D-Link DES-7200 User Manual

4

KEY SOLUTION

•

Intermediate Routing

This feature is needed for interconnection between

segments in the access network, and between the access

network and core network. In order to perform this

function, D-Link solution provides support for static route,

RIP I/II, OSPF and RIPng for IPv6 implementation.

•

Bandwidth Management

This feature allows the network administrator to allocate

different amounts of bandwidth for each service and

user, which will lead to more efficient bandwidth usage.

•

Traffic Policing - ACL

Network traffic passing through the aggregation network

will be filtered against defined access control list to

eliminate unnecessary and malicious traffic.

•

High Availability

D-Link provides high availability of aggregation network

with redundancy power supply, stacking configuration

and Virtual Router Redundancy Protocol (VRRP).

Core Network

As its name implies, core network is where enterprises place
their critical information technology resources. Core
network makes up the enterprise network backbone.
Network connection from the enterprise network
(access and aggregation network), server farm, Internet
and network management system culminate in core
network. Because of its critical role, enterprises need
high performance and reliable infrastructure for the
core network. In meeting this challenge, D-Link offers its
xStack Layer-3 switches and Layer-3 chassis switches.

D-Link's core network solution provides high switching
capacity with 10-Gigabit connections to ensure high speed
and excellent core network performance. In addition, to
provide an ideal core network infrastructure, D-Link also
enrich this high performance infrastructure with features such
as high availability (stacking configuration, VRRP), and routing
for IPv4, IPv6 and multicast traffic. Besides providing excellent
core network infrastructure, D-Link also provides network
management and storage solution for comprehensive core
network solution.

D-Link offers two solutions for Centralized Network
Management, namely, the AP Manager II and D-View 6.0.

•

Centralized Network Management

For large scale centralized network management, D-Link

provides D-View 6.0 Simple Network Management

Protocol (SNMP) software. D-View 6.0 is a centralized

management system that covers a wide range of network

devices such as access points, managed switches and

SNMP capable routers. It allows the network administrator

to manage and monitor critical network characteristic

such as device configuration, network performance,

security and fault tolerance.

•

Centralized Access Point Management

AP Manager II provides centralized management for

up to 20 fat wireless access points. Features

supported by AP Manager II include mass configuration,

mass firmware upgrade, fault management, real-time

monitoring and real-time reporting. This software

provides network administrators with the means of

verifying and conducting regular maintenance checks

without the need of physical travel.

End-to-End Security (E2ES)

E2ES is a unique security solution from D-Link that covers the
entire enterprise network from the access network to core
network. This solution consists of three elements:

•

Gateway Security

This carries out the security function for enterprise

network at the gateway, the boundary between

enterprise network and the Internet. It protects

enterprise network from external security threats to

ensure the secure operation of internal network. For

this element of E2ES, D-Link present the NetDefend

UTM/IPS firewall. This firewall is equipped with various

advanced security features such as illegal traffic detection,

intrusion detection prevention, anti-spam, anti-virus, web

content filtering, high availability, VPN and more.

•

Endpoint Security

This is the first line of defense within enterprise internal

network. It protects enterprise network from security

threats coming from inside the network. D-Link provides

this solution by pushing intelligence to its xStack

switch as an evolutionary endpoint security that performs

authentication, authorization, traffic control, node address

control and attack mitigation. Some of the endpoint

security functions supported by the D-Link xStack switch

are access control (802.1X, MAC-based, web-based),

dynamic VLAN assignment, loopback detection, IP-MAC-

Port binding, rogue DHCP server detection, Safeguard

Engine, and broadcast storm control.

•

Joint Security

Joint Security is a security solution formed with D-Link

ZoneDefense and Microsoft Network Access Protection

(NAP) to provide user access control and comprehensive

security mechanism for enterprise network. D-Link

ZoneDefense is a unique security technology that enables

D-Link NetDefend firewall to work together with

D-Link xStack switch to carry out an advanced defense

mechanism. With this defense mechanism, the firewall

will block any malicious traffic or security threat and

inform the xStack switch within the enterprise network

to block the suspected host. ZoneDefense, in this way,

effectively stops security threats and virus/worm infections

and outbreaks. D-Link Joint Security offers two important

functions for user access control in enterprise network:

•

User Authentication

Only users with valid access credentials are allowed

to access the network.

•

Policy Enforcement and Remediation

NAP will check and ensure system compliance of

each user that has passed authentication process

against enterprise security requirements such as

updated anti-virus definition of network host, updated

operating system patch of network host or personal

firewall in active status. Only network hosts that meet

the security requirements specified will be allowed to

access the network.