Product Specifications
`
`Interface Connections
`• Two 10/100 Mbps Half/Full Duplex Autosense Ethernet
`Interfaces with RJ-45 connectors
`
`Traffic Classification
`• Per flow by IP/MAC address (with IP range/subnet option),
`network protocols and TCP/UDP ports (with port range option)
`• Content inspection of HTTP header including: file type, URL,
`HTTP method and Host name
`• Protocol Authentication (HTTP)
`• TOS byte - DiffServ or IP Precedence bits
`• IP and non-IP (IP/MAC address) type traffic
`• Time of day/week/month/year
`
`QoS Enforcement
`• Hierarchy of policy rules with inbound/outbound traffic
`management
`• Minimum/maximum bandwidth enforcement per flow/VC/Pipe
`• Ten levels of priorities for VC/Pipe/connection
`• Per flow guaranteed bandwidth, burst rate, CBR (for connection)
`• Maximum number of connections per VC/Pipe
`• Priority per connection or per VC
`• Fairness between equal-level-priority traffic flows
`• Admission control with the following actions: accept by priority,
`reject, drop
`• ToS byte re-mark
`(in-profile bytes/out-of-profile bytes/admission control)
`• “Reserve-on-Demand” bandwidth for very high priority traffic
`
`Network Security
`• Access control - pass/reject/drop
`• Protection from Denial of Service (DoS) attacks
`
`Connection Control
`• Connection control including cache redirection and server load
`balancing (optional software packages)
`
`Configuration
`• Remote policy configuration via Web browser or Command
`Line Interface
`
`QoS Policy Management
`• Easy-to-manage, single-table view based on catalogs
`• Dynamic expansion of VCs/Pipes to multiple hosts
`• Host definition per LDAP query, DNS name, IP, MAC address
`• Policy distribution from primary NetEnforcer to other units
`
`Monitoring and Accounting
`• Monitoring - Top clients, top servers, top VCs, top Pipes and
`protocol distribution, VC/Pipe distribution, number of connections,
`utilization, dropped packets, bandwidth usage (inbound/outbound)
`with 30-second granularity and storage of historical data from
`the last 6 months
`• Accounting (via Optional NetAccountant) - In-box accounting
`of traffic per session for all sessions; accounting using RADIUS
`server; powerful report generator; ODBC interface for external
`applications
`• SNMP - support statistics collection per VC/Pipe using SNMP-
`based tools and presentation by MRTG and other graphic tools
`
`Fail-Safe Performance
`• Hardware bypass
`• Full redundancy support (dual configuration with hot-standby
`and policy distribution)
`
`Network Standards Support
`• COPS, LDAP, DiffServ/TOS (RFCs 2474, 2475, 2597, 2598),
`IP Precedence (RFC 791), SNMP, RADIUS, and ODBC
`
`Browser Support
`• MS Internet Explorer 5.01, 5.5
`• Netscape Navigator 4.5, 4.6, 4.7, 6.0
`
`Dimensions
`• Standard 1U by 19-inch, rack mountable
`• Height: 1.73 in. (43.3 mm), Width: 17.22 in. (437.5 mm),
`Depth: 11.5 in. (292.8 mm)
`
`Power Requirements
`• Power Supply: Input 100-240V AC, 50/60Hz, 2A
`
`Environmental Standards Compliance & Certification
`• EMC Directive 89/336/EEC, EN60950, ETS 300 019-2-2,
`ETS 300 019-2-3
`• FCC-Part 15 Class B
`• IEC-68
`• UL 60950
`
`Ordering Information
`
`Part No.
`
`Model
`
`Bandwidth
`
`Pipes
`
`Total VCs*
`
`Connections
`
`* Total VCs is the maximum
`number of VCs when all VCs
`will be conditioned based on IP
`addresses and will reside in the
`Default Pipe.
`
`K10202M
`
`AC-201/2M
`
`2 Mbps
`
`K102000
`
`K103000
`
`K104000
`
`AC-201/10M
`
`10 Mbps
`
`AC-301
`
`AC-401
`
`100 Mbps
`
`100 Mbps
`
`256
`
`256
`
`1024
`
`2048
`
`2048
`
`2048
`
`4096
`
`12000
`
`12000
`
`12000
`
`64000
`
`128000
`
`Copyright © 2001 Allot Communications Ltd. Allot Communications, NetEnforcer, CacheEnforcer, NetAccountant, NetBalancer and the Allot logo are trademarks of
`Allot Communications Ltd. All other brand or product names are trademarks of their respective holders. All information in this document is subject to change without
`notice. Allot Communications Ltd. assumes no responsibility for any errors that appear in this document. P/N D002106 10/01.
`
`Americas
`250 Prairie Center Drive, #335
`Eden Prairie, MN 55344
`USA
`Tel:
`Fax:
`
`(952) 944-3100
`(952) 944-3555
`
`Western Europe
`World Trade Center
`1300 Route Des Cretes
`BP255
`Sophia Antipolis Cedex
`France 06905
`Tel: 33 (0)4 92 38 80 27
`Fax: 33 (0)4 92 38 80 33
`
`Asia Pacific
`9 Raffles Place
`Republic Plaza #27-01
`Singapore 048619
`Tel: 65 832 5663
`Fax: 65 832 5662
`
`Japan
`Nishi Ginza Bldg. 2F
`5-5-9 Ginza Chuo-ku
`Tokyo 104-0061
`Tel: 81 (0)3 5537 7114
`Fax: 81 (0)3 5537 5281
`
`Eastern Europe,
`Middle East, Africa
`5 Hanagar Street
`Industrial Zone
`Hod Hasharon 45800
`Israel
`Tel: 972 (0)9 761 9200
`Fax: 972 (0)9 744 3626
`
`www.allot.com
`info@allot.com
`
`NetEnforcer™
`
`QoS/SLA Enforcement for Service Providers
`
`w i r e l e s s
`
`DoS protection
`
`s a t e l l i t e
`I S P s
`b r o a d b a n d
`W e b h o s t i n g
`
`S
`
`ervice providers have a varied subscriber base, including homes, small
`offices/home offices (SOHOs), branch offices and enterprise networks.
`Since each subscriber group has different networking needs—and not all
`subscribers will be online at any one instant—Internet service providers,
`web hosting facilities, ASPs and data centers use over-subscription to
`maximize return on investment (ROI). More importantly, enterprise
`customers are willing to pay additional fees in order to receive premium
`tiered services such as “Gold”, “Silver”, or “Bronze”, or classes of service
`that deliver the bandwidth to support specific business-critical applications
`such as VoIP, SAP and Citrix.
`
`• Maximize ROI on network
`infrastructure
`
`• Enforce Service Level
`Agreements
`
`• Rapidly provision new
`subscribers
`
`• Monitoring and IP-based
`accounting
`
`0001
`
`Cloudflare - Exhibit 1016, page 1
`
`

`

`NetEnforcer
`
`Policy-Powered Networking
`
`Features and Benefits
`
`Allot Communications NetEnforcer™ policy enforcement devices
`offer service providers a complete suite of tools for better managing
`over-subscription and enforcing Service Level Agreements (SLAs).
`The NetEnforcer lets service providers immediately identify, and
`then cap or limit excessive bandwidth consumers.
`
`The NetEnforcer is an ideal platform for rapidly provisioning new
`subscribers, creating and enforcing multiple tiers of service, and
`collecting usage-based billing information for export to an external
`database.
`
`Smart
`Building
`
`Regional
`Office 1
`
`Regional
`Office 2
`
`Cache, Email
`FTP Servers
`
`Web Far
`Web Farm
`
`CCM, Billing
`
`Switch
`
`NetEnforcer
`
`Router
`
`Internet
`
`NetEnforcer on a Broadband
`Wireless Service Provider
`Network
`
`Three Steps to Policy-Powered Networking
`
`Policy-Powered Networking lets you efficiently manage subscriber
`traffic accessing the service provider network. The process of
`implementing a Policy-Powered Networking solution on a service
`provider network includes three steps:
`
`1. Provision new subscribers
`Use the NetEnforcer to retrieve customer information from your
`Customer Care and Billing system (CCB) or text-based customer
`list. This automatic process retrieves the subscriber’s Service Level
`Agreement type and defines the guaranteed minimum bandwidth as
`well as maximum usage limits on the NetEnforcer.
`2. Enforce the rules
`NetEnforcer examines subscriber usage parameters that have been
`defined. Upon matching a traffic session with a customer or subscriber,
`NetEnforcer forwards the packets according to the bandwidth
`parameters outlined in the SLA. Active management and enforcement
`of the Service Level Agreement (SLA) ensures that your customers
`receive exactly the bandwidth for which they are paying.
`3. Verify/Bill
`The NetEnforcer sends detailed traffic information to the
`billing/reporting systems, including addresses, applications used,
`service applied and traffic sent. This allows you to create advanced
`invoicing schemes such as usage-based billing, in which subscribers
`are charged based on the amount and type of network services that
`they actually use.
`
`Web-accessible reports can also be made available to the customers,
`so they can monitor their usage and the level of service that
`they receive.
`
`Maximize ROI on Network Infrastructure
`The NetEnforcer allows service providers to
`maximize ROI by effectively managing “bandwidth
`contention” and over-subscription. On many
`networks as little as 5% of the subscribers use
`up to 80% of the bandwidth. Use NetEnforcer
`to discover—and limit—these bandwidth abusers
`that negatively impact your network’s
`performance. By effectively limiting excessive
`network consumers and maximizing network
`performance, you can successfully over-subscribe
`your services as well as attract lucrative enterprise
`customers. They seek premium services that
`guarantee bandwidth for business-critical
`applications such as VoIP, SAP and Citrix.
`
`Increased Revenue Through SLA Enforcement
`Offering Service Level Agreements (SLAs) allows
`you to charge a premium for your IP services.
`The NetEnforcer enables you to enforce SLAs
`by assigning fixed minimum and maximum
`amounts of bandwidth to your customers so
`that they receive exactly the bandwidth they
`pay for—no more and no less. No longer do
`they pay for 256 Kbps and receive 1 Mbps. This
`“extra” bandwidth can be sold to additional
`paying customers, increasing your bottom line.
`
`Rapidly Provision New Subscribers
`NetEnforcer enables rapid customer provisioning
`with its superior GUIs for policy setting and
`integration with CCB systems. Save time by
`defining each customer only once in your
`customer care directory, and NetEnforcer will
`automatically retrieve the subscriber’s SLA type
`(such as “Gold” “Sliver” and “Bronze”) and apply
`the guaranteed minimum and maximum
`bandwidth limits.
`
`Pipe Policy Hierarchy
`The NetEnforcer’s “Pipe” policy hierarchy was
`especially designed for the quality of service
`(QoS) needs of services providers. You can
`create a “Pipe” to define a customer and then
`define policies called “Virtual Channels” that
`enable QoS for their traffic.
`
`Pipes also enable you to dynamically allocate
`bandwidth and automatically apply the relevant
`QoS policies. Only after matching a session to
`a rule (such as a subscriber‘s IP address), does
`the NetEnforcer enable a VC. This allows you
`to define more VCs than are actively handled at
`any one time. With this feature, a NetEnforcer
`that supports 8,000 VCs can, for example, provide
`QoS for up to 20,000 subscribers.
`
`Policy Editor
`
`The Policy Editor is used to set up QoS. Double-clicks conveniently
`launch editors for defining tiered services and Hosts.
`
`Policy Editor
`The Policy Editor is used to define Virtual
`Channels and Pipes that specify network actions
`and enable QoS. Special emphasis has been
`placed on ease-of-use and ergonomics to speed
`policy creation, enable rapid provisioning of
`subscribers, and ease maintenance tasks that
`enforce multiple tiers of service. The Policy
`Editor offers advanced features such as drag-
`and-drop creation of policies and rules, and
`right-clicks to launch relevant monitoring views.
`
`Monitoring and IP-Based Accounting
`The NetEnforcer Traffic Monitor presents macro
`and micro views of traffic and performance from
`a single, easy-to-read GUI, enabling you to
`immediately identify, and then cap or limit
`excessive bandwidth consumers. NetEnforcer
`lets you view traffic per users, sessions and
`applications. Special emphasis has been placed
`on ease-of-use and ergonomics, with such
`features as mouse-overs with tool tips; the ability
`to save frequently used monitoring views as “My
`Favorite”; and extensive navigational shortcuts
`using right mouse-clicks. Exporting the
`NetEnforcer Accounting data to solutions of
`Allot partners such as Portal, RODOPI,
`TeleKnowledge, Bridgewater and XACCT enables
`usage-based billing.
`
`The NetHistory utility allows you to monitor
`and store application and resource usage data
`for up to six months. Through analysis of historical
`data, you can set more accurate traffic policies,
`proactively plan network capacity, and more
`effectively over-subscribe your services.
`
`Per-Flow Queuing
`The NetEnforcer uses a unique approach to
`queuing called Per-Flow Queuing (PFQ) in which
`each new connection flow gets its own queue.
`The new queue is treated equally with other
`flows having the same priority policy class
`(“fairness”). New connections wait a fair,
`proportionate amount of time relative to all
`other connections and are not sent to the back
`of the queue.
`
`To control the flow of connections between
`different priority classes, the NetEnforcer will
`perform a superset of traditional weighted-fair
`and class-based queuing algorithms.
`
`Customizable, Java-based Traffic Monitor
`
`LDAP Directory and Backend Support
`The NetEnforcer interfaces to standard LDAP-
`based directories. This enables service providers
`to integrate their network policies with their
`customer care and billing database (CCB). This
`feature enables the solutions provider to assign
`minimum and maximum service level guarantees
`for each customer via the database.
`
`Complete Fault Tolerance
`The NetEnforcer offers one hundred percent
`uptime, with a two-tier approach to fault-tolerant
`operation:
`1.
`If any software or hardware component fails,
`the NetEnforcer will switch over to a
`hardware bypass mode and transparently
`pass all traffic through the box.
`2. Two NetEnforcers can be placed in parallel,
`with the primary unit acting as the active
`system and the other as a hot-backup system.
`
`End-to-End QoS Delivery
`To achieve end-to-end QoS, NetEnforcer uses
`industry-standard Type of Service (ToS) and
`Differentiated Services (DiffServ) protocols.
`Based on its classification results, the NetEnforcer
`can mark the outgoing packets with DiffServ
`values such as “Assured” or “Best Effort” to
`signal the entire network (i.e., the backbone
`routers) of the desired QoS.
`
`Traffic Redirection Control (Optional)
`The CacheEnforcer™ lets network managers
`seamlessly add servers and distribute traffic
`according to the individual capabilities of each
`server. It simplifies caching administration by
`giving network managers a single point to manage
`multiple cache servers and frees additional
`resources for over-subscription.
`
`The NetBalancer™ allows you to control and
`balance traffic to server farms. It goes beyond
`traditional load balancing equipment by allowing
`you to define single policies that control both
`the prioritization of applications on the network
`and the distribution of those applications
`to servers.
`
`0002
`
`Cloudflare - Exhibit 1016, page 2
`
`

`

`NetEnforcer
`
`Policy-Powered Networking
`
`Features and Benefits
`
`Allot Communications NetEnforcer™ policy enforcement devices
`offer service providers a complete suite of tools for better managing
`over-subscription and enforcing Service Level Agreements (SLAs).
`The NetEnforcer lets service providers immediately identify, and
`then cap or limit excessive bandwidth consumers.
`
`The NetEnforcer is an ideal platform for rapidly provisioning new
`subscribers, creating and enforcing multiple tiers of service, and
`collecting usage-based billing information for export to an external
`database.
`
`Smart
`Building
`
`Regional
`Office 1
`
`Regional
`Office 2
`
`Cache, Email
`FTP Servers
`
`Web Far
`Web Farm
`
`CCM, Billing
`
`Switch
`
`NetEnforcer
`
`Router
`
`Internet
`
`NetEnforcer on a Broadband
`Wireless Service Provider
`Network
`
`Three Steps to Policy-Powered Networking
`
`Policy-Powered Networking lets you efficiently manage subscriber
`traffic accessing the service provider network. The process of
`implementing a Policy-Powered Networking solution on a service
`provider network includes three steps:
`
`1. Provision new subscribers
`Use the NetEnforcer to retrieve customer information from your
`Customer Care and Billing system (CCB) or text-based customer
`list. This automatic process retrieves the subscriber’s Service Level
`Agreement type and defines the guaranteed minimum bandwidth as
`well as maximum usage limits on the NetEnforcer.
`2. Enforce the rules
`NetEnforcer examines subscriber usage parameters that have been
`defined. Upon matching a traffic session with a customer or subscriber,
`NetEnforcer forwards the packets according to the bandwidth
`parameters outlined in the SLA. Active management and enforcement
`of the Service Level Agreement (SLA) ensures that your customers
`receive exactly the bandwidth for which they are paying.
`3. Verify/Bill
`The NetEnforcer sends detailed traffic information to the
`billing/reporting systems, including addresses, applications used,
`service applied and traffic sent. This allows you to create advanced
`invoicing schemes such as usage-based billing, in which subscribers
`are charged based on the amount and type of network services that
`they actually use.
`
`Web-accessible reports can also be made available to the customers,
`so they can monitor their usage and the level of service that
`they receive.
`
`Maximize ROI on Network Infrastructure
`The NetEnforcer allows service providers to
`maximize ROI by effectively managing “bandwidth
`contention” and over-subscription. On many
`networks as little as 5% of the subscribers use
`up to 80% of the bandwidth. Use NetEnforcer
`to discover—and limit—these bandwidth abusers
`that negatively impact your network’s
`performance. By effectively limiting excessive
`network consumers and maximizing network
`performance, you can successfully over-subscribe
`your services as well as attract lucrative enterprise
`customers. They seek premium services that
`guarantee bandwidth for business-critical
`applications such as VoIP, SAP and Citrix.
`
`Increased Revenue Through SLA Enforcement
`Offering Service Level Agreements (SLAs) allows
`you to charge a premium for your IP services.
`The NetEnforcer enables you to enforce SLAs
`by assigning fixed minimum and maximum
`amounts of bandwidth to your customers so
`that they receive exactly the bandwidth they
`pay for—no more and no less. No longer do
`they pay for 256 Kbps and receive 1 Mbps. This
`“extra” bandwidth can be sold to additional
`paying customers, increasing your bottom line.
`
`Rapidly Provision New Subscribers
`NetEnforcer enables rapid customer provisioning
`with its superior GUIs for policy setting and
`integration with CCB systems. Save time by
`defining each customer only once in your
`customer care directory, and NetEnforcer will
`automatically retrieve the subscriber’s SLA type
`(such as “Gold” “Sliver” and “Bronze”) and apply
`the guaranteed minimum and maximum
`bandwidth limits.
`
`Pipe Policy Hierarchy
`The NetEnforcer’s “Pipe” policy hierarchy was
`especially designed for the quality of service
`(QoS) needs of services providers. You can
`create a “Pipe” to define a customer and then
`define policies called “Virtual Channels” that
`enable QoS for their traffic.
`
`Pipes also enable you to dynamically allocate
`bandwidth and automatically apply the relevant
`QoS policies. Only after matching a session to
`a rule (such as a subscriber‘s IP address), does
`the NetEnforcer enable a VC. This allows you
`to define more VCs than are actively handled at
`any one time. With this feature, a NetEnforcer
`that supports 8,000 VCs can, for example, provide
`QoS for up to 20,000 subscribers.
`
`Policy Editor
`
`The Policy Editor is used to set up QoS. Double-clicks conveniently
`launch editors for defining tiered services and Hosts.
`
`Policy Editor
`The Policy Editor is used to define Virtual
`Channels and Pipes that specify network actions
`and enable QoS. Special emphasis has been
`placed on ease-of-use and ergonomics to speed
`policy creation, enable rapid provisioning of
`subscribers, and ease maintenance tasks that
`enforce multiple tiers of service. The Policy
`Editor offers advanced features such as drag-
`and-drop creation of policies and rules, and
`right-clicks to launch relevant monitoring views.
`
`Monitoring and IP-Based Accounting
`The NetEnforcer Traffic Monitor presents macro
`and micro views of traffic and performance from
`a single, easy-to-read GUI, enabling you to
`immediately identify, and then cap or limit
`excessive bandwidth consumers. NetEnforcer
`lets you view traffic per users, sessions and
`applications. Special emphasis has been placed
`on ease-of-use and ergonomics, with such
`features as mouse-overs with tool tips; the ability
`to save frequently used monitoring views as “My
`Favorite”; and extensive navigational shortcuts
`using right mouse-clicks. Exporting the
`NetEnforcer Accounting data to solutions of
`Allot partners such as Portal, RODOPI,
`TeleKnowledge, Bridgewater and XACCT enables
`usage-based billing.
`
`The NetHistory utility allows you to monitor
`and store application and resource usage data
`for up to six months. Through analysis of historical
`data, you can set more accurate traffic policies,
`proactively plan network capacity, and more
`effectively over-subscribe your services.
`
`Per-Flow Queuing
`The NetEnforcer uses a unique approach to
`queuing called Per-Flow Queuing (PFQ) in which
`each new connection flow gets its own queue.
`The new queue is treated equally with other
`flows having the same priority policy class
`(“fairness”). New connections wait a fair,
`proportionate amount of time relative to all
`other connections and are not sent to the back
`of the queue.
`
`To control the flow of connections between
`different priority classes, the NetEnforcer will
`perform a superset of traditional weighted-fair
`and class-based queuing algorithms.
`
`Customizable, Java-based Traffic Monitor
`
`LDAP Directory and Backend Support
`The NetEnforcer interfaces to standard LDAP-
`based directories. This enables service providers
`to integrate their network policies with their
`customer care and billing database (CCB). This
`feature enables the solutions provider to assign
`minimum and maximum service level guarantees
`for each customer via the database.
`
`Complete Fault Tolerance
`The NetEnforcer offers one hundred percent
`uptime, with a two-tier approach to fault-tolerant
`operation:
`1.
`If any software or hardware component fails,
`the NetEnforcer will switch over to a
`hardware bypass mode and transparently
`pass all traffic through the box.
`2. Two NetEnforcers can be placed in parallel,
`with the primary unit acting as the active
`system and the other as a hot-backup system.
`
`End-to-End QoS Delivery
`To achieve end-to-end QoS, NetEnforcer uses
`industry-standard Type of Service (ToS) and
`Differentiated Services (DiffServ) protocols.
`Based on its classification results, the NetEnforcer
`can mark the outgoing packets with DiffServ
`values such as “Assured” or “Best Effort” to
`signal the entire network (i.e., the backbone
`routers) of the desired QoS.
`
`Traffic Redirection Control (Optional)
`The CacheEnforcer™ lets network managers
`seamlessly add servers and distribute traffic
`according to the individual capabilities of each
`server. It simplifies caching administration by
`giving network managers a single point to manage
`multiple cache servers and frees additional
`resources for over-subscription.
`
`The NetBalancer™ allows you to control and
`balance traffic to server farms. It goes beyond
`traditional load balancing equipment by allowing
`you to define single policies that control both
`the prioritization of applications on the network
`and the distribution of those applications
`to servers.
`
`0003
`
`Cloudflare - Exhibit 1016, page 3
`
`

`

`Product Specifications
`
`Interface Connections
`• Two 10/100 Mbps Half/Full Duplex Autosense Ethernet
`Interfaces with RJ-45 connectors
`
`Traffic Classification
`• Per flow by IP/MAC address (with IP range/subnet option),
`network protocols and TCP/UDP ports (with port range option)
`• Content inspection of HTTP header including: file type, URL,
`HTTP method and Host name
`• Protocol Authentication (HTTP)
`• TOS byte - DiffServ or IP Precedence bits
`• IP and non-IP (IP/MAC address) type traffic
`• Time of day/week/month/year
`
`QoS Enforcement
`• Hierarchy of policy rules with inbound/outbound traffic
`management
`• Minimum/maximum bandwidth enforcement per flow/VC/Pipe
`• Ten levels of priorities for VC/Pipe/connection
`• Per flow guaranteed bandwidth, burst rate, CBR (for connection)
`• Maximum number of connections per VC/Pipe
`• Priority per connection or per VC
`• Fairness between equal-level-priority traffic flows
`• Admission control with the following actions: accept by priority,
`reject, drop
`• ToS byte re-mark
`(in-profile bytes/out-of-profile bytes/admission control)
`• “Reserve-on-Demand” bandwidth for very high priority traffic
`
`Network Security
`• Access control - pass/reject/drop
`• Protection from Denial of Service (DoS) attacks
`
`Connection Control
`• Connection control including cache redirection and server load
`balancing (optional software packages)
`
`Configuration
`• Remote policy configuration via Web browser or Command
`Line Interface
`
`QoS Policy Management
`• Easy-to-manage, single-table view based on catalogs
`• Dynamic expansion of VCs/Pipes to multiple hosts
`• Host definition per LDAP query, DNS name, IP, MAC address
`• Policy distribution from primary NetEnforcer to other units
`
`Monitoring and Accounting
`• Monitoring - Top clients, top servers, top VCs, top Pipes and
`protocol distribution, VC/Pipe distribution, number of connections,
`utilization, dropped packets, bandwidth usage (inbound/outbound)
`with 30-second granularity and storage of historical data from
`the last 6 months
`• Accounting (via Optional NetAccountant) - In-box accounting
`of traffic per session for all sessions; accounting using RADIUS
`server; powerful report generator; ODBC interface for external
`applications
`• SNMP - support statistics collection per VC/Pipe using SNMP-
`based tools and presentation by MRTG and other graphic tools
`
`Fail-Safe Performance
`• Hardware bypass
`• Full redundancy support (dual configuration with hot-standby
`and policy distribution)
`
`Network Standards Support
`• COPS, LDAP, DiffServ/TOS (RFCs 2474, 2475, 2597, 2598),
`IP Precedence (RFC 791), SNMP, RADIUS, and ODBC
`
`Browser Support
`• MS Internet Explorer 5.01, 5.5
`• Netscape Navigator 4.5, 4.6, 4.7, 6.0
`
`Dimensions
`• Standard 1U by 19-inch, rack mountable
`• Height: 1.73 in. (43.3 mm), Width: 17.22 in. (437.5 mm),
`Depth: 11.5 in. (292.8 mm)
`
`Power Requirements
`• Power Supply: Input 100-240V AC, 50/60Hz, 2A
`
`Environmental Standards Compliance & Certification
`• EMC Directive 89/336/EEC, EN60950, ETS 300 019-2-2,
`ETS 300 019-2-3
`• FCC-Part 15 Class B
`• IEC-68
`• UL 60950
`
`Ordering Information
`
`Part No.
`
`Model
`
`Bandwidth
`
`Pipes
`
`Total VCs*
`
`Connections
`
`* Total VCs is the maximum
`number of VCs when all VCs
`will be conditioned based on IP
`addresses and will reside in the
`Default Pipe.
`
`K10202M
`
`AC-201/2M
`
`2 Mbps
`
`K102000
`
`K103000
`
`K104000
`
`AC-201/10M
`
`10 Mbps
`
`AC-301
`
`AC-401
`
`100 Mbps
`
`100 Mbps
`
`256
`
`256
`
`1024
`
`2048
`
`2048
`
`2048
`
`4096
`
`12000
`
`12000
`
`12000
`
`64000
`
`128000
`
`Copyright © 2001 Allot Communications Ltd. Allot Communications, NetEnforcer, CacheEnforcer, NetAccountant, NetBalancer and the Allot logo are trademarks of
`Allot Communications Ltd. All other brand or product names are trademarks of their respective holders. All information in this document is subject to change without
`notice. Allot Communications Ltd. assumes no responsibility for any errors that appear in this document. P/N D002106 10/01.
`
`Americas
`250 Prairie Center Drive, #335
`Eden Prairie, MN 55344
`USA
`Tel:
`Fax:
`
`(952) 944-3100
`(952) 944-3555
`
`Western Europe
`World Trade Center
`1300 Route Des Cretes
`BP255
`Sophia Antipolis Cedex
`France 06905
`Tel: 33 (0)4 92 38 80 27
`Fax: 33 (0)4 92 38 80 33
`
`Asia Pacific
`9 Raffles Place
`Republic Plaza #27-01
`Singapore 048619
`Tel: 65 832 5663
`Fax: 65 832 5662
`
`Japan
`Nishi Ginza Bldg. 2F
`5-5-9 Ginza Chuo-ku
`Tokyo 104-0061
`Tel: 81 (0)3 5537 7114
`Fax: 81 (0)3 5537 5281
`
`Eastern Europe,
`Middle East, Africa
`5 Hanagar Street
`Industrial Zone
`Hod Hasharon 45800
`Israel
`Tel: 972 (0)9 761 9200
`Fax: 972 (0)9 744 3626
`
`www.allot.com
`info@allot.com
`
`NetEnforcer™
`
`QoS/SLA Enforcement for Service Providers
`
`w i r e l e s s
`
`DoS protection
`
`s a t e l l i t e
`I S P s
`b r o a d b a n d
`W e b h o s t i n g
`
`S
`
`ervice providers have a varied subscriber base, including homes, small
`offices/home offices (SOHOs), branch offices and enterprise networks.
`Since each subscriber group has different networking needs—and not all
`subscribers will be online at any one instant—Internet service providers,
`web hosting facilities, ASPs and data centers use over-subscription to
`maximize return on investment (ROI). More importantly, enterprise
`customers are willing to pay additional fees in order to receive premium
`tiered services such as “Gold”, “Silver”, or “Bronze”, or classes of service
`that deliver the bandwidth to support specific business-critical applications
`such as VoIP, SAP and Citrix.
`
`• Maximize ROI on network
`infrastructure
`
`• Enforce Service Level
`Agreements
`
`• Rapidly provision new
`subscribers
`
`• Monitoring and IP-based
`accounting
`
`0004
`
`Cloudflare - Exhibit 1016, page 4
`
`