TCP/IP protocol suite:
- Firewall and NAT - stateful packet filtering; Peer-to-Peer protocol filtering; source and destination NAT; classification by source MAC, IP addresses (networks or a list of networks) and address types, port range, IP protocols, protocol options (ICMP type, TCP flags and MSS), interfaces, internal packet and connection marks, ToS (DSCP) byte, content, matching sequence/frequency, packet size, time and more...
- Routing - Static routing; Equal cost multi-path routing; Policy based routing (classification done in firewall); RIP v1 / v2, OSPF v2, BGP v4
- Data Rate Management - Hierarchical HTB QoS system with bursts; per IP / protocol / subnet / port / firewall mark; PCQ, RED, SFQ, FIFO queue; CIR, MIR, contention ratios, dynamic client rate equalizing (PCQ), bursts, Peer-to-Peer protocol limitation
- HotSpot - HotSpot Gateway with RADIUS authentication and accounting; true Plug-and-Play access for network users; data rate limitation; differentiated firewall; traffic quota; real-time status information; walled-garden; customized HTML login pages; iPass support; SSL secure authentication; advertisement support
- Point-to-Point tunneling protocols - PPTP, PPPoE and L2TP Access Concentrators and clients; PAP, CHAP, MSCHAPv1 and MSCHAPv2 authentication protocols; RADIUS authentication and accounting; MPPE encryption; compression for PPPoE; data rate limitation; differentiated firewall; PPPoE dial on demand
- Simple tunnels - IPIP tunnels, EoIP (Ethernet over IP)
- IPsec - IP security AH and ESP protocols; MODP Diffie-Hellman groups 1,2,5; MD5 and SHA1 hashing algorithms; DES, 3DES, AES-128, AES-192, AES-256 encryption algorithms; Perfect Forwarding Secrecy (PFS) MODP groups 1,2,5
- Proxy - FTP and HTTP caching proxy server; HTTPS proxy; transparent DNS and HTTP proxying; SOCKS protocol support; DNS static entries; support for caching on a separate drive; access control lists; caching lists; parent proxy support
- DHCP - DHCP server per interface; DHCP relay; DHCP client; multiple DHCP networks; static and dynamic DHCP leases; RADIUS support
- VRRP - VRRP protocol for high availability
- UPnP - Universal Plug-and-Play support
- NTP - Network Time Protocol server and client; synchronization with GPS system
- Monitoring/Accounting - IP traffic accounting, firewall actions logging, statistics graphs accessible via HTTP
- SNMP - read-only access
- M3P - MikroTik Packet Packer Protocol for Wireless links and Ethernet
- MNDP - MikroTik Neighbor Discovery Protocol; also supports Cisco Discovery Protocol (CDP)
- Tools - ping; torch; traceroute; bandwidth test; ping flood; telnet; SSH; packet sniffer; Dynamic DNS update tool
0 Comments:
Post a Comment