Sorry! You can't edit your cart on this page.
Sorry! This item could not be added to your cart as it is no longer available from Comms Express.
Please check the quantity you are adding and try again.
The following item has been added to your cart.
Product Code:
Options:
Qty:
Unit Price:£
View Cart
Checkout
Your cart is empty.
Subtotal:
£0
Learn more about how
to collect Data Points
for free gifts.
Remove all items from cart
Are you sure? Yes No
Request A Quote
View Cart
Apply for a Credit Account
Checkout
Cookie Policy×

Hi there! Our website may store cookies on your computer in order to give you the best experience, such as remembering the items in your cart so you can continue shopping where you left off.

By continuing to use our site, you give consent for cookies to be used.

Browse Categories
More Info
The DrayTek product range includes router firewalls, wireless access points, switching products, ADSL modems and accessories. DrayTeks products are designed for business, with the premium features you need. The sections below give summaries of each of DrayTeks new series.
Dual WAN/DrayOS

Supports two Gigabit Ethernet WAN Ports
with selectable SFP Socket for WAN1
USB 3G/4G/LTE USB modem can also be added
Wireless Management of up to 30 DrayTek APs
IPv6/IPv4 Dual-Stack
DrayOS Operating System
High performance - up to 500Mb/s firewall throughput
DrayTek Firewall with huge flexibility
Temperature Monitoring (optional thermometer)
High Availability (Hardware failover)
Hardware DMZ (LAN) RJ-45 Port
Conditional User Management
Multiple Private LAN Subnets
SMS (Text Message) Alert
VLANs (802.1q tag-based)
IGMP v3 MultiCast
Content Filtering (by keyword, data type or category)
LDAP Integration for VPN and user access
QoS (Layer 2&3, 802.1p & TOS/DCSP)
Up to 100 VPN tunnels for LAN-to-LAN or teleworkers
VPN Trunk/Backup to remote sites
SSL VPN - Tunnel or Proxy (50 users)
Optional VigorCare Available
The Vigor 2952 is a router/firewall with two Gigabit Ethernet WAN ports, providing load balancing or failover for up to two WAN connections. WAN1 can be selected as either RJ-45 or SFP format (SFP is for fibre modules). There are four LAN RJ-45 ports (Gigabit). The Vigor 2952 runs DrayTek's own DrayOS operating system, providing familiarity for users of other existing DrayTek products.



Robust & Comprehensive Firewall

Security is always taken seriously with DrayTek routers. The firewall protects against attacks including DoS (Denial of Service) attacks, IP-based attacks and access by unauthorised remote systems. Wireless, Ethernet and VPN are also protected by various protection systems. The DrayTek object-based firewall allows even more setup flexibility than ever, enabling you to create combinations of users, rules and restrictions to suit multi-departmental organisations. The Vigor 2952 now also allows selective direction firewall rules of LAN to WAN, WAN to LAN or LAN to VPN. In addition, QoS (Quality of Service Assurance) can now be selectively applied to specific users.

High Availability

For mission critical applications, a pair of Vigor 2952's can be set up in high-availability mode - also known as 'hardware failover'.  This removes the Vigor 2952 as a single point of failure if it ceases operation or is damaged - the standby router takes over operations.

Web Content Filtering



The content control features of the Vigor 2952 allows you to set restrictions on web site access, blocking download of certain file or data types, blocking specific web sites with whitelists or blacklists, blocking IM/P2P applications or other potentially harmful or wasteful content. Restrictions can be per user, per PC or universal. Using DrayTek's GlobalView service, you can block whole categories of web sites (e.g. gambling, adult sites etc.), subject to an annual subscription to the Cyren Globalview service, which is continuously updated with new or changed site categorisations or sites which have become compromised (such as infected with Malware). A free 30-day trial is included with your new router.

User Management/Authentication

The Vigor 2952 has built-in user management which allows you to provide conditional internet access to different users based on their own unique login (stored in the router, or on an external Radius server) and including the restrictions of web content filtering (above) too.

3G/4G Cellular Data Features

The Vigor 2952's USB port can host a compatible 3G/4G/LTE USB modem for access to the cellular network for full Internet Access as your primary or failover WAN connectivity. Network Attached Storage (NAS)

Either of the Vigor 2952's USB ports can also be used to add storage memory to the unit in the form of a USB memory stick. That memory can be used for recording syslogs or accessed as a simple FTP/file storage for users, local or remote (password protected).   Requires a USB memory stick (up to 64Gb, FAT32 formatted). WAN Load Balancing & Backup

The Vigor 2952's two WAN interfaces can be used either for WAN-Backup or load balancing. Each of the 2 WAN Ethernet ports can be connected to any Ethernet-based Internet connection, such as a DSL modem, cable modem, leased line etc. One port can use an SFP module instead of Ethernet.

In Load-balancing mode, the router will spread your Internet sessions across all Internet connections to make best use of your available total bandwidth.  This can be automatic, according to rules or reserving specific WAN connections for specific clients or services.

WAN-Backup (failover) provides contingency (redundancy) in case of your primary connection or ISP sufferers temporary outage. Internet Traffic will be temporarily routed via the second, third or fourth Internet connection. When normal services is restored to your primary line(s), all traffic is switched back to that. 



 

802.1q Tagged, Wireless & Port Based VLAN

The Vigor 2925 features a hugely flexible VLAN system. Each of the six Gigabit LAN ports can be isolated from each other, for example to feed different companies or departments but keeping their local traffic completely separated.

VPN - Linking remote offices, HQ, teleworkers and mobile staff

A feature central to DrayTek routers is the VPN (Virtual Private Networking) features. A VPN enables you to link two remote offices, branch offices back to HQ or home-based/mobile teleworkers back to your office. Once connected, they have access to your office/remote resources through a secure encrypted tunnel allowing remote desktop, file sharing and seamless access to other resources and devices.

The Vigor 2952 allows you to set up up to 100 simultaneous VPN tunnels to remote offices or from remote teleworkers. The Vigor 2952 industry standard protocols, including encryption and authentication methods. Teleworkers can authenticate directly with your LDAP server if preferred.



The Vigor2952 supports VPN trunking; this allows you to create tunnels down muliple WAN connections to a remote site in order to increase bandwidth. VPN trunking also provides failover (backup) of your VPN route down a secondary WAN connection.

The Vigor 2952 also supports SSL VPN. These are encrypted tunnels linking your teleworker back to your main office but they are 'clientless in that your O/S does not need to generate the tunnel and you do not need to install any VPN software manually.  You instigate an SSL tunnel from your regular web browser, so it could be in a web cafe or guest network, and the tunnel is creating using SSL technology - the same encryption that you use for secure web sites such as your bank. The Vigor2952 can operate SSL VPNs in either Proxy or full tunnel mode and allows up to 50 simultaneous incoming users. For SSL VPN tunnel mode Windows OS is supported.

View More
In Stock: Next Day
£320.45
£384.54 Inc Vat.
Qty:

The Vigor 2960 is a high-performance dual-Gigabit WAN firewall. The two dedicated Gigabit WAN ports can provide load balancing or WAN failover. Based on a new DrayTek OS platform, the Vigor 2960 provides high performance with DrayTek's traditional ease of use and comprehensive features set. Extensive QoS, VLAN Web Content filtering features help keep your network efficiency and online productivity high.


VPN


As a VPN endpoint/concentrator, the Vigor 2960 will support up to 200 simultaneous teleworker or LAN-to-LAN VPNs with a VPN throughput of up to 500Mb/s dependant on protocol, thanks to its hardware-based VPN co-processor. VPN security includes certificate, MOTP or token/PSK based access and key-hash authentication to ensure maximum security.


SSL VPN


For ease of remote access, the Vigor 2960 can provide up to 20 simultaneous SSL VPN web-proxy tunnels, making remote access to your network possible from virtually anywhere without the inconvenience or compatibility issues of installing a VPN client. As SSL is a standard Internet protocol (used for web sites) )SSL VPNs are also resilient to difficulties in creating tunnels through guest networks (web cafes, hotels etc.) where traditional IPSec/PPTP tunnels can often have difficulties. SSL encryption is strong too, using 128bit DES/3DES or AES. Using MoTP, your teleworker passwords are strong and realtime; a password is generated in real-time by your mobile phone (iphone, Android etc.) which can be used once only, and only at the time its generated. In addition to Web-proxy mode, full SSL VPN tunnelling is supported for Windows OS via a Java applet or the Smart VPN Client.


High Availability


For even greater resilience, the Vigor2960 provides High Availability (HA). The CARP protocol (equivalent to VRRP or HSRP) lets you set up a master and secondary Vigor2960 whereby in the event of the master unit failing, the secondary unit can seamlessly and automatically switch over. This can remove the possibility of a single point of failure within your routers. Additionally, multiple active Vigor2960's can provide reciprocal routing backup to other active Vigor2960s.



SSL VPNs

VPNs (Virtual Private Networks) enable you to link two remote computers or networks securely using the public Internet. An encrypted tunnel is created to carry your private data between the two sites. Tunnels making use of PPTP, L2TP, AES and IPSec protocols have been available on Vigor routers for many years and provide a simple to set up solution for your site-to-site or teleworker VPNs. SSL VPNs provide a new method for teleworker to central site VPN, providing great convenience, low TCO and simplicity where other methods may not be possible.


The benefits of SSL VPNs


One potential drawback of using the above methods for a Teleworker-to-central site VPN is that they need compatiable protocol stacks at each end (e.g. an IPSec client or hardware) and most importantly those protocols need to be freely passed by your local host network. This isn't normally a problem where you own the computers and the network in use and you can install any client, software or hardware you choose, as well as allowing any traffic types you like. Where it can become a problem is where you are using someone else's computer or network where either you cannot use the O/S VPN client, or the host network blocks VPN protocols or makes them unreliable. This is most commonly a problem when using WiFi hotspots or other public Internet access methods (hotels, conference centres etc.).

You may already have heard of SSL previously, and you have almost certainly used it. SSL (Secure Sockets Layer) is the protocol used by all web browsers for accessing 'secure' web sites. You will have used secure web sites whenver you have used your credit card online or accessed your banking web sites, for example. SSL is supported by all web browsers, and as it is so commonly used, all hotspots and other public Internet will always allow SSL to pass properly. By using the SSL protocol for your telework VPN tunnel you therefore have some important benefits:

Traditional VPN (e.g. AES/IPSecSSL VPN Requires VPN Client or Hardware Uses Standard Web Browser SSL Support for popular O/S's only Compatible with all computers/browsers Licence fees all for some vendor
client software (Not DrayTek though!) No client licence fees Requires user to operate VPN Client No special operator procedures.
Just use your web browser. At OSI 'network' layer At OSI 'session' layer AES/DES/3DES Encryption SSL Encryption Full network access (unless filtered) Ability to easily restrict users to
specific web applications Network Level Access as standard. Network level access via
DrayTek Java Tunnel Plug-in
(Windwos OS only) Teleworker or Site-to-Site (LAN-to-LAN) Teleworker-to-Host site only Another advantage of web based SSL VPN is that your host Vigor router presents the user with his/her login page to the network within their browser and then can provide access only to the web based applications or local servers which you allow as opposed to a regular VPN which connects the user to the network directly for access to any resource which is accessible locally. No TCP/UDP ports have to be opened on your host router; if the user cannot login to the VPN, they won't get access.

As mentioned previously, an SSL VPN uses your standard web browser; this means that for your web based applications running at your office (webmail, Intranet, Thin Clients etc.) SSL VPNs work really well for this access method, which is called 'SSL Web Proxy' mode. A very common application for SSL VPN is remote desktop. By using the Windows 'Remote Desktop Web Connection', your office desktop will be accessible from your web browser whereever you are and whoever's computer you're using. In addition, by using Vigor web proxy, you can browse external web sites via the tunnel, thus bypassing any local web site blocking policy (content filtering or local polcies). If you are familiar with 'port redirection' or 'open ports setup' on Vigor routers, SSL Proxy to your internal web services is very similar in concept to this except that the data passes through a secured tunnel, hence increasing security and privacy.

Please check on specific models for the level of SSL VPN supported.


MOTP (Mobile One-time Passwords)


As an alternative to a fixed password for remote teleworkers, you can make use of DrayTek's Mobile One-Time Password (MOTP) system to add Two-layer authentication. A One-time password is generated dynamically each time you want to connect, works once only and expires immediately. For DrayTek MOTP, the authentication device is your mobile phone; MOTP applets are available for Symbian mobile phones (e.g. Nokia), most phones supporting Java and the Apple iPhone™.



SSL VPNs beyond the Browser

Using the web browser for your remote access is great for accessing web-based applications (intranet, webmail, remote web desktop etc.) but it does not provide access to the actual network directly, for example for shared directory access, network resources or other applications which are not browser based. Only data or applications which are available in your web browser locally are available remotely via the SSL Proxy (see above).

For full network access, DrayTek provide an Java Tunnel plug-in (a VPN client, effectively) which can transfer at the network layer, making a fully VPN tunnel. This is called SSL Tunnel mode. This plug-in is downloaded automatically by your browser from the host Vigor router when you log into the SSL VPN and select Tunnel mode. You are then fully connected to the remote network for direct network resource access. In this way, you are no longer limited to running web-based applications and can access shares and other network resources.



VPN Trunking

VPN Trunking is the facility to create more than one VPN tunnel, over a second Wan CONNECTION, to the same remote location in order to provide either increased bandwidth between the two sites (load balancing) or resilience (failover) in the event that one tunnel/connection is interrupted. The Vigor 2960 supports both Failover and Load Balancing modes for VPN Trunks.

The Vigor 2960 already supports load balancing to the Internet using its dual-WAN ports. What VPN trunking does is enables a single virtual tunnel to be created across both WAN connections to the same remote location creating a single virtual tunnel, recombining the tunnel at the other end. As far as the traffic and LAN devices/clients are concerned, there is just a single tunnel, with increased bandwidth.



In the diagram above, you can see a single virtual tunnel as far as the LAN at each end is concerned. Within the router, two WAN connections are being used with each router, across which the VPN tunnel can be spread, increasing total capacity and/or redundancy (for failover).

View More
In Stock: Next Day
£338.64
£406.37 Inc Vat.
Qty:
Draytek Vigor 2952P


Features:
Supports two Gigabit Ethernet WAN Ports
with selectable SFP Socket for WAN1
USB 3G/4G/LTE USB modem can also be added
Wireless Management of up to 30 DrayTek APs
IPv6/IPv4 Dual-Stack
DrayOS Operating System
High performance - up to 500Mb/s firewall throughput
DrayTek Firewall with huge flexibility
Temperature Monitoring (optional thermometer)
High Availability (Hardware failover)
Hardware DMZ (LAN) RJ-45 Port
Conditional User Management
Multiple Private LAN Subnets
SMS (Text Message) Alert
VLANs (802.1q tag-based)
IGMP v3 MultiCast
Content Filtering (by keyword, data type or category)
LDAP Integration for VPN and user access
QoS (Layer 2&3, 802.1p & TOS/DCSP)
Up to 100 VPN tunnels for LAN-to-LAN or teleworkers
VPN Trunk/Backup to remote sites
SSL VPN - Tunnel or Proxy (50 users)
Optional VigorCare Available
Vigor2952P Dual-WAN security firewall router is an enterprise level router designed for medium sized businesses that need strong business network features, including support of up to 100 VPN tunnels.The Vigor2952P router is fitted with 2 x Gigabit Ethernet WAN interfaces, with WAN 1 selectable as a SFP port for optic fibre module installation. The USB port 2 (USB2) for 3G/4G mobile dongles. You can connect to the Internet through any of these interfaces, or with a combination of interfaces for Load Balance and/or Failover functions.

For mission critical applications the Vigor2952P router can be used in High Availability mode, and be used in parallel with another router to provide uninterrupted network connectivity should one of the routers fails.

The Vigor2952P router is a PoE capable router with 4 x PoE LAN ports providing a total of 60 Watts of power, and is an ideal solution where PoE devices such as Wireless Access Points or IP cameras are deployed on the network.

Vigor2952P supports business grade network features including an object-oriented SPI (Stateful Packet Inspection) firewall, IPv6, 100 VPN tunnels, 50 SSL VPN tunnels, tag-based VLAN, multiple subnets, etc.

The centralised network management features, including Central VPN Management, Central Switch Management and Central AP Management, help the network administrators to simplify network configuration tasks through a convenient console.

The Vigor2952 series router can be rack mounted, using the supplied mounting brackets, into a standard 19” rack or cabinet.




Robust & Comprehensive Firewall


Security is always taken seriously with DrayTek routers. The firewall protects against attacks including DoS (Denial of Service) attacks, IP-based attacks and access by unauthorised remote systems. Wireless, Ethernet and VPN are also protected by various protection systems. The DrayTek object-based firewall allows even more setup flexibility than ever, enabling you to create combinations of users, rules and restrictions to suit multi-departmental organisations. The Vigor 2952 now also allows selective direction firewall rules of LAN to WAN, WAN to LAN or LAN to VPN. In addition, QoS (Quality of Service Assurance) can now be selectively applied to specific users.





High Availability


For mission critical applications, a pair of Vigor 2952's can be set up in high-availability mode - also known as 'hardware failover'.  This removes the Vigor 2952 as a single point of failure if it ceases operation or is damaged - the standby router takes over operations.


Web Content Filtering




The content control features of the Vigor 2952 allows you to set restrictions on web site access, blocking download of certain file or data types, blocking specific web sites with whitelists or blacklists, blocking IM/P2P applications or other potentially harmful or wasteful content. Restrictions can be per user, per PC or universal. Using DrayTek's GlobalView service, you can block whole categories of web sites (e.g. gambling, adult sites etc.), subject to an annual subscription to the Cyren Globalview service, which is continuously updated with new or changed site categorisations or sites which have become compromised (such as infected with Malware). A free 30-day trial is included with your new router.


User Management/Authentication


The Vigor 2952 has built-in user management which allows you to provide conditional internet access to different users based on their own unique login (stored in the router, or on an external Radius server) and including the restrictions of web content filtering (above) too.

3G/4G Cellular Data Features

The Vigor 2952's USB port can host a compatible 3G/4G/LTE USB modem for access to the cellular network for full Internet Access as your primary or failover WAN connectivity. Network Attached Storage (NAS)

Either of the Vigor 2952's USB ports can also be used to add storage memory to the unit in the form of a USB memory stick. That memory can be used for recording syslogs or accessed as a simple FTP/file storage for users, local or remote (password protected).   Requires a USB memory stick (up to 64Gb, FAT32 formatted). WAN Load Balancing & Backup

The Vigor 2952's two WAN interfaces can be used either for WAN-Backup or load balancing. Each of the 2 WAN Ethernet ports can be connected to any Ethernet-based Internet connection, such as a DSL modem, cable modem, leased line etc. One port can use an SFP module instead of Ethernet.

In Load-balancing mode, the router will spread your Internet sessions across all Internet connections to make best use of your available total bandwidth.  This can be automatic, according to rules or reserving specific WAN connections for specific clients or services.

WAN-Backup (failover) provides contingency (redundancy) in case of your primary connection or ISP sufferers temporary outage. Internet Traffic will be temporarily routed via the second, third or fourth Internet connection. When normal services is restored to your primary line(s), all traffic is switched back to that. 



 

802.1q Tagged, Wireless & Port Based VLAN

The Vigor 2925 features a hugely flexible VLAN system. Each of the six Gigabit LAN ports can be isolated from each other, for example to feed different companies or departments but keeping their local traffic completely separated.

VPN - Linking remote offices, HQ, teleworkers and mobile staff

A feature central to DrayTek routers is the VPN (Virtual Private Networking) features. A VPN enables you to link two remote offices, branch offices back to HQ or home-based/mobile teleworkers back to your office. Once connected, they have access to your office/remote resources through a secure encrypted tunnel allowing remote desktop, file sharing and seamless access to other resources and devices.

The Vigor 2952 allows you to set up up to 100 simultaneous VPN tunnels to remote offices or from remote teleworkers. The Vigor 2952 industry standard protocols, including encryption and authentication methods. Teleworkers can authenticate directly with your LDAP server if preferred.



The Vigor2952 supports VPN trunking; this allows you to create tunnels down muliple WAN connections to a remote site in order to increase bandwidth. VPN trunking also provides failover (backup) of your VPN route down a secondary WAN connection.

The Vigor 2952 also supports SSL VPN. These are encrypted tunnels linking your teleworker back to your main office but they are 'clientless in that your O/S does not need to generate the tunnel and you do not need to install any VPN software manually.  You instigate an SSL tunnel from your regular web browser, so it could be in a web cafe or guest network, and the tunnel is creating using SSL technology - the same encryption that you use for secure web sites such as your bank. The Vigor2952 can operate SSL VPNs in either Proxy or full tunnel mode and allows up to 50 simultaneous incoming users. For SSL VPN tunnel mode Windows OS is supported.

View More
In Stock: Next Day
£372.00
£446.40 Inc Vat.
Qty:
DrayOS

Supports four Gigabit Ethernet WAN Ports
USB 3G/4G/LTE modem can also be added
Wireless Management of up to 30 DrayTek APs
IPv6/IPv4 Dual-Stack
High performance - up to 500Mb/s firewall throughput
DrayTek Firewall with huge flexibility
Temperature Monitoring (optional thermometer)
High Availability (Hardware failover)
Hardware DMZ (LAN) RJ-45 Port
Multiple Private LAN Subnets
SMS (Text Message) Alert
VLANs (802.1q tag-based)
IGMP v3 MultiCast
Content Filtering (by keyword, data type or category)
LDAP Integration for VPN and user access
QoS (Layer 2&3, 802.1p & TOS/DCSP)
Up to 100 VPN tunnels for LAN-to-LAN or teleworkers
VPN Trunk/Backup to remote sites
SSL VPN - Tunnel or Proxy (50 users)
Optional VigorCare Available
The Vigor 3220 is a router/firewall with four Gigabit Ethernet WAN ports, providing load balancing or failover for up to four WAN connections of any type. The Vigor 3220 is based on DrayTek's own DrayOS operating system, providing familiarity for users of other existing DrayTek products.




Robust & Comprehensive Firewall

Security is always taken seriously with DrayTek routers. The firewall protects against attacks including DoS (Denial of Service) attacks, IP-based attacks and access by unauthorised remote systems. Wireless, Ethernet and VPN are also protected by various protection systems. The DrayTek object-based firewall allows even more setup flexibility than ever, enabling you to create combinations of users, rules and restrictions to suit multi-departmental organisations. The Vigor 2860 now also allows selective direction firewall rules of LAN to WAN, WAN to LAN or LAN to VPN. In addition, QoS (Quality of Service Assurance) can now be selectively applied to specific users.


High Availability


For mission critical applications, a pair of Vigor 3220's can be set up in high-availability mode - also known as 'hardware failover'.  This removes the Vigor 3220 as a single point of failure if it ceases operation or is damaged - the standby router takes over operations.


IPv6 - Next Generation Internet Routing


The Vigor 3220 supports IPv6 - the successor to the current IPv4 addressing system that has been used since the Internet was first created. IPv4 address space is full up and IPv6 allows for much more efficient routing and a larger address space. IPv6 is supported both from your own ISP, but if your ISP does not (yet) support IPv6, the Vigor 2860 also supports IPv6 broker/tunnel services to provide IPv6 access using either TSPC or AICCU via 3rd party IPv6 providers. 


Web Content Filtering




The content control features of the Vigor 3220 allows you to set restrictions on web site access, blocking download of certain file or data types, blocking specific web sites with whitelists or blacklists, blocking IM/P2P applications or other potentially harmful or wasteful content. Restrictions can be per user, per PC or universal. Using DrayTek's GlobalView service, you can block whole categories of web sites (e.g. gambling, adult sites etc.), subject to an annual subscription to the Cyren Globalview service, which is continuously updated with new or changed site categorisations or sites which have become compromised (such as infected with Malware). A free 30-day trial is included with your new router.


User Management/Authentication


The Vigor 3220 has built-in user management which allows you to provide conditional internet access to different users based on their own unique login (stored in the router, or on an external Radius server) and including the restrictions of web content filtering (above) too.


WAN Load Balancing & Backup


The Vigor 3220's multiple WAN interfaces can be used either for WAN-Backup or load balancing. Each of the 4-WAN Ethernet ports can be connected to any Ethernet-based Internet connection, such as a DSL modem, cable modem, leased line etc.

In Load-balancing mode, the router will spread your Internet sessions across all Internet connections to make best use of your available total bandwidth.  This can be automatic, according to rules or reserving specific WAN connections for specific clients or services.

WAN-Backup (failover) provides contingency (redundancy) in case of your primary connection or ISP sufferers temporary outage. Internet Traffic will be temporarily routed via the second, third or fourth Internet connection. When normal services is restored to your primary line(s), all traffic is switched back to that. 



802.1q Tagged, Wireless & Port Based VLAN

The Vigor 3220 features a hugely flexible VLAN system. Each of the 6 Gigabit LAN ports can be isolated from each other, for example to feed different companies or departments but keeping their local traffic completely separated. 


3G/4G Cellular Data Features




The Vigor 3220's USB port can host a compatible 3G/4G/LTE USB modem for access to the cellular network for full Internet Access as your primary or failover WAN connectivity.


Network Attached Storage (NAS)




Either of the Vigor 3220's USB ports can also be used to add storage memory to the unit in the form of a USB memory stick. That memory can be used for recording syslogs or accessed as a simple FTP/file storage for users, local or remote (password protected).   Requires a USB memory stick (up to 64Gb, FAT32 formatted).



VPN - Linking remote offices, HQ, teleworkers and mobile staff

A feature central to DrayTek routers is the VPN (Virtual Private Networking) features. A VPN enables you to link two remote offices, branch offices back to HQ or home-based/mobile teleworkers back to your office. Once connected, they have access to your office/remote resources through a secure encrypted tunnel allowing remote desktop, file sharing and seamless access to other resources and devices.

The Vigor 3220 allows you to set up up to 100 simultaneous VPN tunnels to remote offices or from remote teleworkers. The Vigor 3220 industry standard protocols, including encryption and authentication methods. Teleworkers can authenticate directly with your LDAP server if preferred.



The Vigor3220 supports VPN trunking; this allows you to create tunnels down muliple WAN connections to a remote site in order to increase bandwidth. VPN trunking also provides failover (backup) of your VPN route down a secondary WAN connection.

The Vigor 3220 also supports SSL VPN. These are encrypted tunnels linking your teleworker back to your main office but they are 'clientless in that your O/S does not need to generate the tunnel and you do not need to install any VPN software manually.  You instigate an SSL tunnel from your regular web browser, so it could be in a web cafe or guest network, and the tunnel is creating using SSL technology - the same encryption that you use for secure web sites such as your bank. The Vigor2860 can operate SSL VPNs in either Proxy or full tunnel mode and allows up to 50 simultaneous incoming users. For SSL VPN tunnel mode Windows OS is supported.

The Vigor 3220 is a router / firewall with four Gigabit Ethernet WAN ports, providing load balancing or failover for up to four WAN connections of any type. Features: Supports four Gigabit Ethernet WAN ports
IPv6 / IPv4 dual-stack
High performance
DrayTek firewall with huge flexibility
High Availability
Hardware DMZ (LAN) RJ-45 port
Multiple private LAN subnets
SMS alert
IGMP v3 MultiCast
Content filtering (by keyword, data type or category)
LDAP integration for VPN and user access
Up to 100 VPN tunnels for LAN-to-LAN or teleworkers
VPN trunk / backup to remote sites
Robust and comprehensive firewall Security is always taken seriously with DrayTek routers. The firewall protects against attacks including DoS (Denial of Service) attacks, IP-based attacks and access by unauthorized remote systems. Wireless, Ethernet and VPN are also protected by various protection systems. The DrayTek object-based firewall allows even more setup flexibility than ever, enabling you to create combinations of users, rules and restrictions to suit multi-departmental organizations.
High Availability For mission-critical applications, a pair of Vigor 3220's can be set up in high-availability mode - also known as hardware failover. This removes the Vigor 3220 as a single point of failure if it ceases operation or is damaged - the standby router takes over operations. See more details on High Availability here.
Web content filtering The content control features of the Vigor 3220 allows you to set restrictions on web site access, blocking download of certain file or data types, blocking specific web sites with whitelists or blacklists, blocking IM / P2P applications or other potentially harmful or wasteful content. Restrictions can be per user, per PC or universal.
User management / authentication The Vigor 3220 has built-in user management which allows you to provide conditional Internet access to different users based on their own unique login and including the restrictions of web content filtering too.
WAN load balancing and backup The Vigor 3220's multiple WAN interfaces can be used either for WAN-Backup or load balancing. Each of the 4-WAN Ethernet ports can be connected to any Ethernet-based Internet connection, such as a DSL modem, cable modem, leased line etc.

View More
In Stock: Next Day
£393.18
£471.82 Inc Vat.
Qty:

High Performance Multi-WAN VPN Appliance

The Vigor 3900 is a high-performance quad-Gigabit WAN router for high-performance applications including remote access, firewalling, load-balancing and failover. Its WAN throughput runs at up to 1Gb/s, adequate for the most demanding SME applications. The WAN ports on the Vigor 3900 can provide load balancing or WAN failover. Based on a new DrayTek OS platform, the Vigor 3900 combines high performance and capacity with DrayTek's traditional ease of use and comprehensive features set.

For multi-tenant or departmental flexibility, the Vigor3900 will support multiple LAN IP subnets, together with VLAN capabilities and user management, providing access to WAN resources only to the appropriate users or departments, as well as maintaining infrastructure effciency.


Four WAN ports for load-balancing or failover


Four Gigabit Ethernet WAN ports and one SFP slot (for fibre modules or an additional Ethernet module) provide 5 independent WAN ports for either load-balancing or failover applications. Gigabit Ethernet and SFP LAN Interfaces provide high speed connectivity to your LAN. Fibre is of particular use for longer distance deliveries, beyond the range of standard Ethernet, or where copper connections cannot be used. WAN Load-balancing weight or traffic-type rules can be set or on an automatic basis to spread WAN traffic evenly across all interfaces on a best-endeavour basis.




Firewall


The Vigor 3900's firewall is fully stateful, with a flowtrack mechanism and comprehensive WAN defences, including DoS/DDoS protection and flexible IP packet filtering. On the content side, the Vigor 3900 has several methods of content filtering to control user access to the web to keep their access appropriate, safe and productive. That helps keep your network efficient, your data secure and your online productivity high.


QoS


Extensive QoS facilities allow for efficient local traffic handling, ensuring that critical traffic is given the appropriate priority and that your network topology handles data in the most efficient way to help avoid congestion and bottlenecks. WAN traffic can be assigned one of 7 different priority levels for egress and 2 levels for ingress. Bandwidth can be reserved for critical applications.. Rules can be based on service type, users or IP source/desintations.



In this example, VoIP traffic identified and given highest priority and given a priority of 3:1 over email.


VPN


As a VPN endpoint/concentrator, the Vigor 3900 will support up to 500 simultaneous teleworker or LAN-to-LAN VPNs with a VPN throughput of up to 700Mb/s, thanks to its hardware-based VPN co-processor. VPN security includes certificate, MOTP or token/PSK based access and key-hash authentication to ensure maximum security.


VPN Trunking


By the use of multiple WAN connections, the Vigor 3900's VPN Trunking features can increase the bandwidth/capacity of your VPN connections, creating a single virtual tunnel between locations using 2, 3 or all 4 WAN connections.

VPN Trunking is the facility to create more than one VPN tunnel, over a second Wan connection, to the same remote location in order to provide either increased bandwidth between the two sites (load balancing) or resilience (failover) in the event that one tunnel/connection is interrupted. The Vigor 3900 supports both Failover and Load Balancing modes for VPN Trunks.

The Vigor 3900 already supports load balancing to the Internet using its four-WAN ports. What VPN trunking does is enables a single virtual tunnel to be created across two or more WAN connections to the same remote location creating a single virtual tunnel, recombining the tunnel at the other end. As far as the traffic and LAN devices/clients are concerned, there is just a single tunnel, with increased bandwidth.



In the diagram above, you can see a single virtual tunnel as far as the LAN at each end is concerned. Within the router, two WAN connections are being used with each router, across which the VPN tunnel can be spread, increasing total capacity and/or redundancy (for failover).


SSL VPN


For ease of remote access, the Vigor 3900 can provide up to 20 simultaneous SSL VPN web-proxy tunnels, making remote access to your network possible from virtually anywhere without the inconvenience or compatibility issues of installing a VPN client. As SSL is a standard Internet protocol (used for web sites) )SSL VPNs are also resilient to difficulties in creating tunnels through guest networks (web cafes, hotels etc.) where traditional IPSec/PPTP tunnels can often have difficulties. SSL encryption is strong too, using 128bit DES/3DES or AES. Using MoTP, your teleworker passwords are strong and realtime; a password is generated in real-time by your mobile phone (iphone, Android etc.) which can be used once only, and only at the time its generated. In addition to Web-proxy mode, full SSL VPN tunnelling is supported for Windows OS via a Java applet or the Smart VPN Client.


High Availability


For even greater resilience, the Vigor 3900 provides High Availability (HA). The CARP protocol (equivalent to VRRP or HSRP) lets you set up a master and secondary Vigor 3900 whereby in the event of the master unit failing, the secondary unit can seamlessly and automatically switch over. This can remove the possibility of a single point of failure within your routers. Additionally, multiple active Vigor3900's can provide reciprocal routing backup to other active Vigor3900s.

The Vigor 3900 is a high-performance quad-Gigabit WAN router for high-performance applications including remote access, firewalling, load-balancing and failover. Its WAN throughput runs at up to 1 Gb/s, adequate for the most demanding SME applications. The WAN ports on the Vigor 3900 can provide load balancing, WAN failover or bandwidth aggregation (increasing total bandwidth onto the Internet). Four Gigabit Ethernet WAN ports and one SFP slot (for fiber modules or an additional Ethernet module) provide 5 independent WAN ports for either load-balancing or failover applications. Gigabit Ethernet and SFP LAN Interfaces provide high speed connectivity to your LAN. Fiber is of particular use for longer distance deliveries, beyond the range of standard Ethernet, or where copper connections cannot be used.The Vigor 3900's firewall is fully stateful, with a flowtrack mechanism and comprehensive WAN defenses, including DoS/DDoS protection and flexible IP packet filtering. On the content side, the Vigor 3900 has several methods of content filtering to control user access to the web to keep their access appropriate, safe and productive. That helps keep your network efficient, your data secure and your online productivity high. Extensive QoS facilities allow for efficient local traffic handling, ensuring that critical traffic is given the appropriate priority and that your network topology handles data in the most efficient way to help avoid congestion and bottlenecks. WAN traffic can be assigned one of 7 different priority levels for egress and 2 levels for ingress. Bandwidth can be reserved for critical applications... Rules can be based on service type, users or IP source/desintations. Features: Professional router/firewall
Five Gigabit WAN ports
WAN load balancing and WAN failover
Up to 500 simultaneous IPSec/PPTP/L2TP Tunnels
Up to 200 SSL VPN tunnels (Web-Proxy)
IPv4 and IPv6 dual-stack
Two independent USB ports
802.1q tagged and port-based VLANs
QoS assurance on different traffic types
Mobile one-time passwords for Teleworker VPNs
VPN trucking (aggregated/failover links)
Up to 50 WAN/LAN-side IP subnets
Web content filtering
High performance multi-WAN VPN appliance The Vigor 3900 is a high-performance quad-Gigabit WAN router for high-performance applications including remote access, firewalling, load-balancing and failover. Its WAN throughput runs at up to 1 Gb/s, adequate for the most demanding SME applications. The WAN ports on the Vigor 3900 can provide load balancing, WAN failover or bandwidth aggregation (increasing total bandwidth onto the Internet).
Four WAN ports for load-balancing or failover Four Gigabit Ethernet WAN ports and one SFP slot (for fiber modules or an additional Ethernet module) provide 5 independent WAN ports for either load-balancing or failover applications. Gigabit Ethernet and SFP LAN Interfaces provide high speed connectivity to your LAN. Fiber is of particular use for longer distance deliveries, beyond the range of standard Ethernet, or where copper connections cannot be used.
Firewall The Vigor 3900's firewall is fully stateful, with a flowtrack mechanism and comprehensive WAN defenses, including DoS/DDoS protection and flexible IP packet filtering. On the content side, the Vigor 3900 has several methods of content filtering to control user access to the web to keep their access appropriate, safe and productive. That helps keep your network efficient, your data secure and your online productivity high.
QoS Extensive QoS facilities allow for efficient local traffic handling, ensuring that critical traffic is given the appropriate priority and that your network topology handles data in the most efficient way to help avoid congestion and bottlenecks. WAN traffic can be assigned one of 7 different priority levels for egress and 2 levels for ingress. Bandwidth can be reserved for critical applications... Rules can be based on service type, users or IP source/desintations.
VPN As a VPN endpoint/concentrator, the Vigor 3900 will support up to 500 simultaneous teleworker or LAN-to-LAN VPNs with a VPN throughput of up to 700Mb/s, thanks to its hardware-based VPN co-processor. VPN security includes certificate, MOTP or token/PSK based access and key-hash authentication to ensure maximum security.
VPN trunking By the use of multiple WAN connections, the Vigor 3900's VPN-trunking features can increase the bandwidth/capacity of your VPN connections, creating a single virtual tunnel between locations using 2, 3 or all 4 WAN connections. VPN trunking is the facility to create more than one VPN tunnel, over a second Wan connection, to the same remote location in order to provide either increased bandwidth between the two sites (load balancing) or resilience (failover) in the event that one tunnel/connection is interrupted. The Vigor 3900 supports both Failover and Load Balancing modes for VPN trunks.
SSL VPN For ease of remote access, the Vigor 3900 can provide up to 200 simultaneous SSL VPN web-proxy tunnels, making remote access to your network possible from virtually anywhere without the inconvenience or compatibility issues of installing a VPN client. As SSL is a standard Internet protocol (used for web sites))SSL VPNs are also resilient to difficulties in creating tunnels through guest networks (web cafes, hotels etc. ) where traditional IPSec/PPTP tunnels can often have difficulties. SSL encryption is strong too, using 128bit DES/3DES or AES. Using MoTP, your teleworker passwords are strong and real-time; a password is generated in real-time by your mobile phone (iphone, Android etc. ) which can be used once only, and only at the time its generated. You can read more about SSL VPNs and MoTP here.
High availability For even greater resilience, the Vigor 3900 provides High Availability (HA). The CARP protocol (equivalent to VRRP or HSRP) lets you set up a master and secondary Vigor 3900 whereby in the event of the master unit failing, the secondary unit can seamlessly and automatically switch over. This can remove the possibility of a single point of failure within your routers. Additionally, multiple active Vigor3900's can provide reciprocal routing backup to other active Vigor3900s.

View More
In Stock: Next Day
£548.86
£658.63 Inc Vat.
Qty:
Other Ranges Available
Draytek Vigor 2926 Series Routers
DrayTek Vigor 2926 Series Routers
View Range
Draytek Vigor 2862 Series Routers
DrayTek Vigor 2862 Series Routers
View Range
Draytek Vigor 2832 Series Routers
DrayTek Vigor 2832 Series Routers
View Range
Draytek Vigor 2762 Series Routers
DrayTek Vigor 2762 Series Routers
View Range
Join Our Mailing List
Join Now
View this week's eShot
Social Links
  • Apply for Credit