Systems Network Router User Manual

ManualsBrandsD-Link ManualsNetwork RouterDES-7200

63 SECURITY NetDefendFirewallSelectionMatrix

IPS Firewalls UTM Firewalls

DFL-210 DFL-800 DFL-1600 DFL-2500 DFL-260 DFL-860 DFL-1660 DFL-2560 DFL-2560G

Interface

Ethernet WAN Port 1 2 - - 1 2 - - -

EthernetDMZPort 1 1 - - 1 1 - - -

Ethernet LAN Port 4 7 - - 4 7 - - -

User-CongurableGigabitRJ-45Port - - 6 8 - - 6 10 6

User-Conﬁgurable Gigabit SFP Port - - - - - - - - 4

System Performance

Firewall Throughput (Mbps) 80 150 320 600 80 150 1,200 2,000 2,000

VPN Throughput (Mbps) 25 45 120 300 25 45 350 1,000 1,000

Concurrent Sessions 10K 20K 400K 1,000K 10K 20K 600K 1,500K 1,500K

Policies 500 1,000 2,500 4,000 500 1,000 4,000 6,000 6,000

Firewall System

Transparent Mode Yes Yes Yes Yes Yes Yes Yes Yes Yes

Network&PortAddressTranslation(NAT,

PAT )

Yes Yes Yes Yes Yes Yes Yes Yes Yes

OSFPDynamicRoutingProtocol No Yes Yes Yes No Yes Yes Yes Yes

Time-Scheduled Policies Yes Yes Yes Yes Yes Yes Yes Yes Yes

ProactiveNetworkSecurity(ZoneDefense) No Yes Yes Yes No Ye s Yes Yes Yes

ICSA Firewall Corporate Level Certiﬁed Ye s Yes Yes Ye s Yes Yes Yes Yes Yes

Networking

DHCPServer/Client Yes Yes Yes Yes Yes Yes Yes Yes Yes

DHCPRelay/Policy-basedRouting Yes Yes Yes Yes Ye s Yes Yes Yes Yes

IEEE 802.1Q Virtual LAN (VLAN) 8 16 128 1,024 8 16 1,024 2,048 2,048

IP Multicast (IGMPv3) Yes Yes Yes Yes Ye s Yes Yes Yes Yes

Virtual Private Network (VPN)

DES/3DES/AES/Twoﬁsh/Blowﬁsh/CAST-128 Yes Yes Yes Yes Yes Yes Yes Yes Yes

Dedicated VPN Tunnels 100 200 1,200 2,500 100 200 2,500 5,000 5,000

PPTP/L2TP Server / IPSec NAT Traversal Ye s Yes Yes Yes Yes Yes Yes Yes Yes

HubandSpoke Yes Yes Yes Yes Yes Ye s Yes Yes Ye s

ICSA IPSec 1.3 Enhanced Certiﬁed Yes Yes Ye s Yes Yes Ye s Yes Yes Yes

System Management

Web-BasedUserInterface(HTTP/HTTPS) Yes Yes Yes Ye s Yes Yes Yes Yes Yes

CommandLine/SSH Yes Ye s Yes Yes Yes Yes Yes Yes Yes

Conﬁguration Backup/Restore Ye s Yes Yes Yes Yes Yes Yes Yes Yes

User Authentication

Built-in Database Yes Yes Yes Yes Yes Yes Yes Yes Yes

ExternalRADIUS/LDAP(IPSeconly)Server Yes Yes Yes Yes Yes Yes Yes Ye s Yes

ExternalMicrosoftIASServer Yes Yes Yes Yes Yes Yes Yes Yes Yes

XAUTHforIPSecAuthentication Yes Yes Ye s Yes Yes Yes Yes Yes Yes

Logging and Monitoring

Internal/ExternalLog(SyslogServer) Yes Ye s Yes Yes Yes Yes Yes Yes Yes

EmailNotication,EventLog&Alarm Yes Yes Yes Yes Yes Yes Yes Yes Yes

SNMP v1, v2c Yes Yes Yes Yes Yes Yes Yes Yes Yes

Trafﬁc Load Balancing

OutboundTrafcLoadBalancing Yes Yes Yes Yes Ye s Yes Yes Yes Yes

Server Load Balancing No Ye s Yes Yes No Yes Yes Yes Ye s

AlgorithmsforOutboundTrafcLoadBalancing

Round-Robin, Destination-Based, Spillover Yes

Yes

Yes Yes Yes

Bandwidth Management

Policy-Based Trafﬁc Shaping

Yes Yes Yes Yes Yes Yes Yes Yes Yes

Guaranteed/Maximum/PriorityBandwidth Yes Yes Yes Yes Ye s Yes Yes Yes Yes

Dynamic Bandwidth Balancing Yes Yes Yes Yes Yes Yes Yes Yes Yes

Bandwidth Management in VPN Tunnel Yes Yes Yes Yes Yes Yes Ye s Yes Yes

HighAvailability(HA)

WANFail-Over/TrafcRedirectatFail-Over Ye s Yes Yes Yes Yes Yes Yes Yes Yes

Device / Link Failure Detection No No Yes Yes No No Yes Yes Ye s

IntrusionDetection&PreventionSystem(IDP/IPS)

Automatic Pattern Update Ye s Yes Yes Ye s Yes Yes Yes Yes Yes

DoS, DDoS Protection Yes Yes Yes Ye s Yes Yes Yes Yes Yes

IP Blacklist by Threshold or IPS/IDP No Yes Yes Yes No Ye s Yes Yes Yes

Content Filtering

HTTP/Script/EmailType Yes Yes Yes Yes Yes Yes Yes Yes Yes

ExternalDatabaseContentFiltering Yes

Yes

No No Yes Ye s Yes Yes Yes

Anti-Virus

Real Time AV Scanning / Unlimited File Size Yes

Yes

No No Yes Ye s Yes Yes Yes

Scans VPN Tunnels / Compression File Yes

Yes

No No Yes Ye s Yes Yes Yes

Signature Licensor (Kaspersky) Yes

Yes

No No Yes Ye s Yes Yes Yes

Automatic Pattern Update Yes

Yes

No No Yes Ye s Yes Yes Yes

Email Security

SMTP&POP3ProtocolSupport Ye s Yes Yes Ye s Yes Yes Yes Yes Yes

MIMEHeaderCheckforFileExtension

Filtering

Yes Yes Yes Yes Yes Yes Yes Yes Yes

EmailRate&SizeProtection(SMTPProtocol

only)

Yes Yes Yes Yes Yes Yes Yes Yes Yes

Anti-Spam (for SMTP Protocol only) Yes Yes Yes Yes Yes Yes Yes Yes Yes

IM/P2P Blocking Yes Yes Yes Yes Yes Yes Yes Yes Yes

NetDefend Firewall Selection Matrix

Available in Firmware 2.25.01

Available in Firmware 2.26.00