Print
Discuss
Send to friend
D-Link’s NetDefend DFL-260 is a UTM (Unified Threat Management) appliance which, at first glance, offers the same firewall/VPN facilities as the cheaper DFL-210 we reviewed back in the September 2007 issue. However, whereas the DFL-210 is very much an entry level product, the new DFL-260 adds anti-virus and more sophisticated intrusion protection options, together with hardware accelerators to cope with much larger networks.
From the outside there’s very little difference, with four 10/100Mbits/sec Ethernet ports for Lan connectivity plus two for the internet. Traffic shaping and failover options are available across the two Wan ports, added to which the second can be used to create a so-called De-Militarized Zone (DMZ), to protect public facing servers.
In terms of the firewall there’s not much difference either, implemented in the NetDefendOS software. To this is then added a VPN server able to support up to 100 tunnels with a maximum throughput overall of 25Mbits/sec. Support for site-to-site and client-based VPN setups is available using a mix of tunnelling IPSec, PPTP and L2TP technologies, but software clients aren’t included.
The “real” UTM options then start with what D-Link calls “stream-based” anti-virus scanning. By this it means the ability to inspect files for viruses as they pass through the gateway, without having to be cached. Kaspersky technology is behind the D-Link anti-virus scanner, added to which there’s an advanced Intrusion Prevention System (IPS) which employs a technology called component-based signature recognition to identify a wide range of potential threats. This, in turn, uses information collected from a number of sites including the US National Vulnerability Database.
The IPS and anti-virus options also benefit from hardware accelerators. D-Link claims the accelerators enable these options to be run simultaneously without degrading firewall/VPN performance and so deliver sufficient throughput to handle networks of 50 users or more.
Web content filtering is yet another option, with 90-days of free updates for this and the other services included. Thereafter, however, annual subscriptions are required which, together, can cost almost as much again as the hardware.
In terms of what it has to offer, then, the DFL-260 looks like it ought to be an effective UTM appliance, well suited to the small business. As with the DFL-210, however, management is something of an Achilles heel
The basics are fine, with a console port for local management via a command line interface plus SNMP support if needed. It’s also possible to connect to the DFL-260 via a browser both for initial deployment and day to day management.
We found the Web interface easy navigate, and there’s a startup wizard to, where for example, you can assign addresses to the various interfaces, set the clock and so on. That done, however, and all you’re left with is a fairly basic firewall. Everything else has to be configured manually, and it’s not easy
Policy-based management is the order of the day, which is good, and once you get to grips with how it all works it’s not hugely difficult. However, you’re presented with a seemingly endless list of options and a high degree of technical knowledge is assumed throughout. Such knowledge is likely to be in short supply in the kind of small businesses at which the product is aimed. The documentation helps, but only a little, leaving the DFL-260 very much the kind of product you’d want a specialist reseller to both install and maintain.
All Antivirus and Firewall Protection Tags: D-link
del.icio.us
Digg this
reddit!
