D-Link DFL-860E User Manual for DFL-260E - Page 18
TLS Termination, Anti-Virus Scanning, Intrusion Detection and, Prevention, Web Content Filtering
View all D-Link DFL-860E manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 18 highlights
1.1. Features Chapter 1. NetDefendOS Overview VPN TLS Termination Anti-Virus Scanning Intrusion Detection and Prevention Web Content Filtering Traffic Management Operations and Maintenance NetDefendOS supports a range of Virtual Private Network (VPN) solutions. Support exists for IPsec, L2TP and PPTP as well as SSL VPN with security policies definable for individual VPN connections. This topic is covered in Chapter 9, VPN. NetDefendOS supports TLS termination so that the NetDefend Firewall can act as the end point for connections by HTTP web-browser clients (this feature is sometimes called SSL termination). For detailed information, see Section 6.2.10, "The TLS ALG". NetDefendOS features integrated anti-virus functionality. Traffic passing through the NetDefend Firewall can be subjected to in-depth scanning for viruses, and virus sending hosts can be black-listed and blocked. For details of this feature, seeSection 6.4, "Anti-Virus Scanning". To mitigate application-layer attacks towards vulnerabilities in services and applications, NetDefendOS provides a powerful Intrusion Detection and Prevention (IDP) engine. The IDP engine is policy-based and is able to perform high-performance scanning and detection of attacks and can perform blocking and optional black-listing of attacking hosts. More information about the IDP capabilities of NetDefendOS can be found in Section 6.5, "Intrusion Detection and Prevention". Note Full IDP is available on all D-Link NetDefend product models as a subscription service. On some models, a simplified IDP subsystem is provided as standard. NetDefendOS provides various mechanisms for filtering web content that is deemed inappropriate according to a web usage policy. With Web Content Filtering (WCF) web content can be blocked based on category (Dynamic WCF), malicious objects can be removed from web pages and web sites can be whitelisted or blacklisted. More information about this topic can be found in Section 6.3, "Web Content Filtering". NetDefendOS provides broad traffic management capabilities through Traffic Shaping, Threshold Rules (certain models only) and Server Load Balancing. Traffic Shaping enables limiting and balancing of bandwidth; Threshold Rules allow specification of thresholds for sending alarms and/or limiting network traffic; Server Load Balancing enables a device running NetDefendOS to distribute network load to multiple hosts. These features are discussed in detail in Chapter 10, Traffic Management. Note Threshold Rules are only available on certain D-Link NetDefend product models. Administrator management of NetDefendOS is possible through either a Web-based User Interface (the WebUI) or via a Command Line Interface (the CLI). NetDefendOS also 18