|
5 VPN Tunnels for Secure Remote Access
Provides both secure IPsec site-to-site tunnels and IPsec secure access for remote clients
Includes denial-of-service (DoS) protection, stateful packet inspection (SPI), URL keyword filtering, logging, reporting, and real-time alerts
Physical Interfaces
LAN ports: Eight (8) 10/100/1000 Mbps auto-sensing, Auto Uplink™ RJ-45 ports; one LAN port can be dedicated hardware DMZ port
WAN ports: One (1) 10/100/1000 Mbps auto-sensing, Auto Uplink™ RJ-45 ports to connect to any broadband modem, such as DSL or cable
SPI firewall
Stateful packet inspection (SPI): prevents denial-of-service (DoS) attacks, provides stealth mode, User support: Unrestricted
Keyword filtering on: address, service (ex. FTP, SMTP, HTTP, RPL, SNMP, DNS, ICMP, NNTP, POP3, SSH, etc.), protocol, Web URL port/service blocking, file extension (ex. Java, URL, ActiveX)
Port/service blocking
SIP Application Layer Gateway
SIP compatibility list: Linksys SPA-901, Linksys SPA-941, SNOM M3, Cisco 7940G, X-Lite 3.0 (software for phones, D-Link DPH-140S, Grandstream GXP-2000, Polycom SoundStation 6000, Siemens C450, Aastra 51i
IPsec VPN functionality
Five (5) dedicated IPsec VPN tunnels
Manual key and Internet Key Exchange Security Association (IKE SA) assignment: pre-shared key signature, RSA/DSA signature
Key life and IKE lifetime time settings
Perfect forward secrecy
Diffie-Hellman groups 1 and 2
Oakley support
Operating modes: main, aggressive
Fully qualified domain name (FQDN) support for dynamic IP address VPN connections
IPsec support
IPsec-based 56-bit (DES) 168-bit (3DES), or 256-bit (AES) encryption algorithm
MD5 or SHA-1 hashing algorithm
ESP support
PKI features with X.509 v.3 certificate support
remote access VPN (client-to-site), site-to-site VPN
IPsec NAT traversal (VPN passthrough)
Two-factor authentication support
Routing Modes of Operation
Many-to-one Multi-network Address Translation (NAT)
Classical routing
Unrestricted users per port
IP Address Assignment
Static IP address assignment
Internal DHCP server on LAN
DHCP client on WAN
PPPoE client support
Performance Features
Throughput: LAN-to-WAN: 25 Mbps total, IPsec VPN (3DES): 7 Mbps
Connections: 6,000 concurrent sessions
Administration Interface
SNMP (v2c) support
Web graphic user interface
User name and password protected
Secure remote management support authenticated through IP address (or IP address range) and password
Configuration changes/upgrades through Web GUI
Two-factor authentication support for administrator interface
Logging
SYSLOG
Email alerts
Functions
VPN Wizard to simplify configuration of IPsec VPNs
Auto Detect to automatically detect ISP address type (static, dynamic, PPPoE)
Port range forwarding
Port triggering
Enable/disable WAN ping
DNS proxy
MAC address cloning/spoofing
Network Time Protocol NTP support
Diagnostic tools (ping, DNS lookup, trace route, other)
Port/service
Auto-Uplink on switch ports
L3 Quality of Service (QoS) LAN-to-WAN and WAN-to-LAN (ToS)
SIP ALG
Protocol support
Network: IP routing, TCP/IP, UDP, ICMP, PPPoE
IP addressing: DHCP (client and server)
Routing: RIP v1, RIPv2 (static routing, dynamic routing)
VPN/security: IPsec (ESP), IKE, PKI, HTTPS
Maintenance
Save/restore configuration, restore defaults, upgrades via Web browser, display statistics
Hardware Specifications
Processor Speed: 250 MHz
Memory: 8 MB flash, 32 MB DRAM
Power adapter: 12V DC, 1.5A -plug is localized to country of sale
Dimensions: 190 x 125 x 35 cm (7.5 x 4.9 x 1.4 in)
Weight: 0.59 kg (1.3 lb
Environmental Specifications
Operating temperature: 0° to 45°C (32° to 113°F)
Operating humidity: 95% maximum relative humidity, non-condensing
Warranty
Firewall: NETGEAR Lifetime Warranty
Power supply: NETGEAR 3-year Warranty
Package Contents
ProSafe Gigabit Firewall (FVS318G)
Ethernet cable
Installation guide
Warranty/support information card
Resource CD with single user ProSafe VPN Client Software license
|
