Page 16 / 212 Scroll up to view Page 11 - 15
Reference Manual for the ProSafe VPN Firewall FVS114
1-4
About This Manual
202-10098-01, April 2005
Page 17 / 212
Introduction
2-1
202-10098-01, April 2005
Chapter 2
Introduction
This chapter describes the features of the NETGEAR FVS114 ProSafe VPN Firewall.
Key Features of the VPN Firewall
The FVS114 ProSafe VPN Firewall with four-port switch connects your local area network (LAN)
to the Internet through an external access device such as a cable modem or DSL modem.
The FVS114 is a complete security solution that protects your network from attacks and intrusions.
Unlike simple Internet sharing firewalls that rely on Network Address Translation (NAT) for
security, the FVS114 uses stateful packet inspection for Denial of Service attack (DoS) protection
and intrusion detection. The FVS114 allows Internet access for up to 253 users. The FVS114 VPN
Firewall provides you with multiple Web content filtering options, plus browsing activity reporting
and instant alerts — both via e-mail. Parents and network administrators can establish restricted
access policies based on time-of-day, Web site addresses and address keywords, and share
high-speed cable/DSL Internet access for up to 253 personal computers. In addition to NAT, the
built-in firewall protects you from hackers.
With minimum setup, you can install and use the firewall within minutes.
The FVS114 VPN Firewall provides the following features:
Easy, Web-based setup for installation and management.
Content filtering and site blocking security.
Built-in four-port 10/100 Mbps switch.
Ethernet connection to a WAN device, such as a cable modem or DSL modem.
Extensive protocol support.
Login capability.
Front panel LEDs for easy monitoring of status and activity.
Flash memory for firmware upgrade.
Page 18 / 212
Reference Manual for the ProSafe VPN Firewall FVS114
2-2
Introduction
202-10098-01, April 2005
A Powerful, True Firewall with Content Filtering
Unlike simple Internet sharing NAT firewalls, the FVS114 is a true firewall, using stateful packet
inspection to defend against hacker attacks. Its firewall features include:
DoS protection.
Automatically detects and thwarts DoS attacks such as Ping of Death, SYN Flood, LAND
Attack, and IP Spoofing.
Blocks unwanted traffic from the Internet to your LAN.
Blocks access from your LAN to Internet locations or services that you specify as off-limits.
Logs security incidents.
The FVS114 logs security events such as blocked incoming traffic, port scans, attacks, and
administrator logins. You can configure the firewall to email the log to you at specified
intervals. You can also configure the firewall to send immediate alert messages to your e-mail
address or email pager whenever a significant event occurs.
With its content filtering feature, the FVS114 prevents objectionable content from reaching
your PCs. The firewall allows you to control access to Internet content by screening for
keywords within Web addresses. You can configure the firewall to log and report attempts to
access objectionable Internet sites.
Security
The FVS114 VPN Firewall is equipped with several features designed to maintain security, as
described in this section.
PCs Hidden by NAT
NAT opens a temporary path to the Internet for requests originating from the local network.
Requests originating from outside the LAN are discarded, preventing users outside the LAN
from finding and directly accessing the PCs on the LAN.
Port Forwarding with NAT
Although NAT prevents Internet locations from directly accessing the PCs on the LAN, the
firewall allows you to direct incoming traffic to specific PCs based on the service port number
of the incoming request, or to one designated “DNS” host computer. You can specify
forwarding of single ports or ranges of ports.
Page 19 / 212
Reference Manual for the ProSafe VPN Firewall FVS114
Introduction
2-3
202-10098-01, April 2005
Autosensing Ethernet Connections with Auto Uplink
With its internal eight-port 10/100 switch, the FVS114 can connect to either a 10 Mbps standard
Ethernet network or a 100 Mbps Fast Ethernet network. Both the LAN and WAN interfaces are
autosensing and capable of full-duplex or half-duplex operation.
The firewall incorporates Auto Uplink
TM
technology. Each Ethernet port automatically senses
whether the Ethernet cable plugged into the port should have a normal connection such as to a PC
or an uplink connection such as to a switch or hub. That port then configures itself to the correct
configuration. This feature also eliminates the need to worry about crossover cables, as Auto
Uplink will accommodate either type of cable to make the right connection.
Extensive Protocol Support
The FVS114 VPN Firewall supports the Transmission Control Protocol/Internet Protocol (TCP/IP)
and Routing Information Protocol
(RIP). For further information about TCP/IP, refer to
Appendix B, “Network, Routing, and Firewall Basics
.”
IP Address Sharing by NAT
The FVS114 VPN Firewall allows several networked PCs to share an Internet account using
only a single IP address, which may be statically or dynamically assigned by your Internet
service provider (ISP). This technique, known as NAT, allows the use of an inexpensive
single-user ISP account.
Automatic Configuration of Attached PCs by DHCP
The FVS114 VPN Firewall dynamically assigns network configuration information, including
IP, gateway, and Domain Name Server (DNS) addresses, to attached PCs on the LAN using
the Dynamic Host Configuration Protocol (DHCP). This feature greatly simplifies
configuration of PCs on your local network.
DNS Proxy
When DHCP is enabled and no DNS addresses are specified, the firewall provides its own
address as a DNS server to the attached PCs. The firewall obtains actual DNS addresses from
the ISP during connection setup and forwards DNS requests from the LAN.
Point-to-Point Protocol over Ethernet (PPPoE)
PPPoE is a protocol for connecting remote hosts to the Internet over a DSL connection by
simulating a dial-up connection. This feature eliminates the need to run a login program such
as Entersys or WinPOET on your PC.
Page 20 / 212
Reference Manual for the ProSafe VPN Firewall FVS114
2-4
Introduction
202-10098-01, April 2005
Easy Installation and Management
You can install, configure, and operate the FVS114 ProSafe VPN Firewall within minutes after
connecting it to the network. The following features simplify installation and management tasks:
Browser-based management
Browser-based configuration allows you to easily configure your firewall from almost any
type of personal computer, such as Windows, Macintosh, or Linux. A user-friendly Setup
Wizard is provided and online help documentation is built into the browser-based Web
Management Interface.
Smart Wizard
The FVS114 VPN Firewall automatically senses the type of Internet connection, asking you
only for the information required for your type of ISP account.
Diagnostic functions
The firewall incorporates built-in diagnostic functions such as Ping, DNS lookup, and remote
reboot.
Remote management
The firewall allows you to login to the Web Management Interface from a remote location on
the Internet. For security, you can limit remote management access to a specified remote IP
address or range of addresses, and you can choose a nonstandard port number.
Visual monitoring
The FVS114 VPN Firewall’s front panel LEDs provide an easy way to monitor its status and
activity.
Maintenance and Support
NETGEAR offers the following features to help you maximize your use of the FVS114 VPN
Firewall:
Flash memory for firmware upgrade.
Free technical support seven days a week, 24 hours a day.

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top