<< Назад на страницу выбора модели

 

Firewall Throughput (1518/512/64-byte, UDP)4/4/3.6 Gbit/s
Firewall Latency (64-byte, UDP)18 μs
FW + SA + IPS Throughput2.1 Gbit/s
FW + SA + IPS + Antivirus Throughput2.0 Gbit/s
Concurrent Sessions (HTTP1.1)4,000,000
New Sessions/Second (HTTP1.1)78,000
Maximum IPsec VPN Tunnels (GW to GW)4,000
Maximum IPsec VPN Tunnels (Client to GW)4,000
IPsec VPN Throughput1
(AES-256 + SHA256, 1420-byte)
4 Gbit/s
SSL Inspection Throughput450 Mbit/s
Concurrent SSL VPN Users
(Default/Maximum)
100/1000
Security Policies (Maximum)15,000
Virtual Firewalls100
URL Filtering: CategoriesMore than 130
URL Filtering: URLsA database of over 120 million URLs in the cloud
Automated Threat Feedback and IPS Signature UpdatesYes, an industry-leading security center from Huawei
Third-Party and Open-Source EcosystemOpen API for integration with third-party products, providing RESTful and NetConf interfaces
Other third-part management software based on SNMP, SSH, and
Syslog
Cooperation with third-party tools, such as Tufin, AlgoSec and FireMon
Collaboration with anti-APT solution
Centralized ManagementCentralized configuration, logging, monitoring, and reporting is
performed by Huawei eSight and eLog
VLANs (Maximum)4094
VLANIF Interfaces (Maximum)1024
Dimensions (H x W x D) mm43.6 x 442 x 420
Form Factor/Height1U
Fixed Interface2 x 10GE (SFP+) + 8 x GE Combo + 2 x GE WAN
Dedicated management portYes
USB Port1 x USB 2.0 + 1 x USB 3.0
Weight (Full Configuration)5.8 kg
External StorageOptional, SSD (M.2) card supported, 240 GB
AC Power Supply100V to 240V
Typical power consumption of the machine35 W
Power SuppliesSingle AC power supply; optional dual AC power supplies

 

 

FunctionDescription
Integrated protectionIntegrates firewall, VPN, intrusion prevention, antivirus, data leak prevention, bandwidth management, anti-DDoS, URL filtering, and anti-spam functions; provides a global configuration view; manages policies in a unified manner.
Application identification and controlIdentifies over 6000 applications and supports the access control granularity down to application functions; combines application identification with intrusion detection, antivirus, and data filtering, improving detection performance and accuracy.
Cloud-based
management mode
Initiates authentication and registration to the cloud-based management platform to implement plug-and-play and simplify network creation and deployment. Supports remote service configuration, device monitoring, and fault management, implementing the  management of mass devices in the cloud.
Cloud application security
awareness
Controls enterprise cloud applications in a refined and differentiated manner to meet enterprises’ requirements for cloud application management.
Intrusion prevention and
web protection
Accurately detects and defends against vulnerability-specific attacks based on upto-date threat information. The firewall can defend against web-specific attacks, including SQL injection and XSS attacks.
AntivirusRapidly detects over 5 million types of viruses based on the daily-updated virus signature database.
Data leak prevention
(DLP)
Inspects files to identify the file types, such as WORD, EXCEL, POWERPOINT, and PDF, based on file content, and filters the file content.
Bandwidth managementManages per-user and per-IP bandwidth in addition to identifying service applications to ensure the network access experience of key services and users. Control methods include limiting the maximum bandwidth, ensuring the minimum bandwidth, and changing application forwarding priorities.
URL filteringProvides a URL category database with over 120 million URLs and accelerates access to specific categories of websites, improving access experience of high-priority websites. Supports DNS filtering, in which accessed web pages are filtered based on domain names.
Supports the SafeSearch function to filter resources of search engines, such as Google, to guarantee access to only healthy network resources.
Behavior and content auditAudits and traces the sources of the accessed content based on users.
Load balancingSupports server load balancing and link load balancing, fully utilizing existing network resources.
Intelligent uplink selectionSupports service-specific PBR and intelligent uplink selection based on multiple load balancing algorithms (for example, based on bandwidth ratio and link health status) in multi-egress scenarios.
VPN encryptionSupports multiple highly available VPN features, such as IPSec VPN, SSL VPN, L2TP VPN, MPLS VPN, and GRE, and provides the Huawei-proprietary VPN client SecoClient for SSL VPN, L2TP VPN, and L2TP over IPSec VPN remote access.
DSVPNDynamic smart VPN (DSVPN) establishes VPN tunnels between branches whose public addresses are dynamically changed, reducing the networking and O&M costs of the branches.
SSL-encrypted traffic
detection
Detects and defends against threats in SSL-encrypted traffic using application-layer protection methods, such as intrusion prevention, antivirus, data filtering, and URL filtering.
SSL offloadingReplaces servers to implement SSL encryption and decryption, effectively reducing server loads and implementing HTTP traffic load balancing.
Anti-DDoSDefends against more than 10 types of common DDoS attacks, including SYN flood and UDP flood attacks.
User authenticationSupports multiple user authentication methods, including local, RADIUS, HWTACACS, AD, and LDAP. The firewall supports built-in Portal and Portal redirection functions. It can work with the Agile Controller to implement multiple authentication modes.
Security virtualizationSupports virtualization of multiple types of security services, including firewall, intrusion prevention, antivirus, and VPN. Users can separately conduct personal management on the same physical device.
Security policy
management
Manages and controls traffic based on VLAN IDs, quintuples, security zones, regions, applications, URL categories, and time ranges, and implements integrated content security detection.
Provides predefined common-scenario defense templates to facilitate security policy deployment.
Provides security policy management solutions in partnership with FireMon and AlgoSec to reduce O&M costs and potential faults.
Diversified reportsProvides visualized and multi-dimensional report display by user, application, content, time, traffic, threat, and URL.
Generates network security analysis reports on the Huawei security center platform to evaluate the current network security status and provide optimization suggestions.
RoutingSupports multiple types of routing protocols and features, such as RIP, OSPF, BGP, IS-IS, RIPng, OSPFv3, BGP4+, and IPv6 IS-IS.
Deployment and reliabilitySupports transparent, routing, and hybrid working modes and high availability (HA), including the Active/Active and Active/Standby modes.