Netgear FVS318G FVS318G-100EUS Data Sheet
Product codes
FVS318G-100EUS
ProSafe
®
8-port Gigabit VPN Firewall
FVS318G
Technical Specifications
Physical Interfaces
•
LAN ports: Eight (8) 10/100/1000
–
Mbps auto-sensing, Auto Uplink™
RJ-45 ports; one LAN port can be
dedicated hardware DMZ port
WAN ports: One (1) 10/100/1000
RJ-45 ports; one LAN port can be
dedicated hardware DMZ port
WAN ports: One (1) 10/100/1000
–
Mbps auto-sensing, Auto Uplink™
RJ-45 ports to connect to any
broadband modem, such as DSL
or cable
RJ-45 ports to connect to any
broadband modem, such as DSL
or cable
SPI firewall
•
Stateful packet inspection (SPI):
–
- prevents denial-of-service
(DoS) attacks
- provides stealth mode
- User support: Unrestricted
Keyword filtering on:
(DoS) attacks
- provides stealth mode
- User support: Unrestricted
Keyword filtering on:
–
- address
- service (ex. FTP, SMTP, HTTP, RPL,
SNMP, DNS, ICMP, NNTP, POP3,
SSH, etc.)
- protocol
- Web URL port/service blocking
- file extension (ex. Java, URL, ActiveX)
Port/service blocking
- service (ex. FTP, SMTP, HTTP, RPL,
SNMP, DNS, ICMP, NNTP, POP3,
SSH, etc.)
- protocol
- Web URL port/service blocking
- file extension (ex. Java, URL, ActiveX)
Port/service blocking
–
SIP Application Layer Gateway
–
SIP compatibility list:
–
- Linksys SPA-901
- Linksys SPA-941
- SNOM M3
- Cisco 7940G
- X-Lite 3.0 (software for phones
- D-Link DPH-140S
- Grandstream GXP-2000
- Polycom SoundStation 6000
- Siemens C450
- Aastra 51i
- Linksys SPA-941
- SNOM M3
- Cisco 7940G
- X-Lite 3.0 (software for phones
- D-Link DPH-140S
- Grandstream GXP-2000
- Polycom SoundStation 6000
- Siemens C450
- Aastra 51i
IPsec VPN functionality
•
Five (5) dedicated IPsec VPN tunnels
–
Manual key and Internet Key
–
Exchange Security Association
(IKE SA) assignment
- pre-shared key signature
- RSA/DSA signature
Key life and IKE lifetime time settings
(IKE SA) assignment
- pre-shared key signature
- RSA/DSA signature
Key life and IKE lifetime time settings
–
Perfect forward secrecy
–
Diffie-Hellman groups 1 and 2
–
Oakley support
–
Operating modes
–
- main
- aggressive
Fully qualified domain name (FQDN)
- aggressive
Fully qualified domain name (FQDN)
–
support for dynamic IP address
VPN connections
VPN connections
IPsec support
•
IPsec-based 56-bit (DES) 168-bit (3DES),
–
or 256-bit (AES) encryption algorithm
MD5 or SHA-1 hashing algorithm
MD5 or SHA-1 hashing algorithm
–
ESP support
–
PKI features with X.509 v.3
–
certificate support
remote access VPN (client-to-site),
remote access VPN (client-to-site),
–
site-to-site VPN
IPsec NAT traversal (VPN passthrough)
IPsec NAT traversal (VPN passthrough)
–
Two-factor authentication support
–
Routing Modes of Operation
•
Many-to-one Multi-network Address
–
Translation (NAT)
Classical routing
Classical routing
–
Unrestricted users per port
–
IP Address Assignment
•
Static IP address assignment
–
Internal DHCP server on LAN
–
DHCP client on WAN
–
PPPoE client support
–
Performance Features
Throughput
•
LAN-to-WAN: 25 Mbps total
–
IPsec VPN (3DES): 7 Mbps
–
Connections
•
6,000 concurrent sessions
–
Management Features
Administration Interface
•
SNMP (v2c) support
–
Web graphic user interface
–
User name and password protected
–
Secure remote management support
–
authenticated through IP address (or IP
address range) and password
Configuration changes/upgrades
address range) and password
Configuration changes/upgrades
–
through Web GUI
Two-factor authentication support
Two-factor authentication support
–
for administrator interface
Logging
•
SYSLOG
–
Email alerts
–
Functions
•
VPN Wizard to simplify configuration
–
of IPsec VPNs
Auto Detect to automatically detect ISP
Auto Detect to automatically detect ISP
–
address type (static, dynamic, PPPoE)
Port range forwarding
Port range forwarding
–
Port triggering
–
Enable/disable WAN ping
–
DNS proxy
–
MAC address cloning/spoofing
–
Network Time Protocol NTP support
–
Diagnostic tools (ping, DNS lookup,
–
trace route, other)
Port/service
Port/service
–
Auto-Uplink on switch ports
–
L3 Quality of Service (QoS)
–
LAN-to-WAN and WAN-to-LAN (ToS)
SIP ALG
SIP ALG
–
Protocol support
•
Network: IP routing, TCP/IP, UDP,
–
ICMP, PPPoE
IP addressing: DHCP (client and server)
IP addressing: DHCP (client and server)
–
Routing: RIP v1, RIPv2 (static routing,
–
dynamic routing)
VPN/security: IPsec (ESP), IKE, PKI,
VPN/security: IPsec (ESP), IKE, PKI,
–
HTTPS
Maintenance
•
Save/restore configuration, restore
–
defaults, upgrades via Web browser,
display statistics
display statistics
Hardware Specifications
•
Processor Speed: 250 MHz
–
Memory: 8 MB flash, 32 MB DRAM
–
Power adapter: 12V DC, 1.5A -plug is
–
localized to country of sale
Dimensions: 190 x 125 x 35 cm
Dimensions: 190 x 125 x 35 cm
–
(7.5 x 4.9 x 1.4 in)
Weight: 0.59 kg (1.3 lb
Weight: 0.59 kg (1.3 lb
–
Environmental Specifications
•
Operating temperature: 0° to 45°C
–
(32° to 113°F)
Operating humidity: 95% maximum
Operating humidity: 95% maximum
–
relative humidity, non-condensing
Warranty
Firewall: NETGEAR Lifetime Warranty
–
†
Power supply: NETGEAR 3-year
–
Warranty
System Requirements
Cable, DSL or wireless broadband
–
modem and Internet service
Ethernet connectivity from
Ethernet connectivity from
–
broadband modem
Network card for each connected PC
Network card for each connected PC
–
Network software (e.g. Windows)
–
Internet Explorer 5.0 or higher or
–
Netscape Navigator 4.7 or higher or
Firefox 2.0 or higher
Firefox 2.0 or higher
Package Contents
ProSafe Gigabit Firewall (FVS318G)
–
Ethernet cable
–
Installation guide
–
Warranty/support information card
–
Resource CD with single user ProSafe
–
VPN Client Software license