Home » D-Link Manuals » Networking » D-Link DFL-CPG310 » Manual Viewer

D-Link DFL-CPG310 Product Manual - Page 471

HTTPS, Hub, IP Address, IP Spoofing, Secure Socket Layer, or HTTP over

UPC - 790069289309

Add to My Manuals
Save this manual to your list of manuals

Page 471 highlights

other ways intentionally breaches computer security. The end result is that whatever resides on the computer can be viewed and sensitive data can be stolen without anyone knowing about it. Sometimes, tiny programs are 'planted' on the computer that are designed to watch out for, seize and then transmit to another computer, specific types of data. HTTPS Hypertext Transfer Protocol over Secure Socket Layer, or HTTP over SSL. A protocol for accessing a secure Web server. It uses SSL as a sublayer under the regular HTTP application. This directs messages to a secure port number rather than the default Web port number, and uses a public key to encrypt data HTTPS is used to transfer confidential user information. Hub A device with multiple ports, connecting several PCs or network devices on a network. I IP Address An IP address is a 32-bit number that identifies each computer sending or Glossary of Terms Glossary of Terms receiving data packets across the Internet. When you request an HTML page or send e-mail, the Internet Protocol part of TCP/IP includes your IP address in the message and sends it to the IP address that is obtained by looking up the domain name in the Uniform Resource Locator you requested or in the e-mail address you're sending a note to. At the other end, the recipient can see the IP address of the Web page requestor or the e-mail sender and can respond by sending another message using the IP address it received. IP Spoofing A technique where an attacker attempts to gain unauthorized access through a false source address to make it appear as though communications have originated in a part of the network with higher access privileges. For example, a packet originating on the Internet may be masquerading as a local packet with the source IP address of an internal host. The firewall can protect against IP spoofing attacks by limiting network access based on the gateway interface from which data is being received. 455

Section	Page
About This Guide	15
Introduction	17
About Your D-Link NetDefend firewall	17
NetDefend Secured by Check Point Product Family	18
NetDefend Features and Compatibility	18
Connectivity	18
Firewall	19
VPN	20
Management	20
Optional Security Services	21
Power Pack Features	21
Package Contents	22
Network Requirements	23
Getting to Know Your NetDefend firewall	24
Rear Panel	24
Front Panel	26
Getting to Know Your NetDefend firewall	27
Rear Panel	27
Front Panel	29
Contacting Technical Support	30
Installing and Setting up the NetDefend firewall	31
Before You Install the NetDefend firewall	31
Windows 2000/XP	32
Checking the TCP/IP Installation	32
Installing TCP/IP Protocol	35
TCP/IP Settings	36
Windows 98/Millennium	37
Checking the TCP/IP Installation	37
Installing TCP/IP Protocol	38
TCP/IP Settings	40
Mac OS	42
Mac OS-X	44
Wall Mounting the Appliance	46
To mount the NetDefend firewall on the wall	46
Securing the Appliance against Theft	48
To install an anti-theft device on the NetDefend firewall	49
Network Installation	51
Setting Up the NetDefend firewall	52
To access the Setup Wizard	54
Getting Started	55
Initial Login to the NetDefend Portal	55
To log on to the NetDefend Portal for the first time	55
Logging on to the NetDefend Portal	58
To log on to the NetDefend Portal	58
Accessing the NetDefend Portal Remotely Using HTTPS	60
To access the NetDefend Portal from your internal network	61
To access the NetDefend Portal from the Internet	61
Using the NetDefend Portal	62
Main Menu	63
Main Frame	64
Status Bar	64
Logging off	67
To log off of the NetDefend Portal	67
Configuring the Internet Connection	69
Overview	69
Using the Internet Wizard	70
To set up the Internet connection using the Internet Wizard	70
Using a Direct LAN Connection	72
Using a Cable Modem Connection	74
Using a PPTP or PPPoE Dialer Connection	75
Using PPPoE	76
Using PPTP	77
Using Internet Setup	79
To configure the Internet connection using Internet Setup	79
Using a LAN Connection	81
Using a Cable Modem Connection	83
Using a PPPoE Connection	85
Using a PPTP Connection	87
Using a Telstra (BPA) Connection	89
Using a Dialup Connection	91
Using No Connection	93
Setting Up a Dialup Modem	100
To set up a dialup modem	100
Viewing Internet Connection Information	103
To view Internet connection information	103
Enabling/Disabling the Internet Connection	104
To enable/disable an Internet connection	105
Using Quick Internet Connection/Disconnection	106
Configuring a Backup Internet Connection	106
Setting Up a LAN or Broadband Backup Connection	107
Using the NetDefend firewall's WAN Port	107
To set up a LAN or broadband backup Internet connection	107
Using the NetDefend firewall's DMZ/WAN2 Port	107
To set up a LAN or broadband backup Internet connection	107
Setting Up a Dialup Backup Connection	108
To set up a dialup backup Internet connection	108
Managing Your Network	109
Configuring Network Settings	109
Configuring a DHCP Server	110
Enabling/Disabling the NetDefend DHCP Server	111
To enable/disable the NetDefend DHCP server	111
Configuring the DHCP Address Range	113
To configure the DHCP address range	113
Configuring DHCP Relay	115
To configure DHCP relay	115
Configuring DHCP Server Options	117
To configure DHCP options	117
Changing IP Addresses	121
To change IP addresses	121
Enabling/Disabling Hide NAT	123
To enable/disable Hide NAT	123
Configuring a DMZ Network	124
To configure a DMZ network	124
Configuring the OfficeMode Network	126
To configure the OfficeMode network	126
Configuring VLANs	127
Adding and Editing Port-Based VLANs	130
To add or edit a port-based VLAN	130
Adding and Editing Tag-Based VLANs	132
To add or edit a tag-based VLAN	132
Deleting VLANs	134
To delete a VLAN	134
Configuring High Availability	135
Configuring High Availability on a Gateway	138
To configure HA on a NetDefend firewall	138
Sample Implementation on Two Gateways	142
To configure HA for Gateway A and Gateway B	142
Adding and Editing Network Objects	146
To add or edit a network object via the Network Objects page	146
To add or edit a network object via the Active Computers pag	150
Viewing and Deleting Network Objects	154
To view or delete a network object	154
Using Static Routes	155
Adding and Editing Static Routes	155
To add a static route	155
Viewing and Deleting Static Routes	160
To delete a static route	160
Managing Ports	161
Viewing Port Statuses	162
To view port statuses	162
Modifying Port Assignments	163
To modify a port assignment	164
Modifying Link Configurations	165
To modify a port's link configuration	165
Resetting Ports to Defaults	166
To reset ports to defaults	166
Using Traffic Shaper	167
Overview	167
Setting Up Traffic Shaper	169
To set up Traffic Shaper	169
Predefined QoS Classes	170
Adding and Editing Classes	171
To add or edit a QoS class	171
Deleting Classes	175
To delete an existing QoS class	175
Restoring Traffic Shaper Defaults	176
To restore Traffic Shaper defaults	176
Configuring a Wireless Network	177
Overview	177
About the Wireless Hardware in Your NetDefend firewall	178
Wireless Security Protocols	179
Manually Configuring a WLAN	181
To manually configure a WLAN network	181
Using the Wireless Configuration Wizard	192
To configure a WLAN using the Wireless Configuration Wizard	192
WPA-PSK	194
WEP	196
No Security	197
Preparing the Wireless Stations	198
To prepare the wireless stations	198
Troubleshooting Wireless Connectivity	199
I cannot connect to the WLAN from a wireless station. What s	199
How do I test wireless reception?	199
Wireless reception is poor. What should I do?	199
There are excessive collisions between wireless stations. Wh	200
I am not getting the full speed. What should I do?	201
Viewing Reports	203
Viewing the Event Log	203
To view the event log	205
Using the Traffic Monitor	207
Viewing Traffic Reports	207
To view a traffic report	207
Configuring Traffic Monitor Settings	209
To configure Traffic Monitor settings	209
Exporting General Traffic Reports	210
To export a general traffic report	210
Viewing Computers	210
To view the active computers	210
Viewing Connections	213
To view the active connections	213
Viewing Wireless Statistics	214
To view statistics for the WLAN	214
To view statistics for a wireless station	216
Setting Your Security Policy	219
Default Security Policy	219
Setting the Firewall Security Level	220
To change the firewall security level	222
Configuring Servers	223
To allow a service to be run on a specific host	223
To stop the forwarding of a service to a specific host	224
Using Rules	225
Adding and Editing Rules	229
To add or edit a rule	229
Enabling/Disabling Rules	234
To enable/disable a rule	234
Changing Rules' Priority	235
To change a rule's priority	235
Deleting Rules	235
To delete an existing rule	235
Using SmartDefense	236
Configuring SmartDefense	237
To configure a SmartDefense node	238
SmartDefense Categories	240
Denial of Service	240
Teardrop	240
Ping of Death	241
LAND	242
Non-TCP Flooding	243
IP and ICMP	245
Packet Sanity	245
Max Ping Size	247
IP Fragments	248
Network Quota	250
Welchia	251
Cisco IOS DOS	252
Null Payload	254
TCP	255
Strict TCP	255
Small PMTU	257
Port Scan	258
FTP	261
FTP Bounce	261
Block Known Ports	262
Block Port Overflow	263
Blocked FTP Commands	264
To enable FTP command blocking	264
To disable FTP command blocking	265
To block a specific FTP command	265
To allow a specific FTP command	265
Microsoft Networks	265
IGMP	267
Peer to Peer	268
Instant Messengers	270
Using Secure HotSpot	272
Setting Up Secure HotSpot	273
To set up Secure HotSpot	273
Enabling/Disabling Secure HotSpot	274
To enable/disable Secure HotSpot	274
Customizing Secure HotSpot	275
To customize Secure HotSpot	275
Defining an Exposed Host	277
To define a computer as an exposed host	277
To clear the exposed host	278
Using VStream Antivirus	279
Overview	279
Enabling/Disabling VStream Antivirus	281
To enable/disable VStream Antivirus	281
Viewing VStream Signature Database Information	282
Configuring VStream Antivirus	283
Configuring the VStream Antivirus Policy	283
VStream Antivirus Rule Types	284
Adding and Editing Rules	285
To add or edit a rule	285
Enabling/Disabling Rules	289
To enable/disable a rule	289
Changing Rules' Priority	290
To change a rule's priority	290
Deleting Rules	290
To delete an existing rule	290
Configuring VStream Advanced Settings	291
To configure VStream Antivirus advanced settings	291
Updating VStream Antivirus	295
To update the VStream Antivirus virus signature database	295
Using Subscription Services	297
Connecting to a Service Center	297
To connect to a Service Center	297
Viewing Services Information	303
Refreshing Your Service Center Connection	304
To refresh your Service Center connection	304
Configuring Your Account	304
To configure your account	305
Disconnecting from Your Service Center	305
To disconnect from your Service Center	305
Web Filtering	306
Enabling/Disabling Web Filtering	306
To enable/disable Web Filtering	306
Selecting Categories for Blocking	307
To allow/block a category	308
Temporarily Disabling Web Filtering	308
To temporarily disable Web Filtering	308
Automatic and Manual Updates	310
Checking for Software Updates when Remotely Managed	310
To manually check for security and software updates	310
Checking for Software Updates when Locally Managed	311
To configure software updates when locally managed	311
Working With VPNs	313
Overview	313
Site-to-Site VPNs	314
To create a Site-to-Site VPN with two VPN sites	316
Remote Access VPNs	317
To create a Remote Access VPN with two VPN sites	318
Internal VPN Server	318
Setting Up Your NetDefend firewall as a VPN Server	319
To set up your NetDefend firewall as a VPN Server	320
Configuring the Remote Access VPN Server	321
To configure the Remote Access VPN Server	321
Configuring the Internal VPN Server	322
To configure the internal VPN Server	322
Installing SecuRemote	323
To install SecuRemote	324
Adding and Editing VPN Sites	324
To add or edit VPN sites	324
Configuring a Remote Access VPN Site	327
Username and Password Authentication Method	330
Certificate Authentication Method	332
RSA SecurID Authentication Method	334
Configuring a Site-to-Site VPN Gateway	340
Shared Secret Authentication Method	343
Certificate Authentication Method	347
Deleting a VPN Site	356
To delete a VPN site	356
Enabling/Disabling a VPN Site	356
To enable/disable a VPN site	356
Logging on to a Remote Access VPN Site	357
Logging on through the NetDefend Portal	358
To manually log on to a VPN site through the NetDefend Porta	358
Logging on through the my.vpn page	359
To manually log on to a VPN site through the my.vpn page	359
Logging off a Remote Access VPN Site	361
To log off a VPN site	361
Installing a Certificate	361
Generating a Self-Signed Certificate	362
To generate a self-signed certificate	362
Importing a Certificate	366
To install a certificate	366
Uninstalling a Certificate	368
To uninstall a certificate	369
Viewing VPN Tunnels	369
To view VPN tunnels	370
Viewing IKE Traces for VPN Connections	372
To clear all currently stored IKE traces	372
To view the IKE trace for a connection	373
Managing Users	375
Changing Your Password	375
To change your password	375
Adding and Editing Users	377
To add or edit a user	377
Adding Quick Guest HotSpot Users	381
To quickly create a guest user	382
Viewing and Deleting Users	383
To view or delete users	383
Setting Up Remote VPN Access for Users	383
To set up remote VPN access for a user	384
Using RADIUS Authentication	384
To use RADIUS authentication	385
Configuring the RADIUS Vendor-Specific Attribute	388
To assign permissions to specific RADIUS-authenticated users	388
Maintenance	391
Viewing Firmware Status	391
To view the firmware status	392
Updating the Firmware	393
To update your NetDefend firmware manually	393
Upgrading Your Software Product	395
To install a Product Key	395
Registering Your NetDefend firewall	399
To register your NetDefend firewall	399
Configuring Syslog Logging	400
To configure Syslog logging	400
Controlling the Appliance via the Command Line	402
Using the NetDefend Portal	402
To control the appliance via the NetDefend Portal	402
Using the Serial Console	404
To control the appliance via a console	404
Configuring HTTPS	406
To configure HTTPS	406
Configuring SSH	408
To configure SSH	408
Configuring SNMP	410
To configure SNMP	410
Setting the Time on the Appliance	413
To set the time	413
Using Diagnostic Tools	417
Using IP Tools	418
To use an IP tool	418
Using Packet Sniffer	420
To use Packet Sniffer	420
Filter String Syntax	423
and	423
dst	424
dst port	424
ether proto	425
host	426
not	426
or	427
port	427
src	428
src port	428
tcp	429
udp	430
Backing Up the NetDefend firewall Configuration	431
Exporting the NetDefend firewall Configuration	431
To export the NetDefend firewall configuration	431
Importing the NetDefend firewall Configuration	432
To import the NetDefend firewall configuration	432
Resetting the NetDefend firewall to Defaults	434
To reset the NetDefend firewall to factory defaults via the	434
To reset the NetDefend firewall to factory defaults using th	436
Running Diagnostics	437
To view diagnostic information	437
Rebooting the NetDefend firewall	438
To reboot the NetDefend firewall	438
Using Network Printers	439
Overview	439
Setting Up Network Printers	440
To set up a network printer	440
Configuring Computers to Use Network Printers	441
Windows 2000/XP	441
To configure a computer to use a network printer	441
MAC OS-X	447
To configure a computer to use a network printer	447
Viewing Network Printers	451
To view network printers	451
Changing Network Printer Ports	451
To change a printer's port	452
Resetting Network Printers	452
To reset a network printer	452
Troubleshooting	453
Connectivity	454
I cannot access the Internet. What should I do?	454
I cannot access my DSL broadband connection. What should I d	454
I cannot access my Cable broadband connection. What should I	455
I cannot access http://my.firewall or http://my.vpn. What sh	455
My network seems extremely slow. What should I do?	456
I changed the network settings to incorrect values and am un	456
I am using the NetDefend firewall behind another NAT device,	456
I cannot receive audio or video calls through the NetDefend	457
I run a public Web server at home but it cannot be accessed	457
I cannot connect to the LAN network from the DMZ or WLAN net	457
Service Center and Upgrades	458
I purchased an advanced NetDefend model, but I only have the	458
I have exceeded my node limit. What does this mean? What sho	458
While trying to connect to a Service Center, I received the	458
Other Problems	459
I have forgotten my password. What should I do?	459
Why are the date and time displayed incorrectly?	459
I cannot use a certain network application. What should I do	459
Specifications	461
Technical Specifications	461
CE Declaration of Conformity	465
Federal Communications Commission Radio Frequency Interferen	467
Glossary of Terms	469
ADSL Modem	469
CA	469
Cable Modem	469
Certificate Authority	469
Cracking	469
DHCP	470
DMZ	470
DNS	470
Domain Name System	470
Exposed Host	470
Firmware	470
Gateway	470
Hacking	470
HTTPS	471
Hub	471
IP Address	471
IP Spoofing	471
IPSEC	472
ISP	472
LAN	472
MAC Address	472
Mbps	472
MTU	472
NAT	472
NetBIOS	473
Packet	473
PPPoE	473
PPTP	473
RJ-45	473
Router	473
Server	473
Stateful Inspection	473
Subnet Mask	474
TCP	474
TCP/IP	474
UDP	474
URL	475
VPN	475
VPN tunnel	475
WLAN	475