ProSafe¢ç Dual WAN Gigabit Firewall with SSL & IPsec VPN
FVS336Gv2
- ÃÖ´ë 25°³ÀÇ IPSec VPN ÅͳΠ¹× 10°³ÀÇ SSL VPN ÅͳΠµ¿½Ã Áö¿ø
- SPI ¹æȺ®, DoS ħÀÔ ¹æÁö, ´Ù¼öÀÇ VPN pass-through, Àü¿ë DMZ Æ÷Æ® µî ¸ðµç º¸¾È¿å±¸ ÃæÁ·
- SYSLOG ¹× À̸ÞÀÏ ¸®Æ÷ÆÃÀ¸·Î ¼Õ½¬¿î ¸ð´ÏÅ͸µ Á¦°ø
- ·Îµå ¹ë·±½Ì ¹× ȸ¼± Àå¾Ö ¼³Á¤½Ã 2°³ÀÇ ºê·Îµå¹êµå ȸ¼±À» Áö¿ø
- ISP ÀÚµ¿ ŽÁö, À¥ ¹æ½Ä ProSafe Control Center ¼³Á¤, IPSec VPN ¸¶¹ý»ç ±â´É
- Windows, UNIX, Macintosh, Linux µî ¸ðµç OS¸¦ Áö¿ø
- ¸ðµç Æ÷Æ®¿¡¼ Auto Uplink ±â´É Áö¿ø
- NETGEAR Life Time Warranty
¾ÈÀüÇÑ ¿ø°Ý ³×Æ®¿öÅ© Á¢¼ÓÀ» À§ÇÑ SSL & IPsec VPN
NETGEAR ProSafe ¢â Dual WAN Gigabit Firewall SSL & Ipsec VPNÀº ¾ÈÀüÇÑ ³×Æ®¿öÅ© Á¢¼ÓÀ» À§ÇØ SSL(Secure Sockets Layer) ¹× IPsec(IP Security) µÎ°¡Áö ŸÀÔÀÇ VPN(Virtual Private Network) ÅͳÎÀ» Á¦°øÇÔÀ¸·Î½á ÃÖÀûÀÇ ³×Æ®¿öÅ© ¿ø°Ý Á¢¼ÓÀ» Áö¿øÇØ ÁÝ´Ï´Ù.
SSL VPN ÅͳÎÀº ½Ã°£ ¹× Àå¼Ò¿¡ ±¸¾Ö¹ÞÁö ¾Ê°í ¾ðÁ¦ ¾î´Ï¼³ª °¢°¢ÀÇ °³°³ÀÎÀÌ Å¬¶óÀ̾ðÆ®¾øÀÌ ¿ø°ÝÀ¸·Î »ç³» ³×Æ®¿öÅ© Á¢¼ÓÀ» Á¦°øÇØ ÁÖ¸ç, IPSec VPN ÅͳÎÀº ¾ÈÀüÇÑ ÁöÁ¡ ´ë ÁöÁ¡ °£ÀÇ ÅͳΠ¹× ±âÁ¸ Ŭ¶óÀ̾ðÆ® ±â¹ÝÀÇ ¿ø°Ý Á¢¼ÓÀ» Á¦°øÇØ ÁÝ´Ï´Ù. FVS336G´Â ¹æȺ® ±â´ÉÀ» Áö¿øÇÏ´Â °í¼º´É SNMP °ü¸®Çü ³×Æ®¿öÅ© ¼Ö·ç¼ÇÀ¸·Î DoS(Denial of Service) ħÀÔ ¹æÁö, SPI(Stateful Packet Inspection), URL Å°¿öµå ÇÊÅ͸µ, ·Î±ë, ¸®Æ÷ÆÃ, ½Ç½Ã°£ °æ°í ±â´É µî ´ÙÂ÷¿øÀÇ º¸¾È ±â´ÉÀ» Á¦°øÇÕ´Ï´Ù.
4°³ÀÇ ±â°¡ºñÆ® LAN Æ÷Æ®´Â ÃÖ°íÀÇ ¼Óµµ·Î µ¥ÀÌÅÍ Àü¼ÛÀ» º¸ÀåÇϸç, 2°³ÀÇ ±â°¡ºñÆ® WAN Æ÷Æ®´Â ·Îµå ¹ë·±½Ì ¹× ȸ¼± Àå¾Ö ¹æÁö·Î ÃÖ°íÀÇ µ¥ÀÌÅÍ Àü¼ÛÀ² ¹× ÀÎÅͳݰúÀÇ ¾ÈÁ¤ÀûÀÎ Á¢¼ÓÀ» ¾à¼ÓÇÕ´Ï´Ù. NAT ¶ó¿ìÆà ¹× ÀüÅëÀûÀÎ ¶ó¿ìÆà ±â´É Áö¿ø, ÃÖ´ë 253¸íÀÇ ÀÎÅÍ³Ý È¸¼± °øÀ¯ µî ´Ù¾çÇÑ È°¿ëµµ°¡ ÀåÁ¡ÀÔ´Ï´Ù.
öÀúÇÑ ¹æȺ® º¸¾È
FVS336G´Â ÃÖ´ë 25°³ÀÇ IPSec VPN ÅͳΠ¹× 10°³ÀÇ SSL VPN ÅͳÎÀ» µ¿½Ã¿¡ Áö¿øÇϸç SPI ¹æȺ®À» ÅëÇÑ ÇØÄ¿ ħÀÔ ¹æÁö, DoS ħÀÔ ¹æÁö, ´Ù¼öÀÇ VPN pass-through µî ±Í»çÀÇ ¸ðµç º¸¾È ¿å±¸¸¦ ÃæÁ·½ÃÄÑ ÁÝ´Ï´Ù. SYSLOG ¹× À̸ÞÀÏ ¸®Æ÷ÆÃÀº ¼Õ½¬¿î ¸ð´ÏÅ͸µÀ» µµ¿ÍÁÖ¸ç IKE ÀÎÁõÀº Çã°¡ ¹ÞÁö ¾ÊÀº VPN ³×Æ®¿öÅ© Á¢¼Ó¿¡ ´ëÇÑ °ÆÁ¤À» ¸»²ûÈ÷ ¾ø¾ÖÁÝ´Ï´Ù. SSL VPN ÅͳÎÀº »ê¾÷ Ç¥ÁØ ¾ÏÈ£È ¾Ë°í¸®ÁòÀ» Áö¿øÇÏ°í ±Í»çÀÇ Áß¿äÇÑ µ¥ÀÌÅÍ º¸È£¸¦ À§ÇØ ¼¼¼Ç Á¾·á ÈÄ ÀÚµ¿ ij½¬ Á¦°Å ±â´ÉÀ» Áö¿øÇÕ´Ï´Ù. FVS336G´Â ³×Æ®¿öÅ© º¸¾È À§Çù¿¡¼ ±Í»çÀÇ ³×Æ®¿öÅ©¸¦ ¾ÈÀüÇÏ°í È¿À²ÀûÀ¸·Î ÁöÄÑÁÝ´Ï´Ù. Àü¿ë DMZ Æ÷Æ®´Â ³»ºÎ PC·ÎºÎÅÍ À¥ ¼¹ö¿Í °°Àº ¿ÜºÎ¿¡¼ Á¢¼ÓÀÌ °¡´ÉÇÑ ÀÚ»êµé°ú ºÐ¸®½ÃÄÑÁÖ¸ç ³×Æ®¿öÅ© º¸¾È À§ÇùÀ¸·ÎºÎÅÍ ÃÖÀûÀÇ °¡Ä¡¿Í ¾ÈÀüÇÑ º¸È£¸¦ ¾à¼ÓÇÕ´Ï´Ù.
2°³ÀÇ WAN Æ÷Æ® Áö¿ø, ¾ÈÁ¤ÀûÀÎ ¼Óµµ ¹× ¼º´É
Dual ±â°¡ºñÆ® ÀÌ´õ³Ý WAN Æ÷Æ®´Â ·Îµå ¹ë·±½Ì ¹× ȸ¼± Àå¾Ö ¼³Á¤½Ã 2°³ÀÇ ºê·Îµå¹êµå ȸ¼±À» Áö¿øÇÕ´Ï´Ù. ·Îµå ¹ë·±½Ì ¼³Á¤Àº °¢±â ´Ù¸¥ ISP ¾÷üÀÇ È¸¼±À» ÅëÇØ ÃÖ°íÀÇ µ¥ÀÌÅÍ Àü¼ÛÀ²À» º¸ÀåÇÏ°Ô µÇ¸ç µÎ¹ø° WAN Æ÷Æ®ÀÇ È¸¼±Àº ù¹ø° ȸ¼±¿¡ Àå¾Ö°¡ ¹ß»ýÇßÀ» ½Ã ¾ÈÁ¤ÀûÀÎ ÀÎÅÍ³Ý °ø±ÞÀ» À§ÇØ ¹é¾÷¿ëÀ¸·Î »ç¿ëÀÌ °¡´ÉÇÕ´Ï´Ù. °ß°íÇÑ ¸ÞÅ» µðÀÚÀÎÀº Æ°Æ°ÇÑ ³»±¸¼ºÀ» ÀÚ¶ûÇϸç öÀúÇÑ »çÀü Å×½ºÆ®¸¦ ÅëÇØ Æò»ý Ç°Áú º¸ÁõÀ» ¾à¼ÓÇÕ´Ï´Ù.
¼Õ½¬¿î ¼³Á¤ ¹× °ü¸®
±Í»ç¿¡ ¸Â´Â ISP ÀÚµ¿ ŽÁö ±â´É, »ç¿ëÀÚ Æí¸®¼ºÀ» À§ÇÑ À¥ ¹æ½Ä ProSafe Control Center ¼³Á¤ â ¹× ¼³Á¤ µµ¿ì¹Ì ±â´ÉÀº ¼³Á¤ ¹× ¼³Ä¡ ½Ã ÇÊ¿äÇÑ ½Ã°£À» Àý¾àÇØ ÁÝ´Ï´Ù. SSL VPN ÅͳÎÀ» ÅëÇØ »ç¿øµéÀº »ç¹«½Ç¿¡ Ãâ±ÙÇÏÁö ¾Ê°í º¸´Ù ºü¸£°í ¾ÈÀüÇÏ°Ô À¥ ºê¶ó¿ìÀú¸¦ ÅëÇØ »ç³» ³×Æ®¿öÅ© Á¢¼ÓÀÌ °¡´ÉÇØÁý´Ï´Ù. IPSec VPN ¸¶¹ý»ç´Â IPSec VPN ¹× ´Ù¼öÀÇ »çÀÌÆ®¿¡ ¾ÈÀüÇÑ ¿ø°Ý Á¢¼ÓÀ» À§ÇØ ÀÚµ¿ ¼³Á¤À» µµ¿ÍÁÝ´Ï´Ù. PPPoE´Â ¹°·Ð DHCP(client ¹× server)Áö¿øÀ¸·Î ¼Õ½±°í ´Ù¾çÇÑ È°¿ëÀ» ¾à¼ÓÇϸç 4°³ÀÇ 10/100/1000Mbps ½ºÀ§Ä¡ ³»Àå ¹× Windows, UNIX, Macintosh, Linux µî ¸ðµç OS¸¦ Áö¿øÇÕ´Ï´Ù. ¶ÇÇÑ ÀÌ´õ³Ý ÄÉÀ̺í Á¦°ø ¹× ¸ðµç Æ÷Æ®¿¡¼ Auto Uplink ±â´É Áö¿øÀ¸·Î Å©·Î½ºÄÉÀÌºí »ç¿ëÀÌ ÇÊ¿ä ¾ø½À´Ï´Ù.
Physical Interfaces
- LAN ports: Four (4) 10/100/1000 Mbps auto-sensing, Auto Uplink¢â RJ-45 ports; one LAN port can be a dedicated hardware DMZ port
- WAN ports: Two (2) 10/100/1000 Mbps auto-sensing, Auto Uplink¢â RJ-45 ports to connect to any broadband modem, such as DSL or cable
- Load balancing or fail-over modes
SPI firewall
- Stateful packet inspection (SPI):
- prevents denial-of-service (DoS) attacks
- provides stealth mode
- user support: Unrestricted
- Keyword filtering on:
- address
- service (ex. FTP, SMTP, HTTP, RPL, SNMP, DNS, ICMP, NNTP, POP3, SSH, etc.)
- protocol
- Web URL port/service blocking
- file extension (ex. Java, URL, ActiveX)
- Port/service blocking
IPsec VPN functionality
- Twenty-five (25) dedicated IPsec VPN tunnels
- Manual key and Internet Key Exchange Security Association (IKE SA) assignment
- pre-shared key signature
- RSA/DSA signature
- Key life and IKE lifetime time settings
- Perfect forward secrecy
- Diffie-Hellman groups 1 and 2
- Oakley support
- Operating modes
- main
- aggressive
- Fully qualified domain name (FQDN) support for dynamic IP address VPN connections
IPsec support
- IPsec-based 56-bit (DES) 168-bit (3DES), or 256-bit (AES) encryption algorithm
- MD5 or SHA-1 hashing algorithm
- ESP support
- PKI features with X.509 v.3 certificate support
- remote access VPN (client-to-site), site-to-site VPN
- IPsec NAT traversal (VPN pass through)
SSL VPN Functionality
- Ten (10) dedicated SSL VPN tunnels
- SSL version support: SSLv3 and TLS 1.0
- SSL encryption support: DES, 3DES, ARC4, AES (ECB, CBC, XCBC, CNTR) 128/256 bit
- SSL message integrity: MD5, SHA-1, MAC-MDS/SHA-1, HMAC-MD5/SHA-1
- Certificate support:
- RSA
- Diffie-Hellman
- Self
Routing Modes of Operation
- Many-to-one Multi-network Address Translation (NAT)
- Classical routing
- Unrestricted users per port
IP Address Assignment
- Static IP address assignment
- Internal DHCP server on LAN
- DHCP client on WAN
- PPPoE client support
Performance Features
Throughput©ö
- LAN-to-WAN: 60 Mbps total
- IPsec VPN (3DES): 16 Mbps
- SSL VPN: 10 Mbps
Connections
- 10,000 concurrent sessions
Management Features
Administration Interface
- SNMP (v2c) support
- Web graphic user interface
- Secure Sockets Layer (SSL) remote management
- User name and password protected
- Secure remote management support authenticated through IP address (or IP address range) and password
- Configuration changes/upgrades through Web GUI
- 2 factor authentication (WIKID)
Logging
- SYSLOG
- Email alerts
Functions
- VPN Wizard to simplify configuration of IPsec VPNs
- Auto Detect to automatically detect ISP address type (static, dynamic, PPPoE)
- Port range forwarding
- Port triggering
- Enable/disable WAN ping
- DNS proxy
- MAC address cloning/spoofing
- Network Time Protocol NTP support
- Diagnostic tools (ping, DNS lookup, trace route, other)
- Port/service
- Auto-Uplink on switch ports
- L3 Quality of Service (QoS) LAN-to-WAN and WAN-to-LAN (ToS)
- SIP ALG
Protocol support
- Network: IP routing, TCP/IP, UDP, ICMP, PPPoE
- IP addressing: DHCP (client and server)
- Routing: RIP v1, RIPv2 (static routing, dynamic routing)
- VPN/security: IPsec (ESP), IKE, PKI, HTTPS
User support
- LAN: Up to 253 users
Maintance
- Save/restore configuration, restore defaults, upgrades via Web browser, display statistics
Hardware Specifications
- Processor Speed: 300 MHz
- Memory: 16 MB flash, 64 MB DRAM
- Power adapter: 12V DC, 1.2A -plug is localized to country of sale
- Dimensions: 25.4 x 17.8 x 3.96 cm (10 x 7 x 1.56 in)
- Weight: 1.7 kg (3.7 lb)
Environmental Specifications
- Operating temperature: 0¡É to 40¡É (32¢µ to 104¢µ)
- Operating humidity: 90% maximum relative humidity, non-condensing
Warranty
- Firewall: NETGEAR Lifetime Warranty¢Ó
- Power supply: NETGEAR 3-year
Warranty
System Requirements
- Cable, DSL or wireless broadband modem and
- Internet service
- Ethernet connectivity from broadband modem
- Network card for each connected PC
- Network software (e.g. Windows)
- Internet Explorer 5.0 or higher or Netscape Navigator 4.7 or higher
Package Contents
- ProSafe Dual WAN Gigabit Firewall (FVS336Gv2)
- Ethernet cable
- Installation guide
- Warranty/support information card
- Resource CD with single user ProSafe VPN Client Software license
NETGEAR Related Products
Accessories
- VPN01L and VPN05L ProSafe VPN Client Software
- NMS100 ProSafe Network Management Software
SSL Concentrators
- SSL312 ProSafe SSL VPN Concentrator 25
Ordering Information
- North America: FVS336G-200NAS
- Korea, Europe: FVS336G-200EUS
- Asia: FVS336G-200AUS
ProSupport Information
¡Ü OnCall 24x7, Category 1
- PMB0331-100 (US)
- PMB0331 (non-US)
¡Ü XPressHW, Category 1
- PRR0331
|