|Integrates firewall, VPN, intrusion prevention, antivirus, data leak prevention, bandwidth management, and URL filtering functions, and provides a global configuration view and integrated policy management.
|Application Identification and Control
|Identifies common applications, supports application-specific access control, and combines application identification with intrusion prevention, antivirus, and data filtering to improve detection performance and accuracy.
|Intrusion Prevention and Web Protection
|Obtains the latest threat information in a timely manner for accurate detection and prevention of vulnerability exploits and web attacks, such as cross-site scripting and SQL injection attacks.
|Data Leak Prevention
|Inspects files to identify the file type, such as WORD, EXCEL, POWERPOINT, and PDF, based on file contents, and filters sensitive content.
|Manages per-user and per-IP bandwidth in addition to identifying service applications to prioritize mission-critical services and users through methods such as peak bandwidth and committed bandwidth, policy-based routing (PBR), and application forwarding priority adjustment.
|Can access a URL category database of over 120 million URLs to manage access by URL category, such as blocking malicious URLs and accelerating access to specified categories.
|Behavior and Content Audit
|Audits and traces the sources of URL access based on the user IP address and requested content.
|Intelligent Uplink Selection
|Supports service-specific PBR and intelligent uplink selection based on multiple load balancing algorithms (for example, based on bandwidth ratio and link health status) in multi-homing scenarios.
|Supports multiple highly reliable VPN features, such as IPsec VPN, SSL VPN, L2TP VPN, and GRE. Supports IPsec intelligent link selection and dynamic IPsec tunnel switchover to improve link availability.
|SSL Encrypted Traffic Detection
|Serves as a proxy to detect and defend against threats in SSL-encrypted traffic using application-layer protection methods such as intrusion prevention, antivirus, data filtering, and URL filtering.
|Supports multiple user authentication methods, including local, RADIUS, HWTACACS, SecurID, AD, CA, LDAP, and Endpoint Security.
|Allows users to create and manage virtual security services, including firewall, intrusion prevention, and antivirus services, on the same physical device.
|Provides predefined common-scenario defense templates to facilitate security policy deployment. Automatically evaluates risks in security policies and provides tuning suggestions. Detects redundant and conflicting policies to remove unnecessary and incorrect policies. Provides the firewall policy management solution in partnership with FireMon to reduce O&M costs and potential faults.
|Provides visualized and multi-dimensional reports by user, application, content, time, traffic, threat, and URL. Generates network security analysis reports on the Huawei security center platform to evaluate the current network security status and provide optimization suggestions.
|Supports IPv4 static routes, policy-based routing, routing policies, multicast, RIP, OSPF, BGP, and IS-IS. Supports IPv6 static routes, policy-based routing, routing policies, RIPng, OSPFv3, BGP4+, and IPv6 IS-IS.
|Transparent, routing, and hybrid working modes.
|Device Management Capability
|Built-in Web UI: Provides abundant device management and maintenance functions, including log report, configuration, and troubleshooting.
|eSight network management: Manages the performance, alarms, resources, configurations, and topology of the entire network.
|Agile Controller: Implements application- and user-specific security policy control in the Huawei SDN Agile Network Solution.*
|LogCenter security event management system: Provides functions such as security posture awareness, report management, log audit, and centralized alarm management.
|API: Supports both NETCONF* and RESTCONF northbound APIs to enable users to centrally configure and maintain firewalls via an upper-level controller to simply the O&M.
|Agile Cloud Management Platform*: The Huawei Agile Cloud Network Solution consists of a cloud management platform and a series of cloud-based network devices. Customers can purchase the cloud management license for firewall management and maintenance services instead of buying network management software and hiring network administrators.