NS-SecPath F1010

project

F1003-L/

F1005-L

F1005/F1010

F1020/F1030

F1050/F1060

F1070/F1080

interface

8 electricity

1 configuration port (CON)

The host comes with 8 Gigabit + 2 Gigabit Combo + 2 Gigabit Bypass

1 configuration port (CON)

The host comes with 8 Gigabit optical ports + 16 Gigabit electrical ports

1 configuration port (CON)

The host comes with 8 Gigabit optical ports + 16 Gigabit electrical ports + 2 10 Gigabit optical ports

Expansion slot

N/A

N/A

2 (F1020 one expansion slot)

Extended board type

N/A

N/A

4 Gigabit PFC interface module, 4 Gigabit optical interface module, 4*10GE optical interface module

Storage medium

F1003-L does not support hard disk, F1005-L supports one 500G SATA HDD

1*500G HDD

1*(480G SSD/500G HDD/1T HDD)

Note: F1020 does not support 1T hard disk

2*(480G SSD/500G HDD/1T HDD)

4G LTE

4G FDD LTE/TDD LTE

not support

Ambient temperature

Work: 0 ~ 45 ° C

Non-working: -40 to 70 ° C

Operating mode

Routing mode, transparent mode, promiscuous mode

AAA service

Portal authentication, RADIUS authentication, HWTACACS authentication, PKI/CA (X.509 format) authentication,

Domain authentication, CHAP authentication, PAP authentication

Firewall

SOP virtual firewall technology, supporting complete virtualization of hardware resources such as CPU, memory, storage, etc.

Safe area division

Guard against Land, Smurf, Fraggle, Ping of Death, Tear Drop, IP Spoofing, IP fragmentation, ARP spoofing, ARP spoofing, TCP packet illegitimate ICMP packet, address scan, port scan Various malicious attacks such as SYN Flood, UPD Flood, ICMP Flood, and DNS Flood

Basic and extended access control lists

Time-based access control list

User-based, application-based access control list

ASPF application layer packet filtering

Static and dynamic blacklisting

MAC and IP binding

MAC-based access control list

Support 802.1q VLAN transparent transmission

Virus protection

Detection based on virus characteristics

Support virus library manual and automatic upgrade

Message stream processing mode

Support HTTP, FTP, SMTP, POP3 protocols

Supported virus types: Backdoor, Email-Worm, IM-Worm, P2P-Worm, Trojan, AdWare, Virus, etc.

Support for virus logs and reports

Deep intrusion prevention

Supports common attack defenses such as hacking, worms/viruses, Trojans, malicious code, spyware/adware, DoS/DDoS, etc.

Supports defense against buffer overflow, SQL injection, IDS/IPS escape, etc.

Supports classification of attack signature database (classification according to attack type and target system), classification (high, medium, low, prompt level 4)

Support for manual and automatic upgrade of attack signature libraries (TFTP and HTTP)

Support P2P/IM recognition and control such as BT

Mail/web/application layer filtering

Mail filtering

SMTP mail address filtering

Mail header filtering

Mail content filtering

Email attachment filtering

Web filtering

HTTP URL filtering

HTTP content filtering

Application layer filtering

Java Blocking

ActiveX Blocking

SQL injection attack prevention

NAT

Support multiple internal addresses to be mapped to the same public network address

Support multiple internal address mappings to multiple public addresses

Support internal mapping to public network address one by one

Support simultaneous conversion of source and destination addresses

Support external network hosts to access internal servers

Support internal address mapping directly to the public IP address of the interface

Support DNS mapping function

Configurable valid time to support address translation

Support multiple NAT ALG, including DNS, FTP, H.323, ILS, MSN, NBT, PPTP, SIP, etc.

VPN

L2TP VPN, IPSec VPN, GRE VPN, SSL VPN

IPv6

Stateful firewall and attack prevention based on IPv6

IPv6 protocol: IPv6 forwarding, ICMPv6, PMTU, Ping6, DNS6, TraceRT6, Telnet6, DHCPv6 Client, DHCPv6 Relay, etc.

IPv6 routing: RIPng, OSPFv3, BGP4+, static routing, policy routing, PIM-SM, PIM-DM, etc.

IPv6 security: NAT-PT, IPv6 Tunnel, IPv6 Packet Filter, Radius, IPv6 inter-domain policy, IPv6 connection limit, etc.

High reliability

Support for SCF 2:1 virtualization

Supports dual-system hot standby (Active/Active and Active/Backup modes)

Support dual-system configuration synchronization

Support IKE state synchronization of IPSec VPN

Support VRRP

Easy maintenance

Support for command line-based configuration management

Support web mode for remote configuration management

Support H3C SSM Security Management Center for device management

Supports standard network management SNMPv3 and is compatible with SNMP v1 and v2

Intelligent security strategy

Environmental protection and certification

Support Europe's strict RoHS environmental certification