VPN
NetDefendOS supports a range of Virtual Private Network
(VPN) solutions. Support exists for IPsec, L2TP and PPTP as
well as SSL VPN with security policies definable for
individual VPN connections. This topic is covered in
Chapter 9, VPN.
TLS Termination
NetDefendOS
supports
TLS
termination
so
that
the
NetDefend Firewall can act as the end point for connections
by HTTP web-browser clients (this feature is sometimes
called SSL termination). For detailed information, see
Section 6.2.10, “The TLS ALG”.
Anti-Virus Scanning
NetDefendOS features integrated anti-virus functionality.
Traffic passing through the NetDefend Firewall can be
subjected to in-depth scanning for viruses, and virus sending
hosts can be black-listed and blocked. For details of this
feature, seeSection 6.4, “Anti-Virus Scanning”.
Intrusion Detection and
Prevention
To mitigate application-layer attacks towards vulnerabilities
in services and applications, NetDefendOS provides a
powerful Intrusion Detection and Prevention (IDP) engine.
The IDP engine is policy-based and is able to perform
high-performance scanning and detection of attacks and can
perform blocking and optional black-listing of attacking
hosts. More information about the IDP capabilities of
NetDefendOS can be found in Section 6.5, “Intrusion
Detection and Prevention”.
Note
Full IDP is available on all D-Link NetDefend
product models as a subscription service. On
some models, a simplified IDP subsystem is
provided as standard.
Web Content Filtering
NetDefendOS provides various mechanisms for filtering web
content that is deemed inappropriate according to a web usage
policy. With Web Content Filtering (WCF) web content can
be blocked based on category (Dynamic WCF), malicious
objects can be removed from web pages and web sites can be
whitelisted or blacklisted. More information about this topic
can be found in Section 6.3, “Web Content Filtering”.
Traffic Management
NetDefendOS provides broad traffic management capabilities
through Traffic Shaping, Threshold Rules (certain models
only) and Server Load Balancing.
Traffic Shaping enables limiting and balancing of bandwidth;
Threshold Rules allow specification of thresholds for sending
alarms and/or limiting network traffic; Server Load Balancing
enables a device running NetDefendOS to distribute network
load to multiple hosts. These features are discussed in detail
in Chapter 10, Traffic Management.
Note
Threshold Rules are only available on certain
D-Link NetDefend product models.
Operations and Maintenance
Administrator management of NetDefendOS is possible
through either a Web-based User Interface (the WebUI) or via
a Command Line Interface (the CLI). NetDefendOS also
1.1. Features
Chapter 1. NetDefendOS Overview
18
Summary of Contents for NetDefend DFL-1660
Page 28: ...1 3 NetDefendOS State Engine Packet Flow Chapter 1 NetDefendOS Overview 28 ...
Page 88: ...2 6 3 Restore to Factory Defaults Chapter 2 Management and Maintenance 88 ...
Page 166: ...3 10 DNS Chapter 3 Fundamentals 166 ...
Page 254: ...4 7 5 Advanced Settings for Transparent Mode Chapter 4 Routing 254 ...
Page 268: ...5 4 IP Pools Chapter 5 DHCP Services 268 ...
Page 368: ...6 7 Blacklisting Hosts and Networks Chapter 6 Security Mechanisms 368 ...
Page 390: ...7 4 7 SAT and FwdFast Rules Chapter 7 Address Translation 390 ...
Page 414: ...8 3 Customizing Authentication HTML Pages Chapter 8 User Authentication 414 ...
Page 490: ...9 8 6 Specific Symptoms Chapter 9 VPN 490 ...
Page 528: ...10 4 6 Setting Up SLB_SAT Rules Chapter 10 Traffic Management 528 ...
Page 544: ...11 7 HA Advanced Settings Chapter 11 High Availability 544 ...
Page 551: ...12 3 5 Limitations Chapter 12 ZoneDefense 551 ...
Page 574: ...Default 512 13 9 Miscellaneous Settings Chapter 13 Advanced Settings 574 ...
Page 575: ...13 9 Miscellaneous Settings Chapter 13 Advanced Settings 575 ...