D-Link DFL-260-IPS-12 Product Manual - Page 16
NetDefendOS Overview, 1.1. Features
View all D-Link DFL-260-IPS-12 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 16 highlights
Chapter 1. NetDefendOS Overview This chapter outlines the key features of NetDefendOS. • Features, page 16 • NetDefendOS Architecture, page 19 • NetDefendOS State Engine Packet Flow, page 23 1.1. Features D-Link NetDefendOS is the base software engine that drives and controls the range of NetDefend Firewall hardware products. NetDefendOS as a Network Security Operating System Designed as a network security operating system, NetDefendOS features high throughput performance with high reliability plus super-granular control. In contrast to products built on top of standard operating systems such as Unix or Microsoft Windows, NetDefendOS offers seamless integration of all its subsystems, in-depth administrative control of all functionality, as well as a minimal attack surface which helps to negate the risk from security attacks. NetDefendOS Objects From the administrator's perspective the conceptual approach of NetDefendOS is to visualize operations through a set of logical building blocks or objects. These objects allow the configuration of NetDefendOS in an almost limitless number of different ways. This granular control allows the administrator to meet the requirements of the most demanding network security scenarios. Key Features NetDefendOS has an extensive feature set. The list below presents the key features of the product: IP Routing Firewalling Policies Address Translation NetDefendOS provides a variety of options for IP routing including static routing, dynamic routing, as well as multicast routing capabilities. In addition, NetDefendOS supports features such as Virtual LANs, Route Monitoring, Proxy ARP and Transparency. For more information, please see Chapter 4, Routing. NetDefendOS provides stateful inspection-based firewalling for a wide range of protocols such as TCP, UDP and ICMP. The administrator can define detailed firewalling policies based on source/destination network/interface, protocol, ports, user credentials, time-of-day and more. Section 3.5, "IP Rule Sets", describes how to set up these policies to determine what traffic is allowed or rejected by NetDefendOS. For functionality as well as security reasons, NetDefendOS supports policy-based address translation. Dynamic Address Translation (NAT) as well as Static Address Translation (SAT) is supported, and resolves most types of address translation needs. This feature is covered in Chapter 7, Address Translation. 16