D-Link DFL-M510 User Manual
  1. Manuals
  2. Brands
  3. D-Link Manuals
  4. Gateway
  5. DFL-M510
  6. User manual

D-Link DFL-M510 User Manual

Information security gateway
Hide thumbs Also See for DFL-M510:
Table of Contents

Advertisement

Quick Links

Download this manual See also: User Manual, Quick Manual

Advertisement

Table of Contents
loading

Related Manuals for D-Link DFL-M510

Summary of Contents for D-Link DFL-M510

  • Page 3 This publication, including all photographs, illustrations and software, is protected under interna- tional copyright laws, with all rights reserved. Neither this manual, nor any of the material con- tained herein, may be reproduced without written consent of D-Link. Copyright 2005 Version 1.0...
  • Page 4 ) is a registered trademark of Nullsoft Player365 ( ) is a registered trademark of Nullsoft Live365, Inc. D-Link is a registered trademark of D-Link Systems, Inc. Java is a trademarks or registered trademark of Sun Microsystems, Inc. in the United States and other countries.
  • Page 5 Safety Certifications CE, C-Tick, TUV, UL About this Manual This manual provides information for setting up and configuring the DFL-M510. This manual is intended for network administrators. Safety Information READ THIS IMPORTANT SAFETY INFORMATION SECTION. RETAIN THIS MANUAL FOR REFERENCE.
  • Page 6 iv --...

  • Page 7: Table Of Contents

    Chapter 1: Getting Started with the DFL-M510 - - - - - - - - - - - - - - - - - - - - - - - - - - 1 Identifying Components ..........1 Front View ..........................
  • Page 8 The Policy Viewer Tab......................68 User Defined Pattern ..........68 Defining a Pattern by Protocol ....................
  • Page 9 History Command ..........115 Exit Command .
  • Page 10 viii --...

  • Page 11: Getting Started With The Dfl-M510

    ETTING TARTED WITH THE The DFL-M510 is a transparent network device. To ensure there is no disruption to your network, it can be installed in In-Line mode with a hardware bypass function enabled. The hardware bypass ensures that if the DFL-M510 crashes, experiences a power out or some other problem, your net- work is still up and running.
  • Page 12 Name Description Scroll Up Down Scroll Down Go back to the previous screen Enter Next screen TATUS The following table describes the status LEDs on the front of the DFL-M510. Function Naming Color Status LED Description Power Power Green Power off...

  • Page 13: Rear View

    DFL-M510 Command Line Interface. Access to the Command Line Interface can be made either through SSH or from a terminal connected directly to the DFL-M510. You can use Hyper Terminal, SSH v2 or browser to set up the IP parameters of the DFL-M510. The following are the default settings: IP Address 192.168.1.1...
  • Page 14 Default Gateway 192.168.62.1 1. Connect one end of the RS-232 cable to the console port on the DFL-M510 and the other end to the COM1 or COM2 port on the PC. (The pin out definitions are shown below.) Terminal Emulation...
  • Page 15 Information Security Gateway 4. Type in the username and password. 5. Use the get system command to get information on the DFL-M510. Chapter 1: Getting Started with the DFL-M510 -- 5...
  • Page 16 7. After the system reboots, use set system gateway to set the default gateway. 8. After setting the IP address, Mask and Gateway, use the get system command to get correct information. Use the web-based interface to configure other parameters. See “Configuration 6 -- Chapter 1: Getting Started with the DFL-M510...

  • Page 17: Configuration Through A Web-Based Interface

    GUI is a Java™ applet application. Before accessing the GUI from any PC, you must install Java Run Time Environment (J2RE V1.4.2 or above). Then you can log on to the DFL-M510 from any computer on the network via a Web browser.You can download J2RE from www.java.com or you can download it from the link within the DFL-M510 GUI.
  • Page 18 2. Click on the link to download the Java Runtime Environment. 3. Click Run to start the installation. Follow the onscreen prompts to complete the installation. The following Security Warning appears. 8 -- Chapter 1: Getting Started with the DFL-M510...
  • Page 19 5. Type in the default account name admin and the default password admin and click OK . For security reasons, you should change the default password to a more secure password after you have completed the setup. See “Account Tab” on page 43. IMPORTANT Chapter 1: Getting Started with the DFL-M510 -- 9...

  • Page 20: Running The Setup Wizard

    7. To log out click the Close button at the top-right of the screen. Running the Setup Wizard The Setup Wizard helps you to quickly apply basic settings for the DFL-M510. You will need the following information for your network to complete the Setup Wizard : •...
  • Page 21 Information Security Gateway 1. Click System, Setup Wizard . The Setup Wizard window appears. 2. Click Next to continue. Chapter 1: Getting Started with the DFL-M510 -- 11...
  • Page 22 3. You need to provide your IP Address, Subnet Mask, Default Gateway, and DNS Server address to enable the device to connect to your network. If the network was set by CLI, check the settings here. Type in the required information and click Next . 12 -- Chapter 1: Getting Started with the DFL-M510...
  • Page 23 4. Select the check boxes for the applications you want to block and click Next . You can leave all the boxes unchecked to be sure the DFL-M510 is set up correctly. Later you can add appli- cations to be blocked in the Policy menu. See “Chap- ter 4: Policy”...
  • Page 24 DFL-M510 When the setup is successful, the following screen appears: 6. Click OK. You are returned to the System menu. 14 -- Chapter 1: Getting Started with the DFL-M510...

  • Page 25: System

    HAPTER YSTEM The System menu is where you carry out the basic setup of the DFL-M510 such as integration with your network. The System menu also lets you set local time settings and carry out mainte- nance. The System Screen...
  • Page 26 Subnet Mask • Default Gateway • DNS Server The first time you log on to the DFL-M510, the Setup Wizard runs automatically. You can run the Setup Wiz- ard anytime you want to change the basic configura- tion. NOTE To run the Setup Wizard .
  • Page 27 Information Security Gateway 2. Click Next to continue. 3. You need to provide your IP Address, Subnet Mask, Default Gateway, and DNS Server address to enable the device to connect to your network. If the network was set by CLI, check the settings here.
  • Page 28 DFL-M510 Type in the required information and click Next . 18 -- Chapter 2: System...
  • Page 29 4. Select the check boxes for the applications you want to block and click Next . You can leave all the boxes unchecked to be sure the DFL-M510 is set up correctly. Later you can add appli- cations to be blocked in the Policy menu. See “Chap- ter 4: Policy”...
  • Page 30 DFL-M510 When the setup is successful, the following screen appears: 6. Click OK. You are returned to the System menu. 20 -- Chapter 2: System...

  • Page 31: The Date & Time Screen

    Information Security Gateway The Date & Time Screen Use Date & Time to adjust the time for your location. 1. Click System > Date & Time . The Date & Time window appears. 2. Click to the right of Current Date and Time . Chapter 2: System -- 21...
  • Page 32 DFL-M510 3. Select the current date and click to return to the Date and Time screen. 4. In the Current Date and Time field, type in the current time and then choose the time zone for your location from the drop-down list.

  • Page 33: The Network Screen

    Information Security Gateway The Network Screen The Network screen lets you configure settings for your network. 1. Click System > Network . The Network window appears. The Network screen has four tabs. Click on a tab to view the settings. ETWORK ETTING Click the Network Setting tab.
  • Page 34 ENERAL ETTING Device Name Type a name for the device. Inactivity Timeout Set the inactivity time out. When more than one DFL-M510 is installed in your location, assign device names to help identify different units. 24 -- Chapter 2: System...
  • Page 35 Device DNS Server Default Gateway Device Default Gateway DMIN MAIL To enable the network administrator to receive emails from the DFL-M510, the following fields must be completed. Email Address Type the administrator’s email address SMTP Server Type the IP of the SMTP server...
  • Page 36 DFL-M510 Server Check When the above fields are completed, click Server Check to verify the mail account. The ID/Password field must be filled in if your mail server requires authentication. NOTE SNMP C ONFIGURATION To set up SNMP (Simple Network Management Protocol), the SNMP communities have to be set...
  • Page 37 2. Click the Selected IP Address radio button and click Add . 3. Type in the IP Address and Subnet Mask for the PC that will access the DFL-M510 and click OK . The IP Address is added to the Selected IP Address window. Repeat steps 2 and 3 to add other IP Addresses.

  • Page 38: Interface Tab

    DFL-M510 4. Click Apply . The new settings are processed. When the settings are processed, the following screen appears: 5. Click OK to finish. NTERFACE Click the Interface tab. The following screen appears. 28 -- Chapter 2: System...

  • Page 39: Remote Access Tab

    Information Security Gateway ETTING Set the Ethernet ports for the speed you want and click Apply . Interface Link Setup WAN - 10/100/Half/Full/Auto LAN - 10/100/Half/Full/Auto NTERFACE TEALTH ETTING The LAN/WAN Ports can be configured in Stealth Mode by selecting On . Stealth Mode WAN - On/Off LAN - On/Off...
  • Page 40 DFL-M510 The DFL-M510 can be remotely managed via HTTP or SSH. The Remote Access tab lets you control access rights. HTTP/SSH The descriptions for the HTTP and SSH fields are the same. Server Access Options are All, Disabled, Allowed from LAN, or Allowed from WAN.
  • Page 41 2. Click the Selected IP Address radio button and click Add . 3. Type in the IP Address and Subnet Mask for the PC that will access the DFL-M510 and click OK . The IP Address is added to the Selected IP Address window. Repeat steps 2 and 3 to add other IP Addresses.

  • Page 42: Parameter Tab

    Click the Parameter tab. The following screen appears. This tab defines management parameters. PERATION The DFL-M510 only protects and monitors your net- work when set to In-Line mode. The other modes offer limited monitoring and are used for integrating the DFL-M510 smoothly with your network.
  • Page 43 DFL-M510 will detect all events by inspecting all packets. In this mode, the DFL-M510 will log all events, but will not take any countermeasure (reset, drop actions). It is suggested to monitor net- work traffic in this mode before setting In-Line mode, in order to fine tune your security policy and network performance.
  • Page 44 That is, the network mask contains only two pairs: the leading 1s, and the following 0s. NOTE DMZ Bypass prevents the DFL-M510 from causing a bottleneck in your intranet. For example, a mail/FTP server could be assigned an IP address in the DMZ Bypass to provide wire speed traffic from the internal network to mail/FTP networks.
  • Page 45 Information Security Gateway 1. Type in the IP address and the Subnet mask of the mail server. 2. Click Save . ROUPS YPASS Hosts within the intranet which do not need to be monitored are added to the Bypassed User/ Group.

  • Page 46: Vlan Tab

    DFL-M510 Available Select the User or Group and click >> to User/Group add the User/Group to the Bypassed User/Group list. Bypassed Lists Users and Groups that have been User/Group added. After you make changes, click Save . The new settings are processed and the following screen appears: Click OK to continue.
  • Page 47 Information Security Gateway A VLAN (Virtual LAN) is a group of devices on one or more LANs that are configured (using management software) so that they can communicate as if they were attached to the same wire, when in fact they are located on a number of different LAN segments. Because VLANs are based on logical instead of physical connections, they are extremely flexible.
  • Page 48 2. Click the VLAN Enabled checkbox to enable VLAN. 3. Type in each VID in the VID1 to VID7 boxes. The DFL-M510 supports up to seven VLANs. The Management VID must be either PVID, or VID1 to VID7. Configurations depend on your environment.

  • Page 49: The Maintenance Screen

    Information Security Gateway 4. Click Apply . The screen updates as follows. VLAN S TATUS Management IP Shows the device IP address Management VLAN Shows the Management VLAN Group ID VID1 - VID7 Shows the ID of each VLAN The Maintenance Screen The Maintenance screen lets you carry out network maintenance.

  • Page 50: Configuration Tab

    DFL-M510 1. Click System > Maintenance . The Maintenance window appears. The Maintenance screen has two tabs. Click on a tab to view the settings. ONFIGURATION Click the Configuration tab. The following screen appears. 40 -- Chapter 2: System...
  • Page 51 Information Security Gateway Download the latest firmware file or the application pattern file from D-Link’s Web site. IRMWARE PGRADE Firmware/Application Firmware updates improve or add new Pattern Update functionality. Application Pattern updates improve or add new rules and filters. File Path Type the file path to the update file.
  • Page 52 Restoring a Configuration Backup 1. Click Browse . 2. Locate the DFL-M510.cbk file and click Open . 3. Click Backup to send the file to the device. 4. When the update completes, click Reboot to reboot the device. (See “System Reboot” on page 42.).

  • Page 53: Account Tab

    Information Security Gateway Rebooting or resetting the device closes the GUI. Log back on as you normally do. NOTE CCOUNT Click the Account tab. The following screen appears. CCOUNTS Shows the current number of accounts Name Shows the name for each account Role Shows the shows the level of the user’s policy: Administrator;...
  • Page 54 DFL-M510 Only users that are assigned the Administrator role can edit the Account and Hosts/Groups menus. NOTE Creating a New Account To create a new account click Add . The Account Edit dialog box appears. Name Type a name for the account.
  • Page 55 Information Security Gateway To review or audit an account, click Login Status . The following screen appears: A log is created each time a user logs on or logs out. Monitor this list for added security. See “The Log Tab” on page 94. Chapter 2: System -- 45...
  • Page 56 DFL-M510 46 -- Chapter 2: System...

  • Page 57: Host/Groups

    HAPTER ROUPS A host is a client computer with a network interface. A group is a set of hosts. The DFL-M510 learns host information from packets passing through the device. Host information includes the MAC address, IP address and VLAN address. In order to manage the host internet access, we can lock a host with a MAC address and/or an IP address.
  • Page 58 Block, hosts that exceed 150 have no Internet access. If you select For- ward, those hosts will have Internet access but will not be monitored by the DFL-M510. HANGING THE TATUS OF A In the following example, the status of No. 50 is changed from Hosts within 150 to Other Hosts .
  • Page 59 Information Security Gateway 1. Right-click on the host you want to change the status of. 2. Select Move to Standby . Notice, the State icon is now green, indicating the host is now in the Other Hosts category. DDING A Refer to the following to add a host.

  • Page 60: Exporting A Host Database

    2. Type in the required information and click OK . The new host is added to host table. XPORTING A ATABASE You can export a host database to reuse or to import into another DFL-M510. Refer to the follow- ing to export a host database. 1. Click Export .

  • Page 61: The Setup Groups Tab

    4. Click OK to confirm the export. 5. Click OK to continue. ETUP ROUPS There is one Default Setup Group in the DFL-M510. The Setup Groups tab lets you add and configure additional Setup Groups. Chapter 3: Host/Groups -- 51...
  • Page 62 DFL-M510 1. To view the Setup Groups tab, click Hosts/Groups > Setup Groups . ROUP ETTING Click to add a new Setup Group Delete Click to delete a Setup Group Click to move a Setup Group up Down Click to move a Setup Group down...
  • Page 63 Information Security Gateway Add Subnet Click to add a sequential IP address range to a group. SSIGNING OSTS TO ROUPS You can assign a host to a group by checking the button crossing the host and the group. Refer to the following to add a host to a group.
  • Page 64 DFL-M510 5. Click OK to finish. The new group is added to the Group Setting list. 54 -- Chapter 3: Host/Groups...

  • Page 65: Policy

    HAPTER OLICY Policy is the most important information in the DFL-M510 Management System. A policy can consist of thousands of patterns. Each pattern defines how to detect an application, how to respond when an application is detected, what to block, and when to block. You can view and modify the settings, including applying scope, acting schedule, actions and information such as category, and constraints.

  • Page 66: Running The Template Wizard

    DFL-M510 After the policy database is published and fetched, it is uploaded to the DFL-M510. To manage the users and applications, policies are defined and each of them complies with a company policy. Then each policy can be applied to a host or a group. We define a policy before applying it or cre- ating a template.
  • Page 67 Information Security Gateway 2. Click Next to continue. 3. Type a name for the template and click Next . Chapter 4: Policy -- 57...

  • Page 68: The Policy Setting Screen

    DFL-M510 4. Select the applications that you want to block. (If you check the Internet File Sharing (P2P) check box, all P2P applications are blocked. You can modify these settings later. See “The Assign Policy Tab” on page 66.) And then click Next .
  • Page 69 Every template, including the global template created by the device wizard, can be created or modified. The protocols displayed on the policy are described as follows. A. The IM/Remote Access Application that can be managed by the DFL-M510 Item Protocol...
  • Page 70 DFL-M510 Chat 5.9.3759 File Transfer Login Audio Communication Video Communication iChat Chat File Transfer Login Audio Communication Video Communication Yahoo File Transfer 6.0.0.1921 Messenger Login Chat Audio Communication Video Communication Login QQ2005 File Transfer Login TM2005Beta1 File Transfer Skype Login 1.3.0.51.
  • Page 71 Information Security Gateway B. The P2P/Remote Access Application that can be allowed/blocked by the DFL-M510 Item Protocol Software Version Internet File EzPeer EzPeer 1.9 Kuro Kuro 6.0 Sharing eDonkey2000 eMule 0.46a (P2P) eDonkey 1.3 mldonkey 2.5.x eMule Plus 1.1d amule 2.0.3 Morpheus 5.0 beta...
  • Page 72 Player365 The DFL-M510 manages P2P downloads by using P2P Protocol. In this architecture, no matter what ver- sion of client is used, the DFL-M510 can manage it. The DFL-M510 only supports HTTP downloads via Getright. The Policy Setting screen has the following three tabs: •...

  • Page 73: The Template Setting Tab

    Changes made in the fields under Options apply to all patterns. PTIONS When a pattern is detected, the DFL-M510 takes certain management actions, such as blocking the connection, or notifying the administrator. There are five actions that can be taken:...
  • Page 74 DFL-M510 Action Description Block The pattern packet is dropped and its connection cut off. Pass Just log the event. Alert by Email An email with details of the attack to the administrator defined in email man- agement parameter. Win Popup Message Send a Windows popup message to the user.
  • Page 75 Information Security Gateway range of the P2P policy to only intranet, and skip detection against DMZ. Thus, false-positives can be reduced, while maintaining performance. If the detection scope is defined as Directional, the scope is distinguished by source and destina- tion.

  • Page 76: The Assign Policy Tab

    DFL-M510 SSIGN OLICY To view the Assign Policy tab , click Policy > Policy Setting > Assign Policy . OW TO SSIGN A OLICY In the following example, the Security group is assigned a policy only allowing Web control such as Web browsing.
  • Page 77 Information Security Gateway 1. In the Template Setting tab, click Add to add a new template. 2. Click the Assign Policy tab . Chapter 4: Policy -- 67...

  • Page 78: The Policy Viewer Tab

    DFL-M510 3. Select the template from the Available Templates pane and then select the policy you want from the Policy for the template pane. 4. Under Host/Group , select Security and click Apply . OLICY IEWER In the Policy Viewer tab, you can view all policies of groups. In the example below, we check the policy of the Security group.

  • Page 79: Defining A Pattern By Protocol

    Information Security Gateway After a pattern is defined, the pattern is displayed in the pattern list, contained in a template, and assigned with options and constraints. Click Edit to edit a defined rule. Click Delete to delete a defined rule. EFINING A ATTERN BY ROTOCOL...
  • Page 80 DFL-M510 1. In the User Defined Pattern screen, click Add . 2. Type in Streaming1 for the pattern name and click OK . 70 -- Chapter 4: Policy...

  • Page 81: Defining A Pattern By Server

    Information Security Gateway 3. Input a pattern named Streaming 1 , with category Streaming Media and TCP port 3001. 4. Click Save . EFINING A ATTERN BY ERVER In this scenario, a web chat application is always connecting to a network server with the IP address 140.126.21.4.

  • Page 82: The Schedule Screen

    DFL-M510 3. Input a rule name Web Chat 1 , with category Web Control and servers, 140.126.21.4. 4. Click Save . The DFL-M510 supports 1500 sets of user-defined patterns by protocol and 1500 sets of user-defined patterns by Application Server.
  • Page 83 Information Security Gateway There are four predefined schedules. The Always schedule means the policy is always active. The Working Hours schedule means the policy is active during working hours. The regular working hours are Monday to Friday from 9:00 AM to 5:00 PM. The Weekdays schedule means the policy is active during the whole workdays.

  • Page 84: Message Setting

    DFL-M510 Message Setting In this section, you can edit popup or Web messages. Refer to the following to add a popup mes- sage. 1. Click Policy > Message Setting . 74 -- Chapter 4: Policy...
  • Page 85 Information Security Gateway 2. Under Popup Message to User , click Add . Chapter 4: Policy -- 75...

  • Page 86: Keyword Filter

    3. Type a description and the content of the message and click OK . When you turn off Messenger Service or enable Per- sonal Firewall, the Win Popup Message function works correctly. NOTE Keyword Filter The DFL-M510 provides the following keyword functions: • Web page keyword • URL keyword •...
  • Page 87 Information Security Gateway This function only supports chapter by ASCII encod- ing. NOTE Chapter 4: Policy -- 77...
  • Page 88 DFL-M510 78 -- Chapter 4: Policy...

  • Page 89: Real Time Monitor

    8810 must be opened on the client PC to receive the analysis data from the DFL-M510. NOTE D-Link recommends not managing the DFL-M510 through a WAN link, since the Real-time Monitor fea- ture would get data from the DFL-M510. IMPORTANT...

  • Page 90: Monitoring Real Time Traffic

    To monitor Real Time Traffic check the Real Time Traffic radio button. The number of bytes of all packets received ALL M510 The total amount of traffic the DFL-M510 can manage Drop The number of bytes of packets that are identified as an application pattern and...

  • Page 91: Monitoring Real Time Application

    Information Security Gateway Misc. The number of bytes of all traffic which does not belong to IM, P2P, Mail, File Transfer, or Streaming Media Health Alert/Sec The number of events that a packet was detected as a heath concern packet Administrators can accumulate and analyze detected application patterns by information revealed from their packets.

  • Page 92: Common Network Protocol

    These packets are invisible to almost all anti-virus software, but detectable by the DFL-M510. When those packets come from a host and are detected, the corresponding field shows a check mark to indicate the host has health concern problems.

  • Page 93: Eim

    Information Security Gateway Tunnels are host-based software. They provide a secure channel for communication. The purpose is to break through a firewall and escape content inspecting. For example, like soft ether, VNN, and VNC. The EIM table provides layer seven monitoring. A packet is classified by its application pattern and summarized into six categories: IM, P2P, Web application, file transfer, E-mail, and media.

  • Page 94: Two Levels Topn Analysis

    DFL-M510 EVELS NALYSIS Administrators can review detected application patterns by information revealed from its packets. All triggered incidents are categorized on the principle of sequence, health, time of occurrence, name of pattern, source address, destination address, counts, and responsive actions (dropping packets, disconnects, emailing the administrator in charge, or keeping logs of incidents,) and are all displayed in charts for administrators to quickly understand the present status of the network.
  • Page 95 Information Security Gateway The lower list shows details of each category. When the IM category is chosen, the second level chart covers the first chart as follows: It would be understood that the MSN is the most frequent application within the IM category. If you press Reset, all data is erased.
  • Page 96 DFL-M510 The following means that the top application is MSN. ROUPS PPLICATIONS In these charts, the first level shows the top 10 groups. When a group is chosen, the second level shows the top 10 Applications. The following means that the top group is the default group.
  • Page 97 Information Security Gateway SERS PPLICATIONS In these charts, the first level shows the top 10 users. When a user is chosen, the second level shows the top 10 applications in the chosen user. The following means that the top user is Terry. Chapter 5: Real Time Monitor -- 87...
  • Page 98 DFL-M510 EALTH ONCERNS SERS In these charts, the first level shows the top 3 health concerns. When a health concern is chosen, the second level shows the top 10 users in the chosen health concern. The following means that the top health concern is the illegal agent.
  • Page 99 Information Security Gateway SER WITH EALTH ONCERNS EALTH ONCERNS In these charts, the first level shows the top 10 users with health concerns. When a user is chosen, the second level shows the top 3 health concerns in the chosen user. The following means that the top user with health concern is CJHO.
  • Page 100 DFL-M510 90 -- Chapter 5: Real Time Monitor...

  • Page 101: Report & Log

    HAPTER & L EPORT The Report & Log screen allows administrators to view detailed reports and logs of the device status. The Report & Log Screen After you log on, click Report & Log to open the following screen: The Report & Log screen gives you access to the following tabs: •...

  • Page 102: The Report Tab

    DFL-M510 EPORT To view the Report tab, click Report & Log / Report . In the Report Title field, type a title for the report and click Generate . NTERACTIVE EPORT After you click Generate, the report window opens. 92 -- Chapter 6: Report & Log...
  • Page 103 Information Security Gateway The above screen is described in the Real Time Monitor chapter. See “Monitoring Real Time Traffic” on page 80. Click Print to print the report. Click Save As to save the report to the local computer. Click Close to close the report window.

  • Page 104: The Log Tab

    DFL-M510 2. Type a name for the report and click Save As . 3. Open the file you saved in your Web browser. Scroll down to view the details of the report. To view the Log tab, click Report & Log / Log .
  • Page 105 Information Security Gateway display list, the default setting of the system is to display all information regarding incidents, including the occurring, source, and message. Administrators can inspect data and filter out unnecessary events. EARCHING FOR OGS BY A PECIFIC To search a log for a specific time, specify the time under Specific Time and click Search . ETTING THE ISPLAY The Display in one page field, lets you define how many log records display in one page.
  • Page 106 DFL-M510 96 -- Chapter 6: Report & Log...

  • Page 107: Status

    HAPTER TATUS The Status screen provides information on the current network and system settings. You can also find details of what applications can be monitored and incorporated into your policies. The Status Screen After you log on, click Status to open the following screen: The Status screen gives you access to the following tabs: •...

  • Page 108: The Device Info. Tab

    DFL-M510 EVICE The Device Info. tab information is updated every minute. You can also click the Refresh button to update the information. To view the Device Info. tab, click Status / Device Info . ETWORK NFORMATION IP Address Shows the IP Address (the default is 192.168.1.1) Subnet Mask Shows the subnet mask (the default is 255.255.255.0)
  • Page 109 Information Security Gateway YSTEM NFORMATION Model Name Shows the model name Device Name Shows the device name Kernal Version Shows the kernal version Last time updated Shows last time the firmware was updated Pattern Version Shows the pattern version Last time updated Shows the last time the pattern was updated Pattern number Shows the pattern number...

  • Page 110: The Policy Status Tab

    TATUS Click Application to select the application category which you want to know. It will display the current version in the right field. The following are the currently supported applications and ver- sion of the DFL-M510. Application Support Version Web Control...
  • Page 111 Information Security Gateway Internet File Sharing (P2P) Bittorrent 4.0.1 ezPeer 1.9 Overnet: eDonkey 2000-1.1.2 MLdonkey2.5 Shareaza V2.1.0.0 Morpheus 4.6.1 Bearshare 4.6.3.1 Kuro 6.0 KaZaa 3.0 Gnutrlla Grokster v2.6 DirectConnect 2.2.0 Beedo 2.0 PP365 2004 Streaming Media RealPlayer 10.5 Stream ASF Download: Windows Media Player 10.0 Stream WMV Download: Windows Media Player 10.0 H.323 RTSP...
  • Page 112 P2P Protocol. In this architecture, no what version of the client you use, the DFL-M510 can manage it. NOTE EQUEST NEW APPLICATION SUPPORT If there is a new application that the DFL-M510 can not support, you can use this function to request support. 102 -- Chapter 7: Status...
  • Page 113 Information Security Gateway 1. Click User Request. The following screen appears. 2. Complete all information of the new application, and click Send . You will be contacted by the D-Link support team. Chapter 7: Status -- 103...
  • Page 114 DFL-M510 104 -- Chapter 7: Status...

  • Page 115: The Command Line Interface

    SSH connection service. Administrators can attach an RS-232 cable to the RS- 232 console port on the DFL-M510, and log in with the super terminal program provided by Win- dows 95/98/2000/NT/XP; or use the remote login command line interface by using terminal con- nection software with SSHv2 encryption function.

  • Page 116: Getting Started

    Copyright (C) 2005 D-Link Corp. <www.dlink.com> DFL-M510 login: CLI Command List You can use the console or SSH to connect the DFL-M510. After login, you can use the CLI com- mands to configure the DFL-M510. The complete CLI commands are described as follows. Commands...

  • Page 117: Get Command

    - Reset system configurations to manufacturing defaults (G) help set >> help ping ping - Ping utility Get Command This command will display all kinds of configuration information of the DFL-M510. Main Example Command description command command system get system Display system configurations, including IP, password and etc.

  • Page 118: Set Command

    DFL-M510 (B) get time >> get time Current time : (GMT + 0) Mon Apr 18 08:34:37 2005 DST time : (GMT + 0) Mon Apr 18 08:34:37 2005 System duration: 0 days 0:43:10 (C) get state >> get state...

  • Page 119: Set System" Command

    Information Security Gateway “ ” SET SYSTEM COMMAND Prefix Example Command description command set system set system ip 192.168.80.244 Set device’s IP mask set system mask 255.255.0.0 Set device’s mask gateway set system gateway Set device’s default gateway 192.168.80.244 passwd set system passwd Set administrator’s new password detect...
  • Page 120 DFL-M510 Do you want to apply this setting immediately? Your current ssh/http connection will be cut off. (y/n) (B) set system mask >> set system mask 255.255.255.0 Do you want to apply this setting immediately? Your current ssh/http connection will be cut off. (y/n) (C) set system gateway >>...

  • Page 121: Set Time" Command

    Information Security Gateway Turn off TCP state check bypass (M) set system detect pinglen 1024 >> set system detect pinglen 1024 Change maximum length of ping packet OK. (N) set system detect tcpcoldstart 250 >> set system detect tcpcoldstart 250 Change TCP cold start duration time OK.

  • Page 122: Set State" Command

    DFL-M510 “ ” SET STATE COMMAND Prefix Example Command description command set state inline Set state inline Set ISG to execute normally based on its configured policy Monitor Set state monitor ISG only inspects and keep logs does not drop...

  • Page 123: Set Remote" Command

    Information Security Gateway “ ” SET REMOTE COMMAND Prefix Postfix Command description command command command command set remote access Enable remote access using browser from http wan port Enable remote access using browser from lan port Enable remote access using browser from wan and lan port disable Disable remote access using browser...
  • Page 124 DFL-M510 Do you want to apply this setting immediately? Your current ssh/http connection will be cut off. (y/n) (E) set remote http ip 1 192.168.1.230 >> set remote http ip 1 192.168.1.230 Do you want to apply this setting immediately? Your current ssh/http connection will be cut off.

  • Page 125: Set Interface" Command

    Sub command Example Command description command exit none exit Exit command shell XAMPLE (A) exit >> exit Logout Welcome to D-Link DFL-M510 Console Environment Copyright (C) 2005 D-Link Corp. <www.dlink.com> DFL-M510 login: Appendix A: The Command Line Interface -- 115...

  • Page 126: Reboot Command

    DFL-M510 Reboot Command Use this command to reboot system. Main Sub command Example Command description command reboot none reboot Reboot system, type "y" to reboot the system. XAMPLE (A) exit >> reboot Are you sure to reboot system? (y/n) Reset Command Use this command to reset system configuration to default settings.

  • Page 127: Glossary

    PPENDIX LOSSARY Bandwidth The transmission capacity of a given device or network A Binary Digit (either a one or a zero); a single digit number in base-2. A bit is the smallest unit of computerized data. Bridge A device that connects two different kinds of local networks, such as a wireless network to a wired Ethernet.
  • Page 128 DFL-M510 A nonvolatile storage device that can be electrically erased and reprogrammed so that data can be stored, booted and rewritten as necessary. FTP (File Transfer Protocol) File Transfer Protocol is an Internet file transfer service that operates on the Internet and over TCP/IP networks.
  • Page 129 Information Security Gateway Peer-to-peer (P2P) is where computing devices link directly to each other and can directly initiate communication with each other; they do not need an intermediary. A device can be both the client and the server. Packet Filter A filter that scans packets and decides whether to let them through or not.
  • Page 130 DFL-M510 URL is an object on the Internet or an intranet that resides on a host system. Objects include directories and an assortment of file types, including text files, graphics, video and audio. A URL is the address of an object that is normally typed in the Address field of a Web browser.

  • Page 131: Features And Specifications

    PPENDIX EATURES AND PECIFICATIONS Hardware Specification D-Link SOC DL-5100 System memory 128M SDRAM on board, 16M Flash on board Ethernet 2 x 10/100 M auto-sensing auto-crossing with frog light Other port RS232(9 pin) LCD Module Blue background with white light LCD Panel Power AC LINE 100-240V AC 50-60Hz 0.8A MAX...
  • Page 132 DFL-M510 3. Web Application Web Browser 1. Web Mail 1. Login Control (HTTP/HTML) 2. Web Uploading 2. Post/Put 3. Web Download 3. Upload 4. Web Posting 4. Download 5. Web IM 5. URL 6. Web URL Filter 6. Keyword 7. Web Content 7.

  • Page 133: Lcm Module

    Information Security Gateway LCM Module Main Menu Sub-Menu Description Device Status System Info. Firmware Ver Policy Ver Policy Number Current Date Current Time Dev. Up Time CPU Load Memory Usage Current Session Traffic Info. WAN RX WAN Drop LAN RX LAN Drop Traffic Level Alert Monitor...

  • Page 134: Other Specifications

    DFL-M510 Reset Reset Confirm Reboot Reboot Confirm Other Specifications Performance: 30-40 Mbps (All function enabled), Wires peed for L3 switching Concurrent Users: 150 Concurrent TCP Sessions: 4,000 System Operation Mode: In-Line mode Monitor mode Bypass mode SPAN mode (Monitor 2 Subnets)
  • Page 135 Information Security Gateway Send e-mail to Administrator Send windows popup message to source. (only for “Drop” rule.) Response a web page message to source. (only for “Drop” rule.) Filter Keyword. Security Network Worm Detection/ Prevention ADware Detection/Prevention Spyware Detection/Prevention IM SPAM/ Malware Detection/Prevention Trojan Detection/Prevention Illegal agent Detection/Prevention Detection / Prevention DDOS/DOS...
  • Page 136 DFL-M510 Media Byte/Sec 2 levels Top N Monitor Top N Categories / Top N Applications Top N Applications / Top N Users Top N Groups / Top N Users Top N Users / Top N Applications Top N Health Concerns/ Top N Users...

  • Page 137: Mechanic & Id Design Front Led Indicators

    Information Security Gateway Mechanic & ID Design Front LED indicators Function Naming Color Status LED description Power Power Green Power off Power on System System Green Power off (System not ready) System ready and running ok Bypass Bypass System bypass not enable System bypass or failed Inbound Inbound...

  • Page 138: Physical Environment

    DFL-M510 Mask: XXX.XXX.XXX.XXX Gateway: XXX.XXX.XXX.XXX DNS: XXX.XXX.XXX.XXX Operation Mode In-Line Bypass Monitor SPAN Interface information LAN: auto/10half/10full/100half/100full/stealth on/stealth off WAN: auto/10half/10full/100half/100full/stealth on/stealth off Reset to Manufactory Setting Reboot Physical Environment Power 25W Open Frame Switching Power Supply, Input AC range 100 ~ 240V 50/60Hz.

  • Page 139: Index

    NDEX Active schedule, template 64 Administrator, email notification 25 Application block, new 102 Application blocking, supported 100 Assign Policy tab 66 Bypass zone, DMZ 33 Bypass, hosts/groups 35 Command line interface 105 Common network protocol 82 Configuring, Command Line Interface 3 Configuring, Web-based Interface 7 Date and time, adjust 21 EIM 83...
  • Page 140 Interface tab 28 Keyword content, template 65 Keyword filter 76 LCM Button Description 2 Log tab 94 Log, searching for 95 Logging on the DFL-M510 7 Logs, navigating 95 Maintenance screen 39 Network analysis 84 Network screen 23 Network Setting tab 23...
  • Page 141 Real Time Application, monitoring 81 Real Time Monitor screen 79 Real Time Traffic, monitoring 80 Rear View 3 Remote Access tab 29 Report tab 92 Report, interactive 92 Schedule screen 72 Server access, configuring 27 Server access, configuring for SSH 30 Setup Groups tab 51 Setup Wizard, run 10 SNMP, configuring 26...

Table of Contents