Nowadays, network attackers use various methods, such as identity spoofing, website Trojan horses, and malware, to initiate network penetration and attacks, affecting the normal use of enterprise networks.
Thus, deploying firewalls on network borders is a common way to protect enterprise network security. Huawei’s next-generation firewalls proactively defend against network threats, enhance border detection capabilities, effectively defend against advanced threats, and resolve performance deterioration problems.
Many questions rise when we want to purchase firewall; first, we should be clear of how many bandwidth and interface GE, 10GE, 40G we need? To more specific, you should have rough ideas of average annual growth rate of your bandwidth traffic and how long the firewall will be deployed in order to plan well for the near future.
What’s more, many firewall licenses required by certain functions should not be ignored so as to fully protect our network security even we can still use firewall normally without any licenses. Different firewalls have different licenses, thus price is varied too. Below are some common licenses by taking an example of HiSecEngine USG6600E Series firewall:
|12×GE (RJ45) +
8×GE (SFP) +
|2 x 40G (QSFP+) +
12 x 10 GE (SFP+) +
12 x GE +
1 x USB 3.0
|4 x 40 GE (QSFP+) +
28 x 10 GE (SFP+) +
2 x 10 GE (SFP+) HA +
1 x USB 3.0
|6 x 10GE (SFP+) +
6 x GE (SFP) +
16 x GE
|2 x 40GE (QSFP+)
+ 12 x 10GE (SFP+) +
16 x GE
· Function License
-SSL VPN Concurrent Users((100/200/500/1000/2000/5000 Users)
-Virtual Firewall(10/20/50/100/200/500/1000 Vsys)
· NGFW License
-IPS Update Service(IPS)
-Antivirus Update Service(AV)
-URL Filtering Update Service(URL)
-Cloud Sandbox Inspection(CS)
-Threat Protection Bundle (IPS, AV, URL)
-Advanced Threat Protection
Note: generally these update service comes with 12 Months or 36 Months for your options.
· N1 License(Per Device)
-Foundation package function
-Advanced package function
Deployment: Small data center border protection
Firewalls are deployed at egresses of data centers, and functions and system resources can be
virtualized. The firewall has multiple types of interfaces, such as 40G, 10G, and 1G interfaces.
Services can be flexibly expanded without extra interface cards.
Hope this article will be helpful when you choose your ideal firewall. If any questions regarding Huawei firewall or any technical problems, please contact our professional and experienced team: [email protected]