10.1.12. More Pipe Examples ............................................................... 390
10.2. IDP Traffic Shaping ............................................................................ 394
10.2.1. Overview ................................................................................ 394
10.2.2. Setup ..................................................................................... 394
10.2.3. Processing Flow ....................................................................... 395
10.2.4. The Importance of Specifying a Network ...................................... 395
10.2.5. A P2P Scenario ........................................................................ 396
10.2.6. Viewing Traffic Shaping Objects ................................................ 396
10.2.7. Guaranteeing Instead of Limiting Bandwidth ................................. 397
10.2.8. Logging ................................................................................. 398
10.3. Threshold Rules ................................................................................. 399
10.3.1. Overview ................................................................................ 399
10.3.2. Limiting the Connection Rate/Total Connections ........................... 399
10.3.3. Grouping ................................................................................ 399
10.3.4. Rule Actions ........................................................................... 399
10.3.5. Multiple Triggered Actions ........................................................ 400
10.3.6. Exempted Connections .............................................................. 400
10.3.7. Threshold Rules and ZoneDefense .............................................. 400
10.3.8. Threshold Rule Blacklisting ....................................................... 400
10.4. Server Load Balancing ........................................................................ 401
10.4.1. Overview ................................................................................ 401
10.4.2. Identifying the Servers .............................................................. 402
10.4.3. The Load Distribution Mode ...................................................... 402
10.4.4. The Distribution Algorithm ........................................................ 403
10.4.5. Server Health Monitoring .......................................................... 405
10.4.6. SLB_SAT Rules ...................................................................... 405
11. High Availability .......................................................................................... 409
11.1. Overview .......................................................................................... 409
11.2. HA Mechanisms ................................................................................. 411
11.3. HA Setup .......................................................................................... 413
11.3.1. Hardware Setup ....................................................................... 413
11.3.2. NetDefendOS Manual HA Setup ................................................. 414
11.3.3. Verifying the Cluster is Functioning ............................................ 415
11.3.4. Using Unique Shared Mac Addresses ........................................... 416
11.4. HA Issues ......................................................................................... 417
11.5. HA Advanced Settings ........................................................................ 418
12. ZoneDefense ................................................................................................ 420
12.1. Overview .......................................................................................... 420
12.2. ZoneDefense Switches ......................................................................... 421
12.3. ZoneDefense Operation ....................................................................... 422
12.3.1. SNMP .................................................................................... 422
12.3.2. Threshold Rules ....................................................................... 422
12.3.3. Manual Blocking and Exclude Lists ............................................. 422
12.3.4. ZoneDefense with Anti-Virus Scanning ........................................ 424
12.3.5. Limitations ............................................................................. 424
13. Advanced Settings ......................................................................................... 427
13.1. IP Level Settings ................................................................................ 427
13.2. TCP Level Settings ............................................................................. 431
13.3. ICMP Level Settings ........................................................................... 436
13.4. State Settings ..................................................................................... 437
13.5. Connection Timeout Settings ................................................................ 439
13.6. Length Limit Settings .......................................................................... 441
13.7. Fragmentation Settings ........................................................................ 443
13.8. Local Fragment Reassembly Settings ..................................................... 447
13.9. Miscellaneous Settings ........................................................................ 448
A. Subscribing to Security Updates ........................................................................ 450
B. IDP Signature Groups ..................................................................................... 452
C. Verified MIME filetypes ................................................................................. 456
D. The OSI Framework ....................................................................................... 460
E. D-Link Worldwide Offices ............................................................................... 461
Alphabetical Index ............................................................................................. 463
User Manual
8
Summary of Contents for 800 - DFL 800 - Security Appliance
Page 24: ...1 3 NetDefendOS State Engine Packet Flow Chapter 1 NetDefendOS Overview 24 ...
Page 69: ...2 6 4 Restore to Factory Defaults Chapter 2 Management and Maintenance 69 ...
Page 121: ...3 9 DNS Chapter 3 Fundamentals 121 ...
Page 181: ...4 7 5 Advanced Settings for Transparent Mode Chapter 4 Routing 181 ...
Page 192: ...5 5 IP Pools Chapter 5 DHCP Services 192 ...
Page 282: ...6 7 Blacklisting Hosts and Networks Chapter 6 Security Mechanisms 282 ...
Page 300: ...mechanism 7 3 7 SAT and FwdFast Rules Chapter 7 Address Translation 300 ...
Page 301: ...7 3 7 SAT and FwdFast Rules Chapter 7 Address Translation 301 ...
Page 318: ...8 3 Customizing HTML Pages Chapter 8 User Authentication 318 ...
Page 322: ...ALG 9 1 5 The TLS Alternative for VPN Chapter 9 VPN 322 ...
Page 377: ...Management Interface Failure with VPN Chapter 9 VPN 377 ...
Page 408: ...10 4 6 SLB_SAT Rules Chapter 10 Traffic Management 408 ...
Page 419: ...11 5 HA Advanced Settings Chapter 11 High Availability 419 ...
Page 426: ...12 3 5 Limitations Chapter 12 ZoneDefense 426 ...
Page 449: ...13 9 Miscellaneous Settings Chapter 13 Advanced Settings 449 ...