H3C NS-F1000-AI-55 Next Generation Firewall

Hỗ trợ trực tuyến

Tư vấn

Hỗ trợ Tư Vấn

0909648899

Kinh doanh

Kinh Doanh 01

0917684899

Kinh Doanh 02

0917993131

Kinh Doanh 03

0915793030

Kinh Doanh 04

0906641689

Kỹ thuật

Hỗ trợ Kỹ Thuật 1

02862578356

Hỗ trợ Kỹ Thuật 2

02862578355

Mô tả sản phẩm

Thiết bị tường lửa Firewall H3C NS-F1000-AI-55

Model	F1000-AI-55
Dimensions (W × D × H)	• 440mm×435mm×44.2mm
USB 3.0	• 2
rack mounted	• Yes
Weight	• 5.4kg
Power Supply	• Dual hot-swappable, AC or DC
Power consumption	• 23W
MTBF(Year)	• 53.38
MTTR(h)	• 1
Ports	• 1 × Console port (CON) • 1 × Management port • 6 × Gigabit Ethernet fiber ports • 16 × Gigabit Ethernet copper ports • 4 × Gigabit Ethernet Combo ports • 2 × 10-Gigabit Ethernet fiber ports
Expansion slots	• 2
Interface modules	• 4-port GE PFC interface module • 4-port GE fiber interface module • 4-port 10-GE fiber interface module
Storage	• 1 × 480G SSD/500G HDD/1TB HDD
Flash	• 4GB
SDRAM	• 4GB/4GB/8GB
Temperature	• Operating: 0°C to 45°C (32°F to 113°F) • Storage: –40°C to +70°C (–40°F to +158°F)
Operation modes	• Route, transparent, and hybrid
AAA	• Portal authentication • RADIUS authentication • HWTACACS authentication • PKI/CA (X.509 format) authentication • Domain authentication • CHAP authentication • PAP authentication
Firewall	• SOP virtual firewall technology, which supports full virtualization of hardware resources, including CPU, memories, and storage • Security zone allocation • Protection against malicious attacks, such as land, smurf, fraggle, ping of death, teardrop, IP spoofing, IP fragmentation, ARP spoofing, reverse ARP lookup, invalid TCP flag, large ICMP packet, address/port scanning, SYN flood, ICMP flood, UDP flood, and DNS query flood • Basic and advanced ACLs • Time range-based ACL • User-based and application-based access control • ASPF application layer packet filtering • Static and dynamic blacklist function • MAC-IP binding • MAC-based ACL • MAC-Limitation • 802.1Q VLAN transparent transmission • Bandwidth control
Antivirus	• Signature-based virus detection • Manual and automatic upgrade for the signature database • Stream-based processing • Virus detection based on HTTP, FTP, SMTP, and POP3 • Virus types include Backdoor, Email-Worm, IM-Worm, P2P-Worm, Trojan, AdWare, and Virus • Virus logs and reports
Deep intrusion prevention	• Prevention against common attacks such as hacker, worm/virus, Trojan, malicious code, spyware/adware, DoS/DDoS, buffer overflow, SQL injection, and IDS/IPS bypass • Attack signature categories (based on attack types and target systems) and severity levels (including high, medium, low, and notification) • Manual and automatic upgrade for the attack signature database (TFTP and HTTP). • P2P/IM traffic identification and control
Email/webpage/application layer filtering	• Email filtering • SMTP email address filtering • Email subject/content/attachment filtering • Webpage filtering • HTTP URL/content filtering • Java blocking • ActiveX blocking • SQL injection attack prevention
NAT	• Many-to-one NAT, which maps multiple internal addresses to one public address • Many-to-many NAT, which maps multiple internal addresses to multiple public addresses • One-to-one NAT, which maps one internal address to one public address • NAT of both source address and destination address • External hosts access to internal servers • Internal address to public interface address mapping • NAT support for DNS • Setting effective period for NAT • NAT ALGs for NAT ALG, including DNS, FTP, H.323, ILS, MSN, NBT, PPTP, and SIP
VPN	• L2TP VPN • IPSec VPN • GRE VPN • SSL VPN
IPSEC VPN	• ESP-DES-CBC/ESP-3DES-CBC/ESP-AES-128-CBC/ESP-AES-192-CBC/ESP-AES-256-CBC/ ESP-AES-128-GCM/ESP-NULL/SM1-cbc-128/SM4-cbc
IPSEC VPN Authentication Algorithm	• MD5/SHA1/SM3
IPv6	• IPv6 status firewall • IPv6 attack protection • IPv6 forwarding • IPv6 protocols such as ICMPv6, PMTU, Ping6, DNS6, TraceRT6, Telnet6, DHCPv6 Client, and DHCPv6 Relay • IPv6 routing: RIPng, OSPFv3, BGP4+, static routing, policy-based routing • IPv6 multicast: PIM-SM, and PIM-DM • IPv6 transition techniques: NAT-PT, IPv6 tunneling, NAT64 (DNS64), and DS-LITE • IPv6 security: NAT-PT, IPv6 tunnel, IPv6 packet filter, RADIUS, IPv6 zone pair policies, IPv6 connection limit
IEEE	• IEEE 802.1X
High availability	• SCF 2:1 virtualization • Active/active and active/standby stateful failover • Configuration synchronization of two firewalls • IKE state synchronization in IPsec VPN • VRRP
Configuration management	• Configuration management at the CLI • Remote management through Web • Device management through H3C IMC SSM • SNMPv3, compatible with SNMPv2 and SNMPv1 • Intelligent security policy
Environmental protection	• EU RoHS compliance
Performance
Firewall Throughput (1518Bytes)	• 6Gbps
Application layer throughput（DPI）	• 3.5Gbps
Application layer throughput（DPI+IPS）	• 3.5Gbps
NGFW throughput（DPI+IPS+AV）	• 2.5Gbps
IPSec tunnel （site-to-site）	• 3000
IPSec throughput	• 310M
SSL VPN users	• 4000
SSL VPN throughput	• 220M
Maximum concurrent sessions	• 5M
Maximum New Connections per second	• 50K
Latency	• <15μs