1 1

H3C SecPath F1020 Firewall Host

H3C SecPath F1020 Firewall Host

$2,400.00 USD
$2,400.00 USD
Sale Sold out

Product Feature

  • High-performance hardware and software processing platform
  • Strong security protection, Flexible and scalable integrated DPI deep security
  • High reliability of carrier-class device
  • Industry-leading IPv6
  • Next-generation multi-service features
  • Professional intelligent management

    [qiege]

    Product Overview

    The H3C SecPath F1000 Series firewall is New H3C’s next-generation high-performance firewall product, which is launched with the advent of the Web2.0 era for small and medium-sized enterprises, campus network Internet exportation and WAN branch markets in combination with the current technology trend of the convergence of security and network.

    The H3C SecPath F1000 Series firewall supports multi-dimensional integrated security protection, which can implement integrated security access control such as IPS, AV, and DLP from multiple dimensions such as user, application, time and quintet, effectively ensuring network security. It supports multiple VPN services, such as L2TP VPN, GRE VPN, IPSec VPN and SSL VPN, and enables mobile office through connecting to smart terminals. It provides abundant routing capabilities, including supporting RIP/OSPF/BGP routing policies and application-based and URL-based policy routing. It enables state protection and attack defense against IPV6 while supporting IPv4/IPv6 dual stack.

    The H3C SecPath F1000 Series firewall uses dual power supplies (1+1 backup) that are mutually redundant backups. It supports SCF technology in dual-computer cluster deployment, fully meeting the requirements of high-performance networks for reliability. Meanwhile, it can provide a maximum of 24 Gigabit interfaces and two 10 Gigabit interfaces in the 1U-high device.

    Click Here to Download Datasheet

    Hardware Specifications

    Item

    F1003-L/

    F1005-L

    F10005/F1010

    F1020/F1030

    F1050/F1060

    F1070/F1080

     Interface

    8 Electrical Ports

    1 configuration port (CON);

    Host with 8 Gigabit Electrical + 2 Gigabit Combo + 2 Gigabit Electrical Bypass

    1 configuration port (CON);

    Host with 8 Gigabit optical ports + 16 Gigabit electrical ports

    1 configuration port (CON);

    Host with 8 Gigabit optical ports + 16 Gigabit electrical ports + 2 10 Gigabit optical ports

    Expansion slot

    N/A

    N/A

    2 (F1020: 1 expansion slot )

     

    Expansion board type

    N/A

    N/A

     

    4 Gigabit PFC interface module, 4 Gigabit optical interface module, 4*10GE optical interface module

     Storage medium

     Not support hard disk

    1*500G HDD

    1*(480G SSD/500G HDD/1T HDD)

    Note: F1020 doesn’t support hard disk. 

    2*(480G SSD/500G HDD/1T HDD)

    4G LTE

    4G FDD LTE/TDD LTE

    Not support

    Ambient temperature

    Working: 0~45℃

    Non-working: -40~70℃

     Run mode

     Routing mode, transparent mode, promiscuous mode

    AAA service

    Portal authentication, RADIUS authentication, HWTACACS authentication, PKI/CA (X.509 format) authentication, domain authentication, CHAP authentication, PAP authentication

     Firewall

    SOP virtual firewall technology, supporting complete virtualization of hardware resources such as CPU, memory, storage, etc.;

    Safe area division;

    Defend against various malicious attacks, such as Land, Smurf, Fraggle, Ping of Death, Tear Drop, IP Spoofing, IP partitioned message, ARP spoofing, ARP active inverse query, illegitimate TCP message flag bits, super-large ICMP packet, address scan, port scan, SYN Flood, UPD Flood, ICMP Flood and DNS Flood;

    Basic and extended access control list;

    Interval-based access control list;

    User-based, application-based access control list;

    ASPF application layer packet filtering;

    Static and dynamic blacklisting;

    MAC and IP binding;

    MAC-based access control list;

    Supporting 802.1q VLAN transparent transmission

     

     

    Virus protection

    Test based on virus signatures;

    Supporting manual and automatic upgrading of virus library;

    Stream processing mode of messages;

    Supporting HTTP, FTP, SMTP and POP3 protocols;

    Supporting these virus types: Backdoor, Email-Worm, IM-Worm, P2P-Worm, Trojan, AdWare, Virus, etc.;

    Supporting virus logs and reports

     Intrusion defense-in-depth system

    Supporting common attack defenses such as hackers, worms/viruses, Trojans, malicious codes, spyware/adware, DoS/DDoS, etc.;

    Supporting defenses against such attacks as buffer overflow, SQL injection, IDS/IPS escape, etc.;

    Supporting classification of signature database for attacks (classified according to attack type and target system), grading (4 grades: High, medium, low and prompt grades);

    Supporting manual and automatic upgrading of signatures database for attacks (TFTP and HTTP)

    Supporting P2P/IM recognition and control such as BT

     

    Mail/Web/Application layer filtering

     

    Mail filtering

    SMTP mail address filtering

    Mail header filtering

    Mail content filtering

    Email attachment filtering

    Web filtering

    HTTP URL filtering

    HTTP content filtering

    Application layer filtering

    Java Blocking

    ActiveX Blocking

    SQL injection attack prevention

    NAT

     

    Supporting multiple internal addresses to be mapped to the same public network address;

    Supporting multiple internal addresses to be mapped to multiple public network addresses;

    Supporting internal addresses to be mapped to public network addresses one by one;

    Supporting simultaneous conversion of source and destination addresses;

    Supporting external network hosts to access internal servers;

    Supporting internal addresses to be directly mapped to IP addresses of public networks for the interface;

    Supporting DNS mapping function;

    Configuring valid time for supporting address translation;

    Supporting various NAT ALGs, including DNS, FTP, H.323, ILS, MSN, NBT, PPTP, SIP, etc.

    VPN

    L2TP VPN、IPSec VPN、GRE VPN、SSL VPN

    IPv6

     

    IPv6-based stateful firewall and attack defense;

    IPv6 protocols: IPv6 forwarding, ICMPv6, PMTU, Ping6, DNS6, TraceRT6, Telnet6, DHCPv6 Client, DHCPv6 Relay, etc.;

    IPv6 routing: RIPng, OSPFv3, BGP4+, static routing, policy routing, PIM-SM, PIM-DM, etc.

    IPv6 security: NAT-PT, IPv6 Tunnel, IPv6 Packet Filter, Radius, IPv6 inter-domain policy, IPv6 connection limit, etc.

     

    High reliability

     

    Supporting SCF 2:1 virtualization

    Supporting dual-computer hot standby (Two kinds of work mode: Active/Active and Active/Backup);

    Supporting dual-computer configuration synchronization;

    Supporting IKE state synchronization of IPSec VPN

    Supporting VRRP

     

     

    Easy maintainability

     

    Supporting command line-based configuration management;

    Supporting remote configuration management in web mode;

    Supporting H3C SSM security management center for device management;

    Supporting standard network management of SNMPv3 and compatibility with SNMP v1 and v2;

    Intelligent security strategy

     

    Environmental protection and certification

     

    Supporting Europe's strict RoHS environmental certification
    View full details