D-Link DSA-5100 Data Sheet
DSA-5100
AirSpot Gateway
POP3S Authentication
Primary/secondary POP3 mail server with SSL support
Primary/secondary POP3 mail server with SSL support
Windows Domain Authentication
Microsoft NT domain controller support
Microsoft NT domain controller support
Transparent Windows Domain Login
Automatic login to DSA-5100 upon user's successful login to Windows
domain *
Automatic login to DSA-5100 upon user's successful login to Windows
domain *
* Windows 2000 domain controller support only
GRIC Roaming
GRIC users can use DSA-5100 UAM to login to controlled network
GRIC users can use DSA-5100 UAM to login to controlled network
Definable Guest Permission
Maximum 10 definable filter rules
Maximum 10 definable filter rules
Black List
Maximum 5 Black Lists to disallow up to 50 pre-defined user accounts
from network access
Maximum 5 Black Lists to disallow up to 50 pre-defined user accounts
from network access
User Login Schedule Profile
Maximum 5 schedules to control matrixes by the hour
Maximum 5 schedules to control matrixes by the hour
Guest Session Time Control
1 to 12 hours' limit (default: no limit)
1 to 12 hours' limit (default: no limit)
Local/RADIUS Accounting
- Local accounting mode generated CDR-liked recorder containing fields:
Start time
End time
User ID
User MAC
User IP
Packets In
Bytes In
Packets Out
Bytes Out
- RADIUS accounting mode accounting attributes: *
User-Name
Calling-Station-ID
Framed-IP-Address
Acct-Terminate-Cause
Acct-Input-Octets
Acct-Output-Octets
Acct-Input-Packets
Acct-Output-Packets
- Local accounting mode generated CDR-liked recorder containing fields:
Start time
End time
User ID
User MAC
User IP
Packets In
Bytes In
Packets Out
Bytes Out
- RADIUS accounting mode accounting attributes: *
User-Name
Calling-Station-ID
Framed-IP-Address
Acct-Terminate-Cause
Acct-Input-Octets
Acct-Output-Octets
Acct-Input-Packets
Acct-Output-Packets
* Generated using standardized RADIUS accounting protocols and put on RADIUS server
Firewall Profiles
- 6 sets of IP filtering rules (50 rules for the Global set, 10 rules for
each set of other IP filters)
- Following fields can be applied to machines and subnets controlled
by DSA-5100:
Protocol
Port/port range
Source MAC
Source/destination interface
Source/destination IP address/segment
- 6 sets of IP filtering rules (50 rules for the Global set, 10 rules for
each set of other IP filters)
- Following fields can be applied to machines and subnets controlled
by DSA-5100:
Protocol
Port/port range
Source MAC
Source/destination interface
Source/destination IP address/segment
Walled Garden
IP/IP segments defined in Walled Garden can be visited prior to user login
IP/IP segments defined in Walled Garden can be visited prior to user login
Machine/Subnet DoS Protection
- NMAP FIN/URG/PSH
- Xmas Tree
- SYN/RST
- Ping of Death
- Null Scan
- SYN/FIN
- NMAP FIN/URG/PSH
- Xmas Tree
- SYN/RST
- Ping of Death
- Null Scan
- SYN/FIN
Customizable User Login/Logout Page
- Uploaded login/logout page may include images
- Image size for all uploaded images limited to 512KB
- Login/logout pages can be enabled/disabled through 128-bit SSL
- Uploaded login/logout page may include images
- Image size for all uploaded images limited to 512KB
- Login/logout pages can be enabled/disabled through 128-bit SSL
Firewall
Administration
Home Page Support
- System administrator can customize home page
- 2 firmware versions for different regions using different default
home pages
- Default homepage for USA: www.dlink.com
- Default homepage for other areas: www.dlink.co.uk
- System administrator can customize home page
- 2 firmware versions for different regions using different default
home pages
- Default homepage for USA: www.dlink.com
- Default homepage for other areas: www.dlink.co.uk
Authentication Policy
- 5 sets of management types (including 1 default management type)
distinguished by postfix
- Postfix of default group can be omitted for users in default group
- Each management type can be associated with a Black List and
an authentication database
- Users in a management type can belong to different user
groups according to various pre-defined attribute-matching rules
- 5 sets of management types (including 1 default management type)
distinguished by postfix
- Postfix of default group can be omitted for users in default group
- Each management type can be associated with a Black List and
an authentication database
- Users in a management type can belong to different user
groups according to various pre-defined attribute-matching rules
Online User Monitoring
- Real-time monitoring tool containing following fields:
User ID
IP
MAC address
Packets In/Bytes In
Packets Out/Bytes Out
Idle time in seconds
- System administrator can logout online users individually
from monitoring function
- Real-time monitoring tool containing following fields:
User ID
IP
MAC address
Packets In/Bytes In
Packets Out/Bytes Out
Idle time in seconds
- System administrator can logout online users individually
from monitoring function
Off-line Usage History
- History file contains following fields:
Start/End Time
User ID
IP
MAC Address
Packets In/Bytes In
Packets Out/Bytes Out
- History log file can be periodically sent to system administrators in
pre-defined time interval from 1 hour to 24 hours through email system
- Generated history log files can be kept maximum 4 days
- Customizable received administrator mail account and received
history mail account
- History log accessible from specific IP address
- Local time display on history log
- History file contains following fields:
Start/End Time
User ID
IP
MAC Address
Packets In/Bytes In
Packets Out/Bytes Out
- History log file can be periodically sent to system administrators in
pre-defined time interval from 1 hour to 24 hours through email system
- Generated history log files can be kept maximum 4 days
- Customizable received administrator mail account and received
history mail account
- History log accessible from specific IP address
- Local time display on history log
Web-Based Administration
SSL protected
SSL protected
Serial Console Management Functions
- Restore to factory default
- Change administrator's password
- Network debug utilities
- Device service status check
- Restore to factory default
- Change administrator's password
- Network debug utilities
- Device service status check
SSH Remote Management Functions
- Restore to factory default
- Change administrator's password
- Network debug utilities
- Device service status check
- Restore to factory default
- Change administrator's password
- Network debug utilities
- Device service status check
Remote Firmware Upgrade
Via a web-based administration UI
Via a web-based administration UI
External SYSLOG
External SYSLOG server can store log data for DSA-5100.
External SYSLOG server can store log data for DSA-5100.
Monitor IP List
- Using ICMP echo mechanism, DSA-5100 checks accessibility for
all devices configured in Monitor IP List
- Maximum 40 sets of IP can be defined in Monitor IP List
- If any device in this list loses contact, DSA-5100 will send an
alarm message to its system administrators via e-mail
- Using ICMP echo mechanism, DSA-5100 checks accessibility for
all devices configured in Monitor IP List
- Maximum 40 sets of IP can be defined in Monitor IP List
- If any device in this list loses contact, DSA-5100 will send an
alarm message to its system administrators via e-mail
SNMP Support
SNMP v.2c read-only access (basic MIBs only)
SNMP v.2c read-only access (basic MIBs only)
Welcome E-Mail Message
- Contains guidance to access DSA-5100
- This message will be sent when users try to receive e-mail
before actually logged into DSA-5100 *
- Contains guidance to access DSA-5100
- This message will be sent when users try to receive e-mail
before actually logged into DSA-5100 *
* Supports POP3 protocol
Software Specifications