DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual
Introduction 1-3
v1.0, April 2007

Security

The NETGEAR ProSafe DGFV338 is equipped with several features designed to maintain
security, as described in this section.
PCs Hidden by NAT. NAT opens a temporary path to the Internet for requests originating
from the local network. Requests originating from outside the LAN are discarded, preventing
users outside the LAN from finding and directly accessing the PCs on the LA N.
Port Forwarding with NAT. Although NAT prevents Internet locations from directly
accessing the PCs on the LAN, the firewall allows you to direct incoming traffic to specific
PCs based on the service port number of the incoming request. You can specify forwarding of
single ports or ranges of ports.
Exposed Host (Software DMZ). Incoming traffic from the Internet is normally discarded by
the firewall unless the traffic is a response to one of your local computers or a service for
which you have configured an inbound rule. Instead of discarding this traffic, you can have it
forwarded to one computer on your network.

Virtual Private Networking (VPN)

The NETGEAR ProSafe DGFV338 provides a secure encrypted connection between your local
area network (LAN) and remote networks or clients. It includes the following VPN features:
Supports 50 IPSec VPN tunnels.
Supports industry-standard VPN protocols – The DGFV338 supports standard Manual or IKE
keying methods, standard MD5 and SHA-1 authenti cation meth ods, and stand ard DES, 3 DES
and AES encryption methods.
Supports 256-bit AES encryption for maximum sec urity.
The VPN Wizard configuration is based on the Virtual Private Network Consortium (VPNC)
recommended settings.

Autosensing Ethernet Connections with Auto Uplink

With its internal 8-port 10/100 switch, the DGFV338 can connect to either a 10 Mbps standard
Ethernet network or a 100 Mbps Fast Ethernet network. Both the LAN and WAN interfaces are
autosensing and capable of full-duplex or half-duplex operation.