DFL-870EOL EOS

NetDefend UTM Firewall

Description

The D-Link DFL-870 NetDefend UTM Firewall is a next generation Unified Threat Management (UTM) firewall which provides a powerful security solution to protect business networks from a wide range of threats. The DFL-870 offers a comprehensive defense against virus attacks, unauthorized intrusions, and flooding of harmful traffic, for successfully managing, monitoring, and maintaining a healthy network.
Enterprise-Class Security and Performance
The DFL-870 provides a complete set of advanced security features to secure, manage, and
monitor your network. These features include remote management, bandwidth control policies, URL blacklists and whitelists, access policies, and SNMP support. The DFL-870 furthermore supports email alerts, system logging, consistency checking, and real-time statistics gathering that keeps you up-to-date on the status of the network. Additionally, multiple WAN ports support traffic load balancing and failover, thus guaranteeing Internet availability and bandwidth.
Unified Threat Management
The D-Link DFL-870 integrates an intrusion detection and prevention system, gateway anti-virus, content filtering, and application control for superior Layer 7 content inspection. An acceleration engine increases throughput, while the real-time update service keeps the IDPS
information, anti-virus signature, URL and application databases current. Combined, these
enhancements help to protect office networks from application exploits, network worms, malicious code attacks, and provide everything a business needs to safely manage employee Internet access. D-Link offers optional, cost-efficient, per-device NetDefend Firewall UTM Service subscriptions that ensure that each of the firewalls service databases remain current*.
Robust Intrusion Prevention
The DFL-870 employs component-based signatures, a unique Intrusion Detection and Prevention System (IDPS) technology which recognizes and protects against all varieties of known and unknown attacks. This can address all critical aspects of an attack or potential attack including payload, NOP sled, infection, and exploits. In terms of signature coverage, the IDPS database includes attack information and data from a global attack sensor grid and exploits collected from public sites such as the National Vulnerability Database and Bugtrax. The DFL-870 constantly creates and optimizes NetDefend signatures via the D-Link Auto-Signature Sensor System without overloading existing security appliances. These signatures ensure high detection accuracy and a minimal amount of false positives. Automatic updates from a comprehensive IDPS signature database focus on attack payloads to protect the network against zero-day attacks.
Web Content Filtering
Web Content Filtering (WCF) helps administrators monitor, manage, and control employee Internet usage. The DFL-870 implements multiple global index servers with millions of URLs and real-time website data to enhance performance capacity and maximize service availability. The firewall uses
granular policies and explicit blacklists and whitelists to control access to certain types of websites for any combination of users, interfaces, and IP networks. The firewall can actively handle Internet content in both regular HTTP and secured HTTPS connections by stripping potential malicious objects, such as Java, JavaScript, and VBScript applets, ActiveX objects, and cookies. Integration of SafeSearch Enforcement** also ensures that results from search engine providers are provided without malicious content.
Application Control
Application control enhances security by only allowing certain types of network traffic for predefined applications. The DFL-870 uses application control to help accurately shape network traffic by either giving priority or applying control policies to effectively manage network utilization. Using packet inspection and a database of application signatures based on the
applications network usage patterns, the DFL-870 gives complete control over the content that is delivered to end users.
Powerful VPN Performance
The DFL-870 NetDefend UTM Firewall offers an integrated VPN client and server which support IPSec, PPTP, L2TP, and SSL protocols***. This allows remote offices to securely connect to a head office or a trusted partner network. With hardware-based VPN engines, it supports and manages a large number of VPN configurations. It supports IPSec, PPTP, L2TP, and SSL*** protocols in client/server mode and can handle pass-through traffic as well.
Stream-based Virus Scanning
The DFL-870s stream-based virus scanning examines files of any size while eliminating the need to cache incoming files first. This zero-cache scanning method not only increases inspection performance, but also reduces network bottlenecks. Kaspersky Labs virus signatures to provide reliable and accurate anti-virus and malware protection, as well as prompt signature updates.
* Service subscription options may vary depending on the region.
** The SafeSearch Enforcement only supports Google, Bing, and Yahoo search engines.
*** Only server mode is available for SSL VPN.

General features

Interfaces
• 6 x configurable 10/100/1000Base-T ports
• 2 x USB 2.0 ports (reserved for future use)
• 1 x Mini-USB console port
Performance*
• Firewall Throughput**: 4 Gbps
• VPN Throughput***: 1 Gbps
• IPS Throughput****: 450 Mbps
• Anti-virus Throughput****: 600 Mbps
• Application Control Throughput****: 700 Mbps
• Concurrent Sessions: 500,000
• New Sessions per Second: 45,000
• Supported Number of Policies: 2,000
Software Features
Firewall System
• NAT/PAT
• Dynamic Routing Protocol: OSFPv2
• Application layer gateway:
HTTP
FTP
H.323
POP3
SMTP
SIP
TFTP
TLS 1.0 (RFC2246)
• Transparent mode
• H.323 NAT Traversal
• Time-scheduled policies
• ZoneDefend proactive endpoint security
• User Authentication:
Local user database
RADIUS
Microsoft AD
LDAP
Networking
• DHCP server/client
• DHCP relay
• IGMPv3 IP multicasting
• IPv6 support
• Policy-based Routing
• IEEE 802.1Q VLAN
• Link aggregation
Traffic Load Balancing
• Outbound load balancing
• Failover traffic redirection
• Server load balancing
Bandwidth Management
• Guaranteed bandwidth
• Priority bandwidth
• Time-scheduled traffic shaping
• Dynamic bandwidth balancing
• Maximum bandwidth
• Policy-based traffic shaping
• VPN tunnel bandwidth management
• IDP traffic shaping
High Availability (HA)
• WAN failover
• Device failure detection
• FW/VPN session synchronisation
• Active/passive mode
• Link failure detection
Virtual Private Network (VPN)
• 200 tunnels
• Encryption methods:
DES
3DES
AES
Blowfish
Twofish
CAST-128
• IKE/IKEv2
• Redundant IPSec VPN gateway
• Hub-and-spoke
• IPSec NAT traversal
• Dead Peer Detection (DPD)
• PPTP/L2TP server/client
• SSL VPN*****
• GRE
Intrusion Detection & Prevention System (IDPS)******
• 12 months service subscription
• Automatic pattern updating
• DoS/DDoS attack protection
• Email-based intrusion notification
• IP blacklisting based on threshold or IDP/IPS
• Advanced IDP/IPS subscription
Content Filtering******
• 12 months service subscription
• Web URL blacklisting/whitelisting: HTTP, HTTPS
• Customize forbidden web page
• Maximum file size protection
• SafeSearch Enforcement*******
• Filtering based on script types:
Java applets
JavaScript
VBScript
Cookies
ActiveX
Anti-Virus******
• 12 months service subscription
• Real-time scanning
• Virus scanning for protocols:
HTTP
FTP
SMTP
POP3
IMAP
• Stream-based scanning
• Anti-virus over VPN
• ZIP/GZIP compressed file scanning up to 10 levels
• Signature licensing: Kaspersky
Application Control******
• 12 months service subscription
• Supports 1,000+ recognized applications
• Schedule and rule-based control
• Application bandwidth management, policy control, and prioritization
Email Security
• Supported protocols:
SMTP
POP3
IMAP
• File type whitelisting/blacklisting
• Email address filtering:
Sender/receiver blacklist
Exempt list
• File extension and MIME type verification
• Anti-spam
System Management
• Install Wizard
• Command line interface (CLI)
• SNMP (v1/v2c)
• Email notifications
• Web-based user interface (HTTP/HTTPS)
• Secure Shell (SSH)
• Syslog
• Real-time performance monitoring
Physical Parameters
Power Supply
• 100 to 240 V AC, internal AC power supply
Maximum Power Consumption
• 20 W
MTBF
• 374,681 hours
Dimensions (W x D x H)
• 278 x 183 x 44 mm
Weight
• 1.7 kg
Temperature
• Operating: 0 to 40В°C
• Storage: -20 to 70В°C
Humidity
• Operating: 5% to 95% non-condensing
• Storage: 5% to 95% non-condensing
EMI
• FCC Class A
• VCCI
• CE Class A
Safety
• LVD (EN60950-1)
* Actual performance may very depending on network conditions and services activated on the firewall.
** Firewall throughput was measured using UDP traffic with a 1,518 bytes packet size, conforming with RFC2544.
*** VPN Throughput was measured using UDP traffic with a 1,420 bytes packet size, conforming with RFC2544.
**** IPS and anti-virus performance is based on FTP protocol with a 1 GB file attachment run on IXIA IxLoad. Testing was done with multiple flows through multiple port pairs.
***** Only server mode is available for SSL VPN.
****** 12 months service subscription is purchased separately.
******* The SafeSearch Enforcement only supports Google, Bing, and Yahoo search engines.

Certificates

Order info

DFL-870 NetDefend UTM Firewall

Pictures

DFL-870A1
Back view
View from the right
Front view

Downloads

Support Resources