<< Назад на страницу выбора модели


IPv4 Firewall Throughput (1518/512/64-byte, UDP) 160/160/100 Gbit/s
IPv6 Firewall Throughput (1518/512/84-byte, UDP) 160/120/26 Gbit/s
Firewall Throughput (Packet per Second) 150 Mpps
Firewall Latency (64-byte, UDP) 15 μs
FW+SA Throughput 60 Gbit/s
FW+SA+IPS Throughput 40 Gbit/s
FW+SA+IPS+Antivirus Throughput 38 Gbit/s
Full protection Throughput 36 Gbit/s
Full protection Throughput (Realworld) 18 Gbit/s
Concurrent Sessions (HTTP1.1) 50,000,000
New Sessions/Second (HTTP1.1) 1,600,000
Maximum IPsec VPN Tunnels (GW to GW) 120,000
Maximum IPsec VPN Tunnels (Client to GW) 120,000
IPsec VPN Throughput1
(AES-256 + SHA256, 1420-byte)
100 Gbit/s
SSL Inspection Throughput 18 Gbit/s
SSL VPN Throughput 12 Gbit/s
Concurrent SSL VPN Users
Firewall Policies (Max) 60,000
Virtual Firewalls 1,000
URL Filtering: Categories More than 130
URL Filtering: URLs A database of over 120 million URLs in the cloud
Automated Threat Feedback and IPS Signature Updates Yes, an industry-leading security center from Huawei
Third-Party and Open-Source Ecosystem Open API for integration with third-party products, providing RESTful and NetConf interfaces
Other third-part management software based on SNMP, SSH, and
Cooperation with third-party tools, such as Tufin, AlgoSec and FireMon
Collaboration with anti-APT solution
Centralized Management Centralized configuration, logging, monitoring, and reporting is
performed by Huawei eSight and eLog
VLANs (Maximum) 4094
VLANIF Interfaces (Maximum) 1024
Dimensions (H x W x D) mm 44 x 442 x 600
Form Factor/Height 1U
Fixed Interface 2*100G (QSFP28) + 2*40G (QSFP+) + 20*10GE (SFP+) + 2*10GE (SFP+)
MTBF 25 years
USB Port 1 x USB 3.0 Ports
Weight (Full Configuration) 12 kg
Local Storage Optional, SSD (1*2.5inch) supported, 240G/HDD (1*2.5inch) supported, 1TB
AC Power Supply 100V to 240V, 50/60Hz
Power Consumption (Average/Maximum) 382.9W/566W
Power Supplies Dual AC power supplies

Function Description
Integrated protection Integrates firewall, VPN, intrusion prevention, antivirus, data leak prevention, bandwidth management, anti-DDoS, URL filtering, and anti-spam functions; provides a global configuration view; manages policies in a unified manner.
Application identification and control Identifies over 6000 applications and supports the access control granularity down to application functions; combines application identification with intrusion detection, antivirus, and data filtering, improving detection performance and accuracy.
management mode
Initiates authentication and registration to the cloud-based management platform to implement plug-and-play and simplify network creation and deployment. Supports remote service configuration, device monitoring, and fault management, implementing the  management of mass devices in the cloud.
Cloud application security
Controls enterprise cloud applications in a refined and differentiated manner to meet enterprises’ requirements for cloud application management.
Intrusion prevention and
web protection
Accurately detects and defends against vulnerability-specific attacks based on upto-date threat information. The firewall can defend against web-specific attacks, including SQL injection and XSS attacks.
Antivirus Rapidly detects over 5 million types of viruses based on the daily-updated virus signature database.
Anti-APT Collaborates with the local or cloud sandbox to detect and block malicious files. Supports the flow probe information collection function to collect traffic information and send the collected information to the CIS(Cybersecurity Intelligence System) for analysis, evaluation, and identification of threats and APT attacks.
Encrypted traffic does not need to be decrypted. The firewall can work with the CIS to detect threats in encrypted traffic. The firewall can proactively respond to malicious scanning behavior and work with the CIS to analyze behavior, quickly detect and record malicious behavior, and protect enterprises against threats in real time.
Data leak prevention
Inspects files to identify the file types, such as WORD, EXCEL, POWERPOINT, and PDF, based on file content, and filters the file content.
Bandwidth management Manages per-user and per-IP bandwidth in addition to identifying service applications to ensure the network access experience of key services and users. Control methods include limiting the maximum bandwidth, ensuring the minimum bandwidth, and changing application forwarding priorities.
URL filtering Provides a URL category database with over 120 million URLs and accelerates access to specific categories of websites, improving access experience of high-priority websites. Supports DNS filtering, in which accessed web pages are filtered based on domain names.
Supports the SafeSearch function to filter resources of search engines, such as Google, to guarantee access to only healthy network resources.
Behavior and content audit Audits and traces the sources of the accessed content based on users.
Load balancing Supports server load balancing and link load balancing, fully utilizing existing network resources.
Intelligent uplink selection Supports service-specific PBR and intelligent uplink selection based on multiple load balancing algorithms (for example, based on bandwidth ratio and link health status) in multi-egress scenarios.
VPN encryption Supports multiple highly available VPN features, such as IPSec VPN, SSL VPN, L2TP VPN, MPLS VPN, and GRE, and provides the Huawei-proprietary VPN client SecoClient for SSL VPN, L2TP VPN, and L2TP over IPSec VPN remote access.
DSVPN Dynamic smart VPN (DSVPN) establishes VPN tunnels between branches whose public addresses are dynamically changed, reducing the networking and O&M costs of the branches.
SSL-encrypted traffic
Detects and defends against threats in SSL-encrypted traffic using application-layer protection methods, such as intrusion prevention, antivirus, data filtering, and URL filtering.
SSL offloading Replaces servers to implement SSL encryption and decryption, effectively reducing server loads and implementing HTTP traffic load balancing.
Anti-DDoS Defends against more than 10 types of common DDoS attacks, including SYN flood and UDP flood attacks.
User authentication Supports multiple user authentication methods, including local, RADIUS, HWTACACS, AD, and LDAP. The firewall supports built-in Portal and Portal redirection functions. It can work with the Agile Controller to implement multiple authentication modes.
Security virtualization Supports virtualization of multiple types of security services, including firewall, intrusion prevention, antivirus, and VPN. Users can separately conduct personal management on the same physical device.
Security policy
Manages and controls traffic based on VLAN IDs, quintuples, security zones, regions, applications, URL categories, and time ranges, and implements integrated content security detection.
Provides predefined common-scenario defense templates to facilitate security policy deployment.
Provides security policy management solutions in partnership with FireMon and AlgoSec to reduce O&M costs and potential faults.
Diversified reports Provides visualized and multi-dimensional report display by user, application, content, time, traffic, threat, and URL.
Generates network security analysis reports on the Huawei security center platform to evaluate the current network security status and provide optimization suggestions.
Routing Supports multiple types of routing protocols and features, such as RIP, OSPF, BGP, IS-IS, RIPng, OSPFv3, BGP4+, and IPv6 IS-IS.
Deployment and reliability Supports transparent, routing, and hybrid working modes and high availability (HA), including the Active/Active and Active/Standby modes.