Description
By combining robust security features and an integrated VPN client and server, this Rackmount VPN Firewall is a high-performance security solution designed for enterprise and small-to-medium sized businesses.
The NetDefend family of Firewall/VPN Security Appliances is D-Link’s answer for hardware-based network security. The new DFL-1600 NetDefend Network Security Rackmount VPN Firewall is an easy-to-deploy VPN and firewall solution designed for enterprise and small-to-medium sized businesses that demand superior performance and security.
Advanced Hardware Features
The DFL-1600 is a powerful security solution that provides integrated Network Address Translation (NAT), SPI Firewall, advanced content filtering features, IDS protection, bandwidth management, as well as Virtual Private Network (VPN) support. The DFL-1600 includes six configurable gigabit Ethernet ports that can be used for LAN, WAN, and DMZ. All of these features conveniently fit into a 1U rack-mountable chassis that can be easily integrated into your switch/server rack.
Enterprise-class Security
To provide enterprise-class network security, the DFL-1600 has several flexible firewall features to manage, monitor, and maintain a healthy and secure network. Network management features include: Remote Management, Bandwidth Control Policies, URL/Keyword Blocking, Access Policies, and SNMP. For network monitoring, the DFL-1600 supports e-mail alerts, system log, consistency checks, and real-time statistics. For at a glance monitoring, the 20x2 line LCM display provides hardware status info as well as alert events to enable visual verifications. These features along with a firmware backup function provide and maintain maximum network performance and security.
VPN Performance
For optimal VPN configuration, the DFL-1600 has both an integrated VPN Client and Server to support almost any required VPN policy. This high-end appliance has a hardware VPN engine to support and manage up to 1200 VPN connections. The DFL-1600 can support IPSec, PPTP, and L2TP protocols in Client/Server mode and can handle pass-through traffic as well. Advanced VPN configuration options include: DES/3DES/AES/Twofish/Blowfish/CAST-128 encryption, Manual or IKE/ISAKMP key management, Quick/Main/Aggressive Negotiation modes, and VPN authentication support using either an external RADIUS server or the internal 500-user database.
Multiple Network Central Features
Additional network control features supported by the DFL-1600 include 802.1q VLAN tagging and extensive High Availability (HA) features. VLAN tagging supports integration of the DFL-1600 into your rack system with L2/L3 managed switches to segment your network and prioritize traffic. HA options include WAN Fail-Over, Active/Passive Modes, Device Failure Detection, Link Failure Detection, and Session Synchronization. Additionally, support for Active Clustering or Load Balancing optimizes network uptime and performance.
Configurable User Interface
The DFL-1600 can be configured via D-Link’s Web-based interface and monitored using the Command Line Interface (CLI). These configuration options can be managed through Admin, Read/Write, or Read-Only administrator rights. With these access management levels, any authorized user can easily configure or access the administrative functions of the DFL-1600.
With businesses becoming increasingly network-dependent, the need to invest in a reliable security solution is crucial. The D-Link DFL-1600 NetDefend Network Security Rackmount VPN Firewall offers high return on investment through robust security features, flexible configuration, and maximum network protection.
| Software |
| Firewall Mode of Operation |
| • |
Layer 3 Mode: Route Mode, NAT Mode |
| • |
Layer 2 Mode: Transparent Mode |
| • |
Network Address Translation (NAT) |
| • |
Port Address Translation (PAT) |
| • |
Static Address Translation (SAT) |
| • |
Policy-Based NAT |
| • |
Port Forwarding |
| • |
Server Load Balancing |
| • |
Time Scheduled Policies |
|
| VPN Security |
| • |
VPN Tunnels: 1200 (IPsec, PPTP, L2TP, L2TP with IPsec) |
| • |
IPSec LAN-to-LAN / Roaming User |
| • |
PPTP/L2TP Server/Client |
| • |
IPsec Hub and Spoke |
| • |
IPSec NAT-Traversal |
| • |
DHCP over IPSec |
| • |
Encryption Transform: DES, 3DES, AES, Twofish, Blowfish, CAST-128 |
| • |
XAUTH (Extended Authentication) for IPSec Authentication |
|
| Firewall Security |
| • |
Stateful Packet Inspection (SPI) |
| • |
Policy-Based User Authentication |
| • |
DoS/DDoS Attack Protection |
| • |
RADIUS, LDAP, IAS |
| • |
HTTP Traffic Filter: Keyword, URL, Exempt List |
| • |
Script Filter: Java Applet, Java Scripts, VB Scripts, Cookies, ActiveX |
|
| Network Service |
| • |
Static IP address |
| • |
PPPoE for xDSL |
| • |
PPTP/L2TP Client for xDSL |
| • |
DHCP Client for WAN Interface |
| • |
BigPond Cable, Telia Compliance |
| • |
Internal DHCP Server |
| • |
DHCP Relay |
| • |
WAN Failover/Load Sharing |
| • |
IP Alias |
| • |
Static Routes |
| • |
OSPF Dynamic Routing |
| • |
Policy-Based Routing |
| • |
DNS Resolving of Remote Gateway |
| • |
Dynamic DNS Poster |
| • |
Custom Application Layer Gateway |
| • |
Support IEEE 802.1q VLAN Tag (128) |
| • |
Firewall Policies per VLAN Tag |
| • |
DHCP Server per VLAN Tag |
|
| Bandwidth Management |
| • |
Guaranteed Bandwidth |
| • |
Maximum Bandwidth |
| • |
Priority-Bandwidth Utilization |
| • |
Policy-Based Traffic Shaping |
| • |
Time-Scheduled Traffic Shaping |
| • |
Bandwidth Management in VPN Tunnel |
|
| System |
| • |
SYSLog Support |
| • |
Firmware Configuration Backup |
| • |
E-mail Alerts |
| • |
Management – HTTP/HTTPS, SSH |
| • |
Simple Network Time Protocol (SNTP) |
| • |
Simple Network Management Protocol (SNMP) |
| • |
Configuration Consistency Checks |
|
| Intrusion Detection System |
| • |
NIDS Pattern Auto Update |
| • |
Attack Alarm via E-mail Notification |
|
| High Availability |
| • |
Active-Passive HA mode |
| • |
Network Notification on Failover |
| • |
Device Failure Detection |
| • |
Configuration Synchronization |
| • |
Firewall/VPN Session Synchronization |
| • |
Average Failover Time: < 800ms |
|
| Physical & Environmental |
| Diagnostic LEDs |
| • |
Power |
| • |
System |
| • |
Gigabit Ethernet (Link/Activity per Port) |
|
| Device Ports |
| • |
Gigabit Ethernet: 6 10/100/1000BASE-T Ports |
| • |
Console Port: Serial COM port |
|
| LCM Module |
| • |
20 x 2 Line Liquid Crystal Module |
| • |
Display HW Status and Events |
|
| Power Input |
| • |
AC Input 100~240VAC 50~60Hz |
|
| Power Consumption |
|
| Dimensions |
| • |
17.3in x 10.0in x 1.73in |
| • |
19in 1U Rack Mountable |
|
| Weight |
|
| Temperature |
| • |
Operating: 32°F to 140°F (0° to 60°C) |
| • |
Storage: -4°F to 158°F (-20° to 70°C) |
|
| Humidity |
| • |
5% to 95% (Non-Condensing) |
|
| Emission (EMI) |
| • |
FCC Class A |
| • |
CE |
| • |
C-Tick |
|
| Safety |
|
