Your office is connected to the outside world through the Internet. It is easy for hackers to intrude your databases to steal or destroy data. The DFL-1000 provides a wide range of protection against outside attacks, plus comprehensive security that includes user authentication, scheduled policies and Virtual Server Mapping. The DFL-1000 provides NAT translation of IP addresses from the internal private network to the public IP network.
Content Filtering & Virus Scanning
All you need to do is connect the network cables. To the outside world, you hook the RJ-45 plug to your DSL/cable modem, Internet gateway or router . To your office, you plug in another RJ-45 jack to your network switch or hub. The DMZ port connects to an independent hub or switch for the DMZ network. The DFL-1000 provides CPU, system memory and embedded software, all ready to run.
Administration access can be controlled such that the DFL-1000 can be administered from the protected internal network or the external public Internet. The DFL-1000 supports an internal/External (RADIUS) database for authenticating user access to various services. It maps public IP addresses to information servers on the internal network to allow public access. It also prevents access to particular web sites, using powerful pattern matching to block access to URLs.
Firewall policies may be scheduled for different times of the day/week/month and for one time use or recurring.
LAN-to-LAN VPN Connection
The DFL-1000 supports VPN functions including IPSec, ESP security in tunnel mode, LAN to-LAN and mobile remote access.
The DFL-1000 uses a special design ASIC to perform VPN encryption and decryption. It off-loads CPU loading through hardware-based acceleration.
The DFL-1000 supports web-based management using a secure SSL connection from a remote terminal either on the internal corporate network or even from an external remote site. The DFL-1000 can also be administered on-site using its RS-232 serial connection.