Upload
maurice-johnson
View
217
Download
1
Tags:
Embed Size (px)
Citation preview
`
Course Outline
• NetDefend Family Overview & Strategy• NetDefendOS Feature Introduction• UTM Feature & NetDefend Subscription
NETDEFEND FAMILY OVERVIEW & STRATEGY
DSC-Security
NetDefend Family Overview & Strategy
• D-Link NetDefand Family Introduction• NetDefendOS Introduction
NetDefend Family Overview & Strategy
D-Link NetDefend Family Introduction
After this section, you should be capable to express:1. All NetDefend Family 2. D-Link VPN client DS-601/6053. How to introduce NetDefend IPS Firewall?4. How to introduce NetDefend UTM Firewall?5. The competitiveness of NetDefend Firewall Family6. NetDefend Firewall selling point.
NetDefend Family Overview & Strategy
NetDefend Family Overview & Strategy•Product Line Overview
VPN Remote Client Software
DFL-210 DFL-800 DFL-1600 DFL-2500
NetDefend VPN Firewall / UTM Family
SOHO Small Business Medium Business Enterprise
DS-601 / 605
DFL-260 DFL-860 DFL-1660 DFL-2560
D-Link VPN Client Introduction-DS-601/605
• Software installable on Windows NT, 98 SE, ME, 2000 or XP platform.
• DS-601: For single user license.• DS-605: For 5 users licenses.• For remote users’ VPN connection from home/outside the office.• Support Tunnel and Transport mode for easy communication
between client and gateway.• Certified interoperability with whole series of D-Link NetDefend
IPS/UTM Firewalls and VPN router to ensure users seamless connection environment.
NetDefend Family Overview & Strategy•VPN Client DS-601/605
DS-601/605 Q&A
NetDefend Family Overview & Strategy•VPN Client DS-601/605
1. What version does NOT DS-601/605 support? (Multiple Choice)a. XPb. Vista c. 2000 d. MAC OS
2. How many user license does DS-605 provide?a. 1 b. 3 c. 5 d. 7
3. What is major difference between DS-601 and DS-605?a. License b. Specification c. support service level d. OS platform
4. Which model can DS-601/605 establish VPN connection with? (Multiple Choice)a. DFL-800 b. DFL-M510 c. DI-804 HVd. DSA-5100
NetDefend Family Overview & Strategy•NetDefendOS
NetDefendOS Introduction
Platform Compatibility: DFL-210/260/800/860/1600/2500
After this section, you should be capable to express:1. What is NetDefendOS?2. What management User Interface does NetDefendOS provide? 3. What is ICSA Labs?4. What is ICSA firewall certified?
The hardware of D-Link Firewalls DFL-210/260/800/860/1600/2500 is driven and controlled by NetDefendOS. Designed as a dedicated firewall operating system, NetDefendOS features high throughput performance with high reliability while at the same time implementing the key elements of IPS/UTM firewall.From the administrator's perspective the conceptual approach of NetDefendOS is to visualize operations through a set of logical building blocks or objects, which allow the configuration of the product in an almost limitless number of different ways. This granular control allows the administrator to meet the requirements of the most demanding network security scenario.
NetDefendOS provides two types of management interfaces:Command Line Interface (CLI):The Command Line Interface, accessible locally via serial console port or remotely using the Secure Shell (SSH) protocol, provides the most fine-granular control over all parameters in NetDefendOS.
Web User Interface:The Web User Interface provides a user-friendly and intuitive graphical management interface, accessible from a standard web browser.
NetDefend Family Overview & Strategy•NetDefendOS
NetDefendOS Introduction
NetDefendOS Benefit NetDefendOS is a proprietary, close architecture, it has less OS vulnerability, and more reliability comparing with other competitors who use window OS, Linux or others open source.
NetDefendOS Certified by ICSA labs:D-Link’s NetDefend IPS Firewall has passed the strictest firewall certification in “ICSA Labs – Corporate Firewalls”. The D-Link IPS NetDefend Firewalls have to pass a series of rigorous tests, including system installation and configuration, setting security policies, system management, system logging, event testing, port security and more. Not only did the NetDefend Firewall passes these tests, but it also earned praise from ICSA Labs’ Network Security Labs for unique features in the web administration interface that allow administrators to safely make changes to the firewall’s configuration remotely
D-Link Certified in ICSA Labs: https://www.icsalabs.com/icsa/product.php?tid=fghhf456fgh
NetDefend Family Overview & Strategy•NetDefendOS
NetDefendOS Introduction
SmallBusiness
Enterprise
Medium Business
BranchOffice
NetDefend Family Overview & Strategy•NetDefend IPS Firewall
Performance
DFL-800
DFL-1600
DFL-2500
DFL-210
80 Mbps 150 Mbps 320 Mbps 600 Mbps
NetDefend IPS Firewall Introduction
High Performance & Cost Efficiency
NetDefend Family Overview & Strategy•NetDefend IPS Firewall
DFL- 800 Targets Small Business
• Firewall Throughput: 150Mbps• VPN Performance: 60Mbps (3DES/AES)• 2 Ethernet WAN Ports, 7 Ethernet LAN Ports,
1 Configurable DMZ Ethernet Port
DFL- 210 Targets SOHO
• Firewall Throughput: 80Mbps• VPN Performance: 25Mbps (3DES/AES)• 1 Ethernet WAN Port, 4 Ethernet LAN Ports,
1 Configurable DMZ Ethernet Port
DFL- 1600 Targets Medium Business
• Firewall Throughput: 320Mbps• VPN Performance: 120Mbps (3DES/AES)• 6 User-Configurable Gigabit Ports
DFL- 2500 Targets Enterprise
• Firewall Throughput: 600Mbps• VPN Performance: 300Mbps (3DES/AES)• 8 User-Configurable Gigabit Ports
NetDefend Family Overview & Strategy•NetDefend IPS Firewall
High Performance & Cost Efficiency
Features of DFL – 210 / 800 / 1600 / 2500
NetDefend Family Overview & Strategy•NetDefend IPS Firewall
Integrated Functions
• Firewall Protection• Proactive Security With ZoneDefense
Mechanism• Content Filtering/Intrusion Detection• Parental Access Control• User Authentication• Instant Message/P2P Blocking• Denial of Service (DoS) Protection• Virtual Private Network (VPN) Security• Bandwidth Management
Content Filtering
• URL/E-Mail Filtering• Java Script/Active X/Cookie Filtering• IM/P2P Program Filtering
Fault Tolerance
• WAN Traffic Fail-Over• Active/Passive Modes for
High Availability
Bandwidth Management
• WAN Traffic Bandwidth Management
• Multi-WAN Interfaces for Traffic Load Sharing
• Outbound Traffic Load Balancing*• Policy-Based Routing
• Firmware upgraded feature.
Small Business
• SonicWALL TZ170 • Fortinet Fortigate 60• WatchGuard SOHO 6• Juniper NetScreen 5GT• ZyXELL ZyWALL 5 / 35• Cisco 501
Competitors
DFL-210 Competitors on the Market
Advantages
Firewall System• Application Layer Gateway• H.323 NAT Traversal
support• RADIUS, LDAP,
Active Directory user authentication support
Networking• IEEE 802.1q VLAN
support• IP Multicast (IGMP)
support
VPN• Versatile encryption methods• Numerous VPN tunnel support• PPTP/L2TP Server support
Traffic Load Balance•Outbound Traffic load balancing*
Others• IP and MAC binding• IM/P2P blocking support• Unrestricted user licenses
NetDefend Family Overview & Strategy•NetDefend IPS Firewall
• Firmware upgraded feature.
Small Business
• Cisco PIX 506E• ZyXELL ZyWALL 70• WatchGuard Firebox X500
• Fortinet Fortigate 100A• Juniper NetScreen 25
Competitors
DFL-800 Competitors on the Market
Advantages
Firewall System• Zone Defense • Application Layer Gateway• H.323 NAT Traversal support• RADIUS, LDAP, Active Directory user authentication support
Networking• IEEE 802.1q VLAN support• IP Multicast (IGMP) support
VPN• Versatile encryption methods• Numerous VPN tunnel support• PPTP/L2TP Server support
Traffic Load Balance•Outbound Traffic load balancing*
Others• IP and MAC binding• IM/P2P blocking support• Unrestricted user licenses
NetDefend Family Overview & Strategy•NetDefend IPS Firewall
• Firmware upgraded feature.
Medium Business
• SonicWALL 3060• Fortinet Fortigate 200A• WatchGuard Firebox X2500
• Fortinet Fortigate 300A• Juniper NetScreen 204• Cisco PIX 525E
Competitors
DFL-1600 Competitors on the Market
Advantages
Interface• High port density with configurable Gigabit port
Firewall System• Zone Defense• Application Layer Gateway• RADIUS, LDAP, Active Directory user authentication support
Networking• IP Multicast (IGMP) support
VPN• Versatile encryption methods• PPTP/L2TP server support• PPTP/L2TP/IPSec VPN client pass through support
Traffic Load Balance• Outbound Traffic load balancing*• Server load balancing
Others• IP and MAC binding• IM/P2P blocking support• Unrestricted user licenses
NetDefend Family Overview & Strategy•NetDefend IPS Firewall
• Firmware upgraded feature.
• Fortinet Fortigate 500A
• Juniper NetScreen 208
Competitors
DFL-2500 Competitors on the Market
Advantages
Interface• High port density with configurable Gigabit port
System Performance• Higher concurrent session
Firewall System• Zone Defense• Application Layer Gateway• RADIUS, LDAP, Active Directory user authentication support
Networking• IP Multicast (IGMP) support
VPN• Versatile encryption methods• PPTP/L2TP server support• PPTP/L2TP/IPSec VPN client pass through support
Traffic Load Balance• Outbound Traffic load balancing*• Server load balancing
Others• IP and MAC binding• IM/P2P blocking support• Unrestricted user licenses
NetDefend Family Overview & Strategy•NetDefend IPS Firewall
Enterprice
• Firmware upgraded feature.
1. Which segment do NetDefend Firewalls fulfill?(Multiple Choice ) a. Home b. SOHO c. Telecom d. SMB
2. Which model do NetDefend Firewall provide gigabit interface? (Multiple Choice )a. DFL-800 b. DFL-210c. DFL-1600d. DFL-2500
3. What is the competitor for DFL-210?a. Fortinet Fortigate 60 b. WatchGuard Firebox X500 c. Juniper NetScreen 25 d. Cisco PIX 515
4. What is the competitor for DFL-800?a. Fortinet Fortigate 60 b. WatchGuard Firebox X500 c. Juniper NetScreen 204 d. Cisco PIX 506
NetDefend Family Overview & Strategy•NetDefend IPS Firewall
NetDefend IPS Firewall Q&A
5. What is the competitor for DFL-1600?a. Fortinet Fortigate 300A b. WatchGuard Firebox X500 c. Juniper NetScreen 204 d. SonicWALL Pro 2040
6. What is the competitor for DFL-2500?a. Fortinet Fortigate 400A b. WatchGuard Firebox X2500 c. Juniper NetScreen 208 d. SonicWALL Pro 3060
7. Which model does support port configurable? a. DFL-210 b. DFL-800 c. DFL-1600 d. DFL-2500 e. All of Above
NetDefend Family Overview & Strategy•NetDefend IPS Firewall
NetDefend IPS Firewall Q&A
NetDefend Family Overview & Strategy•NetDefend IPS Firewall
8. What feature does NOT NetDefend DFL-210 Firewall support?a. Traffic Shapingb. Server load balancing c. IPS d. Policy based routing
9. What model can support HA? (Multiple Choice )a. DFL-210b. DFL-800c. DFL-1600 d. DFL-2500
10. What model can NOT support ZoneDefense?a. DFL-210b. DFL-800 c. DFL-1600 d. DFL-2500
NetDefend IPS Firewall Q&A
NetDefend Family Overview & Strategy•NetDefend IPS Firewall
11. Which detail is WRONG for firewall/VPN throughput?a. DFL-210 80/25 Mbps b. DFL-800 150/80 Mbps c. DFL-1600 320/120 Mbps d. DFL-2500 600/300Mbps
12. What kind of user authentication does firewall support?a. LDAP b. RADIUSc. Active Directoryd. All of above
13 How many user license does DFL-210 support?a. 100 b. 200c. 300 d. Unrestricted user licenses
NetDefend IPS Firewall Q&A
NetDefend Family Overview & Strategy•NetDefend IPS Firewall
14. Which model is for branch office?a. DFL-210 b. DFL-800 c. DFL-1600 d. DFL-2500
15. Which model is for small business? a. DFL-210 b. DFL-800 c. DFL-1600 d. DFL-2500
16. What is NetDefend Firewall ‘s advantage?a. Firewall and VPN throughput b. Joint defense with switchc. Comprehensive feature setd. Flexible interface module
17. Which feature can integrate Switch into security solution from gateway to endpoint?a. Web Contend Filtering b. Anti-Virusc. Intrusion Prevention Systemd. ZoneDefense
NetDefend IPS Firewall Q&A
Firewall VPN IPS Antivirus
WebContent Filtering
ApplicationControl
NetDefend UTM Firewall Portfolio
Targets at SMBs and Enterprises to enable protections against all varieties of network threats simultaneously in real time.
Positions at high throughput and high performance UTM Firewalls with Truly Hardware Acceleration
Incorporates leading technologies of IPS, Antivirus and Web Content Filtering from well-known vendors
NetDefend UTM Product Overview
NetDefend Family Overview & Strategy•NetDefend UTM Firewall
Stemming from NetDefendOSAdopting the same kernel certified by ICSA Labs, NetDefend UTM Firewall also integrates innovative technologies from world leading IPS, AV and WCF partners.
NetDefend UTM firewall DFL-260/860 series is D-Link’s brand new Unified Threat Management (UTM) Firewall solution which further integrates IPS, Anti-Virus and Web Content Filtering, providing more secure and productive networking for SMBs.
All hardware design of NetDefend UTM Firewall such as housing, Ethernet interface and Web GUI are same as NetDefend IPS firewall, additionally, NetDefend UTM Firewall equips with hardware acceleration for speeding up IPS and Anti-Virus scanning performance, outranges Cisco, WatchGuard, SonicWALL, Juniper and Fortinet in the same market segment.
NetDefend Family Overview & Strategy•NetDefend UTM Firewall
DFL- 260 Targets SOHO• Firewall Throughput: 80Mbps• VPN Performance: 25Mbps• IPS Performance: 25Mbps• Anti-Virus Performance: 25Mbps
• Web Content Filtering: 30+ Categories
DFL- 860 Targets Small Business• Firewall Throughput: 150Mbps• VPN Performance: 60Mbps • IPS Performance: 50Mbps• Anti-Virus Performance: 50Mbps• Web Content Filtering: 30+ Categories
NetDefend UTM Firewall Introduction
NetDefend IPS/UTM Firewall delivers rich advanced features in friendly and easy configuration, enables the stability, flexibility and scalability of IT infrastructure, makes it a cost-effective solution for Small to Medium Business (SMB).
Emerging network threats and Zero-Day attacks drive the market demand toward seeking a more robust security mechanism. Built with advanced IPS signatures technology and powered by Kaspersky anti-virus solution (only UTM Firewall), NetDefend IPS/UTM Firewall is the efficient and effective solution to stop various network threats and attacks for SMBs.
NetDefend UTM Firewall delivers with High Port Density, and built-in Multiple WAN Ports and WAN / LAN / DMZ Port Configurable enables customers scale their infrastructure on their own demands.
NetDefend Family Overview & Strategy•UTM/IPS Firewall Key Competency
UTM/IPS Firewall Key Competency
You already learned a lot of IPS and UTM firewall features in previous slides. The followings are IPS/UTM firewall key advantages to compete with our competitors in the market
NetDefend UTM Firewall offers High Network Throughputs and High Network Performance for customers, providing up to 80 / 150 Mbps Firewall Throughput, and 25 / 60 Mbps IPSec VPN Throughput, in respective with DFL-260 / 860.
NetDefend UTM Firewall enables WAN Load Balance, WAN Fail-over, and Server Load Balance to provide customers continuous Internet connection and smooth network services mechanism.
NetDefend UTM Firewall provides advanced Traffic Shaping Technology, which allows prioritize and differentiate network traffic according to the service precedence. For Mission-critical service, the bandwidth can always be guaranteed and optimized, meanwhile for the minor service, the bandwidth can be adjusted dynamically upon network traffic condition.
NetDefend UTM Firewall features not only an intuitive and object-oriented user interface that can be easily configured via a web console, but also a Command-Line Interface (CLI) with full function sets for advanced users. User can easily configure or perform the administrative functions of the firewalls.
NetDefend Family Overview & Strategy•UTM/IPS Firewall Key Competency
Multiple Encryption Methods are implemented on NetDefend UTM Firewall, including DES, 3DES, AES, Twofish, Blowfish and CAST-128, to provide secure VPN connections for SMB and enterprises.
NetDefend UTM Firewall features Built-in IPS and Anti-Virus proactive engine, commit customers to effectively detect and prevent hybrid network threats with low false-positive rate.
ZoneDefense integrates D-Link NetDefend Firewall and xStack Switch to enable the Proactive Network Security mechanism. Whenever network virus or worm attacks are detected by the Firewall, ZoneDefense triggers and notifies D-Link Switches automatically, in real time the infected hosts are disconnected to further stop mutual infection among internal hosts.
NetDefend Family Overview & Strategy•UTM/IPS Firewall Key Competency
NetDefend Family Overview & Strategy•NetDefend UTM Firewall
DFL-260 DFL-860
UTM Firewall Performance 80Mbps 150Mbps
VPN Performance 25Mbps 60Mbps
IPS Performance 25Mbps 50Mbps
Anti-Virus Performance 25Mbps 50Mbps
Web Content Filtering Y Y
High Performance of NetDefend UTM Firewall
NetDefend UTM Firewall equip with a hardware accelerator for layer 7 content inspection, which increase IPS and Anti-Virus high performance of NetDefend UTM Firewall than other competitors.
We also compare IPS and Anti-Virus performance with a famous security provider J company’s UTM firewall in next slides for your reference.
1. High IPS performance with hardware accelerator.
2. UTM firewall throughput is Triple higher than J company XX 20.
For more detail will be introduced in IPS Feature chapter
NetDefend Family Overview & Strategy•NetDefend UTM Firewall
*Test Criteria: 5 concurrent users download 10 MB file by HTTP protocol
1. Super fast Anti-Virus scanning by hardware accelerator.
2. Scanning capability is Triple faster than J company XX 20.
D-Link ONLY spends 8 seconds to finish 10MB file transmission, but J company needs to speed 30 seconds.
For more detail will be introduced in Anti-Virus Feature chapter
NetDefend Family Overview & Strategy•NetDefend UTM Firewall
*Test Criteria: 5 concurrent users download 10 MB file by HTTP protocol
1. Huge and comprehensive IPS signature database.
2. IPS database is 10x larger than J company XX 20.
NetDefend Family Overview & Strategy•NetDefend UTM Firewall
DFL-860 J company XX 20
Anti-Virus / IPS Performance 54 / 52 Mbps* 22 / 16 Mbps
IPS Signature Number 8000+ 808
File Transmission Speed (10MB) 14 seconds 35 seconds
File size limitation No limitation 10MB
NetDefend Family Overview & Strategy•NetDefend UTM Firewall
Double more performance for Anti-Virus scanning.
Triple performance for Intrusion Prevention System.
Providing 8000+ signatures to cover most intrusion attacks and high IPS performance 52 Mbps compete with J company who is using few IPS signatures (#808) and poor performance (13 Mbps).
* Value is based on real traffic.
For more detail will be introduced in IPS and Anti-Virus Feature chapter.
DFL-860 J company XX 20
Anti-Virus / IPS Performance 54 / 52 Mbps 22 / 16 Mbps
IPS Signature Number 8000+ 808
File Transmission Speed (10MB) 14 seconds 35 seconds
File size limitation No limitation 10MB
NetDefend Family Overview & Strategy•NetDefend UTM Firewall
No File size limitation, supporting large file scanning for Anti-Virus.
Streaming Based Technology speeds up 2X UTM performance for Anti-Virus scanning.
No current Session Limited, keep high performance with uses increased.
Other competitors as J company, implement Proxy Mode that have to store file, and then scan it, the bottleneck of file size and connection number are limited by device memory size.
For more detail will be introduced in IPS and Anti-Virus Feature chapter
Price
Fortigate 60
ZyWall 5 UTM
UT
M
Per
form
ance
• Firewall Throughput: 90Mbps• VPN Throughput: 30+Mbps • Software Based IPS• Software Based Anti-Virus• Expensive optional license charge is required !
• Firewall Throughput: 70Mbps• VPN Throughput: 20Mbps • Software Based IPS• Software Based Anti-Virus
• Firewall Throughput: 80Mbps• VPN Throughput: 25Mbps • Hardware Based IPS• Hardware Based Anti-Virus
• Firewall Throughput: 75Mbps• VPN Throughput: 20Mbps • Software Based IPS• Software Based Anti-Virus
• Firewall Throughput: 65Mbps• VPN Throughput: 25Mbps • Hardware Based IPS• Hardware Based Anti-Virus
DFL-260
Juniper 5GT
SonicWALL TZ 190
NetDefend Family Overview & Strategy•NetDefend UTM Firewall
Competitive Comparison & Analysis
Fortinet 200A
UT
M
Per
form
ance
Price
ZyWall 70
WatchGuard X550e
SonicWALL Pro 2040
• Firewall Throughput: 100Mbps• VPN Throughput: 40Mbps • Hardware Based IPS• Hardware Based Anti-Virus
• Firewall Throughput: 200Mbps• VPN Throughput: 50Mbps • Software Based IPS• Software Based Anti-Virus • Expensive optional license charge is required !
• Firewall Throughput: 150Mbps• VPN Throughput: 60Mbps • Hardware Based IPS• Hardware Based Anti-Virus
• Firewall Throughput: 150Mbps• VPN Throughput: 70Mbps • Poor IPS& AV performance
• Firewall Throughput: 160Mbps• VPN Throughput: 40Mbps • Software Based IPS• Software Based IPS
• Firewall Throughput: 125Mbps• VPN Throughput: 20Mbps • Software Based IPS• Software Based Anti-Virus
DFL-860
Juniper SSG 20
NetDefend Family Overview & Strategy•NetDefend UTM Firewall
Competitive Comparison & Analysis
Summary: NetDefend UTM Firewall Selling Point
NetDefend Family Overview & Strategy•NetDefend UTM Firewall
High throughput, high performance with truly Hardware Acceleration. Fast file transmission speed for Anti-Virus scanning capability. Comprehensive IPS signature database (8000+). No file size and connection limitation for Anti-Virus scanning. Other
competitors can not prevent virus hidden in over specific file size and not able to support large concurrent sessions.
Well-Known Anti-Virus database by Kaspersky Triggering ZoneDefense by IPS and Anti-Virus* to real-time protect
virus or network worm outbreak. NetDefend Center website provides great value information for
network security
Adopting the same kernel certified by ICSA Labs, NetDefend UTM Firewall also integrates innovative technologies from world leading IPS, AV and WCF partners.
* Support in future release
1. Which NetDefend UTM Firewall are available now? (Multiple Choice )a. DFL-260 b. DFL-860 c. DFL-1660 d. DFL-2560
2. What new feature does NetDefend firewall support after firmware version 2.20?a. IPS b. Anti-Virus c. Web Content Filtering d. Anti-SPAM
3. Why can D-Link UTM Firewall reach high performance?a. Embed hardware accelerator b. Anti-Virus Engine by Kaspersky c. New CPU processor d. New software core
4. What is the IPS and Anti-Virus performance of DFL-860?a. 30/30 Mbps b. 50/50 Mbps c. 45/45 Mbps d. 60/60 Mbps
NetDefend UTM Firewall Q&A
NetDefend Family Overview & Strategy•NetDefend UTM Firewall
5. What is the IPS and Anti-Virus performance of DFL-260?a. 20/20 Mbps b. 40/20 Mbps c. 30/30 Mbps d. 35/35 Mbps
6. How many MB is file size limitation of UTM Firewall for anti-virus?a. 3 MB b. 5MBc. 10 MB d. No limitation
7. Who is the anti-virus signature vendor? a. Trendmicro b. Symantec c. McAfee d. Kaspersky
8. How many number of IPS signatures is in UTM database?a. 3000+ b. 6000+c. 8000+ d. 5000+
NetDefend Family Overview & Strategy•NetDefend UTM Firewall
NetDefend UTM Firewall Q&A
9. What is major difference between UTM firewall and IPS firewall?a. UTM firewall has VPN, but IPS firewall has not b. UTM firewall has Anti-Virus and WCF, but IPS firewall does not c. UTM firewall has IPS and Anti-Virus, but IPS firewall has IPS and WCFd. UTM firewall has WCF and Anti-Virus, but IPS firewall has IPS and Anti-Virus.
10. What is D-Link UTM’s advantages? a. Performance b. Signature number c. scanning file size d. ZoneDefense (exclude DFL-260)e. all of above
NetDefend Family Overview & Strategy•NetDefend UTM Firewall
NetDefend UTM Firewall Q&A
NetDefend Family’s Competency
• Following is our advantage:– Sufficient features
– Solution oriented
– Outstanding performance
– Affordable price
• How to fight with our major competitors? – Fortinet
– SonicWALL
– Juniper
– ZyXEL
NetDefend Family Overview & Strategy•Competitive Comparison & Analysis
Myth of FortinetNetDefend’s Advantages and & Counterplot
Fortinet is a innovator which provides many advanced security features in security market.
How to Compete with Fortinet?
Weakness
Poor performance with anti-virus or IPS enabled
Complete firewall products, but have no total solution
Only provide 30 days free trial for UTM service
Anti-Virus database is not from well-known provider
IPS signature is only 2,000
Service coverage focus on main countries
Conclusion
Comparing with D-Link security product, Forinet seems to have complete product line, but the performance and feature of D-Link firewall are excellent.
D-Link is to provides network total solution to customers, not single product, firewalls integrate xStack switch to be ZoneDefense solution, unified switch integrates access point to be a wireless management solution.
D-Link have complete service coverage by 130+ office on 70+ countries worldwide.
NetDefend Family Overview & Strategy•Competitive Comparison & Analysis
Compare with Fortinet
Myth of SonicWALLNetDefend’s Advantages and & Counterplot
SonicWALL promotes his deep packet inspection technology and integrated security features.
How to Compete with SonicWALL?
Several advanced features have to purchase enhanced OS and upgrade license, such as Policy-based routing, advanced NAT feature, sufficient Policy number, HA, Load Balancing, Object-based Management and LDAP.
Though the client purchases enhanced OS to support HA feature, SonicWALL still does not provide Firewall and VPN session synchronization. It’s a lame solution for H.A.
After license upgrade, SonicWALL still lacks some enhanced network feature, such as PPTP Server and 802.1q VLAN support.
Bandwidth / traffic control is always their weak point, they never mentioned traffic shaping and traffic load balancing feature.
No Gigabit interfaces and VPN tunnel number is limited
Conclusion
Without purchasing extra license, D-Link NetDefend firewall is already built-in many advanced network features in signal license
D-Link delivers enterprise-level security solution, ZoneDefense, to customers for fulfilling Joint Security.
D-Link NetDefend Firewall delivers the best Total Costs of Ownership (TCO) for customers.
NetDefend Family Overview & Strategy•Competitive Comparison & Analysis
Compare with SonicWALL
Myth of JuniperNetDefend’s Advantages and & Counterplot
Juniper is the market leader in security market. Juniper Firewall enables L2 and L3 operation mode, meanwhile highlight their signature pack for network security.
How to Compete with Juniper?
L2 mode (Transparent mode) or L3 mode (Router / NAT mode) cannot co-exist, meanwhile the operation mode change will lose all of the configuration.
10MB file size limitation for file based Anti-Virus scanning. It needs more latency time especially for multiple files transfer for real environment.
Juniper only delivers simple QoS for traffic prioritization. There are no any advanced and granular setting to guarantee per-user bandwidth control.
Juniper still lacks some enhanced network feature, such as PPTP Server, Server Load Balancing, Dynamic Bandwidth Balancing Mechanism.
Conclusion
D-Link NetDefend Firewall has high C/P rate and reduce business Total Cost Ownership. No extra cost for full set features.
D-Link can integrate all xStack switch series to enable client-less with end-point security solution: ZoneDefense technology.
Full set functionality: High port density (entry level) and all Gbe Copper interfaces (Enterprise) which can fulfill different environment requests.
NetDefend Family Overview & Strategy•Competitive Comparison & Analysis
Compare with Juniper
Myth of ZyXELNetDefend’s Advantages and & Counterplot
ZyXEL’s ZyWALL is ICSA-certified, and earns excellent reputation in SMB segment of security appliance market in Europe. How to Compete with ZyXEL?
ZyWALL Firewall and UTM series have limited port interfaces, lack of expansibility for SMBs.
ZyWALL Firewall and UTM series provide limited number of VPN tunnels. For ZyWALL 70 UTM, its VPN tunnels at most is 1,000.
Only ZyWALL 1050 supports 802.1Q VLAN, for the rest models, they do not support 802.1Q at all.
ZyWALL Firewall and UTM series do not support L2TP Server.
ZyWALL security service bundles Anti-Virus and IDP together, customers cannot buy either one individually.
ZyWALL Firewall and UTM series are ICSA-certified with the testing criteria “Residential” only, rather than the “Corporate” criteria.
Conclusion
D-Link NetDefend Firewall and UTM series pass ICSA Corporate Level testing criteria, however ZyWALL pass ICSA Residential Lcevel only .
D-Link can integrate all xStack switch series to enable client-less with end-point security solution: ZoneDefense technology.
Compared with ZyXEL, D-Link’s brand is more sounding and has more comprehensive office and tech-support network around the world.
NetDefend Family Overview & Strategy•Competitive Comparison & Analysis
Compare with ZyXEL
NETDEFENDOS FEATURE INTRODUCTION
DCS-Security
Key Features in NetDefendOS
• Routing Features• Route Failover • Virtual Private Network (VPN)• Virtual Local Area Network (VLAN)• High Availability (HA)• Traffic Management• User Authentication• ZoneDefense
NetDefendOS Feature Introduction
Routing Features in NetDefendOS
NetDefendOS Feature Introduction•Routing Features
Platform Compatibility: DFL-210/260/800/860/1600/2500
After this section, you should be capable to express:1. What is static routing?2. What is the PBR (Policy Based Route)? 3. What could we achieve when using this feature?4. What is load sharing? 5. What is the key component of load sharing?6. What is dynamic routing? 7. What is the difference between dynamic and static routing?
Internet
Static Route & Route Failover
NetDefendOS Feature Introduction•Routing Features
LAN Net
ISP1
Red Line Green Line
ISP2
Policy Based Route
• The NetDefendOS provides following types of PBR– Source-based routing
– Service-based routing
• Benefit of Policy Based Route:– Load sharing between multiple WAN links
NetDefendOS Feature Introduction•Routing Features
Dynamic Routing
• Why do we need dynamic routing?• What is dynamic routing?• What dynamic routing do we support?
– OSPF (Open Shortest Path First)
NetDefendOS Feature Introduction•Routing Features
Load Sharing
• More than two internet connections• Interoperate with PBR
– Source-based routing
– Service-based routing
NetDefendOS Feature Introduction•Routing Features
Competitive AnalysisStatic Route, PBR, OSPF
Static Route
PBR OSPFLoad
Sharing
SonicWALL √ √ √ √
WatchGuard √ √ √ √
Fortinet √ √ √ √
Juniper √ √ √ √
Cisco √ √ √ √
NetDefendOS Feature Introduction•Routing Features
Summary:Routing Features in NetDefendOS
• Routing determines the path from source to destination– Static Routing: predefined path– Dynamic Routing: learning and updating the path automatically
• Policy Based Route (PBR) determines path according to– Service type; different traffics (HTTP or FTP) use different routes– Source IP address; different users use different routes
• Via Policy Based Route (PBR), load sharing between multiple WAN links could be achieved
NetDefendOS Feature Introduction•Routing Features
Routing Features Q&A
1. What kind of dynamic routing protocol does NetDefendOS support?
a. RIP (Routing Information Protocol)
b. OSPF (Open Shortest Path First)
c. BGP (Border Gateway Protocol)
d. EGP (Exterior Gateway Protocol)
2. Does NetDefendOS support Route Failover feature?
a. YES
b. No
3. What of following feature is NOT supported in NetDefendOS Firewall?
a. Static Route
b. Policy Based Route
c. RIP (Routing Information Protocol)
d. OSPF (Open Shortest Path Fast)
NetDefendOS Feature Introduction•Routing Features
Routing Features Q&A
4. Which of following PBR is NOT supported in NetDefendOS ? (Multiple Choice)
a. Source-based routing
b. Service-based routing
c. Schedule-based routing
d. Port-based routing
5. With which feature, NetDefendOS could support load sharing between multiple WAN links?a. Static Routeb. Traffic Managementc. Dynamic Routed. Policy Based Route
6. Which model support load sharing feature?a. DFL-210b. DFL-800c. DFL-1600d. DFL-2500e. All above
NetDefendOS Feature Introduction•Routing Features
Platform Compatibility: DFL-210/260/800/860/1600/2500
After completing this section, you will be able to:
1. Describe what is Route Failover and its benefits
2. Describe how to implement Route Failover solution
3. Describe the selling point for Route Failover
Route Failover
NetDefendOS Feature Introduction•Route Failover
What is Route Failover
• Firewall is often deployed as the gateway of a network where availability and connectivity is crucial. Today corporations are relying heavily on the access to the Internet, and their operations will be severely disrupted if an Internet connection fails.
• To utilize multiple ISPs/ WAN links, NetDefendOS provides a Route Failover capability. Therefore, when one route fail, traffic can automatically failover to another alternative route.
NetDefendOS Feature Introduction•Route Failover
A Typical Scenario of Failover
NetDefendOS Feature Introduction•Route Failover
Route Failover allows the connections to different Internet Service Providers to avoid a single point of failure. Consequently, it enables enterprises to have backup Internet connectivity using a secondary Internet Service Provider (ISP).
How NetDefendOS Delivers Failover
For a route with Route Monitoring enabled, one of Route Monitoring
methods must be chosen:
– Interface Link Status– Gateway Monitoring
NetDefendOS Feature Introduction•Route Failover
Competitive Analysis – Failover Feature Comparison
NetDefendOS Feature Introduction•Route Failover
The D-Link NetDefend Route Failover Feature Comparison:
• SonicWALL
• ZyXEL
• WatchGuard
• Cisco
• Juniper
• Fortinet
DFL-210
Small-to-Medium Business Segment
D-Link SonicWALL ZyXEL WatchGuard Firebox
Features / Competitors
DFL-210TZ 180
10 Node Lic / 25 Node Lic
TZ 190 ZyWALL 5 ZyWALL 35 X Edge 5 X Edge 15
Failover Y Y Y Not Available Y Optional Optional
NetDefendOS Feature Introduction•Route Failover
Small-to-Medium Business Segment
D-Link Cisco Juniper Fortinet
Features / Competitors DFL-210 PIX 501 PIX 506E 5XT 5GTFortiGate-
60FortiGate-
100A
Failover Y Not Available Not Available Optional Optional Y Y
DFL-260
Small-to-Medium Business Segment
D-Link SonicWALL ZyXEL WatchGuard Firebox
Features / Competitors DFL-260Pro 1260 Standard / Enhanced
ZyWALL 5 UTM
ZyWALL 35 UTM
X Edge X10e
X Edge X20e
X Edge X20e
Failover Y YNot
AvailableY Optional Optional Y
NetDefendOS Feature Introduction•Route Failover
Small-to-Medium Business Segment
D-Link Cisco Juniper Fortinet
Features / Competitors DFL-260 N/A 5XT 5GT FortiGate-60/60A FortiGate-100A
Failover Y N/A Optional Optional Y Y
Small-to-Medium Business Segment
D-Link SonicWALL ZyXEL WatchGuard Firebox
Features / Competitors DFL-800Pro 1260 Standard / Enhanced
Pro 2040 Standard / Enhanced
ZyWALL 70X Core X500Standard / Advanced
X Core X700Standard / Advanced
Failover Y Y Y Y Optional / Yes Optional / Yes
DFL-800
Small-to-Medium Business Segment
D-Link Cisco Juniper Fortinet
Features / Competitors DFL-800 PIX 506EPIX 515E
(R, DMZ) / (UR, FO, FO-AA)
NetScreen-25
NetScreen-50
FortiGate-100A
FortiGate-200A
Failover YNot
AvailableNot Available /
YY Y Y Y
NetDefendOS Feature Introduction•Route Failover
Small-to-Medium Business Segment
D-Link SonicWALL ZyXEL WatchGuard
Features / Competitors
DFL-860Pro 1260 Standard / Enhanced
Pro 2040 Standard / Enhanced
ZyWALL 70 UTM
X Core X500Standard / Advanced
X Core X700Standard / Advanced
Failover Y Y Y Y Optional / Yes Optional / Yes
DFL-860
Small-to-Medium Business Segment
D-Link Cisco Juniper Fortinet
Features / Competitors
DFL-860ASA 5505
Base / Security Plus
SSG 5Base /
Extended
SSG 20Base /
Extended
FortiGate-100A
FortiGate-200A
Failover Y Not Available / Y Y Y Y
NetDefendOS Feature Introduction•Route Failover
Summary:Route Failover
NetDefendOS Feature Introduction•Route Failover
•Today the low costs of xDSL lines makes it possible to allow SMBs utilize multiple ISPs/ WAN links as WAN backup via Route Failover feature to prevent operations severely disrupted due to Internet connection fails.
•In the entry level model segment such as DFL-210/260/800/860, most competitors deliver Route Failover feature as an option, and require to pay extra fee for this feature. Different from our competitors, considering the IT demands of SMB, the D-Link NetDefend IPS/UTM Firewall family generously bundles the Route Failover feature with no need to pay extra costs for the license upgrade.
•D-Link NetDefend IPS/UTM Firewall family delivers the affordable price with best-value security feature set for SMBs.
Platform Compatibility: DFL-210/260/800/860/1600/2500
After completing this section, you will be able to:1. Describe what is VPN and its benefits2. Describe how to implement VPN solutions3. Describe the selling point for VPN
VPN
NetDefendOS Feature Introduction•VPN
What is VPN?
•A Virtual Private Network (VPN) is a private network connection that occurs through a public network.
•VPNs can be used to connect LANs together across the Internet or other public networks. With a VPN, the remote end appears to be connected to the network as if it were connected locally.
•VPN has attracted the attention of many organizations looking to both expand their networking capabilities and reduce their costs.
NetDefendOS Feature Introduction•VPN
A Typical Scenario of VPN Solutions
NetDefendOS Feature Introduction•VPN
Internet• Remote Access VPN
Tunneling Protocol:
• L2TP
• PPTP
• IPSec
• Site-to-Site VPN
Local Network
Local Network
A Close Look at IPSec VPN Topology
• Site-to-Site Topology
NetDefendOS Feature Introduction•VPN
Internet
Local NetworkDFL-210/260/800/860
DFL-2500
VPN Tunnel is dedicated.
Head Office
Remote Office / Branch Office (ROBO)
ClientServer
Local Network
A Close Look at IPSec VPN Topology
• Hub-and-Spoke Topology
NetDefendOS Feature Introduction•VPN
Internet
Local Network
DFL-210/260/800/860
Remote Office 1
Client
Local Network
DFL-2500
Head Office
Hub
Local NetworkClient
Remote Office 2
Spoke
Spoke
More Discussion about IPSec VPNs
• Rules and Routing play the key role in IPSec VPN configuration
• NetDefendOS provides IPSec VPN connection via Rule-based VPN Configuration
• Rule-based Configuration enables granular controls for administrators to decide what traffic should go through the tunnel.
NetDefendOS Feature Introduction•VPN
Internet
Local NetworkLocal Network
DFL-210/260/800/860DFL-2500
Rule Action: Allow
Service: FTP
Head OfficeRemote Office
The client is not allowed to access FTP servers on the Internet; however, he/she is allowed to access the internal FTP server at the Head Office via VPN tunnel
FTP ServerClient
FTP Server on the Internet
Remote Access VPNs
NetDefendOS Feature Introduction•VPN
Internet
Local Network
• The IP address of remote access clients are normally dynamic.
• Users usually require to install a VPN software on the machine.
• Tunnel connections are between a remote user’s computer and the VPN appliance.
VPN Remote Client Software
Planning a VPN
In designing a VPN, there are many considerations that need to be addressed, including:
• Protecting mobile and home computers• Restricting access through the VPN to needed services, only when mobile computers are potentially vulnerable• Creating DMZs for services that need to be shared with other companies through VPNs• Adapting VPN access policies for different groups of users• Creating key distribution policies
NetDefendOS Feature Introduction•VPN
Competitive Analysis – VPN Feature Comparison
NetDefendOS Feature Introduction•VPN
The D-Link NetDefend VPN Feature Comparison:
• SonicWALL
• ZyXEL
• WatchGuard
• Cisco
• Juniper
• Fortinet
DFL-210
Small-to-Medium Business Segment
D-Link SonicWALL ZyXEL WatchGuard Firebox
Features / Competitors DFL-210TZ 180
10 Node Lic / 25 Node Lic
TZ 190 ZyWALL 5 ZyWALL 35 X Edge 5 X Edge 15
Firewall Throughput 80Mbps 90+Mbps 90+Mbps 65Mbps 70Mbps 80Mbps 95Mbps
VPN
VPN Throughput 25Mbps 30+Mbps 30+Mbps 25Mbps 30Mbps 35Mbps 35Mbps
Site-to-Site Tunnel
100
2 / 10 15
10 35
2 15
Client-to-Site Tunnel
0 (Bundled) - 5 (Max) /
1 (Bundled) -25 (Max)
2 (Bundled) - 25
1/11 5/25
NetDefendOS Feature Introduction•VPN
DFL-210
Small-to-Medium Business Segment
D-Link Cisco Juniper Fortinet
Features / Competitors DFL-210 PIX 501 PIX 506E 5XT 5GT FortiGate-60FortiGate-
100A
Firewall Throughput 80Mbps 60Mbps 100Mbps 70Mbps 75Mbps 70Mbps 100Mbps
VPN
VPN Throughput
25Mbps 3Mbps 15Mbps 20Mbps 20Mbps 20Mbps 40Mbps
Site-to-Site Tunnel
100 10 25 10 10 50 80
Client-to-Site Tunnel
NetDefendOS Feature Introduction•VPN
DFL-260
Small-to-Medium Business Segment
D-Link SonicWALL ZyXEL WatchGuard Firebox
Features / Competitors DFL-260Pro 1260 Standard / Enhanced
ZyWALL 5 UTM
ZyWALL 35 UTM
X Edge X10e
X Edge X20e X Edge X20e
Firewall Throughput 80Mbps 90Mbps 65Mbps 70Mbps 100Mbps 100Mbps 100Mbps
VPN
VPN Throughput 25Mbps 30Mbps 25Mbps 30Mbps 35Mbps 35Mbps 35Mbps
Site-to-Site Tunnel
100
25
10 35
5 15 25
Client-to-Site Tunnel
505
(Bundled) - 11
5 (Bundled) -
25
5 (Bundled) - 55
NetDefendOS Feature Introduction•VPN
DFL-260
Small-to-Medium Business Segment
D-Link Cisco Juniper Fortinet
Features / Competitors DFL-260 N/A 5XT 5GT FortiGate-60/60A FortiGate-100A
Firewall Throughput 80Mbps
N/A
70Mbps 75Mbps 70Mbps 100Mbps
VPN
VPN Throughput
25Mbps 20Mbps 20Mbps 20Mbps 40Mbps
Site-to-Site Tunnel
100 10 10 50 80
Client-to-Site Tunnel
NetDefendOS Feature Introduction•VPN
Small-to-Medium Business Segment
D-Link SonicWALL ZyXEL WatchGuard Firebox
Features / Competitors DFL-800Pro 1260 Standard / Enhanced
Pro 2040 Standard / Enhanced
ZyWALL 70X Core X500
Standard / Advanced
X Core X700Standard / Advanced
Firewall Throughput 150Mbps 90Mbps 200Mbps 90Mbps 100/110 Mbps 150/160 Mbps
VPN
VPN Throughput 60Mbps 30Mbps 50Mbps 40Mbps 20/30 Mbps 40/60 Mbps
Site-to-Site Tunnel
300
25 50
100
0 - 50 (Need to Upgrade)
100
Client-to-Site Tunnel
5 (Bundled)
- 50
10 (Bundled) - 50/200
5 (Bundled) - 5010 (Bundled) -
100
DFL-800
NetDefendOS Feature Introduction•VPN
Small-to-Medium Business Segment
D-Link Cisco Juniper Fortinet
Features / Competitors DFL-800 PIX 506EPIX 515E
(R, DMZ) / (UR, FO, FO-AA)
NetScreen-25
NetScreen-50
FortiGate-100A
FortiGate-200A
Firewall Throughput 150Mbps 100Mbps 190Mbps 100Mbps 170Mbps 100Mbps 150Mbps
VPN
VPN Throughput 60Mbps 15Mbps 20 / 60 Mbps 20Mbps 45Mbps 40Mbps 70Mbps
Site-to-Site Tunnel
300 25Not Available /
2000125 500 80 200
Client-to-Site Tunnel
DFL-800
NetDefendOS Feature Introduction•VPN
Small-to-Medium Business Segment
D-Link SonicWALL ZyXEL WatchGuard
Features / Competitors DFL-860Pro 1260 Standard / Enhanced
Pro 2040 Standard / Enhanced
ZyWALL 70 UTM
X Core X500Standard / Advanced
X Core X700Standard / Advanced
Firewall Throughput 150Mbps 90Mbps 200Mbps 90Mbps 100/110 Mbps 150/160 Mbps
VPN
VPN Throughput 60Mbps 30Mbps 50Mbps 40Mbps 20/30 Mbps 40/60 Mbps
Site-to-Site Tunnel
300
25 50
100
0 - 50 (Need to Upgrade)
100
Client-to-Site Tunnel
5 (Bundled) - 50
10 (Bundled) - 50/200
5 (Bundled) - 50
10 (Bundled) - 100
DFL-860
NetDefendOS Feature Introduction•VPN
Small-to-Medium Business Segment
D-Link Cisco Juniper Fortinet
Features / Competitors
DFL-860ASA 5505
Base / Security Plus
SSG 5Base /
Extended
SSG 20Base /
Extended
FortiGate-100A
FortiGate-200A
Firewall Throughput 150Mbps 150Mbps 160Mbps 100Mbps 150Mbps
VPN
VPN Throughput
60Mbps 100Mbps 40Mbps 40Mbps 70Mbps
Site-to-Site Tunnel
300 10 / 25 25 / 40 80 200
Client-to-Site Tunnel
DFL-860
NetDefendOS Feature Introduction•VPN
DFL-1600
Small-to-Medium Business Segment
D-Link SonicWALL ZyXEL WatchGuard
Features / Competitors
DFL-1600Pro 3060
Standard / Enhanced
Pro 4060Enhanced
ZyWALL 1050
X Core X1000Standard / Advanced
X Core X2500Standard / Advanced
X Core X550e (UTM)
Standard / Advanced
Firewall Throughput 320Mbps 290Mbps 300Mbps 300Mbps225 / 240
Mbps275+ / 300+
Mbps300+ Mbps
VPN
VPN Throughput
120Mbps 75Mbps 190Mbps 100Mbps75 / 100
Mbps100 / 130
Mbps35 Mbps
Site-to-Site Tunnel
1,200
500/1,000 3,000
1,000
400 40035
(Bundled) - 45
Client-to-Site Tunnel
25 (Bundled) -
5003,000
50 (Bundled) - 1,000
1,000 (Bundled)
5 (Bundled) - 75
NetDefendOS Feature Introduction•VPN
DFL-1600
Small-to-Medium Business Segment
D-Link Cisco Juniper Fortinet
Features / Competitors
DFL-1600PIX 525
(R) / (UR, FO, FO-AA)
ASA 5510Base / Security
PlusSSG 140
NetScreen-204
NetScreen-208
FortiGate-300A
Firewall Throughput 320Mbps 330Mbps 300Mbps350+Mb
ps375Mbp
s375Mbp
s400Mbps
VPN
VPN Throughput
120Mbps 30 / 70Mbps 170Mbps100Mbp
s175Mbp
s175Mbp
s120Mbps
Site-to-Site Tunnel
1200Not Available /
2,000250 125 1,000 1,000 1,500
Client-to-Site Tunnel
NetDefendOS Feature Introduction•VPN
DFL-2500
Small-to-Medium Business Segment
D-Link SonicWALL ZyXEL WatchGuard Firebox
Features / Competitors DFL-2500Pro 4060Enhanced
Pro 4100Enhanced
N/AX Peak X5000
AdvancedX Peak X6000
Advanced
Firewall Throughput 600Mbps 300Mbps 700Mbps
N/A
400 Mbps 700 Mbps
VPN
VPN Throughput 300Mbps 190Mbps 400Mbps 190 Mbps 300 Mbps
Site-to-Site Tunnel
2,500
3,000 3,500 400 400
Client-to-Site Tunnel
3,000 4,5001,200 (Bundled) -
4,0001,600 (Bundled) -
5,000
NetDefendOS Feature Introduction•VPN
DFL-2500
Small-to-Medium Business Segment
D-Link Cisco Juniper Fortinet
Features / Competitors
DFL-2500 ASA 5520 ASA 5540NetScreen-
208NetScreen-
500FortiGate-
400AFortiGate-
500A
Firewall Throughput 600Mbps 450Mbps 650Mbps 375Mbps 700Mbps 500Mbps 600Mbps
VPN
VPN Throughput
300Mbps 225Mbps 325Mbps 175Mbps 250Mbps 140Mbps 150Mbps
Site-to-Site Tunnel
2,500 750 5,000 1,000
5,000
2,000 3,000
Client-to-Site Tunnel
10,000
NetDefendOS Feature Introduction•VPN
Summary:VPN (Virtual Private Network )
NetDefendOS Feature Introduction•VPN
The D-Link NetDefend IPS/UTM Firewall family provides outstanding firewall / VPN performance compared with other key players on the market.
Meanwhile, for the max number of VPN tunnel, NetDefend IPS/UTM Firewall family by default bundles more tunnels than our competitors, without charging any extra costs or upgrade fee for extra tunnels.
From the viewpoint of either performance-costs or value-costs ratio, D-Link NetDefend IPS/UTM Firewall family is the best Firewall / UTM solution for mid-to-large sized organizations.
VPN Q&A
NetDefendOS Feature Introduction•VPN
1. What is the maximum number of VPNs supported on a DFL-800/860 Firewall/UTM device running NetDefendOS?
a. 100
b. 150
c. 200
d. 250
e. 300
2. Which of the following protocols isn’t a tunneling protocol but is probably used at your site by tunneling protocols for network security?
a. IPSec
b. PPTP
c. L2TP
d. L2F
VPN Q&A
NetDefendOS Feature Introduction•VPN
3. Which answer below is NOT the benefits of VPN encryption:
a. Confidentiality
b. Authentication
c. Integrity
d. Non-repudiation
e. None of the above
4. What is the maximum VPN throughput of DFL-800 / 860 device running NetDefendOS?
a. 50 Mbps
b. 60 Mbps
c. 70 Mbps
d. 80 Mbps
e. 90 Mbps
VPN Q&A
NetDefendOS Feature Introduction•VPN
5. What is the maximum VPN throughput of DFL-1600 device running NetDefendOS?
a. 100 Mbps
b. 110 Mbps
c. 120 Mbps
d. 150 Mbps
e. 200 Mbps
6. What is the maximum VPN throughput of DFL-2500 device running NetDefendOS?
a. 100 Mbps
b. 150 Mbps
c. 200 Mbps
d. 250 Mbps
e. 300 Mbps
VPN Q&A
NetDefendOS Feature Introduction•VPN
7. Which two settings are important in IPSec VPN configuration, and will decide weather the traffic should go through the tunnel? (Multiple Choice)
a. Network Interfaces
b. Routing
c. IPSec Interface
d. Rules
e. None of the above
8. How does NetDefendOS provide IPSec VPN configuration ?
a. Policy-based Configuration
b. Interface-based Configuration
c. Rule-based Configuration
d. Route-based Configuration
e. Security-based Configuration
Platform Compatibility: DFL-210/260/800/860/1600/2500
After completing this section, you will be able to:
1. Describe what is VLAN and its benefits
2. Describe how to implement VLAN solutions
3. Describe the selling point for VLAN
VLAN
NetDefendOS Feature Introduction•VLAN
What is VLAN
• A Virtual Local Area Network (VLAN) allows administrators to create logical groups of users and systems and segment them on the network.
• This network segmentation enables administrators hide segments of
the network from other segments and hence control network resource access.
• Also administrators can set up VLANs to control the paths that data takes to get from one point to another. VLAN technology is a good way to contain network traffic to a certain area in a network.
NetDefendOS Feature Introduction•VLAN
A Typical Scenario of VLAN
NetDefendOS Feature Introduction•VLAN
Internet
NetDefendOS Provides Cost-Effective VLAN Solution for SMB
NetDefendOS Feature Introduction•VLAN
Internet
D-Link NetDefend IPS/UTM Firewalls
How NetDefendOS Supports VLAN
• NetDefendOS is fully compliant with the IEEE 802.1Q specification for Virtual LANs. On a protocol level, Virtual LANs work by adding a Virtual LAN identifier (VLAN ID) to the Ethernet frame header. The VLAN ID is a number from 0 to 4095 and is used to identify a specific Virtual LAN. In this way, Ethernet frames can belong to different Virtual LANs, but still share the same physical media.
• The Virtual LAN support in NetDefendOS works by defining one or more Virtual LAN interfaces. Each Virtual LAN interface is interpreted as a logical interface by the system.
• Ethernet frames received by the system are examined for a VLAN ID. If a VLAN ID is found, and a matching Virtual LAN interface has been defined, the system will consider that interface to be the receiving interface for the frame before further processing takes place.
• Virtual LANs are useful in several different scenarios, for instance, when filtering is needed between different Virtual LANs in an organization, or when the number of interfaces needs to be expanded.
NetDefendOS Feature Introduction•VLAN
Competitive Analysis – VLAN Feature Comparison
NetDefendOS Feature Introduction•VLAN
The D-Link NetDefend VLAN Feature Comparison:
• SonicWALL
• ZyXEL
• WatchGuard
• Cisco
• Juniper
• Fortinet
DFL-210
Small-to-Medium Business Segment
D-Link SonicWALL ZyXELWatchGuard
Firebox
Features / Competitors
DFL-210TZ 180
10 Node Lic / 25 Node Lic
TZ 190 ZyWALL 5ZyWALL
35X Edge 5 X Edge 15
Max. No. of VLAN 8 Not AvailableNot
AvailableNot
AvailableNot
AvailableNot
AvailableNot
Available
NetDefendOS Feature Introduction•VLAN
Small-to-Medium Business Segment
D-Link Cisco Juniper Fortinet
Features / Competitors
DFL-210 PIX 501 PIX 506E 5XT 5GT FortiGate-60 FortiGate-100A
Max. No. of VLAN 8Not
Available2 3 3
10 (Bundled) – 25, 50, 100, 250 (via Lic Upgrade)
10 (Bundled) - 25, 50, 100, 250 (via Lic Upgrade)
DFL-260
Small-to-Medium Business Segment
D-Link SonicWALL ZyXEL WatchGuard Firebox
Features / Competitors
DFL-260Pro 1260 Standard / Enhanced
ZyWALL 5 UTM
ZyWALL 35 UTM
X Edge X10e
X Edge X20e
X Edge X20e
Max. No. of VLAN 8Not Available /
25Not
AvailableNot
AvailableNot
AvailableNot
AvailableNot
Available
NetDefendOS Feature Introduction•VLAN
Small-to-Medium Business Segment
D-Link Cisco Juniper Fortinet
Features / Competitors
DFL-260 N/A 5XT 5GT FortiGate-60/60A FortiGate-100A
Max. No. of VLAN 8 N/A 3 310 (Bundled) –
25, 50, 100, 250 (via Lic Upgrade)
10 (Bundled) - 25, 50, 100, 250 (via
Lic Upgrade)
Small-to-Medium Business Segment
D-Link SonicWALL ZyXEL WatchGuard Firebox
Features / Competitors
DFL-800Pro 1260 Standard / Enhanced
Pro 2040 Standard / Enhanced
ZyWALL 70X Core X500Standard / Advanced
X Core X700Standard / Advanced
Max. No. of VLAN 16Not
Available / 25
Not Available /
25Not Available Not Available Not Available
DFL-800
Small-to-Medium Business Segment
D-Link Cisco Juniper Fortinet
Features / Competitors
DFL-800 PIX 506E
PIX 515E(R, DMZ) /
(UR, FO, FO-AA)
NetScreen-25
NetScreen-50
FortiGate-100AFortiGate-
200A
Max. No. of VLAN 16 2 10 / 25 16 1610 (Bundled) –
25, 50, 100, 250 (via Lic Upgrade)
10 (Bundled) - 25, 50, 100, 250 (via Lic Upgrade)
NetDefendOS Feature Introduction•VLAN
Small-to-Medium Business Segment
D-Link SonicWALL ZyXEL WatchGuard
Features / Competitors
DFL-860Pro 1260 Standard / Enhanced
Pro 2040 Standard / Enhanced
ZyWALL 70 UTM
X Core X500Standard / Advanced
X Core X700Standard / Advanced
Max. No. of VLAN 16Not Available /
25Not Available /
25Not
AvailableNot Available Not Available
DFL-860
Small-to-Medium Business Segment
D-Link Cisco Juniper Fortinet
Features / Competitors
DFL-860ASA 5505
Base / Security Plus
SSG 5Base /
Extended
SSG 20Base /
ExtendedFortiGate-100A
FortiGate-200A
Max. No. of VLAN 163 (Trunking Disabled) / 3 (Trunking Enabled)
10 / 50
10 (Bundled) – 25, 50, 100, 250
(via Lic Upgrade)
10 (Bundled) - 25, 50, 100, 250 (via Lic Upgrade)
NetDefendOS Feature Introduction•VLAN
DFL-1600
Small-to-Medium Business Segment
D-Link SonicWALL ZyXEL WatchGuard
Features / Competitors
DFL-1600Pro 3060
Standard / Enhanced
Pro 4060Enhanced
ZyWALL 1050
X Core X1000Standard / Advanced
X Core X2500Standard / Advanced
X Core X550e (UTM)
Standard / Advanced
Max. No. of VLAN 128Not
Available / 50
200 Y Not Available Not AvailableNot
Available / 25
NetDefendOS Feature Introduction•VLAN
Small-to-Medium Business Segment
D-Link Cisco Juniper Fortinet
Features / Competitors
DFL-1600PIX 525
(R) / (UR, FO, FO-AA)
ASA 5510Base /
Security Plus
SSG 140
NetScreen-204
NetScreen-208
FortiGate-300A
Max. No. of VLAN 128 25 /100 10 / 25 100 32 3210 (Bundled) –
25, 50, 100, 250 (via Lic Upgrade)
DFL-2500
Small-to-Medium Business Segment
D-Link SonicWALL ZyXEL WatchGuard Firebox
Features / Competitors
DFL-2500Pro 4060Enhanced
Pro 4100Enhanced
N/AX Peak X5000
AdvancedX Peak X6000
Advanced
Max. No. of VLAN 1024 200 300 N/A Not Available Not Available
NetDefendOS Feature Introduction•VLAN
Small-to-Medium Business Segment
D-Link Cisco Juniper Fortinet
Features / Competitors
DFL-2500 ASA 5520 ASA 5540NetScreen
-208NetScreen
-500FortiGate-400A FortiGate-500A
Max. No. of VLAN 1024 100 200 32800 (100 per port)
10 (Bundled) – 25, 50, 100, 250
(via Lic Upgrade)
10 (Bundled) – 25, 50, 100,
250 (via Lic
Upgrade)
Summary :VLAN (Virtual Local Area Network )
NetDefendOS Feature Introduction•VLAN
•With the VLAN feature, organizations can enable routing capability between VLANs, and implement security policies among different LAN segments, therefore different departments, e.g. RD and Sales, can have different access controls toward network resources.
•In the entry level model segment such as DFL-210/260/800/860, most competitors do not deliver VLAN feature, this negatives the infrastructure expandability for SMBs. Having an insight into IT demands of SMB, the D-Link NetDefend IPS/UTM Firewall family all bundles more VLAN number than other competitors with no need to pay extra costs for the license upgrade.
•D-Link NetDefend IPS/UTM Firewall family is the best partner with the business and infrastructure growth of SMBs.
VLAN Q&A
NetDefendOS Feature Introduction•VLAN
1. VLAN tagging within a NetDefend device is based on which industry standard?
a. 802.1d
b. 802.1q
c. 802.11q
d. 802.2
e. 802.3
2. What is the valid range of VLAN tag numbers that are usable on a NetDefend device?
a. 0 thru 500
b. 1 thru 500
c. 0 thru 2048
d. 0 thru 4095
e. 1 thru 4094
VLAN Q&A
NetDefendOS Feature Introduction•VLAN
3. What is the maximum number of VLANs supported on a DFL-800/860 IPS/UTM Firewall device running NetDefendOS?
a. 10
b. 16
c. 20
d. 25
e. 50
4. What is the maximum number of VLANs supported on a DFL-2500 Firewall device running NetDefendOS?
a. 100
b. 200
c. 512
d. 1000
e. 1024
VLAN Q&A
NetDefendOS Feature Introduction•VLAN
5. In the DFL-210 segment, which competitors do NOT provide VLAN feature? (Multiple Choice )
a. Cisco
b. Juniper
c. SonicWALL
d. Fortinet
e. WatchGuard
f. ZyXEL
6. In the DFL-860 segment, which competitors by default with Standard Firmware do NOT provide VLAN feature? (Multiple Choice )
a. WatchGuard
b. Fortinet
c. Juniper
d. SonicWALL
e. ZyXEL
f. Cisco
VLAN Q&A
NetDefendOS Feature Introduction•VLAN
7. What is NetDefendOS’ main advantage in VLAN support, comparing to other competitors? (Multiple Choice )
a. Supported more VLAN by default.
b. VLAN number upgrade as an option.
c. No need to pay extra costs for VLAN number
d. Support 5 VLANs by default.
e. Support VLAN feature on entry level models.
8. What is the benefit of NetDefendOS’ VLAN support ? (Multiple Choice )
a. Allow to contain network traffic, and increase network performance
b. Create VLAN ID
c. Enable security control between VLANs
d. Enable L3 routing between VLANs
e. Allow physical network connection
Platform Compatibility: DFL-1600/2500
After completing this section, you will be able to:1. Describe NetDefend firewall HA feature and how it works2. Describe what HA will do / will not do for you3. Describe the requirements before HA implementation
High Availability (HA)
NetDefendOS Feature Introduction•High Availability
•High Availability (HA) is a hardware fault-tolerant capability that is available on certain models of D-Link NetDefend Firewalls. Currently the firewalls that offer this feature are the DFL-1600 and DFL-2500 models with active-passive HA implementation.
•D-Link High Availability works by adding a Backup D-Link firewall to an existing firewall. The Backup firewall has the same configuration as the Primary firewall. Therefore, this feature must have two identical firewall model to perform this feature.
•Throughout this chapter, the phrases “Master firewall" and “Primary firewall" are used interchangeably, as are the phrases “Slave firewall" and “Backup firewall".
NetDefendOS Feature Introduction•High Availability
Overview
Two firewall appliances are required, one is for Master and another one is for Backup.
When a failure on the Master firewall occurs, the Backup firewall transitions to active mode and assumes the configuration and role of Master.
Backup firewall contains a real-time mirrored configuration of Master firewall via a dedicated Ethernet cable link.
NetDefendOS Feature Introduction•High Availability
How High Availability Works
•Hardware-based redundant
•State-synchronized solution
•When the cluster failover to the inactive firewall, it knows which connections are active and communication may continue to flow uninterrupted.
•Extremely less failover time (< 800ms)
NetDefendOS Feature Introduction•High Availability
What High Availability will do for you
What High Availability will NOT do for you
• It’s not a panacea for all communication failures
• It will not create a load-sharing cluster.
• Only two firewalls, a "Master" and a "Slave", are supported.
• Broken interfaces will not be detected by HA
NetDefendOS Feature Introduction•High Availability
Interface Broken
High Availability Scenario Example
NetDefendOS Feature Introduction•High Availability
If Master Firewall fails, Slave Firewall would take over
NetDefend firewall with hardware failover mechanism to prevent single point failure situation which ensure network communication to be keep-alive.
•The High Availability is only supported on DFL-1600 and DFL-2500
•The Master and Slave NetDefend Firewall must be using the same hardware model – mixing and matching D-Link of different hardware types is not currently supported.
•NetDefend High Availability does not support PPP protocols and dynamic IP address assignment from your ISP.
•D-Link NetDefend Firewall in the High Availability pair must have the same firmware version installed.
•The high availability feature requires THREE unique static LAN IP addresses to operate normally.
Requirements before using HA
NetDefendOS Feature Introduction•High Availability
Feature Matrix
DFL-200 DFL-210 DFL-800 DFL-1600 DFL-2500
Active-Passive mode N/A N/A N/A Yes Yes
Active-Active mode N/A N/A N/A N/A N/A
State Synchronization N/A N/A N/A Yes Yes
VPN Synchronization N/A N/A N/A Yes Yes
Device Failure Detection N/A N/A N/A Yes Yes
Dead Link Detection N/A N/A N/A Yes Yes
Dead Gateway Detection
N/A N/A N/A Yes Yes
Dead Interface Detection
N/A N/A N/A Yes Yes
Average Failover Time N/A N/A N/A <800ms <800ms
Synchronization Method N/A N/A N/A Dedicated Ethernet Interface
NetDefendOS Feature Introduction•High Availability
•The HA feature is offered on both DFL-1600 and DFL-2500 with active-passive mode.
•NetDefend High Availability (HA) provides a solution for two key requirements of critical enterprise networking components: enhanced reliability and prevent single point failure from appliance perspective.
•NetDefend HA is implemented by configuring two firewall units to operate as an HA cluster.
•The HA must be using same hardware model and firmware version
Summary:HA (High Availability)
NetDefendOS Feature Introduction•High Availability
1. Which of the following feature is NOT supported for NetDefend High Availability?
a. Active-Passive HA mode
b. Dead link detection
c. Hardware failover mechanism between Master and Backup
d. Hardware Load balancing between Master and Backup
e. Firewall state and VPN synchronization
2. Which of the following condition is NOT required before using NetDefend High Availability?
a. Static WAN IP address
b. Same hardware model
c. Additional Ethernet cable for synchronization
d. Same firmware version installed
e. Redundant power supply
High Availability (HA) Q&A
NetDefendOS Feature Introduction•High Availability
3. Which following characteristic about High Availability is NOT true?
a. Only two firewalls are supported
b. Connection link failover
c. Single point failure prevention
d. Increasing network reliability
e. None of the above
NetDefendOS Feature Introduction•High Availability
High Availability (HA) Q&A
Platform Compatibility: DFL-210/260/800/860/1600/2500
After completing this section, you will be able to:
1. Describe terminologies and feature definitions associated with Traffic Management
2. Describe what Traffic Management purpose is
3. Describe the selling point for Traffic Management
Traffic Management
NetDefendOS Feature Introduction•Traffic Management
Managing application performance can be quite a challenge. Productivity drops and frustration climbs when performance turns inconsistent, unpredictable, and slow. Do any of these problems sound familiar to you?
• Repeated bandwidth upgrades fail to address performance but do increase costs substantially.• A branch office’s ERP performance plummets whenever an employee synchs email.• Enthusiasm for VoIP (Voice over IP) fades when callers routinely face stutter and static during peak network usage.• Surges from recreational and infected traffic cause urgent, interactive applications to struggle.• Nightly server backups that haven’t finished by the next morning.
Strategies for Optimizing Applications on the WAN
NetDefendOS Feature Introduction•Traffic Management
What’s Causing Bandwidth Performance Problems?
• More application traffic• Recreational traffic• Web-based applications• Voice/video/data network convergence• Disaster readiness• Network Threat Attack• New Breed of Applications
NetDefendOS Feature Introduction•Traffic Management
What is Quality of Service ?
• Quality of Service (QoS) means providing consistent, predictable data delivery service. In other words, satisfying customer application requirements.
• QoS feature is called “Traffic Management” on NetDefendOS Web GUI.
• It’s the allocation of the appropriate amount of network bandwidth to every users and applications on an interface.
• It works by measuring and queuing IP packets
NetDefendOS Feature Introduction•Traffic Management
Why QoS is Needed ?
• Internet Protocol (IP) does not provide reliable mechanism to assure timely delivery for data throughput.
• Unlike “Pure Virtual Circuit” technologies, such as ATM and Frame Relay, IP does not make hard allocations of resource.
• Typical network traffic is bursty rather than continuous.
• Mission-critical information can not tolerate unpredictable losses.
• The conferencing, telephony and video streaming demand high data throughput and low-latency requirements when use two-way communications.
NetDefendOS Feature Introduction•Traffic Management
How Traffic Management Works?
• Queuing Packets when traffic exceeds configured limits.
• Dropping packets if the packet buffers are full.
• Prioritizing traffic according to the administrator's choice.
• Providing bandwidth guarantees.
NetDefendOS Feature Introduction•Traffic Management
Traffic Management Scenario Example
You could use Traffic Management to achieve following purpose:
-SMTP guaranteed to 800Kbps and maximum limit is 1600Kbps, Highest Priority.
-HTTP guaranteed to 600Kbps and maximum limit is 1200Kbps, Second Priority
-FTP guaranteed to 400Kbps and maximum bandwidth limit is 800Kbps, Third Priority.
-Other protocols is NOT guaranteed and limited. But It can burst its traffic to use all available bandwidth if SMTP/HTTP/HTTPS/FTP is not full traffic load.
NetDefendOS Feature Introduction•Traffic Management
Key Advantages
• Granular control for traffic prioritizing, guaranteeing and limiting
• Nicely integrated with the firewall ruleset
• Accurately control and manage bandwidth utilization
• IPSec tunnel traffic can be integrated by QoS
• Dynamic Bandwidth Balancing (D-Link unique)
NetDefendOS Feature Introduction•Traffic Management
1. Which of the following firewall model does NOT support traffic management feature?
a. DFL-210
b. DFL-800
c. DFL-1600
d. DFL-2500
e. None of Above.
2. Which of the following features is D-Link unique one than other firewall suppliers for traffic management?
a. Guarantee bandwidth
b. Queuing packets
c. Dropping packets if the packet buffers is full
d. Dynamic Bandwidth Balancing
e. Maximum bandwidth Limiting
Traffic Management Q&A
NetDefendOS Feature Introduction•Traffic Management
3. Which of the following scenario does NOT supported in Traffic Management feature on NetDefend Firewall?
a. Two-Way bandwidth limits
b. Per-user traffic limits and guarantee
c. Manage bandwidth in IPSec Tunnel
d. increasing reliability by traffic failover
e. By VLAN interfaces to manage bandwidth usage
Traffic Management Q&A
NetDefendOS Feature Introduction•Traffic Management
4. Which of the following description is incorrect for Traffic Management feature advantage on NetDefend Firewall?
a. Traffic Management could enable bandwidth priority, bandwidth guarantee and bandwidth load
balancing.
b. The VLAN interfaces could be performed Traffic Management in NetDefend Firewall Series
c. The IPSec tunnel can be integrated by Traffic Management.
d. The dynamic bandwidth balancing feature is able to ensures that the per-user bandwidth limits
are dynamically lowered (and raised) in order to evenly balance the available bandwidth between
the users of the pipe.
e. Traffic management can perform packet based bandwidth utilization control.
Traffic Management Q&A
NetDefendOS Feature Introduction•Traffic Management
Platform Compatibility: DFL-210/260/800/860/1600/2500
After completing this section, you will be able to:1. Describe what is User Authentication2. Describe what is Run-Time Web Base Authentication3. Describe what is Accounting Server4. Describe the selling point for User Authentication
User Authentication
NetDefendOS Feature Introduction•User Authentication
User Authentication Introduction
NetDefendOS Feature Introduction•User Authentication
User authentication is frequently used in services, such as HTTP, FTP, and VPN. NetDefendOS uses a Username/Password combination as the primary authentication method, strengthened by encryption algorithms. More advanced and secure means of authentication include Public-Private Keys, X.509 Certificates, IPsec/IKE, IKE XAuth, and ID Lists.
NetDefendOS has authentication schemes which support diverse users.
These can be: Administrators Normal users accessing the network PPPoE/PPTP/L2TP users using PPP authentication methods IPsec\IKE users - the entities authentication during the IKE negotiation phases
(Implemented by Pre-shared Keys or Certificates). IKE XAuth users - an extension to IKE authentication, occurring between negotiation
phase 1 and phase 2 User groups - groups of users that are subject to same criteria.
User Types
User Authentication Introduction
NetDefendOS Feature Introduction•User Authentication
NetDefendOS can either use a locally stored database, or a database on an external server to provide user authentication.
The Local User Database (UserDB): support 150 items External Authentication Servers: RADIUS server (Remote Authentication Dial
In User Service)
Authentication Agents
Four different agents built into NetDefendOS can be used to perform username/password authentication. They are:
HTTP - Authentication via web browsing. Users surf to the firewall and login either through a HTML form or a "401 - Authentication Required" dialog.
HTTPS - Authentication via secure web browsing. Similar to HTTP agent except that Host and Root Certificates are used to establish SSL connection to the firewall.
XAUTH - Authentication during IKE negotiation in IPsec VPN (if the IPSec tunnel has been configured to require XAUTH authentication).
PPP - Authentication when PPTP/L2TP tunnels are set up (if the PPTP/L2TP tunnel has been configured to require user authentication).
Run-Time Web Base Authentication
NetDefendOS Feature Introduction•User Authentication
The most common application of User Authentication is Run-Time Web Base User Authentication which is similar to WAC ( Web-based Access Control ) of D-Link xStack Switch. The firewall will request user authentication before he/She can pass through the firewall. While the user firstly open this browser, he/She will automatically be redirected to the login page.
Internet
Local Network
NetDefend FirewallWeb Surfing
Client
Accounting Server
NetDefendOS Feature Introduction•User Authentication
NetDefendOS also support “Accounting” through the RADIUS server, in order to count those bytes or packets that were sent and received. Some vendors use different term in this feature, D-Link terms this feature name Accounting Server in firewall Web GUI and User manual
• When a user establishing a new connection through the D-Link Firewall, NetDefendOS sends an Accounting Request START message to a nominated RADIUS server, to record the start of the new session.
• When a admin/user is no longer authenticated, for example, after the admin/user logs out or the session time expires, an Accounting Request STOP message is sent by NetDefendOS containing the relevant session statistics.
NetDefendOS Feature Introduction•User Authentication
D-Link Fortinet Juniper SonicWALL ZyXEL
Build-in Database V V V V V
External Database: RADIUS V V V V V
External Database: LDAP* V VEnhanced OS
only
External Database: MS IAS VEnhanced OS
only
XAUTH for IPSec Authentication V V V V V
Run-Time Web base Authentication
All service Only Http
*Available in future firmware upgrade
Competitive Analysis
Summary:User Authentication
NetDefendOS Feature Introduction•User Authentication
Provide four authentication agents, Http, XAUTH and PPP. Provide a local database and support external database: RADIUS
Server Support Accounting through RADIUS Server.
1. What authentication agents that D-Link does NOT support?a. FTP b. XAuth c. Http/Https d. PPTP/L2TP
2. What user database that D-Link does NOT support now?a. TACAS + b. RADIUS c. Microsoft IAS d. LDAP
3. Which vendor does support web authentication in their firewall product line? (Multiple Choice)a. D-Link b. Fortinet c. ZyXEL d. Juniper
User Authentication Q&A
NetDefendOS Feature Introduction•User Authentication
4. What is “Accounting Server”?a. Provide statistic information of RADIUS session b. Transfer corporate policy into network policy c. The device for corporate policy enforcementd. The server provide user log-in and log-off services
5. How many items does D-Link local database support?a. 150 b. 200 c. 250 d. 300
6. Which database type does Accounting Server support?a. Local database b. RADIUS server c. LDAP server d. RACAS+ server
User Authentication Q&A
NetDefendOS Feature Introduction•User Authentication
ZoneDefense
Platform Compatibility: DFL-800/860/1600/2500
In this section, you will learn the following:
1. What is D-Link’s complete security solution?
2. What is Gateway Security?
3. What is Endpoint Security?
4. What is Joint Security?
5. What role is ZoneDefense in D-Link’s complete security solution?
6. What’s the difference between D-Link and our competitors in security solution offering?
NetDefendOS Feature Introduction•ZoneDefense
D-Link’s complete security solution
NetDefendOS Feature Introduction•ZoneDefense
Enterprise Network
Joint Security Endpoint Security Gateway Security
Endpoint Security
NetDefendOS Feature Introduction•ZoneDefense
• 802.1x: Guest VLAN, Identity Based VLAN/Security/QoS
• Web-based Access Control: WAC, Web Authentication(HP), Network Login(Extreme), Captive Portal
• MAC-based Access Control: MAC, MAC Authentication(HP), RADA(3Com)
• Addressing Control: DHCP Snooping/ARP Inspection(Cisco), IMP Binding
• NAC: Cisco NAC, TCG NAC, Vendor Specific NAC
• Microsoft NAP
Solution
High Lighted are currently supported by D-Link xStack Switch
Firewall
Traditional Firewalls have limited ports & performance, so L3 network switching still relies on L3 switches
Whenever there’s an infected mobile user Current network security architecture can’t effectively
prevent the virus/worm infection & outbreak
L3 Core Switch
Server Farm
It will result in mutual infection between clients, and coming virus/ worm outbreak could even generate DoS effect to network devices
Joint Security - ZoneDefense Technology
NetDefendOS Feature Introduction•ZoneDefense
Challenge to Current Network Security
L3 Core Switch
New high port density & high performance firewalls will be able to take over L3 switching and enable security policies between LANs
Whenever there’s an infected mobile user New architecture will be able to stop the virus/ worm
infection across LANs
Firewall
Server Farm
Further, when Firewall detects virus/ worm activities, it will notify the access layer switches to block the suspected host to effectively stop the mutual infection or virus/ worm outbreak in time
D-Link ZoneDefenseTM
Joint Security - ZoneDefense Technology
NetDefendOS Feature Introduction•ZoneDefense
New Network Security Architecture
Joint Security
• Gateway Security, supported NetDefend Model:– NetDefend IPS Firewall
• DFL-800/DFL-1600/DFL-2500– NetDefend UTM Firewall
• DFL-860
• Endpoint Security, supported D-Link Switch– All xStack Series
• Competitors in Joint Security– Cisco, HP
NetDefendOS Feature Introduction•ZoneDefense
Joint Security Comparison TableD-Link v.s. HP – Solution Match
NetDefendOS Feature Introduction•ZoneDefense
HP D-Link
Authentication ProCurve Manager Plus + IDM (Identity Driven Manager)
Microsoft NAP supportD-View Security Plug-in*
MAC, WAC, 802.1x, Guest VLAN MAC, WAC, 802.1x, Guest VLAN, IP-MAC-Port Binding
Malicious Traffic Mitigation
ProCurve Manager Plus + NIM (Network Immunity Manager)
ZoneDefenseD-View Security Plug-in*
Virus Throttling ZoneDefensePer flow Bandwidth Control & Reaction*
* in plan
D-Link v.s. HP Authentication
NetDefendOS Feature Introduction•ZoneDefense
HP D-Link
Solution ProCurve Manager Plus + IDM Microsoft NAP support
Pros User-based ACL - authorization setting based on user, time & location.
User-based Traffic prioritization and Rate limit
Prevailing vendor with strong 3rd party support
Not only authentication but also health checking (up-to-date patch, virus patterns, personal firewall status, etc)
Allocate guest VLAN even when auth or health checking failed
Cons Proprietary solution, may not integrate with other vendors’ solution in the future
Extra effort - Client software needs to be installed
Needs to installed 3rd party software if host health check is needed
Not able to set up user-based Traffic prioritization and Rate limit
D-Link v.s. HPMalicious Traffic Mitigation
HP D-Link
Solution ProCurve Manager Plus + NIM ZoneDefense
Pros Can provide detailed response actions: lock out MAC, bandwidth limitation, etc
Ease of deployment, lower maintenance cost Fully integrated xStack & NetDefend solutions
Cons Rely on 3rd party IPS/UTM to provide pattern matching trigger Complex architecture with expensive price
Currently block IP only
Solution Virus Throttling ZoneDefense
Pros Virus incident containmentDynamic Bandwidth limitation
ZoneDefense can be triggered not only based on traffic threshold, but also IPS & AV*. True pattern matching, minimize the chance of false positives.
Cons Not true edge protection - Only HP’s higher end switches support Virus Throttle Not true pattern-matching, but threshold setting with high false positives
All xStack Switch supports ZoneDefense NetDefend Firewall is needed
NetDefendOS Feature Introduction•ZoneDefense
* in plan
Summary:ZoneDefense• The Joint Security is composition of Gateway Security and Endpoint
Security
• Gateway Security: ICSA Labs certified NetDefend IPS/UTM Firewall
• Endpoint Security: xStack Switch
• Joint Security: D-Link delivers ZoneDefense to integrate firewall and switch product lines. Comparing with our competitors, D-Link has the most comprehensive solution:– Security competitors lack of switch products– Switch competitors lack of security products
NetDefendOS Feature Introduction•ZoneDefense
ZoneDefense Q&A
1. Which of following is NOT the component within D-Link’s security solution?
a. Gateway Security
b. Seamless Security
c. Endpoint Security
d. Joint Security
2. What’s D-Link’s innovative technology to enable Joint Security between NetDefend and xStack?
a. ZoneDefense
b. NAP (Network Access Protection)
c. Network Immunity Manager (NIM)
d. Identity Driven Manager (IDM)
3. Which model does NOT support ZoneDefense feature?
a. DFL-260
b. DFL-800
c. DFL-1600
d. DFL-2500
NetDefendOS Feature Introduction•ZoneDefense
ZoneDefense Q&A
4. ZoneDefense is the key component to integrate the Endpoint feature within NetDefend and xStack to fulfill the Joint Security.
a. True
b. False
5. Which of following feature within NetDefend firewall could NOT trigger ZoneDefense?a. Connection Rate Limitb. Total Connection Limitc. IPSd. WCF
6. Which of following switch model does NOT support the ZoneDefense technology? (Multiple Choice)a. DGS-3427b. DES-3828c. DES-3026d. DGS-3024
NetDefendOS Feature Introduction•ZoneDefense
UTM FEATURE & NETDEFEND SUBSCRIPTION
DCS-Security
SmallBusiness
Price / Performance
Enterprise
Medium Business
DFL-260
DFL-860
BranchOffice
UTM Firewall Family
UTM Feature & NetDefend Subscription
DFL-1660 (future)
DFL-2560 (future)
NetDefend UTM Feature Overview
• Intrusion Prevention Service (IPS)– IPS Signature Service.
To secure your network with D-Link high accuracy hardware IPS engine.
• Anti-Virus (AV)– NetDefend UTM Firewall incorporates Anti-virus Service.
To protect your network with D-Link high performance hardware AV engine.
• Web Content Filtering (WCF)– NetDefend UTM Firewall provides Web Content Filtering Service.
To access D-Link’s millions of URL database and to stay with secure web surfing.
• NetDefend Subscription– For keeping IPS, AV and WCF in good status, customer needs to maintain those
subscriptions in effective period.
UTM Feature & NetDefend Subscription
Platform Compatibility: DFL-210/260/800/860/1600/2500
After completing this section, you will be able to:1. Describe the basis of network attack and protection solution2. Understanding the difference between IDS and IPS 3. Describe the difference between maintenance IPS service and Advanced IPS service4. Understanding product registration
Intrusion Prevention Service
UTM Feature & NetDefend Subscription•Intrusion Prevention Service
Intrusion Detection System (IDS)
The IDS is intended to provide a network monitoring, analysis and notification of defense by detecting attacks. Generally, most of detection mechanism is based on pattern matching technology. It will send alarms once IDS system detect abnormal/attack traffic. The most important point is that they are unable to stop the attack.
Intrusion Prevention System (IPS)
The IPS is a new generation prevention system which is improved from IDS. It’s built-in all of features for IDS has, and it could provide additional feature: Block/Drop packets. It could further avoid internal hosts to be attacked by malicious traffic.
Attack Protection solution: IDS vs. IPS
UTM Feature & NetDefend Subscription•Intrusion Prevention Service
Signature
Uses:• Fixed Patterns• Regular Expressions
To Detect and Prevent:• Viruses• Trojans• Root-kits• Unknown Exploits• Known Exploits• IM/P2P Apps
Protocol Anomaly
Uses:• RFC Compliance• Protocol Decoders• SYN Proxy• Normalization
To Detect and Prevent:• Evasions• Unknown Exploits• Traffic Anomalies• Unauthorized Access• SYN Floods
Vulnerability
Uses:• Protocol Decoders• Regular Expressions• Application Message
Parsing
To Detect and Prevent:• Unknown Exploits• Worms• Unauthorized Access
Traffic Anomaly
Uses:• Traffic Thresholds• Connection Limits• Connection Rate
Limits
To Detect and Prevent:• DDoS Attacks• Unknown Attacks• Traffic Anomalies
D-Link NetDefend IPS Filtering Methods
UTM Feature & NetDefend Subscription•Intrusion Prevention Service
Built-in IPS Engine and compact signature database
• For NetDefend IPS Firewall only (DFL-210/800/1600/2500)
• The frequency of database update is not guaranteed
• Customers can get free maintenance service after their firewall is registered.
• D-Link provide IDS database maintenance service for signature error correction or signature optimization when it’s necessary.
Dual IPS Engines & Signature databases
UTM Feature & NetDefend Subscription•Intrusion Prevention Service
Advanced IPS Engine and Signature Database
• For both NetDefend IPS and UTM Firewall (DFL-210/260/800/860/1600/2500)
• IPS Firewalls provide 90 days free trail advanced IPS Service.
• UTM Firewalls provide 12 months advanced IPS update service bundled.
• Customers have to apply for a free trial Activation Code on NetDefend Center or purchase NetDefend IPS Subscription, then enter the Activation Code on firewall Web UI to enable advanced IPS update service.
• For IPS Firewall (DFL-210/800/1600/2500), it will switch back to built-in IPS engine and maintenance signature database after trial update service expired.
UTM Feature & NetDefend Subscription•Intrusion Prevention Service
Dual IPS Engines & Signature databases (Contd.)
• UTM models will built-in Hardware Accelerator to reach high performance for intrusion detection and prevention.
• Advanced IPS database with more than 8,000 signatures could provide better protection and accuracy.
• Comparing with competitors, D-Link provides longest IPS trial period (90 days).
• D-Link promotes the IPS functionality as a second layer of defense inside the security gateway. The IPS functionality is capable of identifying application and protocol driven attacks which a standard firewall can not.
• Only NetDefend IPS Firewall has built-in IPS engine and compact signature database by default. It can upgrade to advanced one.
• NetDefend UTM Firewall bundles 1 year Advanced IPS Service by default.
Summary:IPS (Intrusion Prevention Service)
UTM Feature & NetDefend Subscription•Intrusion Prevention Service
3, what will happen when trial Advanced IPS Service is expired for IPS Firewall (DFL-210/800/1600/2500)?a. Pops up a warning message and guide user to purchase Advanced IPS Service.b. The IPS feature is disabled, however the advanced IPS signature database will not have any update.c The IPS feature is still working, however the advanced IPS signature database will not have any update. d. The IPS feature is still working, however it would be switched back to built-in IPS engine with compact signature database.e. The IPS feature is disabled, all the signatures would be cleared.
UTM Feature & NetDefend Subscription•Intrusion Prevention Service
Intrusion Prevention Service Q&A
4. What will happen when trial Advanced IPS Service is expired for UTM firewall models (DFL-260 and DFL-860)?a. Pops up a warning message and guide user to purchase Advanced IPS Service.b. The IPS feature is disabled, however the advanced IPS signature database will not have any update.c. The IPS feature is still working, however t the advanced IPS signature database will not have any update. d. The IPS feature is still working, however it would be switched back to built-in IPS engine with compact signature database.e. The IPS feature is disabled, all the signatures would be cleared.
UTM Feature & NetDefend Subscription•Intrusion Prevention Service
Intrusion Prevention Service Q&A
Platform Compatibility: DFL-260/860
After completing this section, you will be able to know and describe:1. D-Link anti-virus technology2. D-Link anti-virus advantages 3. What is D-Link UTM firewall’s competitiveness for anti-virus competition4. How to activate anti-virus update service
Anti-Virus
UTM Feature & NetDefend Subscription•Anti-Virus
D-Link Anti-Virus Module Introduction
UTM Feature & NetDefend Subscription•Anti-Virus
The NetDefendOS Anti-Virus module protects against malicious code carried in file downloads. The main purpose of UTM Anti-Virus feature is to provide the first level prevention from gateway side, not instead of client Anti-Virus software. Anti-Virus module of UTM firewall is able to prevent the most virus from network, but Anti-Virus client software is to prevent virus from others connectivity, such as USB drive, wireless or local network.
Types of Files ScannedThe NetDefendOS Anti-Virus module is able to scan the following types of downloads:• HTTP, FTP or SMTP file downloads• Any uncompressed file type transferred through these protocols• Compressed ZIP and GZIP files can be scanned
Frequently Database Updates• Anti-Virus signature is from well-known vendor Kaspersky•The Anti-Virus signature database is updated on a daily basis with new virus signatures released.
D-Link Anti-Virus Module Introduction
UTM Feature & NetDefend Subscription•Anti-Virus
Built-in extreme perforamce AV accleration engine together with Stream-Based Virus Scanning technology, NetDefend UTM Firewall blocks virus and malware before they ever reach the desktops or mobile devices, thus creates a safer network environment for SMB and enterprises.
NetDefend UTM Firewall implements Stream-Based Virus Scanning technology without caching the incoming files first, thus increase the inspection performance of UTM Firewall, and ease the nightmair of network bottlenetck while enabling antivirus feature on UTM Firewall.
Figure 1: File-Based Scan Figure 2: Stream-Based Scan
D-Link Anti-Virus Module Advantage
UTM Feature & Subscription•Anti-Virus
Model Name SonicWALL Pro 2040 Juniper SSG 20 D-Link DFL-860 D-Link DFL260
Firmware version Sonic OS Enchanced 3.2.3.0-6e 5.4.0r1.0 2.12.00 2.12.00
IPS signature number N/A 800 8,000 8,000
AV signature number 25,000100,000
(File Based)4,000 4,000
Firewall Throughput 200 Mbps 160 Mbps 160 Mbps 80 Mbps
NAT + Firewall + AV
HTTP: Packet Size(Bytes) : 1460 7.31 Mbps 6.09 Mbps 10.2 Mbps 4.04 Mbps
FTP: Packet Size(Bytes) : 1460 8.45 Mbps 5.82 Mbps 28 Mbps 19.3 Mbps
NAT + Firewall + IPS
HTTP: Packet Size(Bytes) : 1460 15.62 Mbps 13.85 Mbps 52.2 Mbps 40 Mbps
FTP: Packet Size(Bytes) : 1460 23.49 Mbps *79.73 Mbps 46.3 Mbps 32.5 Mbps
NAT + Firewall + IPS + AV
HTTP: Packet Size(Bytes) : 1460 4.85 Mbps 4.01 Mbps 8.4 Mbps 3.83 Mbps
FTP: Packet Size(Bytes) : 1460 5.84 Mbps 5.98 Mbps 18.4 Mbps 15 Mbps
* In IPS testing, Juniper firewall doesn't inspect packets in FTP data channel, so the performance almost reaches to pure forwarding
D-Link Anti-Virus Module Advantage
UTM Feature & Subscription•Anti-Virus
ZyXEL WatchGuard Juniper SonicWALL D-Link
Support ProtocolFTP/POP3/
HTTP/SMTPHTTP/SMTP/TCP
proxiesFTP/POP3/
HTTP/SMTP/IMAPFTP/POP3/HTTP/
SMTP/IMAP/NetBIOSHttp/SMTP/FTP
Support Compression Format Zip fileZIP, GZIP, BZIP,
TAR, BZIP2, RAR, MS CAB, MD5
Zip/Tar/GzipZip/Gzip/Deflate/LHZ/
Base64Zip/Gzip
The number of anti-virus signature
1,60020,000
(File Based)100,000
(File Based)25,000 / 4,500* 4,000
Support scanning file sizeNo file size limitation
12MB10MB, But
AV+IPS is only 6 MB
No file size limitationNo file size limitation
AV scanning over VPN No Support No Support No Support N/A Yes
Signature Databse Kaspersky Clam AV Kaspersky McAfee Kaspersky
Decompressed Level/Recursive 1 10 4 N/A 1
AV Subscription AV+IPS for 12
months12 Month AV 12 Month AV 12 Month AV 12 Month AV
AV Free Trail 90 days 30 days 30 days 30 days 12 months
* The signature number in SonicWALL TZ series is 4500, in SonicWALL Pro series with Enhanced OS is 25000.
Summary:Anti-Virus
UTM Feature & NetDefend Subscription•Anti-Virus
• Bundles 12 months Anti-Virus Service when shipping out
• Well-Known Anti-Virus database by Kaspersky
• Because of unique stream based scanning technology, it is not necessary to cache the file before scanning, which can perform high speed virus scanning
• Comparing with WatchGuard and Juniper, there is no file size and connection limitation
within D-Link UTM firewall
• 4,000+ anti-virus signatures within database, although WatchGuard and Juniper provide more Anti-Virus signatures, however they are file-based and software-based anti-virus engine, it will cause file size limitation and performance issue when scanning
• D-Link and ZyXEL are the only two to provide built-in Hardware Accelerator to perform extremely good performance for virus scanning, but ZyXEL provides less Anti-Virus signatures than D-Link
1. What compression format does D-Link support? (Multiple Choice)a. Zip + b. Tar c. RAR d. Gzip
2. What protocol does NOT D-Link support for anti-virus? a. POP3
b. SMTP c. HTTP d. FTP
3. Why can D-Link UTM Firewall reach high performance? a. Embed hardware accelerator
b. Anti-Virus Engine by Kaspersky c. New CPU processor
d. New software core
NetDefend Anti-Virus Q&A
UTM Feature & NetDefend Subscription•Anti-Virus
4. How big is the file size limitation of UTM Firewall for anti-virus? a. 3 MB
b. 5MB c. 10 MB d. No limitation
5. What is our advantage for anti-virus over competitors? a. High performance
b. no file limitation c. rich anti-Virus signature d. all of above
6. What is the weakness of general UTM Firewall? a. Poor performance
b. Limited incoming file size supportc. less signature database d. all of above
NetDefend Anti-Virus Q&A
UTM Feature & NetDefend Subscription•Anti-Virus
Platform Compatibility: DFL-260/860
After completing this section, you will be able to describe:1. What is Web Content Filtering Service and its benefits2. How to implement Web Content Filtering solution3. The selling point for Web Content Filtering Service
Web Content Filtering Service
UTM Feature & NetDefend Subscription•Web Content Filtering Service
What is Web Content Filtering
Web traffic is one of the biggest sources for security issues and misuse of the Internet. Inappropriate surfing habits can expose a network to many security threats as well as legal and regulatory liabilities. Productivity and internet bandwidth can also be impaired.
NetDefendOS provides three mechanisms for filtering out web content that is deemed inappropriate for an organization or group of users:
• Active Content Handling can be used to "scrub" web pages of content that the administrator considers a potential threat, such as ActiveX objects and Java Applets.
• Static Content Filtering provides a means for manually classifying web sites as "good" or "bad". This is also known as URL blacklisting and whitelisting.
• Dynamic Content Filtering is a powerful feature that enables the administrator to allow or block access to web sites depending on the category they have been classified into by an automatic classification service. Dynamic content filtering requires a minimum of administration effort and has very high accuracy.
UTM Feature & NetDefend Subscription•Web Content Filtering Service
Key Advantages of WCF Module
• Monitor non-business related web surfing.
• Control pornographic and illegal Internet content entering the workplace by blocking and coaching.
• Secure users against spyware and other malicious threats.
UTM Feature & NetDefend Subscription•Web Content Filtering Service
How D-Link WCF Module Works
• Lite Service Management– No Need to download and maintain database
– No additional equipment needed
– No complex configuration maintenance
• Performance Optimized– Optimized category classification
– Local Cache
• Artificial Intelligence – Automatic classification through neural
networks (AI)
• Close-Knit Integration– Integral part of D-Link’s HTTP ALG
– Combine with e.g. User Authentication
UTM Feature & NetDefend Subscription•Web Content Filtering Service
UTM Feature & NetDefend Subscription•Web Content Filtering Service
D-Link categorizes millions of URLs into 32 groups, enables network administrators a flexible configuration to block unwanted website access simply via add and remove action
1) A reduction in wasted staff time (by reducing inappropriate web surfing).
2) Reduced Internet access costs and achieving bandwidth savings – by limiting and / or controlling non-business related use, and improve network response
3) Reducing legal exposure to work place relations (e.g. sexual harassment cases / child pornography and the adverse publicity that an incident would generate)
4) Reduced costs for recovering from an attack as less in-approrpiate content will be allowed to enter into the network
Benefits D-Link WCF Module Delivers
UTM Feature & NetDefend Subscription•Web Content Filtering Service
Competitive Analysis – WCF Feature Comparison
UTM Feature & NetDefend Subscription•Web Content Filtering Service
The D-Link NetDefend WCF Feature Comparison:
• SonicWALL
• ZyXEL
• WatchGuard
• Cisco
• Juniper
• Fortinet
D-Link SonicWALL ZyXEL WatchGuard Cisco Juniper Fortinet
Database ContentKeeper WebSense Bluecoat SurfControl WebSenseWebsense / SurfControl
Bluecoat
Trial Period
90 days 30 days 30 days 90 days N/A 30 days 30 days
UTM Feature & NetDefend Subscription•Web Content Filtering Service
Competitive Analysis – WCF Feature Comparison
Summary:WCF (Web Content Filtering) Service
UTM Feature & NetDefend Subscription•Web Content Filtering Service
• D-Link Web Content Filtering service provides millions of URLs on global servers for real-time webpage checking. With predefined 32 web content categories for these millions of URLs. Simply via add and remove action, D-Link NetDefend UTM Firewall family offers administrators an easy and flexible configuration to manage employee’s Internet access behavior.
• D-Link Web Content Filtering service enables organizations to reduce wasted staff time, save wasted bandwidth, and prevent internal users visit malicious websites, thus increase productivity and restrict inappropriate online content.
WCF Q&A
UTM Feature & NetDefend Subscription•Web Content Filtering Service
1. Which of the following is NOT the mechanisms that NetDefendOS provides for filtering out the web content ?
a. White list
b. ActiveX
c. Flash
d. Gray list
e. Cookies
2. How many web content categories that NetDefend WCF feature predefines?
a. 25
b. 30
c. 32
d. 37
e. 40
UTM Feature & NetDefend Subscription•Web Content Filtering Service
3. What are the benefits the D-Link WCF module delivers?
a. A reduction in wasted staff time
b. Reduced Internet access costs
c. Reducing legal exposure
d. Reduced costs for recovering from an attack
e. All of the above
4. How does the D-Link WCF module handle a http request?
a. Send query to global server directly, and let global servers decide its corresponding action.
b. Check local memory cache first, if no category match, send query to global servers for the category of the webpage, then decide its action based on configuration.
c. Send query to local database servers for the category of the webpage, then decide its action based on configuration.
d. Block the webpage by default.
WCF Q&A
Platform Compatibility: DFL-210/260/800/860/1600/2500
After completing this section, you will be able to:1. Know NetDefend Subscription2. Know NetDefend Subscription Package3. Know NetDefend Subscription part number for each model4. Know product registration 5. Know NetDefend Center web site
NetDefend Subscription
UTM Feature & NetDefend Subscription•NetDefend Subscription
UTM Feature & NetDefend Subscription•NetDefend Subscription
NetDefend Subscription Overview
Including IPS, AV, CF
• Update service program includes 3 optional services – IPS, AV and WCF. Customer can purchase either one of the 3 or any service combination as they need.
• Both IPS and UTM firewall have corresponding IPS Update Service
• Only UTM Firewall can apply AV and WCF services • All update services would be chargeable• IPS and AV Signature release is up-to-date
The package contains:
1. Authorization Letter
2. Authorization Card
If the update service is going to be overdue, Customer has to purchase the NetDefend UTM Subscription which looks as below
Package Size:
140 mm x 125 mm x 6 mm
UTM Feature & NetDefend Subscription•NetDefend Subscription
NetDefend Subscription Overview
Authorization Card
• Authentication Code
• License Term
• Part Number
• Serial Number
•12 months services license
User has to enter the authentication code to renew Update Service via D-Link NetDefend Center (web site).
Card Size:
75 mm x 48 mm
UTM Feature & NetDefend Subscription•NetDefend Subscription
NetDefend Subscription Overview
NetDefend Center • http://security.dlink.com.tw
UTM Feature & NetDefend Subscription•NetDefend Subscription
DFL-210/260/800/860/1600/2500
Download• Get the free trial update service (IPS/AV/WCF) for IPS and UTM firewall• Download related product documents
NetDefend Update Service• No update service until product registered, including IPS and AV• Enable auto-update service after user registered
Security Consultant • Automatically publish security advisory to registered customers• Authorize customers to access related technical documentation
Benefit of Being a Member
UTM Feature & NetDefend Subscription•NetDefend Subscription
DFL-210/260/800/860/1600/2500
Step 1: Create User Account• Create User login ID and Password• Key in user and company information
Step 2: Product Registration• Key in Serial number and MAC address of your device • Key in device information
Step 3: Confirmation • Confirm and submit all information if it is correct• Check the service is activated and service period
Visit NetDefend Center at http://security.dlink.com.tw
Apply for a D-Link Membership
UTM Feature & NetDefend Subscription•NetDefend Subscription
How to Activate NetDefend Services Via NetDefend UTM Firewall Web UI, you can activate IPS, AV and WCF services, and view each subscription duration.
Note: please register your firewall on NetDefend Center first before you activate the update service
Note: For NetDefend IPS firewall, it will not appear Anti-Virus and content filtering services !
UTM Feature & NetDefend Subscription•NetDefend Subscription
How to Update IPS/AV Signature
UTM Feature & NetDefend Subscription•NetDefend Subscription
You can enable auto-update feature for IPS/Anti-Virus signature, and view the last update information
Click History tab, all of update history are listed in this page.
Note: The default time setting is daily for IDP/Anti-Virus Auto-Update.
IPS/AV Signature Status on Device
UTM Feature & NetDefend Subscription•NetDefend Subscription
You can see all number of IDP/Anti-Virus Signature on Firewall Web UI.
•The number of IDP signature database is over 10,000 signatures.
•The number of Anti-Virus signature database is 4,000 signatures.
Note: For NetDefend IPS firewall, it will not appear Anti-Virus information on WebUI!
IPS/AV Signature Status on NetDefend Center
You can see all update history of IPS/Anti-Virus Signature on NetDefend Center web site at http://security.dlink.com.tw
D-Link provides frequent signature updates for IPS & Anti-Virus.
UTM Feature & NetDefend Subscription•NetDefend Subscription
Summary:NetDefend Subscription
UTM Feature & NetDefend Subscription•NetDefend Subscription
• NetDefend IPS Firewall supports Advanced IPS Service. Customers could logon NetDefend Center to get trial code of Advanced IPS Service. The trial period is 90 days.
• NetDefend UTM Firewall supports Advanced IPS Service, Anti-Virus Service and Web Content Filtering Service.
• When shipping out NetDefend UTM Firewall models, the Advanced IPS Service and Anti-Virus Service are bundled. Therefore by default,
• customers could use Advanced IPS Service for 12 months• Anti-Virus Service for 12 months • and WCF Service for 90 days.
• When service is expired, customers need to purchase subscription pack from OBU or SI partner and enter authentication code to renew your service.
NetDefend Subscription Q&A
1. Why should I buy D-Link NetDefend IPS subscription?
a. update frequency is often
b. sufficient signature number
c. prevent zero-day attack
d. detect rate is much better than Snort
e. all above
2. Once my advanced IPS update service is expired, will the IPS/IDP feature still continue to operate if I don’t renew this service?
3. What is the Trial Period for WCF module that a NetDefend device bundles with?a. 30 Daysb. 60 Daysc. 90 Daysd. 1 Year
UTM Feature & NetDefend Subscription•NetDefend Subscription
NetDefend Subscription Q&A
4. What is the default service bundle period for UTM ?a. IPS 30 Days, WCF 90 Days, AV 60 Days
b. IPS 1 Year, AV 1 Year, WCF 1 Year
c. IPS 1 Year, AV 1 Year, WCF 90 Days
d. IPS 90 Days, AV 90 Days, WCF 90 Days
5. How can customer extend UTM Service ?a. Buy UTM service from NetDefend Center’s on-line store
b. It is perpetual free, no need to purchase
c. Buy UTM service from D-Link’s SI partners
d. Buy UTM service from Taiwan headquarter directly
6. What period package of UTM Subscription does D-Link provide ?a. Only 12 months package
b. 3 months, 6 months, and 12 months package
c. 1 Year, 2 Years, and 3 Years package
d. Depending on customers request
UTM Feature & NetDefend Subscription•NetDefend Subscription
End