Firewall Appliance H3C NS-SecPath F100-C-A2
Firewall Appliance H3C NS-SecPath F100-C-A2
- Thiết bị Firewall H3C NS-SecPath F100-C-A2 được thiết kế cho các doanh nghiệp có quy mô vừa - nhỏ thuộc nhiều lĩnh vực như CNTT, dịch vụ, kinh tế, y tế, kỹ thuật… Thiết bị được trang bị tới 10 cổng Gigabit Ethernet và 2 cổng SFP 1G để quản lý số lượng lớn thiết bị trong mạng như máy tính, laptop, bộ phát Wifi, Router, Switch…
- Sở hữu thiết kế nhỏ gọn, Firewall H3C NS-SecPath F100-C-A2 không chiếm quá nhiều diện tích lắp đặt, bạn hoàn toàn có thể đặt trên bàn làm việc hoặc đặt trong tủ Rack máy chủ. Dòng sản phẩm Firewall H3C NS-SecPath F100-C mang tới một cơ chế bảo mật đa lớp phòng thủ giúp bảo vệ mạng doanh nghiệp khỏi các cuộc tấn công đang có xu hướng trở nên phức tạp.
Tính năng nổi bật
- Nhiều cổng kết nối: 10 × 1 GbE Port và 2 × SFP 1G Port
- Thông lượng xử lý Firewall (1518-byte packet/ IMIX packet/ 64-byte packet): 700Mb/400Mb/100Mb.
- Thông lượng IPS: 600Mb
- Đầy đủ các tính năng bảo mật toàn diện: Antivirus, Lọc gói lớp ứng dụng ASPF, ACL, ngăn chặn xâm nhập sâu First
- Hỗ trợ VPN: VPN L2TP, VPN IPSec, VPN GRE, SSL VPN
Thông số kỹ thuật
Ports | 10 × GE + 2 × SFP |
Storage media | TF card with a maximum size of 500 GB |
Ambient temperature | Operating: 0°C to 45°C (32°F to 113°F) Storage: –40°C to +70°C (–40°F to +158°F) |
Operating mode | Route, transparent, or hybrid |
AAA | Portal authentication RADIUS authentication HWTACACS authentication PKI/CA (X.509 format) authentication Domain authentication CHAP authentication PAP authentication |
Firewall | SOP virtual firewall technology, which supports full virtualization of hardware resources, including CPU, memories, and storage Security zone Attack protection against malicious attacks, such as land, smurf, fraggle, ping of death, teardrop, IP spoofing, IP fragmentation, ARP spoofing, reverse ARP lookup, invalid TCP flag, large ICMP packet, address/port scanning, SYN flood, ICMP flood, UDP flood, and DNS query flood Basic and advanced ACLs |
Antivirus | Time range-based ACL User-based and application-based access control ASPF application layer packet filtering Static and dynamic blacklist function MAC-IP binding MAC-based ACL 802.1Q VLAN transparent transmission Sub-Interface VLAN Signature-based virus detection Manual and automatic upgrade for the signature database Stream-based processing Virus detection based on HTTP, FTP, SMTP, and POP3 Virus types include Backdoor, Email-Worm, IM-Worm, P2P-Worm, Trojan, AdWare, and Virus Virus logs and reports |
Deep intrusion prevention | Attack signature categories (based on attack types and target systems) and severity levels (including high, medium, low, and notification) Manual and automatic upgrade for the attack signature database (TFTP and HTTP). P2P/IM traffic identification and control |
Email/webpage/ application layer filtering | Email subject/content/attachment filtering Webpage filtering HTTP URL/content filtering Java blocking ActiveX blocking SQL injection attack prevention |
NAT | Many-to-one NAT, which maps multiple internal addresses to one public address Many-to-many NAT, which maps multiple internal addresses to multiple public addresses One-to-one NAT, which maps one internal address to one public address NAT of both source address and destination address External hosts access to internal servers Internal address to public interface address mapping NAT support for DNS Setting effective period for NAT NAT ALGs for NAT ALG, including DNS, FTP, H.323, ILS, MSN, NBT, PPTP, and SIP |
VPN | L2TP VPN IPSec VPN GRE VPN SSL VPN |
IP Services | IP Forwarding ICMP, Tracert, ping, Telnet, DHCP Server, DCHP Relay, and DHCP Client Routing: Static, RIP, OSPF, BGP Multicast: IGMP, PIM-SM and PIM-DM IPv6 status firewall IPv6 attack protection IPv6 forwarding IPv6 protocols such as ICMPv6, PMTU, Ping6, DNS6, TraceRT6, Telnet6, DHCPv6 Client, and DHCPv6 Relay IPv6 routing: RIPng, OSPFv3, BGP4+, static routing, policy-based routing IPv6 multicast: PIM-SM, and PIM-DM IPv6 transition techniques: NAT-PT, IPv6 tunneling, NAT64 (DNS64), and DS-LITE IPv6 security: NAT-PT, IPv6 tunnel, IPv6 packet filter, RADIUS, IPv6 zone pair policies, IPv6 connection limit |
Encryption algorithm | MD5/SHA1/SHA256/SHA384/SHA512/SM3/3DES-CBC/AES-CBC-128/ AES-CBC-192/ AES-CBC256/DES-CBC/SM1-CBC-128/SM4-CBC |
High availability | Active/active and active/standby RBM stateful failover Configuration synchronization of two firewalls IKE state synchronization in IPsec VPN VRRP |
Configuration management | CLI Configuration management via console port Remote management through Web, SSH Device management through H3C IMC SSM SNMPv3, compatible with SNMPv2 and SNMPv1 Intelligent security policy |
Environmental protection | EU RoHS compliance |
- Bảo hành: 60 tháng.
Tel: | (028) 7300 1535 |
Showroom: | 92K Nguyễn Thái Sơn - Phường 3 - Q.Gò Vấp - Tp.HCM |
Website: | www.sieuthivienthong.com |
Email: | info@sieuthivienthong.com |