dfl-870_a1_image-lfront
new-product


DFL-870

NetDefend UTM Firewall

The D-Link DFL-870 NetDefend UTM Firewall is a next generation Unified Threat Management (UTM) firewall which provides a powerful security solution to protect business networks from a wide range of threats. The DFL-870 offers a comprehensive defense against virus attacks*, unauthorized intrusions, and flooding of harmful traffic by unwanted apps*, for successfully managing, monitoring, and maintaining a healthy network.

  • Multiple WAN ports for WAN failover and outbound load balancing
  • Intrusion Detection & Prevention System (IDPS)*
  • Web Content Filtering (WCF)* in HTTP/HTTPS
  • Supports IPSec, PPTP, L2TP, SSL, GRE protocols
  • D-Link pro-active ZoneDefensetm End-to-End Security (E2ES) solution

*Valid License subscription required

**Note that if your license for this product expires, the Intrusion Detection System (IDP) and Antivirus will continue to function, but you will not receive any further signature updates. It is strongly recommended that you update your subscription as your network will be vulnerable to any of the new threats that emerge on a daily basis. Web Content Filtering (WCF) and Application Control (AC) features will be disabled until the license is renewed.

Comprehensive UTM Firewall Solution

Provides a versatile, integrated firewall solution to secure you network, with anti-spam, anti-virus, web content filtering, and application control features.


ZoneDefense End-to-End Security (E2ES)

D-Link’s proactive ZoneDefense End-to-End Security platform quarantines compromised workstations on the network and prevents malicious traffic flooding.


Complete VPN Feature

With support for a wide range of security protocols, secure remote communication is easily configured and maintained in virtually any environment.

Enterprise-Class Security and Performance

The DFL-870 provides a complete set of advanced security features to secure, manage, and monitor your network. These features include remote management, bandwidth control policies, URL blacklists and whitelists, access policies, and SNMP support. The DFL-870 furthermore supports email alerts, system logging, consistency checking, and real-time statistics gathering that keeps you up-to-date on the status of the network. Additionally, multiple WAN ports support traffic load balancing and failover, thus guaranteeing Internet availability and bandwidth.


Unified Threat Management

The D-Link DFL-870 integrates an intrusion detection and prevention system, gateway antivirus, content filtering, and application control for superior Layer 7 content inspection. An acceleration engine increases throughput, while the real-time update service keeps the IDPS information, anti-virus signature, URL and application databases current. Combined, these enhancements help to protect office networks from application exploits, network worms, malicious code attacks, and provide everything a business needs to safely manage employee Internet access. D-Link offers optional, cost-efficient, per-device NetDefend Firewall UTM Service subscriptions that ensure that each of the firewall’s service databases remain current.


Robust Intrusion Prevention

The DFL-870 employs component-based signatures, a unique Intrusion Detection and Prevention System (IDPS) technology which recognizes and protects against all varieties of known and unknown attacks. This can address all critical aspects of an attack or potential attack including payload, NOP sled, infection, and exploits. In terms of signature coverage, the IDPS database includes attack information and data from a global attack sensor grid and exploits collected from public sites such as the National Vulnerability Database and Bugtrax. The DFL-870 constantly creates and optimizes NetDefend signatures via the D-Link Auto-Signature Sensor System without overloading existing security appliances. These signatures ensure high detection accuracy and a minimal amount of false positives. Automatic updates from a comprehensive IDPS signature database focus on attack payloads to protect the network against zero-day attacks.


Web Content Filtering

Web Content Filtering (WCF) helps administrators monitor, manage, and control employee Internet usage. The DFL-870 implements multiple global index servers with millions of URLs and real-time website data to enhance performance capacity and maximize service availability. The firewall uses granular policies and explicit blacklists and whitelists to control access to certain types of websites for any combination of users, interfaces, and IP networks. The firewall can actively handle Internet content in both regular HTTP and secured HTTPS connections by stripping potential malicious objects, such as Java, JavaScript, and VBScript applets, ActiveX objects, and cookies. Integration of SafeSearch Enforcement2 also ensures that results from search engine providers are provided without malicious content.


Application Control

Application control enhances security by only allowing certain types of network traffic for predefined applications. The DFL-870 uses application control to help accurately shape network traffic by either giving priority or applying control policies to effectively manage network utilization. Using packet inspection and a database of application signatures based on the application’s network usage patterns, the DFL-870 gives complete control over the content that is delivered to end users.


Powerful VPN Performance

The DFL-870 NetDefend UTM Firewall offers an integrated VPN client and server which support IPSec, PPTP, L2TP, and SSL protocols3. This allows remote offices to securely connect to a head office or a trusted partner network. With hardware-based VPN engines, it supports and manages a large number of VPN configurations. It supports IPSec, PPTP, L2TP, and SSL3 protocols in client/ server mode and can handle pass-through traffic as well.


Stream-based Virus Scanning

The DFL-870’s stream-based virus scanning examines files of any size while eliminating the need to cache incoming files first. This zero-cache scanning method not only increases inspection performance, but also reduces network bottlenecks. Kaspersky Labs virus signatures to provide reliable and accurate anti-virus and malware protection, as well as prompt signature updates.

Category

Title

Type

Link

Datasheet Full Technical Specifications pdf
Installation Guide Quick Installation Guide pdf
Firmware Please have your H/W ready File

Go to top