| Specifications |
| Ports |
4 × Gigabit combo interfaces |
| 8 × Gigabit Ethernet copper ports |
| 8 × 10-Gigabit Ethernet ports |
| Expansion slots |
6 |
| Storage media |
2 × 480G SSD drives (optional) |
| AAA |
Portal authentication. |
| RADIUS authentication. |
| HWTACACS authentication. |
| PKI/CA (X.509 format) authentication. |
| Domain authentication. |
| CHAP authentication. |
| PAP authentication. |
| Firewall |
Virtual firewall. |
| Security zone. |
| Attack protection against malicious attacks, such as land, smurf, fraggle, ping of death, teardrop, IP spoofing, IP fragmentation, ARP spoofing, reverse ARP lookup, invalid TCP flag, large ICMP packet, address/port scanning, SYN flood, ICMP flood, UDP flood, and DNS query flood. |
| Basic and advanced ACLs. |
| Time range-based ACL. |
| User-based and application-based access control. |
| Dynamic packet filtering. |
| ASPF application layer packet filtering. |
| Static and dynamic blacklist function. |
| MAC-IP binding. |
| MAC-based ACL. |
| 802.1Q VLAN transparent transmission. |
| Load balancing |
Link and server load balancing. |
| Application- and ISP-based Intelligent route selection. |
| Health monitoring through ICMP, UDP, and TCP. |
| Port-, HTTP-, and SSL-based sticky methods to implement busy bandwidth and fault protection. |
| Antivirus |
Signature-based virus detection. |
| Manual and automatic upgrade for the signature database. |
| Stream-based processing |
| Virus detection based on HTTP, FTP, SMTP, and POP3 |
| Virus types include Backdoor, Email-Worm, IM-Worm, P2P-Worm, Trojan, AdWare, and Virus. |
| Virus logs and reports. |
| Deep intrusion prevention |
Prevention against attacks such as hacker, worm/virus, Trojan, malicious code, spyware/adware, DoS/DDoS, buffer overflow, SQL injection, and IDS/IPS bypass. |
| Attack signature categories (based on attack types and target systems) and severity levels (including high, medium, low, and notification) |
| Manual and automatic upgrade for the attack signature database (TFTP and HTTP). |
| P2P/IM traffic identification and control. |
| Email/webpage/application layer filtering |
Email filtering |
| SMTP email address filtering |
| Email subject/content/attachment filtering |
| Webpage filtering |
| HTTP URL/content filtering |
| Java blocking |
| ActiveX blocking |
| SQL injection attack prevention |
| Behavior and content audit |
User-based content audit and tracking. |
| File filtering |
Identification of file types such as Word, Excel, PPT, PDF, ZIP, RAR, EXE, DLL, AVI, and MP4, and filtering of sensitive information in the files. |
| URL filtering |
Over 50 types of signature-based URL filtering rules, and discarding, reset, redirection, logging, and blacklisting of packets matching the rules. |
| Application identification and control |
Identification of various types of applications, and access control based on specific functions of an application. |
| Combination of application identification and intrusion prevention, antivirus, and content filtering, improving detection performance and accuracy. |
| NAT |
Many-to-one NAT, which maps multiple internal addresses to one public address. |
| Many-to-many NAT, which maps multiple internal addresses to multiple public addresses. |
| One-to-one NAT, which maps one internal address to one public address. |
| NAT of both source address and destination address. |
| External hosts access to internal servers. |
| Internal address to public interface address mapping. |
| NAT support for DNS. |
| Setting effective period for NAT. |
| NAT ALGs for NAT ALG, including DNS, FTP, H.323, ILS, MSN, NBT, PPTP, and SIP. |
| VPN |
L2TP VPN. |
| IPsec VPN. |
| GRE VPN. |
| SSL VPN. |
| SM1 hardware encryption algorithm, SM2, SM3, and SM4 encryption algorithms. |
| Routing |
Routing protocols such as RIP, OSPF, BGP, and IS-IS. |
| VXLAN |
VXLAN service chain. |
| IPv6 |
IPv6 status firewall. |
| IPv6 attack protection. |
| IPv6 forwarding. |
| IPv6 protocols such as ICMPv6, PMTU, Ping6, DNS6, TraceRT6, Telnet6, DHCPv6 Client, and DHCPv6 Relay. |
| IPv6 routing: RIPng, OSPFv3, BGP4+, static routing, policy-based routing |
| IPv6 multicast: PIM-SM, and PIM-DM. |
| IPv6 transition techniques: NAT-PT, IPv6 tunneling, NAT64 (DNS64), and DS-LITE. |
| IPv6 security: NAT-PT, IPv6 tunnel, IPv6 packet filter, RADIUS, IPv6 zone pair policies, IPv6 connection limit. |
| High availability |
SCF 2:1 virtualization |
| Active/active and active/standby stateful failover. |
| Configuration synchronization of two firewalls |
| IKE state synchronization in IPsec VPN. |
| VRRP. |
| Built-in bypass module. |
| External bypass host. |
| Configuration management |
Configuration management at the CLI. |
| Remote management through Web. |
| Device management through H3C SSM. |
| SNMPv3, compatible with SNMPv2 and SNMPv1. |
| Intelligent security policy |
| Physical specifications |
| Operation modes |
Route, transparent, and hybrid |
| Ambient temperature |
Operating: 0°C to 45°C (32°F to 113°F) |
| Non operating: –40°C to +70°C (–40°F to +158°F) |
![Icon [all products]](https://www.thunder-link.com/tl-content/uploads/2022/05/Icon-all-products-1.svg "Icon [all products]"){kind=icon}
All products
Reviews
There are no reviews yet.
There are no reviews yet.