NETGEAR manual How many VPN tunnels can the FVL328 support at one time?, What is encryption?

Page 2

FVL328 Cable/DSL ProSafe High-Speed VPN Firewall

Page 2

7.How many VPN tunnels can the FVL328 support at one time?

As a standard feature, the FVL328 has the ability to support up to 100 VPN tunnels at one time. This can be a combination of branch office, mobile users or partner connections.

8.What is encryption?

A mathematical operation that transforms data from "clear text" to "cipher text," which cannot be interpreted. Usually the mathematical operation requires that an alphanumeric key be supplied along with the clear text. The key and clear text are processed by the encryption operation, which leads to data scrambling that makes it secure. Decryption is the opposite of encryption; it is the mathematical operation that transforms cipher text to clear text.

9.How is the data encrypted on the FVL328 VPN?

The data is hardware-encrypted through the embedded encryption accelerator in the microprocessor.

10.What is DES and 3DES?

DES, or Digital Encryption Standard, is encryption used for data communications where both the sender and receiver must know the same secret key, which can be used to encrypt and decrypt the message, or to generate and verify a message authentication code. NETGEAR DES encryption uses a 56-bit key. 3DES, or “triple DES” on the other hand, is a variation on DES that uses a 168-bit key to provide more secure data transmission than DES. TripleDES is considered to be virtually unbreakable by security experts. It also requires a great deal more processing power, resulting in increased latency and decreased throughput unless hardware acceleration is provided, as in the FVL328.

11.What is IPSec?

Internet Protocol Security is a robust VPN standard that covers authentication and encryption of data traffic over the Internet. IPSec employs three components, encapsulating security payload (ESP), authentication header (AH), and Internet key exchange (IKE) technology. VPN technology employing IPSec will encrypt all outgoing data and decrypt all incoming data so that a public network can be used, like the internet, as transportation media. IPSec can support two encryption modes: transport and tunnel. Transport mode encrypts the data portion of each packet but leaves the header unencrypted. The more secure the tunnel mode encrypts both the header and the data. The FVL328 supports both. At the receiving end, an IPSec- compliant device decrypts each packet. For IPSec to work, the sending and receiving devices must share a key. IKE protocol is a key management protocol standard which is commonly used in conjunction with the IPSec standard. Unlike PPTP, IPSec is specific only to the Internet Protocol (IP) and does not provide security for other protocols. PPTP supports multiple protocols, but is not as secure.

12.What is IKE?

Internet Key Exchange is a negotiation and key exchange protocol specified by the Internet Engineering Task Force (IETF). An IKE security association (SA) automatically negotiates encryption and authentication keys. With IKE, and initial exchange authenticates the VPN session and automatically negotiates keys that will be used to pass IP traffic.

13.What is Authentication Header (AH)?

AH provides authentication and integrity, which protect against data tampering, using the same algorithms as ESP. AH also provides optional anti-replay protection, which protects against unauthorized retransmission of packets. The authentication header is inserted into the packet between the IP header and any subsequent packet contents. The payload is not touched. Although AH protects the packet’s origin, destination, and contents from being tampered with, the identity of the sender and receiver is known. In

Page 1 Page 3
Image 2
Page 1 Page 3
Contents What is VPN end point, and what can it do? What is significant about the FVL328?What is Virtual Private Networking? Is the FVL328 a router?What is IPSec? What is encryption?What is DES and 3DES? What is IKE?What is PKI? What is Encapsulating Security Payload ESP?What is a Security Association? What is a Certificate Authority CA?What are Denial of Service DoS attacks? What is network address translation NAT?What is Stateful Packet Inspection SPI? What are the types DoS attacks? Does the FVL328 filter content this way?Where can I buy this product? How many users does the FVL328 support?What if I need multiple-site VPNs? Mucho EV/PKWhat about backward compatibility with the FR318 and FV318? How easy is it to connect to the Internet using the FVL328?FVL328 supports Auto Uplink. What is Auto Uplink? What platforms does the FVL328 support?Does the FVL328 support secure remote management? What is PPPoE?Does the FVL328 support a DMZ? Does the FVL328 support IPX or AppleTalk?Does the FVL328 support any Operating System? How do I find out more about VPN?

FVL328 specifications

The NETGEAR FVL328 is a high-performance broadband VPN firewall that caters primarily to small and medium-sized businesses. Renowned for its robust security features, the FVL328 is designed to protect sensitive data while providing seamless connectivity for remote users. By leveraging advanced technologies, this firewall ensures secure, reliable access to corporate resources.

One of the standout features of the FVL328 is its built-in virtual private network (VPN) functionality. Supporting up to 20 concurrent VPN connections, the device utilizes both IPSec and L2TP protocols, offering secure tunneling for remote workers. This capability is critical for businesses looking to maintain data integrity while allowing users to access the network from various geographical locations.

The FVL328 integrates a stateful packet inspection (SPI) firewall, which monitors both incoming and outgoing traffic to provide robust protection against unauthorized access and cyber threats. This feature is paramount in today's digital landscape where cyberattacks are increasingly sophisticated. Additionally, the device includes denial of service (DoS) attack protection, further enhancing its security repertoire.

In terms of connectivity, the FVL328 boasts multiple Ethernet ports, allowing for flexible network design and integration with existing infrastructure. The router features four 10/100 Mbps LAN ports and one WAN port, accommodating various networking needs. The automatic IP or static IP configuration options also provide businesses with the flexibility to set up their internet connections quickly.

Another significant aspect of the FVL328 is its user-friendly management interface. With an intuitive web-based GUI, network administrators can easily manage settings, monitor performance, and troubleshoot issues in real time. The device also supports remote management, enabling administrators to configure and manage the network without being physically present.

To complement its advanced technologies, the FVL328 offers various other features, including DHCP server capabilities, Network Address Translation (NAT), and a built-in DynDNS client for dynamic IP management. These characteristics help businesses optimize their network performance while simplifying IP address management.

In summary, the NETGEAR FVL328 is a versatile and secure broadband VPN firewall perfect for businesses that require reliable internet connectivity and robust security measures. Its main features, including advanced VPN support, stateful packet inspection, and an intuitive management interface, make it a valuable asset for any organization's network infrastructure.
Top Page Image Contents