Comprehensive UTM Firewall Solution
Provides a versatile, integrated firewall solution to
secure you network, with anti-spam, anti-virus, web
content filtering, and application control features.
ZoneDefense End-to-End Security (E2ES)
D-Link’s proactive ZoneDefense End-to-End Security
platform quarantines compromised workstations on
the network and prevents malicious traffic flooding.
Complete VPN Feature
With support for a wide range of security protocols,
secure remote communication is easily configured
and maintained in virtually any environment.
Enterprise-Class Security and Performance
The DFL-870 provides a complete set of advanced security features to secure, manage, and
monitor your network. These features include remote management, bandwidth control
policies, URL blacklists and whitelists, access policies, and SNMP support. The DFL-870
furthermore supports email alerts, system logging, consistency checking, and real-time
statistics gathering that keeps you up-to-date on the status of the network. Additionally,
multiple WAN ports support traffic load balancing and failover, thus guaranteeing Internet
availability and bandwidth.
Unified Threat Management
The D-Link DFL-870 integrates an intrusion detection and prevention system, gateway antivirus,
content filtering, and application control for superior Layer 7 content inspection. An
acceleration engine increases throughput, while the real-time update service keeps the IDPS
information, anti-virus signature, URL and application databases current. Combined, these
enhancements help to protect office networks from application exploits, network worms,
malicious code attacks, and provide everything a business needs to safely manage employee
Internet access. D-Link offers optional, cost-efficient, per-device NetDefend Firewall UTM
Service subscriptions that ensure that each of the firewall’s service databases remain current.
Robust Intrusion Prevention
The DFL-870 employs component-based signatures, a unique Intrusion
Detection and Prevention System (IDPS) technology which recognizes and
protects against all varieties of known and unknown attacks. This can address
all critical aspects of an attack or potential attack including payload, NOP sled,
infection, and exploits. In terms of signature coverage, the IDPS database
includes attack information and data from a global attack sensor grid and
exploits collected from public sites such as the National Vulnerability Database
and Bugtrax. The DFL-870 constantly creates and optimizes NetDefend
signatures via the D-Link Auto-Signature Sensor System without overloading
existing security appliances. These signatures ensure high detection
accuracy and a minimal amount of false positives. Automatic updates from a
comprehensive IDPS signature database focus on attack payloads to protect
the network against zero-day attacks.
Web Content Filtering
Web Content Filtering (WCF) helps administrators monitor, manage, and
control employee Internet usage. The DFL-870 implements multiple global
index servers with millions of URLs and real-time website data to enhance
performance capacity and maximize service availability. The firewall uses
granular policies and explicit blacklists and whitelists to control access to
certain types of websites for any combination of users, interfaces, and IP
networks. The firewall can actively handle Internet content in both regular
HTTP and secured HTTPS connections by stripping potential malicious
cookies. Integration of SafeSearch Enforcement2 also ensures that results
from search engine providers are provided without malicious content.
Application control enhances security by only allowing certain types of
network traffic for predefined applications. The DFL-870 uses application
control to help accurately shape network traffic by either giving priority or
applying control policies to effectively manage network utilization. Using
packet inspection and a database of application signatures based on the
application’s network usage patterns, the DFL-870 gives complete control
over the content that is delivered to end users.
Powerful VPN Performance
The DFL-870 NetDefend UTM Firewall offers an integrated VPN client and
server which support IPSec, PPTP, L2TP, and SSL protocols3. This allows remote
offices to securely connect to a head office or a trusted partner network. With
hardware-based VPN engines, it supports and manages a large number of
VPN configurations. It supports IPSec, PPTP, L2TP, and SSL3 protocols in client/
server mode and can handle pass-through traffic as well.
Stream-based Virus Scanning
The DFL-870’s stream-based virus scanning examines files of any size while
eliminating the need to cache incoming files first. This zero-cache scanning
method not only increases inspection performance, but also reduces network
bottlenecks. Kaspersky Labs virus signatures to provide reliable and accurate
anti-virus and malware protection, as well as prompt signature updates.