Specifications
B-71 SECURITY IPS Firewalls
IPS Firewalls
Model DFL-210 DFL-800 DFL-1600 DFL-2500
Port Interface
Ethernet WAN Port 1 2 -
EthernetDMZPort
(User-Configurable)
1 1 -
Ethernet LAN Port 4 7 -
User-Configurable
Gigabit Port
- 6 8
DB-9 RS-232 Console 1
System
Performance
Firewall Throughput 80Mbps 150Mpbs 320Mbps 600Mbps
VPN Throughput 25Mbps 45Mbps 120Mbps 300Mbps
IPS Throughput 20Mbps 40Mbps 150Mbps 400Mbps
Anti-Virus Throughput 10Mbps** 20Mbps** -
Concurrent Sessions 10,000** 20,000** 400,000 1,000,000
New Sessions
(per second)
2,000 4,000 10,000 15,000
Policies 500 1,000 2,500 4,000
Firewall System
Transparent Mode; Network Address Translation (NAT), Port Address Translation (PAT);
DynamicRoutingProtocol:OpenShortestPathFirst(OSPF)(NotapplicableforDFL-210);
H.323NATTraversal;Time-ScheduledPolicies;ApplicationLayerGateway(ALG);
ProactiveNetworkSecurity:ZoneDefense(NotapplicableonDFL-210)
Networking DHCPServer/Client;DHCPRelay;Policy-basedRouting;IPMulticast:IGMPv3
Virtual LAN (VLAN) 8 16 128 1,024
Virtual Private Network (VPN)
Encryption Methods: DES/3DES/AES/Twofish/Browfish/CAST-128; IPSec NAT Traversal;
Dedicated VPN Tunnels: 100 (DFL-210), 200** (DFL-800), 1,200 (DFL-1600), 2,500 (DFL-2500);
Point-to-PointTunnelingProtocol(PPTP)/Layer2TunnelingProtocol(L2TP)Server;HubandSpoke
System Management
RS-232ConsoleInterface;Web-basedUserInterface:HTTP,HTTPS;
CommandLine/SecureShell(SSH);FirmwareUpgrade;CongurationBackup/Restoration
User Authentication
Built-in Database; Remote Authentication Dial In User Service (RADIUS);
LightweightDirectoryAccessProtocol(LDAP):MicrosoftAD2003/2008OpenLDAP2.2.26;
MicrosoftInternetAuthenticationService(IAS);XAUTHforIPSecAuthentication
Logging and Monitoring
InternalLog;ExternalLog:SyslogServer;E-MailNotication;EventLogandAlarm;
Simple Network Management Protocol (SNMP) v1/v2c, SNMP Traps
Traffic Load Balancing
OutboundLoadBalancing;
ServerLoadBalancing(NotapplicableforDFL-210);TrafcRedirectatFail-Over;
OutboundLoadBalanceAlgorithms:Round-Robin,Weight-basedRound-Robin,
Destination-based, Spill-over
Bandwidth Management
Policy-basedTrafcShaping;GuaranteedBandwidth;MaximumBandwidth;
Priority Bandwidth; Dynamic Bandwidth Balancing
HighAvailability(HA)
WANFail-Over(DFL-210:WhenDMZPortisConguredasWANPort);
Active/Passive Modes (Not applicable on DFL-210/800);
Device Failure Detection (Not applicable on DFL-210/800);
Link Failure Detection (Not applicable on DFL-210/800);
Firmware / Virtual Private Network (VPN) Session Synchronization (Not applicable on DFL-210/800)
IntrusionDetection&PreventionSystem
(IDP/IPS)
Automatic Pattern Update; Denial of Service (DoS), Distributed DoS (DDoS) Update;
Attack Alarm via Email; Advanced IDP/IPS Subscription;
IP Blacklist by Threshold or IPS/IDP (Not applicable on DFL-210)
Content Filtering
HTTPType:URLBlacklist/Whitelist;ScriptType:Java,Cookie,ActiveX,VB;
EmailType:EmailBlacklist/Whitelist;ExternalDatabaseContentFiltering**(AvailableonDFL-210/800only)
Anti-Virus**
(Applicable on DFL-210 / DFL-800 only)
Real Time AV Scanning; Unlimited File Size; Scans VLAN Tunnels; Support Compressed Files;
Signature Licensor: Kaspersky; Automatic Pattern Update
Physical&
Environmental
Dimension(WxDxH)
Desktop;
235x162x36mm
11-inch Desktop;
1UHeight;
280x214x44mm
19-inch Rack-Mount;
1UHeight;
440x254x44mm
19-inch Rack-Mount;
1UHeight;
440x454x44mm
Power Input ExternalPowerAdapter Internal Universal Power Supply
OperatingTemperature 0to40°C
Storage Temperature -20to70°C
OperatingHumidity 5% to 95% Non-Condensing
Mean Time Before Failure
(MTBF)
186,614hours 140,532hours 71,965hours 101,819 hours
Certification
EMI-EMC Compliance FCC Class A; CE Class A; C-Tick; VCCI
Safety Compliance UL; LVD (EN60950-1) LVD (EN60950-1)
** Available in Firmware 2.26.00 and above; Performance based on Firmware 2.26.00 and above
B-73