DFL-2500.pdf
(
2163 KB
)
Pobierz
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
dFL-210/800/1600/2500
netdefend Firewall series
Integrated FunctIons
Powerful Firewall engine
d-Link end-to-end security solution
(e2es) Integration
content Filtering/Intrusion detection
& Prevention
user authentication
Instant Message/P2P Blocking
denial of service (dos) Protection
Virtual Private network (VPn) security
Bandwidth Management
content FILterIng
urL/e-Mail address Filtering
Java script/active X/cookie Filtering
IM/P2P Program Filtering
d-Link netdefend firewalls offer the next-generation of high-performance, business-class
network security solutions, addressing growing concerns over network security, hacker attacks,
virus threats, and increasing privacy demands. netdefend irewalls provide businesses with the
assurance of a dedicated network security solution.
FauLt toLerance
Wan trafic Fail-over
active/Passive Modes for High
availability
1
d-Link’s netdefend Firewall series packs an
impressive set of features including high-speed
processors, extensive signature databases,
and the power to handle up to a million
concurrent sessions. enclosed in an industrial
chassis, these firewalls include multiple
user-configurable interfaces, including high-
speed gigabit ports for flexible, scalable and
bottleneck-free network deployment.
d-Link netdefend firewalls can be remotely
managed via a web-based interface or through
a dedicated VPn connection. they include
flexible features to monitor and maintain a
healthy and secure network, such as e-mail
alerts, system log and real-time statistics.
BandWIdtH ManageMent
Wan trafic Bandwidth Management
Multi-Wan Interfaces for trafic Load
sharing/Load
Balancing
to minimize the impact of any event on an
entire network, d-Link netdefend firewalls
include a special feature called Zonedefense
- a mechanism that operates seamlessly with
d-Link xstack switches to perform proactive
network security. Zonedefense automatically
quarantines infected computers and prevents
them from looding the network with malicious
trafic.
dynamic Bandwidth Balancing
netdefend makes use of component-based
signatures
3
which are built to recognize
and protect against all varieties of known
and unknown attacks. the IPs system can
address all critical aspects of an attack or
potential attack including the payload, noP
sled, infection, and any exploits. the IPs
database includes attack information and data
from a global attack sensor-grid and exploits
collected from public sites such as the national
Vulnerability database and Bugtrax.
HardWare
Powerful Firewall engines
Multiple user-conigurable Ports
1
High-speed gigabit Interfaces
setuP & ManageMent
Installation Wizard for Quick setup
easy Web-Based coniguration/
Management
command Line Interface (cLI)
the d-Link constantly updates its auto-
signature sensor system in order to deliver
high-quality, optimized, IPs signatures. Without
overloading existing security appliances, these
signatures ensure a high ratio of detection
accuracy and the lowest ratio of false positives
3
.
Logging and real-time Monitoring
VPNC
CERT IFIED
AES
Interop
VPNC
CERT IFIED
Basic
Interop
1
For dFL-1600 and dFL-2500 only
2
For dFL-800, dFL-1600, and dFL-2500 only
3
component-based signature database is available
through advanced IPs subscription
dFL-210/800/1600/2500
netdefend Firewall series
Fault tolerance
netdefendos features route Failover capability.
Whenever a route failure is detected, trafic can
automatically failover to an alternate route.
content Filtering
netdefend irewalls protect users from dangerous
and undesirable content on the web. Filters can
also block IM/P2P programs to increase the
eficiency and utilization of your network
trafic Load Balancing
Keep your network running smoothly by balancing
trafic using dual irewalls.
d-Link e2es solution
n e td e f en d fi re w a l l s fe a t u re Zo n e de fe n s e ,
a mechanism that operates seamlessly with
your d-Link Lan switches to perform proactive
network security. Whenever network virus or
worm attacks are detected by the Firewall,
Zonedefense triggers and notifies d-Link
switches automatically. the infected hosts are
the immediately disconnected to stop further
infection among internal hosts.
dFL-210 For soHo
Firewall throughput: 80Mbps
VPn Performance: 25Mbps
(3des/aes)
1 ethernet Wan Ports
4 ethernet Lan Ports
1 user-conigurable ethernet dMZ Port
dFL-800 For sMaLL BusIness
Firewall throughput: 150Mbps
VPn Performance: 50Mbps
(3des/aes)
2 ethernet Wan Ports
7 ethernet Lan Ports
1 user-conigurable ethernet dMZ Port
dFL-1600 For MedIuM BusIness
Firewall throughput: 320Mbps
secure network Implementation using netdefend™ utM Firewalls
VPn Performance: 120Mbps
(3des/aes)
6 user-conigurable gigabit Ports
dFL-2500 For enterPrIse
Firewall throughput: 600Mbps
VPn Performance: 235Mbs
(3des/aes)
8 user-conigurable gigabit Ports
dFL-210/800/1600/2500
netdefend Firewall series
software Features
Firewall system
Proprietary irewall system kernel,
routing and IP assignment
IP alias
Logging and reporting
device management via HttP, HttPs
providing more security than open
source-based irewalls
stateful Packet Inspection
and ssH
snMP v1, v2c and snMP traps
dHcP server/client/relay/over IPsec
4
real-time system monitoring and event
2
HttP, FtP, sMtP, H.323, sIP application
osPF dynamic routing protocol
Zonedefense with seamless integration
log/alert
Built-in LcM module for sample
Layer gateway
Ieee 802.1q tag-based VLan
with d-Link xstack series switches
2
content iltering, Intrusion detection &
coniguration
1
Prevention
time-scheduled policy-based routing
user authentication
Local database, external database with
1
available on dFL-1600 and dFL-2500 only
2
available on dFL-800, dFL-1600 and dFL-2500
3
available on dFL-210 when dMs ports conigured as Wan port
4
available in future irmware upgrade
and bandwidth management
radIus/LdaP/Microsoft Ias
run-time user authentication
Virtual Private network (VPn)
des/3des/aes/twoish/Blowish/cast-
Multiple authentication servers
simultaneous operation
128 encryption
IKe v2 and X.509 v3 authentication
Bandwidth Management
guaranteed/Maximum/Priority
VPn keep alive/Hub and spoke
bandwidth control
outbound trafic load balancing
trafic/device Fault tolerance
Wan interface fail-over
3
active/passive modes for High
Policy-based bandwidth management
dynamic Bandwidth Balancing
availability
1
Hardware Features
console Port Hidden
Behind cover Lid
Front Panel Lcd and KeyPad
to toggle Between status and
Monitoring Information display
dFL-210/800/1600/2500
technical speciications
dFL-210
dFL-800
dFL-1600
dFL-2500
Interfaces
Multiple user-
configurable Ports
2 ethernet Wan Ports
1 ethernet dMZ Port
2
7 ethernet Lan Ports
1 ethernet Wan Port
1 ethernet dMZ Port
2
4 ethernet Lan Ports
6 user-configurable
gigabit Ports
8 user-configurable
gigabit Ports
system Performance
3
Firewall throughput
80Mbps
150Mbps
320Mbps
600Mbps
VPn throughput
25Mbps
50Mbps
120Mbps
235Mbps
concurrent sessions
12,000
25,000
400,000
1,000,000
Policies
500
1,000
2,500
4,000
Firewall system
transparent Mode
ü
ü
ü
ü
nat, Pat
ü
ü
ü
ü
dynamic routing
Protocol
–
osPF
H.323 nat traversal
ü
ü
ü
ü
time-scheduled
Policies
ü
ü
ü
ü
application Layer
gateway (aLg)
ü
ü
ü
ü
Proactive network
security
–
Zonedefense
networking
dHcP server/client
ü
ü
ü
ü
dHcP relay
ü
ü
ü
ü
Policy-Based
routing
ü
ü
ü
ü
Ieee 802.1q VLan
8
16
128
1024
IP Multicast
IgMP v3
Virtual Private network
(VPn)
encryption Methods
(des/ 3des/ aes/ twofish/
Blowfish/ cast-128)
ü
ü
ü
ü
dedicated VPn
tunnels
100
300
1,200
2,500
PPtP/L2tP server
ü
ü
ü
ü
Hub and spoke
ü
ü
ü
ü
IPsec nat traversal
ü
ü
ü
ü
system Management
console Interface
rs-232
Web-Based user
Interface
HttP, HttPs
command Line/ssH
ü
ü
ü
ü
Firmware upgrade
ü
ü
ü
ü
config. Backup/
restore
ü
ü
ü
ü
dFL-210/800/1600/2500
technical speciications
dFL-210
dFL-800
dFL-1600
dFL-2500
user authentication
Built-in database
ü
ü
ü
ü
radIus
ü
ü
ü
ü
LdaP
Microsoft ad 2003/2008 openLdaP 2.2.26
Microsoft Ias
ü
ü
ü
ü
XautH for IPsec
authentication
ü
ü
ü
ü
Logging and Monitoring
Internal Log
ü
ü
ü
ü
external Log
syslog server
e-mail notification
ü
ü
ü
ü
event Log and alarm
ü
ü
ü
ü
snMP
snMP v1, v2c
1
traffic Load Balancing
outbound Load
Balancing
ü
ü
ü
ü
server Load
Balancing
–
ü
ü
ü
outbound Load
Balance algorithms
round-robin, Weight-based round-robin, destination-based, spill-over
traffic redirect at
Fail-over
ü
ü
ü
ü
Bandwidth
Management
Policy-Based traffic
shaping
ü
ü
ü
ü
guaranteed
Bandwidth
ü
ü
ü
ü
Maximum
Bandwidth
ü
ü
ü
ü
Priority Bandwidth
ü
ü
ü
ü
dynamic Bandwidth
Balancing
ü
ü
ü
ü
High availability (Ha)
Wan Fail-over
ü
ü
ü
ü
active/Passive
Modes
–
–
ü
ü
device Failure
detection
–
–
ü
ü
Link Failure
detection
–
–
ü
ü
FW/VPn session
sync.
–
–
ü
ü
Plik z chomika:
jimasek
Inne pliki z tego folderu:
DCS-32-4.pdf
(546 KB)
DCS-3410.pdf
(452 KB)
DCS-3710.pdf
(561 KB)
DCS-45.pdf
(442 KB)
DAP-1522_Rev02.pdf
(1245 KB)
Inne foldery tego chomika:
DI-206
DI-524
DI-524UP
DI-624
DIR-100
Zgłoś jeśli
naruszono regulamin