Netgear FVS318N – Prosafe Wireless N VPN Firewall Manual De Referencia
Introduction
13
ProSAFE Wireless-N 8-Port Gigabit VPN Firewall FVS318N
A Powerful, True Firewall
Unlike simple NAT routers, the wireless VPN firewall is a true firewall, using stateful packet
inspection (SPI) to defend against hacker attacks. Its firewall features have the following
capabilities:
inspection (SPI) to defend against hacker attacks. Its firewall features have the following
capabilities:
•
DoS protection. Automatically detects and thwarts denial of service (DoS) attacks such
as Ping of Death and SYN flood.
as Ping of Death and SYN flood.
•
Secure firewall. Blocks unwanted traffic from the Internet to your LAN.
•
Schedule policies. Permits scheduling of firewall policies by day and time.
•
Logs security incidents. Logs security events such as logins and secure logins. You
can configure the firewall to email the log to you at specified intervals.
can configure the firewall to email the log to you at specified intervals.
Security Features
The wireless VPN firewall is equipped with several features designed to maintain security:
•
Computers hidden by NAT. NAT opens a temporary path to the Internet for requests
originating from the local network. Requests originating from outside the LAN are
discarded, preventing users outside the LAN from finding and directly accessing the
computers on the LAN.
originating from the local network. Requests originating from outside the LAN are
discarded, preventing users outside the LAN from finding and directly accessing the
computers on the LAN.
•
Port forwarding with NAT. Although NAT prevents Internet locations from directly
accessing the computers on the LAN, the wireless VPN firewall allows you to direct
incoming traffic to specific computers based on the service port number of the incoming
request.
accessing the computers on the LAN, the wireless VPN firewall allows you to direct
incoming traffic to specific computers based on the service port number of the incoming
request.
•
DMZ port. Incoming traffic from the Internet is usually discarded by the wireless VPN
firewall unless the traffic is a response to one of your local computers or a service for
which you have configured an inbound rule. Instead of discarding this traffic, you can use
the dedicated demilitarized zone (DMZ) port to forward the traffic to one computer on your
network.
firewall unless the traffic is a response to one of your local computers or a service for
which you have configured an inbound rule. Instead of discarding this traffic, you can use
the dedicated demilitarized zone (DMZ) port to forward the traffic to one computer on your
network.
Autosensing Ethernet Connections with Auto Uplink
With its internal eight-port 10/100/1000 Mbps switch and 10/100/1000 WAN port, the wireless
VPN firewall can connect to either a 10 Mbps standard Ethernet network, a 100 Mbps Fast
Ethernet network, or a 1000 Mbps Gigabit Ethernet network. The LAN and WAN interfaces
are autosensing and capable of full-duplex or half-duplex operation.
VPN firewall can connect to either a 10 Mbps standard Ethernet network, a 100 Mbps Fast
Ethernet network, or a 1000 Mbps Gigabit Ethernet network. The LAN and WAN interfaces
are autosensing and capable of full-duplex or half-duplex operation.
The wireless VPN firewall incorporates Auto Uplink
TM
technology. Each Ethernet port
automatically senses whether the Ethernet cable plugged into the port should have a normal
connection such as to a computer or an uplink connection such as to a switch or hub. That
port then configures itself correctly. This feature eliminates the need for you to think about
crossover cables, as Auto Uplink accommodates either type of cable to make the right
connection.
connection such as to a computer or an uplink connection such as to a switch or hub. That
port then configures itself correctly. This feature eliminates the need for you to think about
crossover cables, as Auto Uplink accommodates either type of cable to make the right
connection.