Netgear FVS318v3 – Cable/DSL ProSafe VPN Firewall with 8-Port Switch Reference Manual
ProSafe VPN Firewall FVS318v3 Reference Manual
1-2
Introduction
v5.0, January 2012
A Powerful, True Firewall with Content Filtering
Unlike simple Internet sharing NAT firewalls, the FVS318v3 is a true firewall, using stateful
packet inspection to defend against hacker attacks. Its firewall features include:
packet inspection to defend against hacker attacks. Its firewall features include:
•
DoS protection.
Automatically detects and thwarts DoS attacks such as Ping of Death, SYN Flood, LAND
Attack, and IP Spoofing.
Attack, and IP Spoofing.
•
Blocks unwanted traffic from the Internet to your LAN.
•
Blocks access from your LAN to Internet locations or services that you specify as off-limits.
•
Logs security incidents.
The FVS318v3 logs security events such as blocked incoming traffic, port scans, attacks, and
administrator logins. You can configure the firewall to email the log to you at specified
intervals. You can also configure the firewall to send immediate alert messages to your e-mail
address or email pager whenever a significant event occurs.
administrator logins. You can configure the firewall to email the log to you at specified
intervals. You can also configure the firewall to send immediate alert messages to your e-mail
address or email pager whenever a significant event occurs.
•
With its content filtering feature, the FVS318v3 prevents objectionable content from reaching
your PCs. The firewall allows you to control access to Internet content by screening for
keywords within Web addresses. You can configure the firewall to log and report attempts to
access objectionable Internet sites.
your PCs. The firewall allows you to control access to Internet content by screening for
keywords within Web addresses. You can configure the firewall to log and report attempts to
access objectionable Internet sites.
Security
The VPN firewall is equipped with several features designed to maintain security, as described in
this section.
this section.
•
PCs Hidden by NAT. NAT opens a temporary path to the Internet for requests originating
from the local network. Requests originating from outside the LAN are discarded, preventing
users outside the LAN from finding and directly accessing the PCs on the LAN.
from the local network. Requests originating from outside the LAN are discarded, preventing
users outside the LAN from finding and directly accessing the PCs on the LAN.
•
Port Forwarding with NAT. Although NAT prevents Internet locations from directly
accessing the PCs on the LAN, the firewall allows you to direct incoming traffic to specific
PCs based on the service port number of the incoming request, or to one designated “DNS”
host computer. You can specify forwarding of single ports or ranges of ports.
accessing the PCs on the LAN, the firewall allows you to direct incoming traffic to specific
PCs based on the service port number of the incoming request, or to one designated “DNS”
host computer. You can specify forwarding of single ports or ranges of ports.
Autosensing Ethernet Connections with Auto Uplink
With its internal eight-port 10/100 switch, the FVS318v3 can connect to either a 10 Mbps standard
Ethernet network or a 100 Mbps Fast Ethernet network. Both the LAN and WAN interfaces are
autosensing and capable of full-duplex or half-duplex operation.
Ethernet network or a 100 Mbps Fast Ethernet network. Both the LAN and WAN interfaces are
autosensing and capable of full-duplex or half-duplex operation.