SecPath F100-C-A2

SecPath F100-C-A2
H3C SecPath F100-C-A2 Firewall Appliance

Hardware Specifications

Ports:

• 10 × GE + 2 × SFP

Storage Media:

• TF card with a maximum size of 500 GB

Ambient Temperature:

• Operating: 0°C to 45°C (32°F to 113°F)
• Storage: –40°C to +70°C (–40°F to +158°F)

Operating Mode:

• Route, transparent, or hybrid

AAA (Authentication, Authorization, Accounting):

• Portal authentication
• RADIUS authentication
• HWTACACS authentication
• PKI/CA (X.509 format) authentication
• Domain authentication
• CHAP authentication
• PAP authentication

Firewall:

• SOP virtual firewall technology supporting full virtualization of hardware resources, including CPU, memories, and storage
• Security zone
• Attack protection against malicious attacks such as land, smurf, fraggle, ping of death, teardrop, IP spoofing, IP fragmentation, ARP spoofing, reverse ARP lookup, invalid TCP flag, large ICMP packet, address/port scanning, SYN flood, ICMP flood, UDP flood, and DNS query flood
• Basic and advanced ACLs
• Time range-based ACL
• User-based and application-based access control
• ASPF application layer packet filtering
• Static and dynamic blacklist function
• MAC-IP binding
• MAC-based ACL
• 802.1Q VLAN transparent transmission
• Sub-Interface VLAN

Antivirus:

• Signature-based virus detection
• Manual and automatic upgrade for the signature database
• Stream-based processing
• Virus detection based on HTTP, FTP, SMTP, and POP3
• Virus types include Backdoor, Email-Worm, IM-Worm, P2P-Worm, Trojan, AdWare, and Virus
• Virus logs and reports

Deep Intrusion Prevention:

• Prevention against common attacks such as hacker, worm/virus, Trojan, malicious code, spyware/adware, DoS/DDoS, buffer overflow, SQL injection, and IDS/IPS bypass
• Attack signature categories (based on attack types and target systems) and severity levels (including high, medium, low, and notification)
• Manual and automatic upgrade for the attack signature database (TFTP and HTTP)
• P2P/IM traffic identification and control

Email/Webpage/Application Layer Filtering:

• Email filtering
• SMTP email address filtering
• Email subject/content/attachment filtering
• Webpage filtering
• HTTP URL/content filtering
• Java blocking
• ActiveX blocking
• SQL injection attack prevention

NAT (Network Address Translation):

• Many-to-one NAT
• Many-to-many NAT
• One-to-one NAT
• NAT of both source address and destination address
• External hosts access to internal servers
• Internal address to public interface address mapping
• NAT support for DNS
• Setting effective period for NAT
• NAT ALGs for protocols including DNS, FTP, H.323, ILS, MSN, NBT, PPTP, and SIP

VPN:

• L2TP VPN
• IPSec VPN
• GRE VPN
• SSL VPN

IP Services:

• IP Forwarding
• ICMP, Tracert, ping, Telnet, DHCP Server, DCHP Relay, and DHCP Client
• Routing: Static, RIP, OSPF, BGP
• Multicast: IGMP, PIM-SM, and PIM-DM
• VRRP
• IPv6 stateful firewall
• IPv6 attack protection
• IPv6 forwarding
• IPv6 protocols such as ICMPv6, PMTU, Ping6, DNS6, TraceRT6, Telnet6, DHCPv6 Client, and DHCPv6 Relay
• IPv6 routing: RIPng, OSPFv3, BGP4+, static routing, policy-based routing
• IPv6 multicast: PIM-SM, and PIM-DM
• IPv6 transition techniques: NAT-PT, IPv6 tunneling, NAT64 (DNS64), and DS-LITE
• IPv6 security: NAT-PT, IPv6 tunnel, IPv6 packet filter, RADIUS, IPv6 zone pair policies, IPv6 connection limit

Encryption Algorithm:

• MD5/SHA1/SHA256/SHA384/SHA512/SM3/3DES-CBC/AES-CBC-128/AES-CBC-192/AES-CBC-256/DES-CBC/SM1-CBC-128/SM4-CBC

Configuration Management:

• CLI configuration management via console port
• Remote management through Web, SSH
• Device management through H3C IMC SSM
• SNMPv3, compatible with SNMPv2 and SNMPv1
• Intelligent security policy

Environmental Protection:

• EU RoHS compliance

EMC:

• EN 55032 ClassA
• VCCI-CISPR 32 ClassA
• FCC Part 15 Subpart B ClassA
• AS/NZS CISPR32 ClassA
• ICES-003 ClassA
• ETSI EN 300 386
• EN 61000-3-2
• EN 61000-3-3
• EN 55035

Safety:

• GB 4943.1
• UL 62368-1
• CAN/CSA C22.2 No 62368-1
• IEC 62368-1
• EN 62368-1
• AS/NZS 62368-1
• FDA 21 CFR Subchapter J

Performance

Firewall Throughput (1518B):

• 1.2 Gbps

Application Layer Throughput:

• 600 Mbps

IPS Throughput:

• 600 Mbps

Threat Protection Throughput:

• 500 Mbps

IPSec Tunnel (Site-to-Site):

• 500

IPSec Throughput (1400B):

• 250 Mbps

SSL VPN Users:

• 500

SSL VPN Throughput:

• 100 Mbps

Maximum Concurrent Sessions:

• 900k

Maximum New Connections per Second:

• 8,000

สอบถามค่าติดตั้ง Service Installation