1552 The PPP Internetworking Packet Exchange
Control Protocol (IPXCP)
RFC 1570 PPP LCP Extensions
RFC 1582 RIP on Demand Circuits
RFC 1598 PPP in X.25
Allied Telesis
AT-AR441S | Secure ADSL Router
Ethernet-like Interface Types
RFC 2587 PKI X.509 LDAPv2 Schema
ETS 300 012:1992 Integrated Services Digital Network
(ISDN); Basic user-network interface; Layer 1 specification
and test principles
ETS 300 102-1:1990 Integrated Services Digital Network
(ISDN);User-network interface layer 3;Specifications for
basic call control
ETS 300 102-2:1990 Integrated Services Digital Network
(ISDN); User-network interface layer 3; Specifications for
basic call control; Specification Description Language
(SDL) diagrams
ETS 300 125:1991 Integrated Services Digital Network
(ISDN); User-network interface data link layer
specification; Application of CCITT Recommendations
Q.920/I.440 and Q.921/I.441
ETS 300 153:1992 Integrated Services Digital Network
(ISDN);Attachment requirements for terminal equipment
to connect to an ISDN using ISDN basic access
(Candidate NET 3 Part 1)
ETS 300 156:1992 Integrated Services Digital Network
(ISDN); Attachment requirements for terminal equipment
to connect to an ISDN using ISDN primary rate access
(Candidate NET 5)
ETS 300 011:1992 Integrated Services Digital Network
(ISDN); Primary rate user-network interface; Layer 1
specification and test principles
G.706 (1988) Frame Alignment and CRC Procedures
Relating to Basic Frame Structures Defined in G.704
G.794 (1988) Characteristics of 24-channel
transmultiplexing equipments
RFC 2674 Definitions of Managed Objects for Bridges
with Traffic Classes, Multicast Filtering and Virtual LAN
Extensions (VLAN)
RFC 2865 RADIUS
RFC 2866 RADIUS Accounting
RFC 3280 X.509 Certificate and CRL profile
draft-grant-tacacs-02.txt TACACS+
Draft-IETF-PKIX-CMP-Transport-Protocols-01 Transport
Protocols for CMP
RFC 2790 Host MIB
RFC 2819 RMON (groups 1,2,3 and 9)
RFC 2856 Textual Conventions for Additional High
Capacity Data Types
draft-ylonen-ssh-protocol-00.txt SSH Remote Login
Protocol
IEEE 802.1x Port Based Network Access Control
PKCS #10 Certificate Request Syntax Standard
Diffie-Hellman
RFC 2863 The Interfaces Group MIB
RFC 3164 Syslog Protocol
RFC 3289 Management Information Base for the
Differentiated Services Architecture
CDP
RFC 3410 Introduction and Applicability Statements for
Internet-Standard Management Framework
RFC 3411 An Architecture for Describing SNMP
Management Frameworks
RFC 3412 Message Processing and Dispatching for the SNMP
RFC 3413 SNMP Applications
RFC 3414 User-based Security Model (USM) for SNMPv3
RFC 3415 View-based Access Control Model (VACM) for
the SNMP
RFC 3416 Version 2 of the Protocol Operations for SNMP
RFC 3417 Transport Mappings for the SNMP
RFC 3418 MIB for SNMP
RFC 3636 Definitions of Managed Objects for IEEE
802.3 MAUs
RFC 3768 VRRP
Services
RFC 854 Telnet Protocol Specification
RFC 855 Telnet Option Specifications
RFC 856 Telnet Binary Transmission
RFC 857 Telnet Echo Option
RFC 858 Telnet Suppress Go Ahead Option
RFC 932 Subnetwork addressing scheme
RFC 951 BootP
RFC 1091 Telnet terminal-type option
RFC 1305 NTPv3
RFC 1350 TFTP
RFC 1510 Network Authentication
RFC 1542 Clarifications and Extensions for the Bootstrap
Protocol
RFC 1945 HTTP/1.0
RFC 1985 SMTP Service Extension
RFC 2049 MIME
RFC 2068 HTTP/1.1
RFC 2156 MIXER
RFC 2217 Telnet Com Port Control Option
RFC 2821 SMTP
draft-ietf-bridge-8021x-00.txt Port Access Control MIB
IEEE 802.1AB LLDP
German Monopol (BAPT 221) Type Approval Specification
for Radio Equipment for Tagging and Identification
I.120 (1988) Integrated services digital networks (ISDNs)
I.121 (1988) Broadband aspects of ISDN
I.411 (1988) ISDN user-network interface reference
configurations
I.430 (1988) Basic user-network interface - Layer 1
specification
I.431 (1988) Primary rate user-network interface -
Physical layer specification
OSPF
RFC 1245 OSPF protocol analysis
RFC 1246 Experience with the OSPF protocol
RFC 1586 OSPF over Frame Relay
RFC 1793 Extending OSPF to Support Demand Circuits
RFC 2328 OSPFv2
SSL
RFC 2246 The TLS Protocol Version 1.0
draft-freier-ssl-version3-02.txt SSLv3
RFC 3101 The OSPF Not-So-Stubby Area (NSSA) Option
X.25
QoS
RFC 1356 Multiprotocol Interconnect on X.25 and ISDN
in the Packet Mode
RFC 2205 Reservation Protocol
ITU-T G.703 Physical/electrical characteristics of
hierarchical digital interfaces
RFC 2211 Controlled-Load
ITU-T Recommendations X.25 (1988), X.121 (1988). X.25
RFC 2474 DCSP in the IPv4 and IPv6 Headers
RFC 2475 An Architecture for Differentiated Services
RFC 2597 Assured Forwarding PHB Group
RFC 2697 A Single Rate Three Color Marker
RFC 2698 A Two Rate Three Color Marker
RFC 3246 An Expedited Forwarding PHB (Per-Hop
Behavior)
ITU-T G.704 Synchronous frame structures used at 1544,
6312, 2048, 8488 and 44736 kbit/s hierarchical levels
ITU-T G.706 Frame Alignment and CRC Procedures
Relating to Basic Frame Structures Defined in G.704
ITU-T Q.922 ISDN data link layer specification for frame
mode bearer services
xDSL
RFC 2225 IPoA Classical IP & ARP over ATM
RFC 2364 PPP Over AAL5
RFC 2684 IpoE Multiprotocol encapsulation over ATM
ANSI T1.413 ADSL Metallic Interface
ITU-T G.992.1 (G.DMT) ADSL Transceivers
ITU-T G.992.1 (G.DMT) Annex B ADSL Transceivers
ITU-T G.703 (1972) Physical/electrical characteristics of
hierarchical digital interfaces
IEEE 802.1p Priority Tagging
Japan NTT I.430-a Leased Line Basic Rate User-Network
Interface Layer 1-Specification
New Zealand Telecom TNA 134 Telecom ISDN User-
Network Interface: Layer 3: PART B Basic Call Control
Procedures
Q.920 (1988) Digital subscriber Signalling System No.1
(DSS1) - ISDN user-network interface data link layer -
General aspects
Q.921 (1988) ISDN user-network interface - Data link
layer specification
Q.930 (1988) Digital subscriber Signalling System No. 1 (DSS
1) - ISDN user-network interface layer 3 - General aspects
Q.931 (1988) Digital subscriber Signalling System No. 1
(DSS 1) - ISDN user-network interface layer 3
specification for basic call control
Rockwell Bt8370 Fully Intergrated T1/E1 Framer and
Line Interface data sheet
RIP
ISDN
RFC 1058 RIPv1
ANSI T1.231-1997 Digital Hierarchy - Layer 1 In-Service
Digital Transmission Performance Monitoring
Standardization
RFC 2082 RIP-2 MD5 Authentication
RFC 2453 RIPv2
ANSI T1.403-1995 Telecommunications - Network-to-
Customer Installation - DS1 Metallic Interface
ANSI T1.408-1990 ISDN Primary Rate - Customer
Installation Metallic Interfaces, Layer 1 Specification
AT&T TR 54016-1989 Requirements for Interfacing
Digital Terminal Equipment to Services Employing the
Extended Superframe Format
Security
RFC 959 FTP
RFC 1413 IDP
RFC 1492 TACACS
RFC 1779 X.500 String Representation of Distinguished
Names.
RFC 1858 Fragmentation
RFC 2284 EAP
RFC 2510 PKI X.509 Certificate Management Protocols
RFC 2511 X.509 Certificate Request Message Format
RFC 2559 PKI X.509 LDAPv2
RFC 2585 PKI X.509 Operational Protocols
Austel TS 013.1:1990 General Requirements for
Customer Equipment Connected to ISDN Basic Rate
Access - Vol. I: Customer Equipment Access Interface
Specifications
Bellcore SR-3887 1997 National ISDN Primary Rate Interface
Allied Telesis
AT-AR441S | Secure ADSL Router
4
AT-AR021S (V3)
Technical Reference of Frame Relay Interface,Ver. 1,
November 1993, Nippon Telegraph and Telephone
Corporation.Ver. 1, November 1993, Nippon Telegraph
and Telephone Corporation.
ACA TS 013.2:1990 General Requirements for Customer
Equipment Connected to ISDN Basic Rate Access,Vol 2:
Conformance Testing Specifications
ACA TS 014.1:1990 General Requirements for Customer
Equipment Connected to ISDN Primary Rate Access,Vol
1: Customer Access Interface Specifications
ACA TS 014.2:1990 General Requirements for Customer
Equipment Connected to ISDN Primary Rate Access,Vol
2: Conformance Testing Specifications
About AlliedTelesis
Single Basic Rate ISDN (S/T) interface
Order Number: 990-002153-00
AlliedTelesis is part of the AlliedTelesis Group.
Founded in 1987, the company is a global
provider of secure Ethernet/IP access solutions
and an industry leader in the deployment of IP
Triple Play networks over copper and fiber
access infrastructure. Our POTS-to-10G iMAP
integrated Multiservice Access Platform and iMG
intelligent Multiservice Gateways, in conjunction
with advanced switching, routing and WDM-
based transport solutions, enable public and
private network operators and service providers
of all sizes to deploy scalable, carrier-grade
networks for the cost-effective delivery of
packet-based voice, video and data services.
AT-AR023
Single Synchronous port up to 2Mbps to an external
CSU/DSU (AT-V.35-DTE-00 or AT-X.21-DTE-00 cable
required)
Order number: 990-001104-00
AT-AR024
Four Asynchronous RS232 interfaces to 115Kbps
Order number: 990-001105-00
Frame Relay
AT-AR027
Two VoIP FXS ports
RFC 1490, 2427 Multiprotocol Interconnect over Frame
Relay
Order number: 990-001356-00
ANSI T1S1 Frame relay
VoIP
RFC 2543 SIP
Software upgrade options
Service and Support
G.711 A/µ law Pulse code modulation (PCM) of voice
frequencies
AT-AR400 – ADVL3UPGRD
AR400 series advanced layer 3 upgrade
• IPv6
• BGP-4
• Server Load Balancing
Order number: 980-10021-00
AlliedTelesis provides value-added support
services for its customers under its Net.Cover
programs. For more information on Net.Cover
support programs available in your area, contact
your AlliedTelesis sales representative or visit
our website.
G.723.1 Dual rate speech coder for multimedia
communications transmitting at 5.3 and 6.3 kbit/s
G.729 A/B (Optional) Coding of speech at 8 kbit/s
using conjugate-structure algebraic-code-excited linear-
prediction (CS-ACELP)
H.323 v2 Packet-based multimedia communications systems
AT-FL-15
WAN Load Balancing
Order number: 980-000038
Ordering Information
AT-AR441S Secure ADSL Router
Order Number: 990-001129-xx
4
®
AR021S (V3) requires AlliedWare Operating System version
2.9.1-13 or later..
Where xx =
10 for U.S. power cord
20 for no power cord
30 for U.K. power cord
40 for Australian power cord
50 for European power cord
AT-AR441S ships with both a rack mount kit and a
wall mount kit.
Order number for an additional rack mount kit:
990-000024-00
Order number: for an additional wall mount kit:
990-000025-00
Port Interface Card Options
AT-AR020
Single configurable E1/T1 interface that supports
channelized/unchannelized Primary Rate ISDN/Frame
Relay
Order Number: 990-001304-00
USA Headquarters | 19800 North Creek Parkway | Suite 200 | Bothell | WA 98011 | USA | T: +1 800 424 4284 | F: +1 425 481 3895
European Headquarters |Via Motta 24 | 6830 Chiasso | Switzerland | T: +41 91 69769.00 | F: +41 91 69769.11
Asia-Pacific Headquarters | 11 Tai Seng Link | Singapore | 534182 | T: +65 6383 3832 | F: +65 6383 3830
© 2007 AlliedTelesis Inc.All rights reserved. Information in this document is subject to change without notice. All company names, logos, and product designs that are trademarks or registered trademarks are the property of their respective owners. 617-00579-05 Rev. H
|