NS-SecPath F1010

SKU F1010

H3C SecPath F1010 FirewallHost


  • High-performance hardware and software processing platform
  • Carrier-class equipment with high reliability
  • Powerful security features
  • Flexible and scalable integrated DPI deep security
  • Industry leading IPv6
  • Next generation multi-service features
  • Professional intelligent management

  • Description
  • Reviews









    8 electricity

    1 configuration port (CON)

    The host comes with 8 Gigabit + 2 Gigabit Combo + 2 Gigabit Bypass

    1 configuration port (CON)

    The host comes with 8 Gigabit optical ports + 16 Gigabit electrical ports

    1 configuration port (CON)

    The host comes with 8 Gigabit optical ports + 16 Gigabit electrical ports + 2 10 Gigabit optical ports

    Expansion slot



    2 (F1020 one expansion slot)

    Extended board type



    4 Gigabit PFC interface module, 4 Gigabit optical interface module, 4*10GE optical interface module

    Storage medium

    F1003-L does not support hard disk, F1005-L supports one 500G SATA HDD

    1*500G HDD

    1*(480G SSD/500G HDD/1T HDD)

    Note: F1020 does not support 1T hard disk

    2*(480G SSD/500G HDD/1T HDD)

    4G LTE


    not support

    Ambient temperature

    Work: 0 ~ 45 ° C

    Non-working: -40 to 70 ° C

    Operating mode

    Routing mode, transparent mode, promiscuous mode

    AAA service

    Portal authentication, RADIUS authentication, HWTACACS authentication, PKI/CA (X.509 format) authentication,

    Domain authentication, CHAP authentication, PAP authentication


    SOP virtual firewall technology, supporting complete virtualization of hardware resources such as CPU, memory, storage, etc.

    Safe area division

    Guard against Land, Smurf, Fraggle, Ping of Death, Tear Drop, IP Spoofing, IP fragmentation, ARP spoofing, ARP spoofing, TCP packet illegitimate ICMP packet, address scan, port scan Various malicious attacks such as SYN Flood, UPD Flood, ICMP Flood, and DNS Flood

    Basic and extended access control lists

    Time-based access control list

    User-based, application-based access control list

    ASPF application layer packet filtering

    Static and dynamic blacklisting

    MAC and IP binding

    MAC-based access control list

    Support 802.1q VLAN transparent transmission

    Virus protection

    Detection based on virus characteristics

    Support virus library manual and automatic upgrade

    Message stream processing mode

    Support HTTP, FTP, SMTP, POP3 protocols

    Supported virus types: Backdoor, Email-Worm, IM-Worm, P2P-Worm, Trojan, AdWare, Virus, etc.

    Support for virus logs and reports

    Deep intrusion prevention

    Supports common attack defenses such as hacking, worms/viruses, Trojans, malicious code, spyware/adware, DoS/DDoS, etc.

    Supports defense against buffer overflow, SQL injection, IDS/IPS escape, etc.

    Supports classification of attack signature database (classification according to attack type and target system), classification (high, medium, low, prompt level 4)

    Support for manual and automatic upgrade of attack signature libraries (TFTP and HTTP)

    Support P2P/IM recognition and control such as BT

    Mail/web/application layer filtering

    Mail filtering

    SMTP mail address filtering

    Mail header filtering

    Mail content filtering

    Email attachment filtering

    Web filtering

    HTTP URL filtering

    HTTP content filtering

    Application layer filtering

    Java Blocking

    ActiveX Blocking

    SQL injection attack prevention


    Support multiple internal addresses to be mapped to the same public network address

    Support multiple internal address mappings to multiple public addresses

    Support internal mapping to public network address one by one

    Support simultaneous conversion of source and destination addresses

    Support external network hosts to access internal servers

    Support internal address mapping directly to the public IP address of the interface

    Support DNS mapping function

    Configurable valid time to support address translation

    Support multiple NAT ALG, including DNS, FTP, H.323, ILS, MSN, NBT, PPTP, SIP, etc.




    Stateful firewall and attack prevention based on IPv6

    IPv6 protocol: IPv6 forwarding, ICMPv6, PMTU, Ping6, DNS6, TraceRT6, Telnet6, DHCPv6 Client, DHCPv6 Relay, etc.

    IPv6 routing: RIPng, OSPFv3, BGP4+, static routing, policy routing, PIM-SM, PIM-DM, etc.

    IPv6 security: NAT-PT, IPv6 Tunnel, IPv6 Packet Filter, Radius, IPv6 inter-domain policy, IPv6 connection limit, etc.

    High reliability

    Support for SCF 2:1 virtualization

    Supports dual-system hot standby (Active/Active and Active/Backup modes)

    Support dual-system configuration synchronization

    Support IKE state synchronization of IPSec VPN

    Support VRRP

    Easy maintenance

    Support for command line-based configuration management

    Support web mode for remote configuration management

    Support H3C SSM Security Management Center for device management

    Supports standard network management SNMPv3 and is compatible with SNMP v1 and v2

    Intelligent security strategy

    Environmental protection and certification

    Support Europe's strict RoHS environmental certification


You recently viewed

Clear recently viewed