D-Link DFL-200 - Security Appliance User manual

D-Link DFL-200 - Security Appliance User manual
DFL-1600
Multi-Function Security
+ Network Firewall
NetDefend Network Security Rackmount VPN Firewall
+ VPN Server
Overview
VPN Performance
The NetDefend family of Firewall/VPN Security Appliances
is D-Link’s answer for hardware-based network security.
The new DFL-1600 NetDefend Network Security Rackmount
VPN Firewall is an easy-to-deploy VPN and firewall
solution designed for enterprise and small-to-medium
sized businesses that demand superior performance and
security.
For optimal VPN configuration, the DFL-1600 has both
an integrated VPN Client and Server to support almost
any required VPN policy. This high-end appliance has a
hardware VPN engine to support and manage up to 1200
VPN connections. The DFL-1600 can support IPSec, PPTP,
and L2TP protocols in Client/Server mode and can handle
pass-through traffic as well. Advanced VPN configuration
options include: DES/3DES/AES/Twofish/Blowfish/CAST-128
encryption, Manual or IKE/ISAKMP key management,
Quick/Main/Aggressive Negotiation modes, and VPN
authentication support using either an external RADIUS
server or the internal 500-user database.
+ Content Manager
+ Bandwidth Manager
+ Transparent Firewall Mode
Advanced Firewall Features
+ Stateful Packet Inspection
+ Detect/Drop Intruding Packets
+ Embedded VPN
+ User Authentication (RAIDUS, LDAP,
IAS)
+ Intrusion Detection System (IDS)
+ x.509v3 PKI
Embedded VPN Accelerator
+ Up to 1,200 VPN Tunnels
+ IPsec, PPTP, L2TP, L2TP with IPsec
+ DES, 3DES, AES, Twofish, Blowfish,
and CAST-128 Encryption
+ Automated Key Management via
IKE/ISAKMP
+ Aggressive/Main/Quick Negotiation
+ xAuthentication
Performance Optimization
+ 802.1q VLAN Tagging
+ Dual-WAN Ports for Active Clustering/
Load Balancing
+ Traffic Shaping/Priority
Enhanced Network Services
+ DHCP Relay
+ SYSLog Support
+ E-mail Alert
+ SNMP Management
+ Consistency Checks
Advanced Hardware Features
The DFL-1600 is a powerful security solution that provides
integrated Network Address Translation (NAT), SPI Firewall,
advanced content filtering features, IDS protection,
bandwidth management, as well as Virtual Private Network
(VPN) support. The DFL-1600 includes six configurable
gigabit Ethernet ports that can be used for LAN, WAN, and
DMZ. All of these features conveniently fit into a 1U rackmountable chassis that can be easily integrated into your
switch/server rack.
Enterprise-class Security
To provide enterprise-class network security, the DFL-1600
has several flexible firewall features to manage, monitor,
and maintain a healthy and secure network. Network
management features include: Remote Management,
Bandwidth Control Policies, URL/Keyword Blocking, Access
Policies, and SNMP. For network monitoring, the DFL-1600
supports e-mail alerts, system log, consistency checks,
and real-time statistics. For at a glance monitoring, the 20x2
line LCM display provides hardware status info as well as
alert events to enable visual verifications. These features
along with a firmware backup function provide and maintain
maximum network performance and security.
Multiple Network Central Features
Additional network control features supported by the
DFL-1600 include 802.1q VLAN tagging and extensive High
Availability (HA) features. VLAN tagging supports integration
of the DFL-1600 into your rack system with L2/L3 managed
switches to segment your network and prioritize traffic.
HA options include WAN Fail-Over, Active/Passive Modes,
Device Failure Detection, Link Failure Detection, and
Session Synchronization. Additionally, support for Active
Clustering or Load Balancing optimizes network uptime and
performance.
Configurable User Interface
The DFL-1600 can be configured via D-Link’s Web-based
interface and monitored using the Command Line Interface
(CLI). These configuration options can be managed through
Admin, Read/Write, or Read-Only administrator rights. With
these access management levels, any authorized user can
easily configure or access the administrative functions of
the DFL-1600.
With businesses becoming increasingly networkdependent, the need to invest in a reliable security
solution is crucial. The D-Link DFL-1600 NetDefend Network
Security Rackmount VPN Firewall offers high return on
investment through robust security features, flexible
configuration, and maximum network protection.
DFL-1600
NetDefend Network Security Rackmount VPN Firewall
Technical Specifications
Software
Firewall Mode of Operation
+ Layer 3 Mode: Route Mode, NAT Mode
+ Layer 2 Mode: Transparent Mode
+ Network Address Translation (NAT))
+ Port Address Translation (PAT)
+ Static Address Translation (SAT)
+ Policy-Based NAT
+ Port Forwarding
+ Server Load Balancing
+ Time Scheduled Policies
VPN Security
Firewall Security
Network Service
+ VPN Tunnels: 300 (IPsec, PPTP, L2TP, L2TP with IPsec)
+ IPsec LAN-to-LAN / Roaming User
+ PPTP/L2TP Server/Client
+ IPsec Hub and Spoke
+ IPsec NAT-Traversal
+ DHCP over IPsec
+ Encryption Transform: DES, 3DES, AES, Twofish, Blowfish,
CAST-128
+ XAUTH (Extended Authentication) for IPsec
Authentication
+ Stateful Packet Inspection (SPI)
+ Policy-Based User Authentication
+ DoS/DDoS Attack Protection
+ RADIUS, LDAP, IAS
+ HTTP Traffic Filter: Keyword, URL, Exempt List
+ Script Filter: Java Applet, Java Scripts, VB Scripts,
Cookies, ActiveX
+ Static IP Address
+ PPPoE for xDSL
+ PPTP/L2TP Client for xDSL
+ DHCP Client for WAN Interface
+ BigPond Cable, Telia Compliance
+ Internal DHCP Server
+ DHCP Relay
+ WAN Failover/Load Sharing
+ IP Alias
+ Static Routes
+ OSPF Dynamic Routing
+ Policy-Based Routing
+ DNS Resolving of Remote Gateway
+ Dynamic DNS Poster
+ Custom Application Layer Gateway
+ Support for IEEE 802.1q VLAN Tag (128)
+ Firewall Policies per VLAN Tag
+ DHCP Server per VLAN Tag
+ WAN Failover/Load Sharing
Bandwidth Management
System
+ Guaranteed Bandwidth
+ Maximum Bandwidth
+ Priority-Bandwidth Utilization
+ Policy-Based Traffic Shaping
+ Time-Scheduled Traffic Shaping
+ Bandwidth Management in VPN Tunnel
+ SYSLog Support
+ Firmware Configuration Backup
+ E-mail Alerts
+ Management – HTTP/HTTPS, SSH
+ Simple Network Time Protocol (SNTP)
+ Simple Network Management Protocol (SNMP)
+ Configuration Consistency Checks
DFL-1600
NetDefend Network Security Rackmount VPN Firewall
Intrusion and Detection System
+ NIDS Pattern Auto Update
+ Attack Alarm via E-mail Notification
High Availability
+ Active-Passive HA mode
+ Network Notification on Failover
+ Device Failure Detection
+ Configuration Synchronization
+ Firewall/VPN Session Synchronization
+ Average Failover Time: < 800ms
+ Power
+ System
Physical & Environmental
Diagnostic LEDs
+ Gigabit Ethernet (Link/Activity per Port)
Device Ports
+ Gigabit Ethernet: 6 10/100/1000BASE-T Ports
+ Console Port: Serial COM port
LCM Module
+ 20 x 2 Line Liquid Crystal Module
+ Display HW Status and Events
Power Input
AC Input 100 ~ 240VAC 50 ~ 60Hz
Power Consumption
200 Watts Maximum
Dimensions (W x D x H)
+ 17.3in x 10.0in x 1.73in
Weight
8.8 lbs (Device Only)
Temperature
+ Operating: 32˚ to 140˚F (0˚ to 60˚C)
Humidity
5% ~ 95% (Non-condensing)
Emission (EMI)
+ FCC Class A
+ 19in 1U Rack Mountable
+ Storage: -4˚ to 158˚F (-20˚ to 70˚C)
+ C-Tick
+ CE
Safety
+ UL
Warranty
1-Year Limited
+ LVD (EN60950)
1
1-Year Limited Warranty available only in the USA and Canada.
1
D-Link Systems, Inc. 17595 Mt. Herrmann Street, Fountain Valley, CA 92708
©2005-2008 D-Link Corporation/D-Link Systems, Inc. All rights reserved. D-Link and
the D-Link logo are registered trademarks of D-Link Corporation or its subsidiaries in
the United States and other countries. Other trademarks or registered trademarks
are the property of their respective owners. Visit www.dlink.com for more details.
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement