![Icon [all products]](https://www.thunder-link.com/tl-content/uploads/2022/05/Icon-all-products-1.svg "Icon [all products]"){kind=icon}
All products
| Specifications | ||
| Ports | 4 × Gigabit combo interfaces | |
| 8 × Gigabit Ethernet copper ports | ||
| 8 × Gigabit Ethernet fiber ports | ||
| 8 × 10-Gigabit Ethernet ports | ||
| Expansion slots | 4 | |
| Storage media | 2 × 480G SSD drives (optional) | |
| AAA | Portal authentication. | |
| RADIUS authentication. | ||
| HWTACACS authentication. | ||
| PKI/CA (X.509 format) authentication. | ||
| Domain authentication. | ||
| CHAP authentication. | ||
| PAP authentication. | ||
| Firewall | Virtual firewall. | |
| Security zone. | ||
| Attack protection against malicious attacks, such as land, smurf, fraggle, ping of death, teardrop, IP spoofing, IP fragmentation, ARP spoofing, reverse ARP lookup, invalid TCP flag, large ICMP packet, address/port scanning, SYN flood, ICMP flood, UDP flood, and DNS query flood. | ||
| Basic and advanced ACLs. | ||
| Time range-based ACL. | ||
| User-based and application-based access control. | ||
| Dynamic packet filtering. | ||
| ASPF application layer packet filtering. | ||
| Static and dynamic blacklist function. | ||
| MAC-IP binding. | ||
| MAC-based ACL. | ||
| 802.1Q VLAN transparent transmission. | ||
| Load balancing | Link and server load balancing. | |
| Application- and ISP-based Intelligent route selection. | ||
| Health monitoring through ICMP, UDP, and TCP. | ||
| Port-, HTTP-, and SSL-based sticky methods to implement busy bandwidth and fault protection. | ||
| Antivirus | Signature-based virus detection. | |
| Manual and automatic upgrade for the signature database. | ||
| Stream-based processing | ||
| Virus detection based on HTTP, FTP, SMTP, and POP3 | ||
| Virus types include Backdoor, Email-Worm, IM-Worm, P2P-Worm, Trojan, AdWare, and Virus. | ||
| Virus logs and reports. | ||
| Deep intrusion prevention | Prevention against attacks such as hacker, worm/virus, Trojan, malicious code, spyware/adware, DoS/DDoS, buffer overflow, SQL injection, and IDS/IPS bypass. | |
| Attack signature categories (based on attack types and target systems) and severity levels (including high, medium, low, and notification) | ||
| Manual and automatic upgrade for the attack signature database (TFTP and HTTP). | ||
| P2P/IM traffic identification and control. | ||
| Email/webpage/application layer filtering | Email filtering | |
| SMTP email address filtering | ||
| Email subject/content/attachment filtering | ||
| Webpage filtering | ||
| HTTP URL/content filtering | ||
| Java blocking | ||
| ActiveX blocking | ||
| SQL injection attack prevention | ||
| Behavior and content audit | User-based content audit and tracking. | |
| File filtering | Identification of file types such as Word, Excel, PPT, PDF, ZIP, RAR, EXE, DLL, AVI, and MP4, and filtering of sensitive information in the files. | |
| URL filtering | Over 50 types of signature-based URL filtering rules, and discarding, reset, redirection, logging, and blacklisting of packets matching the rules. | |
| Application identification and control | Identification of various types of applications, and access control based on specific functions of an application. | |
| Combination of application identification and intrusion prevention, antivirus, and content filtering, improving detection performance and accuracy. | ||
| NAT | Many-to-one NAT, which maps multiple internal addresses to one public address. | |
| Many-to-many NAT, which maps multiple internal addresses to multiple public addresses. | ||
| One-to-one NAT, which maps one internal address to one public address. | ||
| NAT of both source address and destination address. | ||
| External hosts access to internal servers. | ||
| Internal address to public interface address mapping. | ||
| NAT support for DNS. | ||
| Setting effective period for NAT. | ||
| NAT ALGs for NAT ALG, including DNS, FTP, H.323, ILS, MSN, NBT, PPTP, and SIP. | ||
| VPN | L2TP VPN. | |
| IPsec VPN. | ||
| GRE VPN. | ||
| SSL VPN. | ||
| SM1 hardware encryption algorithm, SM2, SM3, and SM4 encryption algorithms. | ||
| Routing | Routing protocols such as RIP, OSPF, BGP, and IS-IS. | |
| VXLAN | VXLAN service chain. | |
| IPv6 | IPv6 status firewall. | |
| IPv6 attack protection. | ||
| IPv6 forwarding. | ||
| IPv6 protocols such as ICMPv6, PMTU, Ping6, DNS6, TraceRT6, Telnet6, DHCPv6 Client, and DHCPv6 Relay. | ||
| IPv6 routing: RIPng, OSPFv3, BGP4+, static routing, policy-based routing | ||
| IPv6 multicast: PIM-SM, and PIM-DM. | ||
| IPv6 transition techniques: NAT-PT, IPv6 tunneling, NAT64 (DNS64), and DS-LITE. | ||
| IPv6 security: NAT-PT, IPv6 tunnel, IPv6 packet filter, RADIUS, IPv6 zone pair policies, IPv6 connection limit. | ||
| High availability | SCF 2:1 virtualization | |
| Active/active and active/standby stateful failover. | ||
| Configuration synchronization of two firewalls | ||
| IKE state synchronization in IPsec VPN. | ||
| VRRP. | ||
| Built-in bypass module. | ||
| External bypass host. | ||
| Configuration management | Configuration management at the CLI. | |
| Remote management through Web. | ||
| Device management through H3C SSM. | ||
| SNMPv3, compatible with SNMPv2 and SNMPv1. | ||
| Intelligent security policy | ||
| Physical specifications | ||
| Operation modes | Route, transparent, and hybrid | |
| Ambient temperature | Operating: 0°C to 45°C (32°F to 113°F) | |
| Non operating: –40°C to +70°C (–40°F to +158°F) | ||
Reviews
There are no reviews yet.
There are no reviews yet.