D-Link

DFL-870 NetDefend UTM Firewall

DFL-870

The D-Link DFL-870 NetDefend UTM Firewall is a next generation Unified Threat Management (UTM) firewall which provides a powerful security solution to protect business networks from a wide range of threats. The DFL-870 offers a comprehensive defense against virus attacks, unauthorized intrusions, and flooding of harmful traffic, for successfully managing, monitoring, and maintaining a healthy network.

Enterprise-Class Security and Performance

The DFL-870 provides a complete set of advanced security features to secure, manage, and monitor your network. These features include remote management, bandwidth control policies, URL blacklists and whitelists, access policies, and SNMP support. The DFL-870 furthermore supports email alerts, system logging, consistency checking, and real-time statistics gathering that keeps you up-to-date on the status of the network. Additionally, multiple WAN ports support traffic load balancing and failover, thus guaranteeing Internet availability and bandwidth.

Unified Threat Management

The D-Link DFL-870 integrates an intrusion detection and prevention system, gateway anti-virus, content filtering, and application control for superior Layer 7 content inspection. An acceleration engine increases throughput, while the real-time update service keeps the IDPS information, anti-virus signature, URL and application databases current. Combined, these enhancements help to protect office networks from application exploits, network worms, malicious code attacks, and provide everything a business needs to safely manage employee Internet access. D-Link offers optional, cost-efficient, per-device NetDefend Firewall UTM Service subscriptions that ensure that each of the firewall’s service databases remain current.

Robust Intrusion Prevention

The DFL-870 employs component-based signatures, a unique Intrusion Detection and Prevention System (IDPS) technology which recognizes and protects against all varieties of known and unknown attacks. This can address all critical aspects of an attack or potential attack including payload, NOP sled, infection, and exploits. In terms of signature coverage, the IDPS database includes attack information and data from a global attack sensor grid and exploits collected from public sites such as the National Vulnerability Database and Bugtrax. The DFL-870 constantly creates and optimizes NetDefend signatures via the D-Link Auto-Signature Sensor System without overloading existing security appliances. These signatures ensure high detection accuracy and a minimal amount of false positives. Automatic updates from a comprehensive IDPS signature database focus on attack payloads to protect the network against zero-day attacks.

Web Content Filtering

Web Content Filtering (WCF) helps administrators monitor, manage, and control employee Internet usage. The DFL-870 implements multiple global index servers with millions of URLs and real-time website data to enhance performance capacity and maximize service availability. The firewall uses granular policies and explicit blacklists and whitelists to control access to certain types of websites for any combination of users, interfaces, and IP networks. The firewall can actively handle Internet content in both regular HTTP and secured HTTPS connections by stripping potential malicious objects, such as Java, JavaScript, and VBScript applets, ActiveX objects, and cookies. Integration of SafeSearch Enforcement also ensures that results rom search engine providers are provided without malicious content.

Application Control

Application control enhances security by only allowing certain types of network traffic for predefined applications. The DFL-870 uses application control to help accurately shape network traffic by either giving priority or applying control policies to effectively manage network utilization. Using packet inspection and a database of application signatures based on the application’s network usage patterns, the DFL-870 gives complete control over the content that is delivered to end users.

Powerful VPN Performance

The DFL-870 NetDefend UTM Firewall offers an integrated VPN client and server which support IPSec, PPTP, L2TP, and SSL protocols . This allows remote offices to securely connect to a head office or a trusted partner network. With hardware-based VPN engines, it supports and manages a large number of VPN configurations. It supports IPSec, PPTP, L2TP, and SSL protocols in client/server mode and can handle pass-through traffic as well.

Stream-based Virus Scanning

The DFL-870’s stream-based virus scanning examines files of any size while eliminating the need to cache incoming files first. This zero-cache scanning method not only increases inspection performance, but also reduces network bottlenecks. Kaspersky Labs virus signatures to provide reliable and accurate anti-virus and malware protection, as well as prompt signature updates.

SPECIFICATION

Specifications

Hardware
Interfaces	• 6 ports 10/100/1000Base-T • 2 USB 2.0 ports¹ • Console port with mini-USB connector
Indicators	• Power • Link/Activity/Speed (per port)
Buttons	• Reset Button • Button for power on/off
Power connector	• Connector for power supply (alternating current)
Performance²
Firewall Throughput³	• 4 GB/s
VPN bandwidth⁴	• 1 GB/s
IPS throughput⁵	• 450 Mbps
Anti-virus throughput⁵	• 600 Mbps
Bandwidth control function applications⁵	• 700 Mbps
Max. number of parallel sessions	• 500 000000
How many new sessions per second	• 45 000000
Firewall policy	• 2000
Network
Type of Internet connection	• Static/dynamic IP address • PPPoE/PPTP/L2TP • Russia PPTP/L2TP (Dual Access) • Russia PPPoE (Dual Access)
Firewall	• NAT, PAT • Dynamic Routing Protocol: OSPFv2 • Application Layer Gateway -HTTP -FTP -H. 323 -POP3 -SMTP -SIP -TFTP -TLS 1.0 (RFC2246) • Transparent mode (Transparent mode) • H. 323 NAT Traversal • Policy on a schedule • Active network security ZoneDefense • Authentication: the local database, RADIUS, Microsoft Active Directory, LDAP,
Network features	• DHCP Server/client • DHCP Relay • IP Multicast: IGMPv3 • IPv6 • Policy-based Routing • IEEE 802 .1Q VLAN: up to 128 VLAN • Channel Aggregation
Load balancing	• Balancing outgoing traffic • Server load balancing • Traffic redirection when Cliff channel (failover)
High Availability (HA)	• WAN channel Reservation • Device failure Detection • Sync sessions FW/VPN • Active/Passive Mode • Identification of breakage of the channel
A virtual private network (VPN)	• VPN tunnels: 200 • The method of encryption: DES • IKE/IKEv2 • Redundant IPSec VPN gateway • Hub and Spoke • IPSec NAT Traversal • Detect inactive nodes • Server/client PPTP/L2TP • SSL VPN⁶ • GRE
Intrusion detection and Prevention System (IDP/IPS) ⁷	• 12-month subscription to the service • Automatic updating templates • Protection against DoS, DDoS • Warning about attacks by email • IP blacklist (threshold or IDP/IPS) • Extended IDP/IPS subscription (sold separately)
Content filtering ⁷	• 12-month subscription to the service • Type of HTTP/HTTPS: white/black list URL • Configure the list of prohibited Web pages • The maximum size of the file • SafeSearch Enforcement⁸ • Filtering based on the types of scripts: Java applets, JavaScript, VBScript, ActiveX, cookies
Anti-virus protection ⁷	• 12-month subscription to the service • Real-time scanning • Anti-virus scanning for HTTP, FTP, SMTP, POP3, IMAP • Streaming scan • Anti-virus protection of a virtual private network (VPN) • Scan compressed files ZIP/GZIP up to 10 levels of nesting • Signature Provider: Kaspersky
Managing applications ⁷	• 12-month subscription to the service • Support 1000 + recognized applications • Office for the schedule and on the basis of the rules of • Application bandwidth management, policy management and prioritization
The security of e-mail	• Support for SMTP, POP3, IMAP • White/black list by file type • Filtering of e-mail addresses: black list of senders/recipients to exceptions list • Check the extension and MIME type of the file • Antispam
Office
Bandwidth management	• Guaranteed bandwidth • Bandwidth based on priority • Dynamic bandwidth allocation • Maximum bandwidth • Bandwidth management in VPN tunnel • Traffic shaping on a schedule • Policy-based Traffic shaping • IDP traffic shaping
System management	• The Setup Wizard • Command line interface (CLI) • SNMP v1/v2c • Email notifications • Web interface (HTTP/HTTPS) • Secure Shell (SSH) • System log • Monitor performance in real time
Physical parameters
Dimensions (l x w x h)	• 278 x 183 x 44 mm
Weight	• 1.7 kg
Operating conditions
Nutrition	• 100-240 VAC, internal power supply
Max. power consumption	• 20 W
MTBF (hours)	• 374 681
Temperature	• Operating: 0 to 40° c • Storage: -20 up to 70° c
Humidity	• Operating: 5% to 95% non-condensing • Storage: 5% to 95% non-condensing
Delivery Kit
• Firewall DFL-870 • Power cord • Ethernet cable • Console cable with mini-USB connectors and USB • Kit for installation in 19-inch rack • Quick install guide
Miscellaneous
EMI	• FCC Class A • CE Class A • VCCI
Security	• LVD (EN60950-1)

¹ Reserved for use in subsequent versions of the firmware.

² Actual performance depends on network conditions and activated services.

³ Firewall throughput Testing was performed using UDP traffic with packet size is 1518 bytes in accordance with RFC2544.

⁴ VPN bandwidth Testing was performed using UDP traffic with packet size 1420 bytes in accordance with RFC2544.

⁵ Performance IPS and anti-virus has been determined on the basis of file transfer protocol (FTP), file attachment 1 GB, running on IXIA IxLoad. Testing conducted with many threads across multiple pairs of ports.

⁶ For SSL VPN is only available server mode.

⁷ 12-month subscription to the service is purchased additionally.

⁸ SafeSearch Enforcement only supports search engines Google, Bing and Yahoo.

No	Description	Title	Type	File Size
1	User Manual	DFL-870 User Manual	pdf	11.96 MB
2	User Manual	DFL-870 CLI Reference Guide	pdf	3.39 MB
3	User Manual	DFL-870 Log Reference Guide	pdf	4.86 MB
4	Installation Guide	DFL-870 QIG	pdf	0.69 MB
5	Firmware	DFL-870 F/W Ver. 11.04.01.11	rar	10.94 MB
6	Datasheet	DFL-870 Datasheet	pdf	1.33 MB