Advanced Vpn Support For Both Ipsec And Ssl; A Powerful, True Firewall; Stream Scanning For Content Filtering - NETGEAR UTM5 Reference Manual

ProSecure Unified Threat Management (UTM) Appliance

Advanced VPN Support for Both IPSec and SSL

The UTM supports IPSec and SSL virtual private network (VPN) connections.
• IPSec VPN delivers full network access between a central office and branch offices, or
between a central office and telecommuters. Remote access by telecommuters requires
the installation of VPN client software on the remote computer.
- IPSec VPN with broad protocol support for secure connection to other IPSec
gateways and clients.
- Depending on the model, bundled with a one-user license of the NETGEAR ProSafe
VPN Client software (VPN01L).
• SSL VPN provides remote access for mobile users to selected corporate resources
without requiring a preinstalled VPN client on their computers.
- Uses the familiar Secure Sockets Layer (SSL) protocol, commonly used for
e-commerce transactions, to provide client-free access with customizable user
portals and support for a wide variety of user repositories.
- Allows browser-based, platform-independent remote access through a number of
popular browsers, such as Microsoft Internet Explorer, Mozilla Firefox, and Apple
Safari.
- Provides granular access to corporate resources based on user type or group
membership.

A Powerful, True Firewall

Unlike simple NAT routers, the UTM is a true firewall, using Stateful Packet Inspection (SPI)
to defend against hacker attacks. Its firewall features have the following capabilities:
• DoS protection. Automatically detects and thwarts (distributed) denial of service (DoS)
attacks such as Ping of Death and SYN flood.
• Secure firewall. Blocks unwanted traffic from the Internet to your LAN.
• Schedule policies. Permits scheduling of firewall policies by day and time.
• Logs security incidents. Logs security events such as blocked incoming traffic, port
scans, attacks, and administrator logins. You can configure the firewall to email the log to
you at specified intervals. You can also configure the firewall to send immediate alert
messages to your email address or email pager whenever a significant event occurs.

Stream Scanning for Content Filtering

Stream Scanning is based on the simple observation that network traffic travels in streams.
The UTM scan engine starts receiving and analyzing traffic as the stream enters the network.
As soon as a number of bytes are available, scanning starts. The scan engine continues to
scan more bytes as they become available, while at the same time another thread starts to
deliver the bytes that have been scanned.
This multithreaded approach, in which the receiving, scanning, and delivering processes
occur concurrently, ensures that network performance remains unimpeded. The result is that
Introduction
17