D-Link NetDefend DFL-210 User Manual page 16

1.1. Features
VPN
TLS Termination
Anti-Virus Scanning
Intrusion Detection and
Prevention
Web Content Filtering
Traffic Management
NetDefendOS supports a range of Virtual Private Network
(VPN) solutions. NetDefendOS supports IPsec, L2TP and
PPTP based VPNs concurrently, can act as either server or
client for all of the VPN types, and can provide individual
security policies for each VPN tunnel. The details for this can
be found in Chapter 9, VPN which includes a summary of
setup steps in Section 9.2, "VPN Quick Start".
NetDefendOS supports TLS termination so that the
NetDefend Firewall can act as the end point for connections
by HTTP web-browser clients (this feature is sometimes
called SSL termination). For detailed information, see
Section 6.2.10, "The TLS ALG".
NetDefendOS features integrated anti-virus functionality.
Traffic passing through the NetDefend Firewall can be
subjected to in-depth scanning for viruses, and virus sending
hosts can be black-listed and blocked. For details of this
feature, seeSection 6.4, "Anti-Virus Scanning".
Note
Anti-Virus scanning is only available on certain
D-Link NetDefend product models.
To mitigate application-layer attacks towards vulnerabilities
in services and applications, NetDefendOS provides a
powerful Intrusion Detection and Prevention (IDP) engine.
The IDP engine is policy-based and is able to perform
high-performance scanning and detection of attacks and can
perform blocking and optional black-listing of attacking
hosts. More information about the IDP capabilities of
NetDefendOS can be found in Section 6.5, "Intrusion
Detection and Prevention".
Note
Full IDP is available on all D-Link NetDefend
product models as a subscription service. On
some models, a simplified IDP subsystem is
provided as standard..
NetDefendOS provides various mechanisms for filtering web
content that is deemed inappropriate according to a web usage
policy. With Web Content Filtering (WCF) web content can
be blocked based on category (Dynamic WCF), malicious
objects can be removed from web pages and web sites can be
whitelisted or blacklisted. More information about this topic
can be found in Section 6.3, "Web Content Filtering".
Note
Dynamic WCF is only available on some D-Link
NetDefend product models.
NetDefendOS provides broad traffic management capabilities
through Traffic Shaping, Threshold Rules (certain models
only) and Server Load Balancing.
Traffic Shaping enables limiting and balancing of bandwidth;
Threshold Rules allow specification of thresholds for sending
alarms and/or limiting network traffic; Server Load Balancing
16
Chapter 1. NetDefendOS Overview