פיירוול UTM (כולל AV, WCF) לאבטחת מושלמת לרשת הארגונית - 7 יציאות LAN, יציאת DMZ, כ- 2 יציאות WAN- עד 150Mbps
היכן לקנות


Product Description

The D-Link DFL-860 NetDefend Unified Threat Management (UTM) firewall is a powerful security solution designed to protect the small to mid-sized offices from a wide variety of network threats. The firewall provides integrated remote routing, Network Address Translation (NAT), Virtual Private Network (VPN), proactive network security, Intrusion Prevention System (IPS), Web Content Filtering (WCF), Anti-Virus (AV) Protection, traffic load balancing and bandwidth management, all in one compact desktop chassis that can be easily integrated to existing network.

Enterprise-Class Firewall Security
The DFL-860 provides complete advanced security features to manage, monitor and maintain a healthy and secure network. Network management features include: Remote Management, Bandwidth Control Policies, URL/Keyword Blocking, Access Policies and SNMP. For network monitoring, the firewall supports e-mail alerts, system log, consistency checks and real-time statistics.

Powerful VPN Performance
For optimal VPN configuration, the DFL-860 has an integrated VPN Client and Server to support almost any required VPN policy. This allows a remote office to securely connect to a head office or a trusted partner network, while mobile users working from home or at other places can also safely connect to the office network to access company data and access e-mail. The DFL-860 has hardware-based VPN engines to support and manage a large number of VPN configurations. They support IPSec, PPTP, and L2TP protocols in Client/Server mode and can handle pass-through traffic as well. Advanced VPN configuration options include: DES/3DES/AES/Twofish/Blowfish/CAST-128 encryption, Manual or IKE/ISAKMP key management, Quick/Main/Aggressive Negotiation modes, and VPN authentication support using either an external RADIUS server or a large user database.

Unified Threat Management
The DFL-860 integrates an Intrusion Detection and Prevention System (IDP/IPS), gateway Anti-Virus (AV) and Content Filtering/Web URL Filtering for superior Layer 7 content inspection protection. They use a hardware accelerator approach to increase IPS and AV throughput, and a web surfing control database containing millions of URLs for Web Content Filtering (WCF). IPS, Anti-Virus and URL database real-time update services protect the office network from application exploits, network worms, malicious code attacks, and provide everything a business needs to manage employee Internet access behavior.

UTM Services
Maintaining an effective defense against the various threats originating from the Internet requires that all three databases used by the DFL-860 are kept up-to-date. In order to provide a robust defense, D-Link offers optional NetDefend Firewall UTM Services subscriptions which include distinct NetDefend service updates for each aspect of defenses: IPS, Anti-Virus and WCF. NetDefend UTM Subscription ensure that each of the firewall's service databases is always accurate and current.

Robust Intrusion Prevention
The DFL-860 adopts a unique IPS technology - component-based signatures, which are built to recognize and protect against all varieties of known and unknown attacks, and which can address all critical aspects of an attack or potential attack including payload, NOP sled, infection, and exploits. In terms of signature coverage, the IPS database includes attack information and data from a global attack sensor-grid and exploits collected from public sites such as the National Vulnerability Database and Bugtrax. The DFL-860 delivers high quality IPS signatures by constantly creating and optimizing NetDefend signatures via the D-Link Auto-Signature Sensor System. Without overloading existing security appliances, these signatures ensure a high ratio of detection accuracy and the lowest ratio of false positives.

Stream-Based Virus Scanning
The DFL-860 scans files of any sizes, using the stream-based virus scanning technology that does away with caching of incoming files. This scanning method increases inspection performance while eliminating network bottlenecks. The firewalls use virus signatures from the known, respected antivirus company Kaspersky Labs to provide users with reliable and accurate antivirus signatures, as well as prompt signature updates. Viruses and malware consequently can be effectively blocked before they reach the network's desktops or mobile devices.

Web Content Filtering
Web Content Filtering helps MIS monitor, manage, and control employee usage of and access to the Internet. The DFL-860 implements multiple global index servers with millions of URL and real-time website information to enhance performance capacity and maximize service availability. The firewall uses highly granular policies and explicit black lists/white lists to allow or disallow where and when access to certain types of websites for any combination of users, interfaces and IP networks. They can strip potential malicious objects, such as Java applets, JavaScripts/VBScripts, ActiveX objects and cookies to actively handle the Internet content.

Hardware Accelerator
Equipped with hardware accelerators, the DFL-860 can carry out IPS, Anti-Virus scanning functions simultaneously without degrading firewall and VPN performance. These powerful accelerators allow the firewall to perform with a much higher throughput than other antivirus-capable UTM firewalls on the market.

NetDefend UTM Subscription
The standard NetDefend UTM (Unified Threat Management) Subscription provides your security appliances with UTM services for 12 months (Web Content Filtering is 3 months) starting from the day you activate or extend your service. Your NetDefend UTM Subscription can be renewed regularly to provide your security devices with important updates and your network with the most up-to-date security service available from D-Link.

מאפיינים כללים






  • 2 Ethernet WAN ports
  • 1 Ethernet DMZ port
  • 7 Ethernet LAN ports
  • Firewall throughput 150Mbps
  • VPN throughput 60Mbps



System performance

  • Concurrent sessions  1,000
  • Policies 500 
  • Transparent mode
  • NAT, PAT
  • Dynamic routing protocol



Firewall system

  • H,323 NAT traversal
  • Time-scheduled policies
  • Application layer Gateway (ALG)
  • Proactive end-point security
  • DHCP relay
  • Policy-based routing




  • IEEE 802.1q VLAN
  • 1 ip multicast
  • Encryption methods
  • (DES/3DES/AES/Twofish/Blowfish/CAST-128)
  • Dedicated VPN tunnels-300


Virtual private network (VPN)

  • PPTP/L2TP server
  • Hub and spoke
  • IPSec NAT traversal
  • Outbound load balancing


Traffic load balancing

  • Load balance algorithms
  • Traffic redirect at fall-over
  • Policy-based traffic shaping
  • Guaranteed bandwidth

Bandwidth management

  • Maximum bandwidth
  • Priority bandwidth



High availability (HA)

  • Dynamic bandwidth balancing
  • WAN fall-over
  • Automatic pattern update
  • DOS, DDoS, protection
  • Attack alarm via e-mail

Intrusion detection & prevention system (IDP/IPS)

  • Advanced IDP/IPS subscription
  • Ip blacklist by threshold or IDP/IPS

Power input

  • External power adapter



  • 235x162x36 mm
  • Desctop size

Operation temperature

  • 0-40C

Storage temperature

  • -20-70C



  • FCC Class A
  • CE Class A



  • C-Tick
  • 21,571 hours

Operating humidity

  • 5%to 95% non-condensing


  •  2 years

נתונים פיזיים




מראה מקדימה
מראה מאחורה

דף מידע

ראה גם