Netgear FVX538 ProSafe Dual WAN VPN Firewall

NETGEAR Updated: 2008-09-27 RSS
Netgear FVX538 ProSafe Dual WAN VPN Firewall

High-performance, Manageable Dual WAN Security Firewall
At the heart of your office network, NETGEAR's high performance security appliance, ProSafe® Dual WAN VPN Firewall offers a complete security solution for small and medium-sized companies.This rack-mountable, stateful packet inspection (SPI) firewall is equipped with support for up to 200 security associations (VPN tunnels). The FVX538 can serve as a DHCP server, supports Simple Network Management Protocol (SNMP), Quality of Service (QoS) and has a powerful SPI firewall to protect your PCs against intruders and most common Internet attacks.

Featuring eight auto-sensing 10/100 Mbps LAN ports, one Gigabit LAN port and two 10/100 WAN ports, the ProSafe® VPN Firewall FVX538 lets multiple computers in your office share two Internet connections. The dual WAN ports let you connect a second Internet line as a backup to insure that you're never disconnected. One LAN port can be dedicated as a hardware DMZ port for safely providing services to the Internet without compromising security on your LAN.

Richer Security
This powerful VPN Firewall extends security from the network core to the perimeter by preventing unauthorized network access using a SPI firewall, blocking denial-of-service (DoS) and other attacks, encrypting traffic traveling across the Internet.

Capacity To Spare
Dual WAN ports support two broadband connections. A second WAN port supports an additional broadband connection. This second WAN connection may be configured as a failover connection in case the primary connection fails or can be used to balance the workload by distributing traffic across the two connections for optimal per-user bandwidth.

Superior Value and Usability
Competitively priced and SNMP manageable, convenient VPN Wizard gathers basic information about your networks and recommends a VPN solution with supporting instructions. Bundled with NETGEAR's ProSafe VPN client software (VPN05L) - a five-user license is included. Virtual Private Network Consortium (VPNC) certified VPN supports secure data connectivity and transmission over the Internet and ensures interoperability with many other popular security products.


Physical Interfaces
* LAN ports: Eight (8) 10/100 Mbps auto-sensing, Auto Uplink™ RJ-45 ports; one (1) Gigabit 10/100/1000 Mbps LAN port; one LAN port can be dedicated hardware DMZ port
* WAN ports: Two 10/100 Mbps Ethernet RJ-45 ports with auto fail-over and load balancing
* Serial port: One console port for command line interface (CLI) support

Security Features
* SPI firewall: Stateful packet inspection (SPI) to prevent notorious denialofservice (DoS) attacks, including logging, reporting and email alerts, address, service and protocol, Web URL keyword filtering, prevent replay attack (reassembly attack), port/service blocking. Advanced features include block Java/URL/ ActiveX based on extension, FTP/SMTP/RPC program filtering
* VPN functionality: Two hundred (200) dedicated VPN tunnels, Manual key and Internet Key Exchange Security Association (IKE SA) assignment with pre-shared key and RSA/DSA signatures, key life and IKE lifetime time settings, perfect forward secrecy (Diffie-Hellman groups 1 and 2 and Oakley support), operating modes (main, aggressive), fully qualified domain name (FQDN) support for dynamic IP address VPN connections.
* IPsec support: IPsec-based 56-bit (DES), 168-bit (3DES), or 256-bit (AES) encryption algorithm, MD5 or SHA-1 hashing  algorithm, AH/AH-ESP support, PKI features with X.509 v.3 certificate support, remote access VPN (client-to-site), site-to-site VPN, IPsec NAT traversal (VPN pass-through)
* Mode of Operation: One-to-one/many-to-one Multi-network Address Translation (NAT), classical routing, unrestricted users per port
* IP Address Assignment: Static IP address assignment, internal DHCP server on LAN, DHCP client on WAN, PPPoE client support

Performance Features
* Throughput:
* LAN-to-WAN: up to 80 Mbps
* 3DES IPsec tunnel: Up to 30 Mbps

Management Features
* Administration interface: SNMP (v1b, v2c) support, telnet, web graphic user interface, Secure Sockets Layer (SSL) remote management, user name and password protected; secure remote management support authenticated through IP address or IP address range and password; configuration changes/upgrades through Web GUI.
* Configuration and upgrades: Upload and download configuration settings, firmware upgradeable flash memory
* Logging: SYSLOG, email alerts