The D-Link NetDefend Unified Threat Management (UTM) firewalls provide a powerful security solution to protect business networks from a wide variety of threats. UTM Firewalls offer a comprehensive defense against virus attacks, unauthorized intrusions, and harmful content, successfully enhancing fundamental capabilities for managing, monitoring, and maintaining a healthy network.
Enterprise-Class Firewall Security
NetDefend UTM Firewalls provide complete advanced security features to manage, monitor, and maintain a healthy and secure network. Network management features include: Remote Management, Bandwidth Control Policies, URL Black/White Lists, Access Policies and SNMP. For network monitoring, these firewalls support e-mail alerts, system logs, consistency checks and real-time statistics.
Unified Threat Management
NetDefend UTM Firewalls integrate an intrusion detection and prevention system, gateway antivirus, and content filtering for superior Layer 7 content inspection protection. An acceleration engine increases throughput, while the real-time update service keeps the IPS information, antivirus signatures, and URL databases current. Combined, these enhancements help to protect the office network from application exploits, network worms, malicious code attacks, and provide everything a business needs to safely manage employee Internet access.
Powerful VPN Performance
NetDefend UTM Firewalls offer an integrated VPN Client and Server. This allows remote offices to securely connect to a head office or a trusted partner network. Mobile users working from home or remote locations can also safely connect to the office network to access company data and e-mail. NetDefend UTM Firewalls have hardware-based VPN engines to support and manage a large number of VPN configurations. They support IPSec, PPTP, and L2TP protocols in Client/Server mode and can handle pass-through traffic as well. Advanced VPN configuration options include: DES/3DES/AES/Twofish/Blowfish/CAST- 128 encryption, Manual or IKE/ISAKMP key management, Quick/Main/Aggressive Negotiation modes, and VPN authentication support using either an external RADIUS server or a large user database.
UTM Services
Maintaining an effective defense against the various threats originating from the Internet requires that all three databases used by the NetDefend UTM Firewalls are kept up-to-date. In order to provide a robust defense, D-Link offers optional NetDefend Firewall UTM Service subscriptions which include updates for each aspect of defense: Intrusion Prevention Systems (IPS), Antivirus and Web Content Filtering (WCF). NetDefend UTM Subscriptions ensure that each of the firewall's service databases are complete and effective.
Robust Intrusion Prevention
The NetDefend UTM Firewalls employ component-based signatures, a unique IPS technology which recognizes and protects against all varieties of known and unknown attacks. This system can address all critical aspects of an attack or potential attack including payload, NOP sled, infection, and exploits. In terms of signature coverage, the IPS database includes attack information and data from a global attack sensor-grid and exploits collected from public sites such as the National Vulnerability Database and Bugtrax. The NetDefend UTM Firewalls constantly create and optimize NetDefend signatures via the D-Link Auto-Signature Sensor System without overloading existing security appliances. These signatures ensure a high ratio of detection accuracy and a low ratio of false positives.
Stream-Based Virus Scanning
The NetDefend UTM Firewalls examine files of any size, using a stream-based virus scanning technology which eliminates the need to cache incoming files. This zero-cache scanning method not only increases inspection performance but also reduces network bottlenecks. NetDefend UTM firewalls use virus signatures from Kaspersky Labs to provide systems with reliable and accurate antivirus protection, as well as prompt signature updates. Consequentially, viruses and malware can be effectively blocked before they reach the network's desktops or mobile devices.
Web Content Filtering
Web Content Filtering helps administrators monitor, manage, and control employee usage of and access to the Internet. The NetDefend UTM Firewalls implement multiple global index servers with millions of URLs and real-time website data to enhance performance capacity and maximize service availability. These firewalls use highly granular policies and explicit black/white lists to control access to certain types of websites for any combination of users, interfaces and IP networks. The firewall can actively handle Internet content by stripping potential malicious objects, such as Java Applets, JavaScripts/ VBScripts, ActiveX objects, and cookies.
NetDefend UTM Subscription
The standard NetDefend UTM Subscription provides your firewall with UTM service updates for 12 months* starting from the day you activate or extend your service. The NetDefend UTM Subscription can be renewed regularly to provide your firewalls with the most up-to-date security service available from D-Link.
NetDefend Center: http://security.dlink.com.tw
*Sold separately
Enterprise-Class Firewall Security
NetDefend UTM Firewalls provide complete advanced security features to manage, monitor, and maintain a healthy and secure network. Network management features include: Remote Management, Bandwidth Control Policies, URL Black/White Lists, Access Policies and SNMP. For network monitoring, these firewalls support e-mail alerts, system logs, consistency checks and real-time statistics.
Unified Threat Management
NetDefend UTM Firewalls integrate an intrusion detection and prevention system, gateway antivirus, and content filtering for superior Layer 7 content inspection protection. An acceleration engine increases throughput, while the real-time update service keeps the IPS information, antivirus signatures, and URL databases current. Combined, these enhancements help to protect the office network from application exploits, network worms, malicious code attacks, and provide everything a business needs to safely manage employee Internet access.
Powerful VPN Performance
NetDefend UTM Firewalls offer an integrated VPN Client and Server. This allows remote offices to securely connect to a head office or a trusted partner network. Mobile users working from home or remote locations can also safely connect to the office network to access company data and e-mail. NetDefend UTM Firewalls have hardware-based VPN engines to support and manage a large number of VPN configurations. They support IPSec, PPTP, and L2TP protocols in Client/Server mode and can handle pass-through traffic as well. Advanced VPN configuration options include: DES/3DES/AES/Twofish/Blowfish/CAST- 128 encryption, Manual or IKE/ISAKMP key management, Quick/Main/Aggressive Negotiation modes, and VPN authentication support using either an external RADIUS server or a large user database.
UTM Services
Maintaining an effective defense against the various threats originating from the Internet requires that all three databases used by the NetDefend UTM Firewalls are kept up-to-date. In order to provide a robust defense, D-Link offers optional NetDefend Firewall UTM Service subscriptions which include updates for each aspect of defense: Intrusion Prevention Systems (IPS), Antivirus and Web Content Filtering (WCF). NetDefend UTM Subscriptions ensure that each of the firewall's service databases are complete and effective.
Robust Intrusion Prevention
The NetDefend UTM Firewalls employ component-based signatures, a unique IPS technology which recognizes and protects against all varieties of known and unknown attacks. This system can address all critical aspects of an attack or potential attack including payload, NOP sled, infection, and exploits. In terms of signature coverage, the IPS database includes attack information and data from a global attack sensor-grid and exploits collected from public sites such as the National Vulnerability Database and Bugtrax. The NetDefend UTM Firewalls constantly create and optimize NetDefend signatures via the D-Link Auto-Signature Sensor System without overloading existing security appliances. These signatures ensure a high ratio of detection accuracy and a low ratio of false positives.
Stream-Based Virus Scanning
The NetDefend UTM Firewalls examine files of any size, using a stream-based virus scanning technology which eliminates the need to cache incoming files. This zero-cache scanning method not only increases inspection performance but also reduces network bottlenecks. NetDefend UTM firewalls use virus signatures from Kaspersky Labs to provide systems with reliable and accurate antivirus protection, as well as prompt signature updates. Consequentially, viruses and malware can be effectively blocked before they reach the network's desktops or mobile devices.
Web Content Filtering
Web Content Filtering helps administrators monitor, manage, and control employee usage of and access to the Internet. The NetDefend UTM Firewalls implement multiple global index servers with millions of URLs and real-time website data to enhance performance capacity and maximize service availability. These firewalls use highly granular policies and explicit black/white lists to control access to certain types of websites for any combination of users, interfaces and IP networks. The firewall can actively handle Internet content by stripping potential malicious objects, such as Java Applets, JavaScripts/ VBScripts, ActiveX objects, and cookies.
NetDefend UTM Subscription
The standard NetDefend UTM Subscription provides your firewall with UTM service updates for 12 months* starting from the day you activate or extend your service. The NetDefend UTM Subscription can be renewed regularly to provide your firewalls with the most up-to-date security service available from D-Link.
NetDefend Center: http://security.dlink.com.tw
*Sold separately
Specs
Interfaces
System Performance
Firewall System
Networking
Virtual Private Network (VPN)
Traffic Load Balancing
Bandwidth Management
High Availability (HA)
Intrusion Detection & Prevention System (IDP/IPS)
Content Filtering
Antivirus
Power Supply
Dimensions
Operating Temperature
Operating Humidity
EMI
Safety
MTBF
Warranty:
Ordering Information:
1 Actual performance may vary depending on network conditions and activated services.
2 The maximum Firewall plaintext throughput is based on RFC2544 testing methodologies.
3 VPN throughput is measured using UDP traffic at 1420 byte packet size adhering to RFC 2544.
4 IPS and Anti-Virus performance test is based on HTTP protocol with a 1Mb file attachment run on the IXIA IxLoad. Testing is done with multiple flows through multiple port pairs.
All references to speed are for comparison purposes only. Product specifications, size and shape are subject to change without notice, and actual product appearance may differ from that depicted herein.
- Ethernet: 10 Configurable Gigabit Ports
- SFP: No
- USB : 2 USB Ports (reserved)
- Console : 1 DB-9 RS-232
System Performance
- Firewall Throughput2: 2 Gbps
- VPN Throughput3: 1 Gbps
- IPS Throughput4: 600 Mbps
- Antivirus Throughput4:450 Mbps
- Concurrent Sessions: 1,500,000
- New Sessions (per second): 20,000
- Policies: 6,000
Firewall System
- Transparent Mode
- NAT, PAT
- Dynamic Routing Protocol : OSPF
- H.323 NAT Traversal
- Time-Scheduled Policies
- Application Layer Gateway
- Proactive End-Point Security : ZoneDefense
Networking
- DHCP Server/Client
- DHCP Relay
- Policy-Based Routing
- IEEE 802.1q VLAN: 2048
- IP Multicast: IGMPv3
Virtual Private Network (VPN)
- Encryption Methods : DES/ 3DES/ AES/ Twofish/ Blowfish/ CAST-128
- Dedicated VPN Tunnels : 5000
- PPTP/L2TP Server
- Hub and Spoke
- IPSec NAT Traversal
Traffic Load Balancing
- Outbound Load Balancing
- Server Load Balancing
- Outbound Load Balance Algorithms: Round-robin, Weight-based Round-robin, Destination-based, Spill-over
- Traffic Redirect at Fail-Over
Bandwidth Management
- Policy-Based Traffic Shaping
- Guaranteed Bandwidth
- Maximum Bandwidth
- Priority Bandwidth
- Dynamic Bandwidth Balancing
High Availability (HA)
- WAN Fail-Over
- Active-Passive Mode
- Device Failure Detection
- Link Failure Detection
- FW/VPN Session SYN
Intrusion Detection & Prevention System (IDP/IPS)
- Automatic Pattern Update
- DoS, DDoS Protection
- Attack Alarm via E-mail
- Advanced IDP/IPS Subscription
- IP Blacklist by Threshold or IDP/IPS
Content Filtering
- HTTP Type: URL Blacklist/Whitelist
- Script Type: Java, Cookie, Active X, VB
- E-mail Type: E-Mail Blacklist/Whitelist
- External Database Content Filtering
Antivirus
- Real Time AV Scanning
- Unlimited File Size
- Scans VPN Tunnels
- Supports Compressed Files
- Signature Licensor: Kaspersky
- Automatic Pattern Update
Power Supply
- 80 PLUS Internal Power Supply
Dimensions
- 17.3 x 15.7 x 1.7in (440 x 400 x 44 mm) 19” Standard Rack-Mount
Operating Temperature
- 32° to 104° F (0° to 40° C)
- -68° to 158° F (-20° to 70° C)
Operating Humidity
- 5% to 95% non-condensing
EMI
- FCC Class A
- CE Class A
- C-Tick
- VCCI
Safety
- cUL, CB
MTBF
- 310,000 Hours
Warranty:
- Limited Lifetime
Ordering Information:
- DFL-1660-NB
- DFL-1660-IPS-12
- DFL-1660-AV-12
- DFL-1660-WCF-12
1 Actual performance may vary depending on network conditions and activated services.
2 The maximum Firewall plaintext throughput is based on RFC2544 testing methodologies.
3 VPN throughput is measured using UDP traffic at 1420 byte packet size adhering to RFC 2544.
4 IPS and Anti-Virus performance test is based on HTTP protocol with a 1Mb file attachment run on the IXIA IxLoad. Testing is done with multiple flows through multiple port pairs.
All references to speed are for comparison purposes only. Product specifications, size and shape are subject to change without notice, and actual product appearance may differ from that depicted herein.
Support
This product was phased out on: 28/09/2011
This product's last date of support is on: 26/09/2016
Version | Date | Type | File Size | |
---|---|---|---|---|
Datasheet (English) | - | 2.61mb | Download |
Version | Description | Date | Type | File Size | |
---|---|---|---|---|---|
User Manual (English) | User Manual (English) | 11. 11. 2010 | 8.78mb | Download |
Version | Description | Date | Type | |
---|---|---|---|---|
Firmware v2.30 Release note enclosed 2.30 | Firmware v2.30 Release note enclosed | 5. 07. 2011 | - | Download |