Netgear FVS336Gv2 – ProSafe Dual WAN Gigabit Firewall with SSL & IPSec VPN 데이터 시트
Technical Specifications
• Physical Interfaces
– LAN ports: Four (4) 10/100/1000
Mbps auto-sensing, Auto Uplink™
RJ-45 ports; one LAN port can be a
dedicated hardware DMZ port
RJ-45 ports; one LAN port can be a
dedicated hardware DMZ port
– WAN ports: Two (2) 10/100/1000
Mbps auto-sensing, Auto Uplink™
RJ-45 ports to connect to any
broadband modem, such as DSL
or cable
RJ-45 ports to connect to any
broadband modem, such as DSL
or cable
– Load balancing or fail-over modes
• SPI firewall
– Stateful packet inspection (SPI):
– prevents denial-of-service
(DoS) attacks
– provides stealth mode
– user support: Unrestricted
– Keyword filtering on:
– address
– service (ex. FTP, SMTP, HTTP, RPL,
SNMP, DNS, ICMP, NNTP, POP3,
SSH, etc.)
SSH, etc.)
– protocol
– Web URL port/service blocking
– file extension (ex. Java, URL, ActiveX)
– Port/service blocking
• IPsec VPN functionality
– Twenty-five (25) dedicated IPsec
VPN tunnels
– Manual key and Internet Key
Exchange Security Association (IKE SA)
assignment
assignment
– pre-shared key signature
– RSA/DSA signature
– Key life and IKE lifetime time settings
– Perfect forward secrecy
– Diffie-Hellman groups 1 and 2
– Oakley support
– Operating modes
– main
– aggressive
– Fully qualified domain name
(FQDN) support for dynamic IP
address VPN connections
address VPN connections
• IPsec support
– IPsec-based 56-bit (DES) 168-bit
(3DES), or 256-bit (AES) encryption
algorithm
algorithm
– MD5 or SHA-1 hashing algorithm
– ESP support
– PKI features with X.509 v.3 certificate
support
– remote access VPN (client-to-site),
site-to-site VPN
– IPsec NAT traversal (VPN pass-
through)
• SSL VPN Functionality
– Ten (10) dedicated
SSL VPN tunnels
– SSL version support: SSLv3
and TLS 1.0
– SSL encryption support: DES, 3DES,
ARC4, AES (ECB, CBC, XCBC, CNTR)
128/256 bit
128/256 bit
– SSL message integrity: MD5, SHA-1,
MAC-MDS/SHA-1, HMAC-MD5/SHA-1
– Certificate support:
– RSA
– Diffie-Hellman
– Self
• Routing Modes of Operation
– Many-to-one Multi-network Address
Translation (NAT)
– Classical routing
– Unrestricted users per port
• IP Address Assignment
– Static IP address assignment
– Internal DHCP server on LAN
– DHCP client on WAN
– PPPoE client support
Performance Features
• Throughput¹
– LAN-to-WAN: 60 Mbps total
– IPsec VPN (3DES): 16 Mbps
– SSL VPN: 10 Mbps
• Connections
– 10,000 concurrent sessions
ProSafe
®
Dual WAN Gigabit Firewall with SSL & IPsec VPN
FVS336Gv2
PC with GA311
Desktop PCs with
GA311 network card installed
GA311 network card installed
Servers
FVS336G
Dual WAN Gigabit Firewall
with SSL & IPsec VPN
with SSL & IPsec VPN
FVS336G
Dual WAN Gigabit Firewall
with SSL & IPsec VPN
with SSL & IPsec VPN
GS724TS
ProSafe 24-port Gigabit
Stackable Smart Switch
Stackable Smart Switch
Broadband
modems
modems
VPN Tunnel
encrypts your data
encrypts your data
Internet
Broadband
modems
modems
PDA with Web browser
Telecommuter with ProSafe VPN
Client Software VPN01L
(IPsec VPN)
Client Software VPN01L
(IPsec VPN)
240-10041-01
© 2004 NETGEAR, INC.
ALL RIGHTS RESERVED
240-10129-01
© 2004 NETGEAR, Inc.
All rights reserved
NMS100 ProSafe Network Management System
Everybody ’s connecting.™
Instructions:
This CD should automatically
run when inserted into your
CD-ROM drive. If the CD
does not start automatically,
browse to the CD drive and
click on NMSsetup.exe
This CD should automatically
run when inserted into your
CD-ROM drive. If the CD
does not start automatically,
browse to the CD drive and
click on NMSsetup.exe
Software CD
Version 1.0
Version 1.0
2
7
0
-1
0
2
6
3
-0
1
PCs with GA311
WG302 access point
Laptop with SSL VPN
Remote Access
via Kiosk or Laptop
via Kiosk or Laptop
Gigabit Ethernet
Fast Ethernet
Fast Ethernet