D-Link DES-7200 User Manual
Page 67
63
Security
iPS Firewalls
iPS Firewalls
Model
DFL-210
DFL-800
DFL-1600
DFL-2500
Port interface
ethernet WAN Port
1
2
-
Ethernet DMZ Port
(user-configurable)
1
1
-
ethernet LAN Port
4
7
-
user-configurable
Gigabit Port
-
6
8
DB-9 rS-232 console
1
System
Performance
Firewall throughput
80Mbps
150Mpbs
320Mbps
600Mbps
VPN throughput
25Mbps
45Mbps
120Mbps
300Mbps
iPS throughput
20Mbps
40Mbps
150Mbps
400Mbps
Anti-Virus throughput
10Mbps**
20Mbps**
-
concurrent Sessions
10,000**
20,000**
400,000
1,000,000
New Sessions
(per second)
2,000
4,000
10,000
15,000
Policies
500
1,000
2,500
4,000
Firewall System
transparent Mode; Network Address translation (NAt), Port Address translation (PAt);
Dynamic Routing Protocol: Open Shortest Path First (OSPF) (Not applicable for DFL-210);
H.323 NAT Traversal; Time-Scheduled Policies; Application Layer Gateway (ALG);
Proactive Network Security: ZoneDefense (Not applicable on DFL-210)
Networking
DHCP Server/Client; DHCP Relay; Policy-based Routing; IP Multicast: IGMPv3
Virtual LAN (VLAN)
8
16
128
1,024
Virtual Private Network (VPN)
encryption Methods: DeS/3DeS/AeS/twofish/Browfish/cASt-128; iPSec NAt traversal;
Dedicated VPN tunnels: 100 (DFL-210), 200** (DFL-800), 1,200 (DFL-1600), 2,500 (DFL-2500);
Point-to-Point Tunneling Protocol (PPTP) / Layer 2 Tunneling Protocol (L2TP) Server; Hub and Spoke
System Management
RS-232 Console Interface; Web-based User Interface: HTTP, HTTPS;
Command Line/Secure Shell (SSH); Firmware Upgrade; Configuration Backup/Restoration
user Authentication
Built-in Database; remote Authentication Dial in user Service (rADiuS);
Lightweight Directory Access Protocol (LDAP): Microsoft AD 2003/2008 OpenLDAP 2.2.26;
Microsoft Internet Authentication Service (IAS); XAUTH for IPSec Authentication
Logging and Monitoring
Internal Log; External Log: Syslog Server; E-Mail Notification; Event Log and Alarm;
Simple Network Management Protocol (SNMP) v1/v2c, SNMP traps
traffic Load Balancing
Outbound Load Balancing;
Server Load Balancing (Not applicable for DFL-210); Traffic Redirect at Fail-Over;
Outbound Load Balance Algorithms: Round-Robin, Weight-based Round-Robin,
Destination-based, Spill-over
Bandwidth Management
Policy-based Traffic Shaping; Guaranteed Bandwidth; Maximum Bandwidth;
Priority Bandwidth; Dynamic Bandwidth Balancing
High Availability (HA)
WAN Fail-Over (DFL-210: When DMZ Port is Configured as WAN Port);
Active/Passive Modes (Not applicable on DFL-210/800);
Device Failure Detection (Not applicable on DFL-210/800);
Link Failure Detection (Not applicable on DFL-210/800);
Firmware / Virtual Private Network (VPN) Session Synchronization (Not applicable on DFL-210/800)
Intrusion Detection & Prevention System
(iDP/iPS)
Automatic Pattern update; Denial of Service (DoS), Distributed DoS (DDoS) update;
Attack Alarm via email; Advanced iDP/iPS Subscription;
iP Blacklist by threshold or iPS/iDP (Not applicable on DFL-210)
content Filtering
HTTP Type: URL Blacklist/Whitelist; Script Type: Java, Cookie, ActiveX, VB;
Email Type: Email Blacklist/Whitelist; External Database Content Filtering** (Available on DFL-210/800 only)
Anti-Virus**
(Applicable on DFL-210 / DFL-800 only)
real time AV Scanning; unlimited File Size; Scans VLAN tunnels; Support compressed Files;
Signature Licensor: Kaspersky; Automatic Pattern update
Physical &
environmental
Dimension (W x D x H)
Desktop;
235 x 162 x 36mm
11-inch Desktop;
1U Height;
280 x 214 x 44mm
19-inch rack-Mount;
1U Height;
440 x 254 x 44mm
19-inch rack-Mount;
1U Height;
440 x 454 x 44mm
Power input
External Power Adapter
internal universal Power Supply
Operating Temperature
0 to 40 °C
Storage temperature
-20 to 70 °C
Operating Humidity
5% to 95% Non-condensing
Mean time Before Failure
(MtBF)
186,614 hours
140,532 hours
71,965 hours
101,819 hours
certification
eMi-eMc compliance
Fcc class A; ce class A; c-tick; Vcci
Safety compliance
uL; LVD (eN60950-1)
LVD (eN60950-1)
** Available in Firmware 2.26.00 and above; Performance based on Firmware 2.26.00 and above
65