Your of fice is connected to the outside world through the Internet. It is eas for hackers to intrude your databases to steal or destroy data. The DFL-1500 provides a wide range of protection against outside attacks, plus comprehensive security that includes user authentication, scheduled policies and Virtual Server Mapping. The DFL-1500 provides NAT translation of IP addresses from the internal private network to the public IP network.
Network Backup/Load Balance
The DFL-1500 implements intelligent auto-routing algorithm to dynamically balance outgoing traffic to multiple WAN links. It does not require configuration of complex routing table the way normal routers do, hence minimizes the effort of MIS. The DFL-1500 supports different type of WAN connections, including leased line (e.g. T1, E1), broadband (DSL/cable modem) and ISDN. By substituting expensive leased lines with multiple broadband links, you can save substantial WAN connection fee while maintaining a high level of connection reliability.
Stable and highly available Web connectivity has become a basic requirement for many enterprises and organizations whose businesses depend on the Internet. To meet this requirement, a vital technology called multihoming becomes necessary. Multihoming is as important to outboun traffic as auto-routing to inbound traffic. DFL-1500 offers true multihoming that load-balances inbound traffic as well as detects and redirect traffic away from the failed links. It does not need complex BGP programming or cooperation from ISP.
As an advanced fail-over function, 2 DFL-1500 devices can work as a team in a master-slave fashion. Normally the master is the active device while the slave is its backup. Should the master go out of service, the slave will become active and take over the role of the master until the master is back on-line again. The fail-over mode offers the ultimate fault tolerance for rganizations that demand the highest availability.
The quality of the services may degrade or even fail due to bandwidth misuse. How to guarantee the quality of service (QoS) becomes an important topic of today's enterprises. Adding more bandwidth is not really a solution because it does not guarantee availability. The correct way of solving this problem is to apply bandwidth management. With the DFL-1500's built-in bandwidth management capability, you can easily set up bandwidth policies based on their network configuration and company's policies. DFL-1500 will make sure that bandwidth need of anticipated traffic can be met and bandwidth consumption of unexpected traffic is monitored and controlled. Bandwidth policies of the DFL-1500 can be specified based on source, destination (IP or subnet), and applications.
Administration access can be controlled such that the DFL-1500 can be administered from the protected internal network or the external public Internet. The DFL-1500 supports an internal database for authenticating user access to various services. It maps public IP addresses to information servers on the internal network to allow public access. You can also prevent access to particular web sites, using powerful pattern matching to block access to URLs.
Firewall policies may be scheduled for different times of the day/week/month and for one time use or recurring.
LAN-to-LAN VPN Connection
The DFL-1500 supports VPN functions including IPSec, ESP security in tunnel mode, LAN to-LAN and mobile remote access.
The DFL-1500 uses a special design ASIC to perform VPN encryption and decryption. This off-loads CPU loading through hardware-based
The DFL-1500 supports web-based management using a secure SSL connection from a remote terminal either on the internal corporate network or even from an external remote site. The DFL-1500 can also be administered on-site using its RS-232 serial connection.