D-Link DFL-M510 User Manual
  1. Manuals
  2. Brands
  3. D-Link Manuals
  4. Network Card
  5. DFL-M510
  6. User manual

D-Link DFL-M510 User Manual

Hide thumbs Also See for DFL-M510:
Table of Contents

Advertisement

Quick Links

Download this manual See also: User Manual, Quick Manual
Information Security gateway(ISG)
User Manual
DFL-M510
Security
Security
Network Security Solution
http://www.dlink.com

Advertisement

Table of Contents
loading

Related Manuals for D-Link DFL-M510

Summary of Contents for D-Link DFL-M510

  • Page 1 Information Security gateway(ISG) User Manual DFL-M510 Security Security Network Security Solution http://www.dlink.com...
  • Page 3 This publication, including all photographs, illustrations and software, is protected under international copyright laws, with all rights reserved. Neither this manual, nor any of the material contained herein, may be reproduced without written consent of D-Link. Copyright 2006 Version 1.01 Disclaimer The information in this document is subject to change without notice.
  • Page 4 ) is a registered trademark of Nullsoft Inc. Player365 ( ) is a registered trademark of Live365, Inc. D-Link is a registered trademark of D-Link Systems, Inc. Java is a trademarks or registered trademark of Sun Microsystems, Inc. in the United States and other countries.
  • Page 5 Safety Certifications CE, C-Tick, TUV, UL About this Manual This manual provides information for setting up and configuring the DFL-M510. This manual is intended for network administrators. Safety Information READ THIS IMPORTANT SAFETY INFORMATION SECTION. RETAIN THIS MANUAL FOR REFERENCE.

  • Page 7: Table Of Contents

    Table of Contents Chapter 1: Getting Started with the DFL-M510 ------------------------------------------------- 1 Identifying Components ..................1 Front View ....................... 1 Rear View ........................ 2 Configuring the DFL-M510 ..................3 Configuration Through the Command Line Interface ..........3 Configuration Through a Web-based Interface ............7 Running the Setup Wizard ..................
  • Page 8 Chapter 5: Objects ------------------------------------------------------------------------------------------63 The Objects Screen ......................The Setup Hosts Tab .................... 64 Exporting a Host Database ................... 67 The Setup Groups Tab ..................69 Assign Hosts to Groups ..................70 Chapter 6: Policy --------------------------------------------------------------------------------------------72 The Policy Setting Screen ....................The Template Setting Tab ..................
  • Page 9 History Command ....................121 Exit Command ...................... 122 Reboot Command ....................122 Reset Command ....................123 Ping Command .....................123 Appendix B: Glossary -------------------------------------------------------------------------------------- 124 Appendix C: Features and Specifications -------------------------------------------------------- 129 ..................... 129 Hardware Specification ....................129 Features Specification ......................131 LCM Module ....................

  • Page 10: Getting Started With The Dfl-M510

    In-Line mode with a hardware bypass function enabled. The hardware bypass ensures that if the DFL-M510 crashes, or experiences a power out or some other problem; your network is still up and running. This allows your network administrator to begin monitoring selected PCs, while checking for anything that may upset your current network environment.

  • Page 11: Rear View

    STATUS LEDS The following table describes the status LEDs on the front of the DFL-M510. Function Naming Color Status LED Description Power Power Green Power off Power Green System System Power off (System not ready) System ready and running ok...

  • Page 12: Configuring The Dfl-M510

    255.255.255.0 Default Gateway 192.168.62.1 1. Connect one end of the RS-232 cable to the console port on the DFL-M510 and the other end to the COM1 or COM2 port on the PC. (The pin-out definitions are shown below.) Terminal Emulation...
  • Page 13 Data Bits Parity None Stop Bits Flow Control Nine 2. To open a connection in Windows 95/98/NT/2000/XP go to, Program Files Accessory → Communications → Super Terminal. 3. Once you access the Command Line Interface (CLI) with a terminal connection, press any key.
  • Page 14 5. Use the get system command to get information on the DFL-M510. 6. Use the set system ip command to set the IP address.
  • Page 15 7. After the system reboots, use set system gateway to set the default gateway. 8. After setting the IP address, Mask and Gateway, use the get system command to get correct information. Use the web-based interface to configure other parameters. See “Configuration Through a Web-based Interface”...

  • Page 16: Configuration Through A Web-Based Interface

    Before accessing the GUI from any PC, you must install Java Run Time Environment (J2RE V1.4.2 or above). Then you can log on to the DFL-M510 from any computer on the network via a Web browser. You can download J2RE from www.java.com...
  • Page 17 3. Click Run to start the installation. Follow the onscreen prompts to complete the installation. The following Security Warning appears. 4. Click Always to continue and prevent this screen appearing again. The login screen appears. The IP address shown below is only an example. Instead use the IP address for your network.

  • Page 18: Running The Setup Wizard

    7. To log out click the Close button at the top-right of the screen. RUNNING THE SETUP WIZARD The Setup Wizard helps you to quickly apply basic settings for the DFL-M510. You will need the following information for your network to complete the Setup Wizard: IP Address...

  • Page 19: Toolbar

    Policy Status. Also, you can obtain the information of pattern version in the Pattern Status. WIZARD The Wizard provides a handy ways for you to quickly apply system and policy settings for the DFL-M510. On DFL-M510, two wizards shown as below are provided - Setup Wizard and Policy Wizard.

  • Page 20: Setup Wizard

    SETUP WIZARD When initializing the DFL-M510 first time, the Setup Wizard will launch automatically after you logon the device. The Setup Wizard will guide you step-by-step through the entire procedure. After the procedure is completed, the basic system information for DFL-M510 is configured.
  • Page 21 2. You need to provide your IP Address, Subnet Mask, Default Gateway, and DNS Server address to enable the device to connect to your network. If the network was set by CLI, check the settings here. Type in the required information and click Next. Select the check boxes for the applications you want to block and click Next.
  • Page 22 You can leave all the boxes unchecked to be sure the DFL-M510 is set up correctly. Later you can add applications to be blocked in the ” Policy menu. See Chapter 6 “Policy on page 72. 4. Select the No radio button and click Finish.
  • Page 23 When the setup is successful, the following screen appears: 5. Click OK. The System status screen is shown for your information.

  • Page 24: Policy Wizard

    POLICY WIZARD The Policy Wizard helps you to simplify the policy configurations and apply policy settings for the DFL-M510. Follow the steps as below to experience the easy use and convenience of Policy Wizard: TO CREATE A NEW POLICY TEMPLATE VIA POLICY WIZARD...
  • Page 25 2. You can choose to manually setup Host/Group information here or latter in the tree view list. To setup the Host/Group information, click the “Set up Host/Group Now” button, otherwise, click Next to continue. 3. In this step, you can choose either to create a new policy or to select an existing policy template.
  • Page 26 To create a new policy, you need to provide a policy name in the “Template Name” field, and click Next to continue. Here Block Streaming Media is the example. To utilize an existing policy template, click the radio button “Choose an existing policy template”, and select an existing policy template from the pull down list.
  • Page 27 4. Specify the corresponding action and schedule for the “Block Streaming Media” template. Here the “Block” checkbox is checked, and the schedule is “Always”. Click Next to continue.
  • Page 28 5. Assign the “Block Streaming Media” template to a specific group. In this step, it is optional to assign the policy to a specific group. You can latter configure it in the “Policy Setting” Tab when you require. In this example, the policy does not apply to any specific group immediately.
  • Page 29 6. After saving your new policy template, you can choose either to finish the Policy Wizard or to set up another policy template via the wizard. The Policy Wizard provides a simple and easy way to set up your policy setting, these configurations still can be modified latter in the configuration tabs of “Policy Setting”.

  • Page 30: Tools

    TOOLS The Tools includes the handy tools for the system maintenance, including Backup, Reset, Upgrade and Debug. Each of them will be described as below. BACKUP Go to the Toolbar, click Tools, Backup. The Backup window appears. Press Backup configuration to store the currents settings to a Backup configuration to file.

  • Page 31: Reset

    RESTORING A CONFIGURATION BACKUP 1. Click Browse. 2. Locate the DFL-M510.cbk file and click Open. 3. Click Restore to send the file to the device. 4. When the update completes, click Reboot to reboot the device. The configuration file includes the user-defined policy.

  • Page 32: Upgrade

    Rebooting or resetting the device closes the GUI. Log back on as you normally do. UPGRADE Go to the Toolbar, click Tools, Upgrade. The Firmware Upgrade window appears, see below. File Path Type the file path to the update file. Press Browse to locate the update file.

  • Page 33: Debug

    The Debug tool is a trouble shooting tool for your hardware provider. When you encounter hardware problems or configuration problems of DFL-M510, you can retrieve the debug information from the DFL-M510, and provide this file to your vendor for further analysis.

  • Page 34: Status

    STATUS The Status provides information on the current network and system settings. You can also find details of what applications can be monitored and incorporated into your policies. After you log on, go to Toolbar, and click Status to open the following screen: The Status screen gives you access to the following information: System Status Logging Status...

  • Page 35: System Status

    System Status The System tab information is updated every minute. You can also click the Refresh button to update the information. To view the System Status, click Status/System. IP Address Shows the IP Address (the default is 192.168.1.1) Subnet Mask Shows the subnet mask (the default is 255.255.255.0) Default Gateway Shows the default gateway (the default is 192.168.1.254...
  • Page 36 Shows last time the firmware was updated Last time updated Pattern Version Shows the pattern version Last time updated Shows the last time the pattern was updated Pattern number Shows the pattern number Shows the last time the device was booted up Boot Time/Up Time Device Time Shows the system device time...

  • Page 37: Logging Status

    Logging Status To view the Logging Status, click Status/Logging. The log involves three lists of records. The system log records the device status changes and firmware operational conditions. It will statically list out incidents on the log windows when there are any. It is the administrator’s decision to activate the log display by clicking Refresh.

  • Page 38: Report For Network Status

    NAVIGATING LOGS Use the navigation arrows </> to jump to the first or last page. Use Prev/Next, to go to the previous or next page. Go to a specific page by selecting it from the Page drop-down arrow. THE REPORT for Network Status To view the Report for Network Status, click Status /Report.
  • Page 39 INTERACTIVE REPORT After you click Generate, the report window opens. The above screen is described in the Real Time Monitor chapter. See “Monitoring Real Time Traffic”. Click Print to print the report. Click Save As to save the report to the local computer.
  • Page 40 VIEWING A SAVED REPORT Reports are saved in HTML format and can be viewed in a Web browser. 1. Click Save As. 2. Type a name for the report and click Save As. 3. Open the file you saved in your Web browser. 4.

  • Page 41: Policy Status

    APPLICATION STATUS Click Application to select the application category which you want to know. It will display the current version in the right field. The following are the currently supported applications and version of the DFL-M510. Application Support Version Web mail: Yahoo/Hotmail/Gmail...
  • Page 42 Rediff BOL : 7.0 Beta Google Talk : 1.0.0.64 SMTP POP3 Mail IMAP4 NNTP The DFL-M510 manages P2P downloads by using the P2P Protocol. In this architecture, no matter what version of the client you use, the DFL-M510 can manage it.
  • Page 43 REQUEST NEW APPLICATION SUPPORT If there is a new application that the DFL-M510 can not support, you can use this function to request support. 1. Click User Request. The following screen appears. 2. Complete all information of the new application, and click Send. You will be...

  • Page 44: Pattern Status

    PATTERN STATUS To view the Pattern Status, click Status/Pattern Status. PATTERN INFORMATION This page will display the Pattern Information Last Update Shows the last time the pattern was updated Version of current pattern Shows the pattern version Number of pattern Shows the pattern number Pattern Updated Information This page will show the log when you update pattern.

  • Page 45: Chapter 2: System

    CHAPTER 2: SYSTEM The System menu is where you carry out the basic setup of the DFL-M510 such as integration with your network. The System menu also lets you set local time settings and carry out maintenance. THE SYSTEM SCREEN...

  • Page 46: The Date & Time Screen

    THE DATE AND TIME SCREEN Use Date and Time to adjust the time for your location. 1. Click System > Date and Time. The Date and Time window appears. 2. Click to the right of Current Date and Time.
  • Page 47 3. Select the current date and click to return to the Date and Time screen. 4. In the Current Date and Time field, type in the current time and then choose the time zone for your location from the drop-down list. 5.

  • Page 48: The Remote Management Screen

    THE REMOTE MANAGEMENT SCREEN Use Remote Management to allow management remotely. The following screen appears. The DFL-M510 can be remotely managed via HTTP or SSH. The Remote Access tab lets you control access rights. HTTP/SSH The descriptions for the HTTP and SSH fields are the same.
  • Page 49 2. Click the Selected IP Address radio button and click Add. 3. Type in the IP Address and Subnet Mask for the PC that will access the DFL-M510 and click OK. The IP Address is added to the Selected IP Address window. Repeat steps 2 and 3 to add other IP Addresses.
  • Page 50 When the settings are processed, the following screen appears: 5. Click OK to finish.

  • Page 51: Chapter 3: Interfaces

    CHAPTER 3: INTERFACES THE INTERFACE SCREEN The Network screen lets you configure settings for your network. 1. Click Interface. The Network Setting window appears. The Network screen has four tabs. Click on a tab to view the settings.

  • Page 52: Network Setting Tab

    NETWORK SETTING TAB Click the Network Setting tab. The following screen appears. Device Name Type a name for the device. Inactivity Timeout Set the inactivity time out.
  • Page 53 When more than one DFL-M510 is installed in your location, assign device names to help identify different units. DEVICE SETTING These fields display the IP address and related network information of the device. IP Address Device IP Address Subnet Mask...
  • Page 54 ADMIN EMAIL To enable the network administrator to receive emails from the DFL-M510, the following fields must be completed. Email Address Type the administrator’s email address SMTP Server Type the IP of the SMTP server Type an ID if sender authentication is required...
  • Page 55 All- Access from LAN and WAN (Note: This setting has no remote access restrictions; any IP address Server Access will have access to the DFL-M510.) WAN -Access from WAN only LAN- Access from LAN only The default option is Disable.
  • Page 56 2. Click the Selected IP Address radio button and click Add. 3. Type in the IP Address and Subnet Mask for the PC that will access the DFL-M510 and click OK. The IP Address is added to the Selected IP Address window. Repeat steps 2 and 3 to add other IP Addresses.
  • Page 57 When the settings are processed, the following screen appears: 5. Click OK to finish.

  • Page 58: Interface Tab

    INTERFACE TAB Click the Interface tab. The following screen appears. LINK SETTING Set the Ethernet ports for the speed you want and click Apply. WAN - 10/100/Half/Full/Auto Interface Link Setup LAN -10/100/Half/Full/Auto INTERFACE STEALTH SETTING The LAN/WAN Ports can be configured in Stealth Mode by selecting On. WAN - On/Off Stealth Mode LAN - On/Off...
  • Page 59 After you make changes, click Apply. The new settings are processed and the following screen appears: Click OK to finish.

  • Page 60: Parameter Tab

    PARAMETER TAB Click the Parameter tab. The following screen appears. This tab defines management parameters.
  • Page 61 • Reset the Connection • Log the Event • Save the Packet Message Content In Bypass mode, the DFL-M510 works like a bridge with all rules and actions disabled. This mode is designed to help network administrators to Bypass debug and trace network abnormalities. When bypass mode is selected, the DFL-M510 will not detect nor take action to security events in the network.
  • Page 62 1s, and the following 0s. DMZ Bypass prevents the DFL-M510 from causing a bottleneck in your intranet. For example, a mail/FTP server could be assigned an IP address in the DMZ Bypass to provide wire speed traffic from the...
  • Page 63 SETTING UP THE DMZ BYPASS FUNCTION In the following example, a mail server with the IP address 10.10.10.250 is added to DMZ Bypass. 1. Type in the IP address and the Subnet mask of the mail server. 2. Click Save. HOST/GROUPS BYPASS Hosts within the intranet which do not need to be monitored are added to the Bypassed User/Group.
  • Page 64 Available Select the User or Group and click >> to add the User/Group to the User/Group Bypassed User/Group list. Bypassed Lists Users and Groups that have been added. User/Group After you make changes, click Save. The new settings are processed and the following screen appears: Click OK to continue.

  • Page 65: Vlan Tab

    802.1D bridging domain. The default VLAN’s domain shrinks as untagged ports are defined in other VLANs. Configure VLAN settings before connecting the DFL-M510 to the intranet.
  • Page 66 CONFIGURING VLAN SETTINGS The following is an example of a network environment with four VLAN sets. Item Description VID1 VID2 VID3 VID4 Management VID2 Refer to the following to configure the VLAN setting. 1. Click Interface and then select the VLAN tab. VLAN Enabled Enables or disables the VLAN function VID1 - VID7...
  • Page 67 2. Click the VLAN Enabled checkbox to enable VLAN. 3. Type in each VID in the VID1 to VID7 boxes. The DFL-M510 supports up to seven VLANs. The Management VID must be either PVID, or VID1 to VID7. Configurations depend on your environment.
  • Page 68 VLAN STATUS Shows the device IP address Management IP Management VLAN Shows the Management VLAN Group ID VID1 - VID7 Shows the ID of each VLAN...

  • Page 69: Chapter 4: User Authentication

    CHAPTER 4: USER AUTHENTICATION THE USER AUTHENTICATION SCREEN After you log on, click User Authentication to open the following screen. ACCOUNTS Shows the current number of accounts Name Shows the name for each account ’ Role Shows the shows the level of the user s policy: Administrator;...
  • Page 70 CREATING A NEW ACCOUNT To create a new account click Add. The Account Edit dialog box appears. Type a name for the account. Name Password Type a password. Confirm Password Retype the password. Privilege Assign privilege status: Administrator; Read Only; or Write. Click OK to confirm.
  • Page 71 To review or audit an account, click Login Status. The following screen appears: A log is created each time a user logs on or logs out. Monitor this list for added security. See “Toolbar, Logging” on page 28.

  • Page 72: Chapter 5: Objects

    CHAPTER 5: OBJECTS In DFL-M510, the term “Objects” mainly refers to Hosts and Groups. A host is a client computer with a network interface. A group is a set of hosts. The DFL-M510 learns host information from packets passing through the device. Host information includes the MAC address, IP address and VLAN address.

  • Page 73: The Setup Hosts Tab

    Hosts all within 150 hosts Bypass Hosts Hosts that are not monitored The DFL-M510 can manage 150 hosts. If you select Block, hosts that exceed 150 have no Internet access. If you select For- ward, Other Hosts those hosts will have Internet access but will not be monitored by the...
  • Page 74 CHANGING THE STATUS OF A HOST In the following example, the status of No. 1 is changed from Hosts within 150 to Other Hosts. 1. Right-click on the host you want to change the status of.
  • Page 75 2. Select Move to Standby. Notice, the State icon is now green, indicating the host is now in the Other Hosts category. ADDING A HOST Refer to the following to add a host. 1. Click Add.

  • Page 76: Exporting A Host Database

    2. Type in the required information and click OK. The new host is added to host table. EXPORTING A HOST DATABASE You can export a host database to reuse or to import into another DFL-M5 10. Refer to the following to export a host database. 1.
  • Page 77 3. Enter a file name and click Save. 4. Click OK to confirm the export. 5. Click OK to continue.

  • Page 78: The Setup Groups Tab

    THE SETUP GROUPS TAB There is one Default Setup Group in the DFL-M510. The Setup Groups tab lets you add and configure additional Setup Groups. 1. To view the Setup Groups tab, click Objects > Setup Groups. GROUP SETTING Click to add a new Setup Group...

  • Page 79: Assign Hosts To Groups

    Hosts in Selected Group Lists the hosts in the selected group Add Subnet Click to add a sequential IP address range to a group. ASSIGNING HOSTS TO GROUPS You can assign a host to a group by checking the button crossing the host and the group.
  • Page 80 Select the host and click to add it to the Hosts in Selected Group window. Click Apply. 5. Click OK to finish. The new group is added to the Group Setting list.

  • Page 81: Chapter 6: Policy

    Keyword Filter Pattern Updates After the policy database is published and fetched, it is uploaded to the DFL-M510. To manage the users and applications, policies are defined and each of them complies with a company policy. Then each policy can be applied to a host or a group. We...

  • Page 82: The Policy Setting Screen

    Every template, including the global template created by the device wizard, can be created or modified. The protocols displayed on the policy are described as follows. A. The IM/Remote Access Application that can be managed by the DFL-M510 Item Protocol...
  • Page 83 Video Communication Chat ICQ5 File Transfer Login Audio Communication Video Communication Chat 5.9.3759 File Transfer Login Audio Communication Video Communication iChat Chat File Transfer Login Audio Communication Video Communication Yahoo File Transfer 6.0.0.1921 Messenger Login Chat Audio Communication Video Communication Login QQ2005 File Transfer...
  • Page 84 URL Keyword Upload Web Post Download Java Applet Cookie Mail SMTP Mail Attached File Connect B. The P2P/Remote Access Application that can be allowed/blocked by the DFL-M510 Item Protocol Software Version Internet File EzPeer EzPeer 1.9 Kuro Kuro 6.0 Sharing (P2P) eDonkey2000 eMule 0.46a eDonkey 1.3...
  • Page 85 BitTorrent BitTornado 0.3.12 BitComet 0.59 BitTorrent Experimental 3.2.1 beta 2 Shareaza 2.1.2.0 beta BitTorrent 4.1.2 beta mldonkey 2.5.x DirectConnect PeerWeb DC++ 0.205 DC++ 0.674 DirectConnect 2.205 PiGO PiGO V 3.0 PP365 PP365 V2004 WinMX WinMX 3.53 Web Control PC Anywhere PC Anywhere 11 VNC Ver.

  • Page 86: The Template Setting Tab

    The DFL-M510 manages P2P downloads by using P2P Protocol. In this architecture, no matter what version of client is used, the DFL-M510 can manage it. The DFL-M510 only supports HTTP download via Getright. The Policy Setting screen has the following three tabs: •...
  • Page 87 Changes made in the fields under Options apply to all patterns. THE OPTIONS PANE When a pattern is detected, the DFL-M510 takes certain management actions, such as blocking the connection, or notifying the administrator. There are five actions that can be taken:...
  • Page 88 An email with details of the attack to the administrator defined in email Alert by Email management parameter. Win Popup Send a Windows popup message to the user. Message Send a message to the user and cut the web connection and replace it Web Message with a web page.

  • Page 89: The Assign Policy Tab

    DEFINE KEYWORD CONTENT Some patterns have constraint parameters. If such a pattern rule is selected, there is a constraint parameter section as following. Keyword: The user defined keyword to match the content of packets. THE ASSIGN POLICY TAB To view the Assign Policy tab, click Policy > Policy Setting > Assign Policy.
  • Page 90 HOW TO ASSIGN A POLICY In the following example, the Security group is assigned a policy only allowing Web control such as Web browsing. 1. In the Template Setting tab, click Add to add a new template. 2. Click “Apply” to save the policy template.
  • Page 91 3. Click the Assign Policy tab. Select the template you want to implement from the Available Templates pane 4. Under Host/Group, select Security and click Apply.

  • Page 92: The Policy Viewer Tab

    THE POLICY VIEWER TAB In the Policy Viewer tab, you can view all policies of groups. In the example below, we check the policy of the Security group. To view the Assign Viewer tab, click Policy > Policy Setting > Policy Viewer and then select Security in the Host/Group pane.

  • Page 93: User Defined Pattern

    USER DEFINED PATTERN The pattern database is made by a team of professional signature researchers. They are familiar with protocols, system vulnerability, and application patterns. After a new application pattern is detected, the pattern is put into the pattern database and published.

  • Page 94: Defining A Pattern By Protocol

    DEFINING A PATTERN BY PROTOCOL For example, a Streaming Media sees TCP 3001 ports to connect to Media servers. To block this Streaming Media game do the following. 1. In the User Defined Pattern screen, click Add. 2. Type in Streaming1 for the pattern name and click OK.
  • Page 95 3. Input a pattern named Streaming 1, with category Streaming Media and TCP port 3001. 4. Click Save.

  • Page 96: Defining A Pattern By Server

    DEFINING A PATTERN BY SERVER In this scenario, a web chat application is always connecting to a network server with the IP address 140.126.21.4. You can block this web chat application and then click the Save button to add a new rule as follows. 1.
  • Page 97 3. Input a rule name Web Chat 1, with category Web Control and servers, 140.126.21.4. 4. Click Save.

  • Page 98: The Schedule Screen

    The DFL-M510 supports 1500 sets of user-defined patterns by protocol and 1500 sets of user-defined patterns by Application Server. THE SCHEDULE SCREEN It is possible to define the active time range of a policy. The time range can be defined by the schedule.

  • Page 99: Message Setting

    To Add or Modify a schedule press the Add or Modify button to open the schedule editing dialog box. Modify the schedule name and check the hour tab to include or exclude the hour represented by the tab. MESSAGE SETTING In this section, you can edit popup or Web messages.
  • Page 100 2. Under Popup Message to User, click Add. 3. Type a description and the content of the message and click OK.

  • Page 101: Keyword Filter

    When you turn off Messenger Service or enable Personal Firewall, the Win Popup Message function works correctly. KEYWORD FILTER The DFL-M510 provides the following keyword functions: • Web page keyword • URL keyword • MSN keyword These keyword functions are used to describe applications of MSN and Web browsers.

  • Page 102: Pattern Update

    You can register the DFL-M510 in D-Link's security portal by clicking on the "Register for Pattern Update or view current…" button. By clicking “Download Now”, you can immediately connect to the update server and manually download the latest pattern.

  • Page 103: Chapter 7: Real Time Monitor

    For Real-time Monitor to work properly, port 8801 - 8810 must be opened on the client PC to receive the analysis data from the DFL-M510. D-Link recommends not managing the DFL-M510 through a WAN link, since the Real-time Monitor feature would get data from the DFL-M510.

  • Page 104: Monitoring Real Time Traffic

    To monitor Real Time Traffic check the Real Time Traffic radio button. The number of bytes of all packets received The total amount of traffic the DFL-M510 can manage ALL M510 The number of bytes of packets that are identified as an application patter...

  • Page 105: Monitoring Real Time Application

    Administrators can accumulate and analyze detected application patterns by information revealed from their packets. These are explained in the Top N analysis section. REFRESH TIME The system provides the new traffic status every thirty seconds. TRAFFIC LINES One line in the traffic chart means one meter of current time. Each line can be hidden or shown by clicking the check box before the specified label.

  • Page 106: Common Network Protocol

    The Real Time Application page shows management information classified by pre-defined types and hosts. The left of this screen displays the current application information; the right of this screen displays the accumulated application information for Top N analyzing. The right part is the same as the right part of real time traffic.

  • Page 107: Health Checking

    Some packets try to get system authorized control and run as an operating system’s administrator without storing to the file system. These packets are invisible to almost all anti-virus software, but detectable by the DFL-M510. When those packets come from a host and are detected, the corresponding field shows a check mark to indicate the host has health concern problems.

  • Page 108: Eim

    The EIM table provides layer seven monitoring. A packet is classified by its application pattern and summarized into six categories: IM, P2P, Web application, file transfer, E-mail, and media. If a host is connecting to the Internet and identified as a category application, the table shows a check mark to indicate the host is currently running the application with that specific category.

  • Page 109: Two Levels Top N Analysis

    TWO LEVELS TOP N ANALYSIS Administrators can review detected application patterns by information revealed from its packets. All triggered incidents are categorized on the principle of sequence, health, time of occurrence, name of pattern, source address, destination address, counts, and responsive actions (dropping packets, disconnects, emailing the administrator in charge, or keeping logs of incidents,) and are all displayed in charts for administrators to quickly understand the present status of the network.
  • Page 110 The lower list shows details of each category. When the IM category is chosen, the second level chart covers the first chart as follows: It would be understood that the MSN is the most frequent application within the IM category. If you press Reset, all data is erased.
  • Page 111 TOP 10 APPLICATIONS / TOP 10 USERS In these charts, the first level shows the top 10 applications. When an application is chosen, the second level shows the top 10 users in the chosen application. The following means that the top application is MSN.
  • Page 112 TOP 10 GROUPS/TOP 10 APPLICATIONS In these charts, the first level shows the top 10 groups. When a group is chosen, the second level shows the top 10 Applications. The following means that the top group is the default group.
  • Page 113 TOP 10 USERS/TOP 10 APPLICATIONS In these charts, the first level shows the top 10 users. When a user is chosen, the second level shows the top 10 applications in the chosen user. The following means that the top user is Jeffrey.
  • Page 114 TOP N HEALTH CONCERNS/TOP N USERS In these charts, the first level shows the top 3 health concerns. When a health concern is chosen, the second level shows the top 10 users in the chosen health concern. The following means that the top health concern is the illegal agent.
  • Page 115 TOP N USER WITH HEALTH CONCERNS/TOP N HEALTH CONCERNS In these charts, the first level shows the top 10 users with health concerns. When a user is chosen, the second level shows the top 3 health concerns in the chosen user. The following means that the top user with health concern is CJHO.

  • Page 116: Appendix A: The Command Line Interface

    DFL-M510 and its arguments via an RS-232 serial cable. The DFL-M510 devices provides terminal emulation and SSH connection service. Administrators can attach an RS-232 cable to the RS-232 console port on the DFL-M510, and log in with the super terminal program provided by Windows 95/98/2000/NT/XP; or use the remote login command line interface by using terminal connection software with SSHv2 encryption function.

  • Page 117: Getting Started

    Copyright (C) 2005 D-Link Corp. <www.dlink.com> DFL-M510 login: CLI Command List You can use the console or SSH to connect the DFL-M510. After login, you can use the CLI commands to configure the DFL-M510. The complete CLI commands are described as follows.

  • Page 118: Help Command

    Help Command Help is used for getting information of other command’s usage and argument configuration. Main Example Command description command command help get Display all information of “get” command. help set Display all information of “set” command. history help history Display all information of “help”...
  • Page 119 (D) help exit >> help exit exit - Log out (E) help reboot >> help reboot reboot - Reboot system (F) help reset >> help reset reset - Reset system configurations to manufacturing defaults (G) help set >> help ping ping - Ping utility...

  • Page 120: Get Command

    Get Command This command will display all kinds of configuration information of the DFL-M510. Main Example Command description command command Display system configurations, including IP, system get system password and etc. time get time Display device clock setting state get state...

  • Page 121: Set Command

    (C) get state >> get state Operation mode: In-Line (D) get interface >> get interface Interface: WAN: auto. LAN: auto. Set Command Use this command to set the system’s parameter. Main Command description command command system Set system configurations, including IP, password and etc. time Set device clock state...
  • Page 122 Set the VLAN environment vlan set system vlan related parameters name set system name Set device’s name Postfix Prefix Command comman Example command command command description set system Set TCP detect tcptimeout connection -2592000 tcptimeout timeout 6000 set system Turn on wan detect policy port’s policy wan on...
  • Page 123 Prefix Example Command description command command set system vlan on Turn on VLAN function set system set system vlan off Turn off VLAN function vlan 1 - 4094 set system vlan 1 Set VLAN ID EXAMPLE (A) set system ip >>...
  • Page 124 (F) set system detect policy wan on >> set system detect policy wan on Apply policy check for wan interface OK. (G) set system detect policy wan off >> set system detect policy wan off Remove policy check for wan interface OK. (H) set system detect policy lan on >>...

  • Page 125: Set Time" Command

    (N) set system detect tcpcoldstart 250 >> set system detect tcpcoldstart 250 Change TCP cold start duration time OK. (O) set system vlan on >>set system vlan on Turn on VLAN function. (P) set system vlan off >>set system vlan off Turn off VLAN function.

  • Page 126: Set State" Command

    Change time successfully ! Current time : (GMT + 0) Mon Apr 18 10:57:43 2005 DST time : (GMT + 0) Mon Apr 18 10:57:43 2005 System duration: 0 days 1:9:1 “SET STATE” COMMAND Prefix Example Command description command Set ISG to execute normally based on its inline Set state inline configured policy...

  • Page 127: Set Remote" Command

    “SET REMOTE” COMMAND Prefix Postfix Command description command command command command Enable remote access using browser from wan port Enable remote access using browser from lan port access Enable remote access using browser from wan and lan port Disable remote access using disable set remote browser...
  • Page 128 EXAMPLE (A) set remote http access wan >> set remote http access wan Do you want to apply this setting immediately? Your current ssh/http connection will be cut off. (y/n) (B) set remote http access lan >> set remote http access lan Do you want to apply this setting immediately? Your current ssh/http connection will be cut off.
  • Page 129 (H) set remote ssh access lan >> set remote ssh access lan Do you want to apply this setting immediately? Your current ssh/http connection will be cut off. (y/n) (I) set remote ssh access all >> set remote ssh access all Do you want to apply this setting immediately? Your current ssh/http connection will be cut off.

  • Page 130: Set Interface" Command

    “SET INTERFACE” COMMAND Main command Sub command Command description interface Set interface link mode EXAMPLE (A) set interface >> set interface Interface. WAN: auto LAN: auto Setup WAN port configuration : Specify auto mode or speed [auto / 10 / 100] : Specify stealth mode [on / off] : Setup LAN port configuration : Specify auto mode or speed [auto / 10 / 100] :...

  • Page 131: Exit Command

    Exit command shell EXAMPLE (A) exit >> exit Logout Welcome to D-Link DFL-M510 Console Environment Copyright (C) 2005 D-Link Corp. <www.dlink.com> DFL-M510 login: Reboot Command Use this command to reboot system. Main Sub command Example Command description...

  • Page 132: Reset Command

    Reset Command Use this command to reset system configuration to default settings. Main Sub command Example Command description command Reset system configuration to default settings, reset none reset type "y" to load default setting. EXAMPLE (A) reset >> reset This will set the system configuration to the default values, and then reboot the system.

  • Page 133: Appendix B: Glossary

    APPENDIX B: GLOSSARY Bandwidth The transmission capacity of a given device or network A Binary Digit (either a one or a zero); a single digit number in base-2. A bit is the smallest unit of computerized data. Bridge A device that connects two different kinds of local networks, such as a wireless network to a wired Ethernet.
  • Page 134 FCC (Federal Communications Commission) The FCC (Federal Communications Commission) is in charge of allocating the electromagnetic spectrum and thus the bandwidth of various communication systems. Firewall A hardware or software "wall" that restricts access in and out of a network. Firewalls are most often used to separate an internal LAN or WAN from the Internet.
  • Page 135 IRC (Internet Relay Chat) It is a way for multiple users on a system to “chat” over the network. ISP (Internet Service Providers) Provide connections into the Internet for home users and businesses. There are local, regional, national, and global ISPs. You can think of local ISPs as the gatekeepers into the Internet.
  • Page 136 Router A device that connects two networks together. Routers monitor, direct and filter information that passes between these networks. RS-232 RS-232 is an EIA standard which is the most common way of linking data devices together. Server A computer, or a software package, that provides a specific kind of service to client software running on other computers.
  • Page 137 URL (Uniform Resource Locator) URL is an object on the Internet or an intranet that resides on a host system. Objects include directories and an assortment of file types, including text files, graphics, video and audio. A URL is the address of an object that is normally typed in the Address field of a Web browser.

  • Page 138: Features And Specifications

    APPENDIX C: FEATURES AND SPECIFICATIONS Hardware Specification Ethernet 2 x 10/100 M auto-sensing auto-crossing with frog light Other port RS232(9 pin) Blue background with white light LCD Panel LCD Module Power AC LINE 100-240V AC 50-60Hz 0.8A MAX Dimension (L*D*H, mm) 440mm * 250mm * 44mm Features Specification Application Detection / Prevention / Management...
  • Page 139 11. Morpheus 12. Bearshare 13. WimMX Web Browser Web Mail Login Application (HTTP/HTML) Web Uploading Post/Put Control Web Download Upload Web Posting Download Web IM Web URL Filter Keyword Web Content Cookie Retrieval Java Applet Anti-WebPage ActiveX/Java /ActiveX Applet Download Kidnap Webpage Application File...

  • Page 140: Lcm Module

    Helper Identification Hosts generated by Victim Trojan affected Hosts Spyware/ADware affected Hosts Intruded Hosts LCM Module Main Menu Sub-Menu Description Firmware Ver Device Status System Info. Policy Ver Policy Number Current Date Current Time Dev. Up Time CPU Load Memory Usage Current Session WAN RX Traffic Info.

  • Page 141: Other Specifications

    WAN Link Mode WAN Stealth Reset Reset Confirm Reboot Reboot Confirm Other Specifications Performance: 30-40 Mbps (All function enabled), Wires peed for L3 switching Concurrent Users: 150 Concurrent TCP Sessions: 4,000...

  • Page 142: Mechanic & Id Design Front Led Indicators

    Mechanic & ID Design Front LED indicators Function Naming Color Status LED description Power off Power Power Green Power on Power off (System not ready) System System Green System ready and running ok System bypass not enable Bypass Bypass System bypass or failed Ethernet link ok, and the speed is 10Mbps Inbound (left)

  • Page 143: Physical Environment

    Physical Environment Power ~ 25W Open Frame Switching Power Supply, Input AC range 100 ~ 240V 50/60Hz. Operation Temperature 0 – 60 Storage Temperature -20 – 70 Humidity Operation: 10%~90% RH Storage: 5%~90% RH...

  • Page 144: Index

    Hosts, assigning to groups 53 HTTP/SSH, remote management 30 Interface tab 28 Keyword content, template 65 Keyword filter 76 LCM Button Description 2 Log tab 94 Log, searching for 95 Logging on the DFL-M510 7 Logs, navigating 95 Maintenance screen 39...
  • Page 145 Network analysis 84 Network screen 23 Network Setting tab 23 Network, status 98 Operation mode, inline, bypass, monitor 32 Parameter tab 32 Pattern, user defined 68 Policy rule, by server 71 Policy rule, defining 69 Policy screen 55 Policy Setting screen 58 Policy Status tab 100 Policy Viewer tab 68 Policy, how to assign 66...

Table of Contents