DFL-2500EOL EOS

פיירוול IPS לאבטחת רשת ארגונית - 8 יציאות ג'יגהביט ניתנות להגדרת משתמש ( LAN / WAN / DMZ ) - עד 600Mbps

תאור

Main Features:

* 8 user configurable (LAN / WAN / DMZ) Gigabit ports

* Firewall Throughput: 600Mbps

* VPN Throughput: 300Mbps

* Concurrent sessions: 1,000,000

* Policeis: 4000

* Dedicated VPN Tunnels: 2500

Product Description:

The NetDefend family of Firewall/VPN Security Appliances is D-Link’s answer for hardware-based network security. The new DFL-2500 NetDefend Network Security Rackmount VPN Firewall is an easy-to-deploy VPN and firewall solution designed for enterprise and small-to-medium sized businesses that demand superior performance and security.

Advanced Hardware Features
The DFL-2500 is a powerful security solution that provides integrated Network Address Translation (NAT), SPI Firewall, advanced content filtering features, IDS protection, bandwidth management, as well as Virtual Private Network (VPN) support. The DFL-2500 includes 8 configurable gigabit Ethernet ports that can be used for LAN, WAN, and DMZ. All of these features conveniently fit into a 1U rack-mountable chassis that can be easily integrated into your switch/server rack.

Enterprise-class Security
To provide enterprise-class network security, the DFL-2500 has several flexible firewall features to manage, monitor, and maintain a healthy and secure network. Network management features include: Remote Management, Bandwidth Control Policies, URL/Keyword Blocking, Access Policies, and SNMP. For network monitoring, the DFL-2500 supports e-mail alerts, system log, consistency checks, and real-time statistics. For at a glance monitoring, the 20x2 line LCM display provides hardware status info as well as alert events to enable visual verifications. These features along with a firmware backup function provide and maintain maximum network performance and security.

VPN Performance
For optimal VPN configuration, the DFL-2500 has both an integrated VPN Client and Server to support almost any required VPN policy. This high-end appliance has a hardware VPN engine to support and manage up to 2500 VPN connections. The DFL-2500 can support IPSec, PPTP, and L2TP protocols in Client/Server mode and can handle pass-through traffic as well. Advanced VPN configuration options include: DES/3DES/AES/Twofish/Blowfish/CAST-128 encryption, Manual or IKE/ISAKMP key management, Quick/Main/Aggressive Negotiation modes, and VPN authentication support using either an external RADIUS server or the internal 500-user database.

Multiple Network Central Features
Additional network control features supported by the DFL-2500 include 802.1q VLAN tagging and extensive High Availability (HA) features. VLAN tagging supports integration of the DFL-2500 into your rack system with L2/L3 managed switches to segment your network and prioritize traffic. HA options include WAN Fail-Over, Active/Passive Modes, Device Failure Detection, Link Failure Detection, and Session Synchronization. Additionally, support for Active Clustering or Load Balancing optimizes network uptime and performance.

Configurable User Interface
The DFL-2500 can be configured via D-Link’s Web-based interface and monitored using the Command Line Interface (CLI). These configuration options can be managed through Admin, Read/Write, or Read-Only administrator rights. With these access management levels, any authorized user can easily configure or access the administrative functions of the DFL-2500.

With businesses becoming increasingly network-dependent, the need to invest in a reliable security solution is crucial. The D-Link DFL-2500 NetDefend Network Security Rackmount VPN Firewall offers high return on investment through robust security features, flexible configuration, and maximum network protection.

מאפיינים כללים

 

System Performance

•  Firewall Throughput: 600 Mbps

•  VPN Throughput: 300 Mbps

•  Concurrent Sessions: 1,000.000

•  Policies: 4,000

Firewall Mode of Operation

 

 

 

Layer 3 Mode: Route Mode, NAT Mode

Layer 2 Mode: Transparent Mode

Network Address Translation (NAT)

Port Address Translation (PAT)

Static Address Translation (SAT)

Policy-Based NAT

Port Forwarding

Server Load Balancing

Time Scheduled Policies

VPN Security

VPN Tunnels: 2,500 (IPsec, PPTP, L2TP, L2TP with IPsec)

IPSec LAN-to-LAN / Roaming User

PPTP/L2TP Server/Client

IPsec Hub and Spoke

IPSec NAT-Traversal

DHCP over IPSec

Encryption Transform: DES, 3DES, AES, Twofish, Blowfish, CAST-128

XAUTH (Extended Authentication) for IPSec Authentication

Firewall Security

Stateful Packet Inspection (SPI)

Policy-Based User Authentication

DoS/DDoS Attack Protection

RADIUS, LDAP, IAS

HTTP Traffic Filter: Keyword, URL, Exempt List

Script Filter: Java Applet, Java Scripts, VB Scripts, Cookies, ActiveX

Network Service

Static IP address

PPPoE for xDSL

PPTP/L2TP Client for xDSL

DHCP Client for WAN Interface

BigPond Cable, Telia Compliance

Internal DHCP Server

DHCP Relay

WAN Failover/Load Sharing

IP Alias

Static Routes

OSPF Dynamic Routing

Policy-Based Routing

DNS Resolving of Remote Gateway

Dynamic DNS Poster

Custom Application Layer Gateway

Support IEEE 802.1q VLAN Tag (128)

Firewall Policies per VLAN Tag

DHCP Server per VLAN Tag

Bandwidth Management

Guaranteed Bandwidth

Maximum Bandwidth

Priority-Bandwidth Utilization

Policy-Based Traffic Shaping

Time-Scheduled Traffic Shaping

Bandwidth Management in 2500 VPN Tunnel

System

SYSLog Support

Firmware Configuration Backup

E-mail Alerts

Management – HTTP/HTTPS, SSH

Simple Network Time Protocol (SNTP)

Simple Network Management Protocol (SNMP)

Configuration Consistency Checks

Intrusion Detection System

NIDS Pattern Auto Update

Attack Alarm via E-mail Notification

High Availability

Active-Passive HA mode

Network Notification on Failover

Device Failure Detection

Configuration Synchronization

Firewall/VPN Session Synchronization

Average Failover Time: < 800ms

 

 

 

תקנים

הורדות

איורים

DFL-2500
מראה מקדימה
מראה מאחורה

דף מידע

ראה גם