Firewall/UTM by D-LinkArvydas ŽiliukasD-Link Baltija, UABKlaip÷da, IT Klubas2011.02.04
ALG Objects• ALG acts as a mediator• ALG is capable to scan all traffic in Application level rather than TCP/IP stack• Following protocols are support
HTTP ALG OverviewNetDefendOS supports HTTP ALGs via the following subsystems:• Manage Active Web Page Content− Handles active content such as ActiveX,
Anti-Virus ALG Actions• When configuring ALG, the following parameters can be set.• In General Tab:− Fail mode behavior: In cases where file integrity
IPS, AV, WCF and Anti-SPAM licenses• Anti-SPAM is free. In opposite, IPS, AV and WCF are chargeable 12-month subscription licenses.• NetDefend IPS and
IPS Module Overview• NetDefendOS IPS feature addresses the above IPS issues with the following mechanisms:− IPS Rules− Pattern Matching− Action• NetDe
Setting IPS Rules and ActionsAfter pattern matching recognizes an intrusion in traffic subject to an IPS Rule one from actions associated with that Ru
Anti-Virus Module Overview• The main purpose of UTM Anti-Virus module feature is to provide the first level prevention from gateway side, not instead
Anti-Virus Module Overview contd.• NetDefend Firewall implements Stream-based Virus Scanning technology without caching the incoming files first, thus
Activating Anti-Virus Scanning• Association with an ALG.• Anti-Virus feature is based on ALG design, user could use the predefined object for quick de
Dynamic Web Content Filtering (WCF) Overview• NetDefendOS supports Dynamic (WCF) of web traffic, whichenables an administrator automatically to permit
D-Link Firewall/UTM introduction• D-Link firewalls DFL series are hardware standalone firewalls with D-Link proprietary NetDefendOS.• D-Link firewalls
User Authentication Introduction• User authentication is frequently used in services, such as HTTP, FTP and VPN.• NetDefendOS uses a username/Password
Run-Time Web Based Authentication• The most common application of User Authentication is Run-Time Web Based User Authentication which is similar to WA
NetDefend UTM Features MatrixDFL model Anti-Virus/IPS Performance IPS Signature NumberAnti-Virus Pattern Number File Size LimitationDFL-260E 35 / 70 M
Traffic Management• What is Causing Bandwidth Performance Problems?− More application traffic− Recreational traffic− Web-based applications− Voice
Traffic Management• How Traffic Management Works?− Queuing packets when traffic exceeds configured limits− Dropping packets if the packet buffers are
Traffic Management - What’s the Pipe?• Pipe is the central concept for all bandwidth.• Pipe simply measures the traffic pass though it and applies con
Pipe Rules• The Pipe Rules defines a traffic shaping policy by specifying what network traffic should flow through what pipes. • Pipe Rules is used to
Direction of a Pipe• Now the pipe have a 2Mbps limit and the physical connection can only handle 1Mbps in each direction. The pipe will never be full
Direction of a Pipe with Actual Example• The reason we're using two separate pipes, it is mainly easier to match to the physical capacity (especi
Pipe Chains• The Forward Chain List− These are the pipes that will be used for outgoing (leaving) traffic from the D-Link Firewall. One, none or a ser
NetDefendOS Introduction• NetDefendOS is a proprietary or close architecture, it haslesser OS vulnerability, and more reliability compared toothers wh
Pipe Precedence• Minimum Precedence: The lowest allowed priority for traffic in this pipe.• Default Precedence: The default precedence for the pipe. T
Bandwidth Limits• For each pipe, separate bandwidth limits may be optionally specified for each precedence level. In precedence are used then the tota
Grouping Users of a PipeExample of a pipe with traffic grouped per IP Address• Grouping may be performed on source network, source IP address, source
Dynamic Bandwidth Balancing• Dynamic Bandwidth Balancing is D-Link unique feature in firewall market− General QoS can provide bandwidth guarantee by s
ZoneDefenseTMTechnologyFirewall•Traditional Firewalls have limited ports & performance. So L3 network switching still relies on L3 switches•Whenev
ZoneDefenseTMTechnology•D-Link architecture is able to stop virus/worm spreading across the LAN•Communication quarantine is used in interaction of D
ZoneDefense configuration examples•ZoneDefense enabled xStack Switches are:DES-3526/50,DES-3528/52, DES-3828/52, DGS-3200, DGS-3400, DGS-3600
ZoneDefense configuration examples•Setup Threshold rules
ZoneDefense configuration examples•Add Threshold Action from the Threshold rules
ZoneDefense configuration examples•Check ZoneDefense and xStack Switch state
General D-Link Firewall Features Integrated Functions•SPI Firewall Protection•Virtual Private Network (VPN)•Denial of Service (DoS) Protection•URL/Jav
Q&A………………ZoneDefense Demo
D-Link NetDefend Firewall/UTM familyDFL-2500 DFL-2560DFL-2560GDFL-1600DFL-1660Small BusinessMedium BusinessEnterpriseDFL-800, DFL-860DFL-860EDFL-210/2
D-Link NetDefendOS overview• The fundamental objects within NetDefendOS include:− Address Book− Interfaces− Services− ALG Objects− Schedules− VPN Obje
NetDefend - Address BookThe Address Book contains named objects representing various type of addresses, including• IP addresses• IP networks• IP range
InterfacesNetDefendOS treats all interfaces as logical IP interfaces. • Physical Interfaces− Each physical interface represents a physical port. NetDe
ServicesService object could define• TCP/UDP service• ICMP service• IP protocol serviceA large number of Service objects come pre-defined with NetDefe
Kommentare zu diesen Handbüchern