FG-60F FortiGate 60F 10x GE RJ45 порты
645,00 $
H3C F1000 H G5 14 Electrical 12 Optical 40 Gigabit Multi service Enterprise level Security Management брандмауэр
- Категория: Firewall & VPN >>>
- Поставщик: Hangzhou Paipai Communication Technology Co. Ltd.
Сохранить в закладки 1600764767019:
Описание и отзывы
Характеристики
High-performance software and hardware processing platform
H3C SecPath F1000-G5 adopts the latest advanced 64-bit multi-core high-performance processor and high-speed memory.
H3C SecPath F1000-G5 adopts the latest advanced 64-bit multi-core high-performance processor and high-speed memory.
Carrier-class equipment with high reliability
Adopt H3C company's software and hardware platform with independent intellectual property rights. The product application has experienced many years of market tests from telecom operators to small and medium-sized enterprises.
It supports H3C SCF virtualization technology, which can virtualize multiple devices into one logical device and present it as a network node to the outside world, manage resources in a unified way, complete business backup and improve the overall performance of the system.
Adopt H3C company's software and hardware platform with independent intellectual property rights. The product application has experienced many years of market tests from telecom operators to small and medium-sized enterprises.
It supports H3C SCF virtualization technology, which can virtualize multiple devices into one logical device and present it as a network node to the outside world, manage resources in a unified way, complete business backup and improve the overall performance of the system.
Powerful security protection
Supports rich attack defense functions. Including: Land, Smurf, Fraggle, Ping of Death, Tear Drop, IP Spoofing, IP Fragmented Packet, ARP Spoofing, ARP Active Reverse Query, Invalid TCP Packet Flag Bit, Oversized ICMP Packet, Address Scanning, Port Defense against attacks such as scanning, as well as detection and defense against common DDoS attacks such as SYN Flood, UPD Flood, ICMP Flood, and DNS Flood.
The latest support for SOP 1:N full virtualization. The H3C SecPath F1000-G5 can be divided into multiple logical virtual firewalls. The container-based virtualization technology makes the characteristics of the virtual system consistent with the actual physical system, and can perform performance allocation such as throughput, concurrency, new creation, and policies based on the virtual system. .
Support safe area management. Security zones can be divided based on interfaces and VLANs.
Packet filtering is supported. By using standard or extended access control rules between security zones, data packets can be filtered with the help of information such as UDP or TCP ports in packets. In addition, you can filter by time period. It supports application-based and user-based access control, takes applications and users as the basic elements of security policies, and combines defense-in-depth to achieve next-generation access control functions.
Support Application Layer Stateful Packet Filtering (ASPF) function. By examining application-layer protocol information (such as FTP, HTTP, SMTP, RTSP, and other application-layer protocols based on TCP/UDP protocols), and monitoring the status of connection-based application-layer protocols, dynamically determine whether packets are allowed to pass through the firewall or thrown away.
Authentication, Authorization and Accounting (AAA) services are supported. Including: authentication based on RADIUS/HWTACACS+, CHAP, PAP, etc. Both static and dynamic blacklists are supported.
NAT and NAT multi-instance are supported.
Support VPN function. Including: support L2TP, IPSec/IKE, GRE, SSL, etc., and realize the connection with intelligent terminals.
Supports rich routing protocols. Support static routing, policy routing, and dynamic routing protocols such as RIP and OSPF. Security log is supported.
Supports traffic monitoring, statistics and management.
Supports rich attack defense functions. Including: Land, Smurf, Fraggle, Ping of Death, Tear Drop, IP Spoofing, IP Fragmented Packet, ARP Spoofing, ARP Active Reverse Query, Invalid TCP Packet Flag Bit, Oversized ICMP Packet, Address Scanning, Port Defense against attacks such as scanning, as well as detection and defense against common DDoS attacks such as SYN Flood, UPD Flood, ICMP Flood, and DNS Flood.
The latest support for SOP 1:N full virtualization. The H3C SecPath F1000-G5 can be divided into multiple logical virtual firewalls. The container-based virtualization technology makes the characteristics of the virtual system consistent with the actual physical system, and can perform performance allocation such as throughput, concurrency, new creation, and policies based on the virtual system. .
Support safe area management. Security zones can be divided based on interfaces and VLANs.
Packet filtering is supported. By using standard or extended access control rules between security zones, data packets can be filtered with the help of information such as UDP or TCP ports in packets. In addition, you can filter by time period. It supports application-based and user-based access control, takes applications and users as the basic elements of security policies, and combines defense-in-depth to achieve next-generation access control functions.
Support Application Layer Stateful Packet Filtering (ASPF) function. By examining application-layer protocol information (such as FTP, HTTP, SMTP, RTSP, and other application-layer protocols based on TCP/UDP protocols), and monitoring the status of connection-based application-layer protocols, dynamically determine whether packets are allowed to pass through the firewall or thrown away.
Authentication, Authorization and Accounting (AAA) services are supported. Including: authentication based on RADIUS/HWTACACS+, CHAP, PAP, etc. Both static and dynamic blacklists are supported.
NAT and NAT multi-instance are supported.
Support VPN function. Including: support L2TP, IPSec/IKE, GRE, SSL, etc., and realize the connection with intelligent terminals.
Supports rich routing protocols. Support static routing, policy routing, and dynamic routing protocols such as RIP and OSPF. Security log is supported.
Supports traffic monitoring, statistics and management.
Flexible and scalable all-in-one DPI deep security
An integrated security business processing platform that is highly integrated with basic security protection.
Comprehensive application-layer traffic identification and management: Through H3C's long-term accumulation of state machine detection and traffic interaction detection technology, it can accurately detect Thunder/Web Thunder (Thunder/Web Thunder), BitTorrent, eMule (Emule)/eDonkey (eDonkey), WeChat , Weibo, QQ, MSN, PPLive and other P2P/IM/online games/stocks/network
video/network multimedia and other applications; support P2P flow control function, through in-depth detection of traffic, that is, by combining network packets with P2P By matching the characteristics of protocol packets, it can accurately identify P2P traffic to achieve the purpose of managing P2P traffic. At the same time, it can provide different control strategies to realize flexible P2P traffic control.
High precision and high efficiency intrusion detection engine . It adopts the FIRST (Full Inspection with Rigorous State Test, comprehensive inspection based on accurate state) engine with independent intellectual property rights of H3C Company. The FIRST engine integrates a number of detection technologies, realizes comprehensive detection based on accurate status, and has extremely
high intrusion detection accuracy; at the same time, the FIRST engine adopts parallel detection technology, and the software and hardware can be flexibly adapted, which greatly improves the intrusion detection. efficiency.
Real-time virus protection: Using the streaming engine virus detection technology, it can quickly and accurately detect and kill malicious codes such as viruses in network traffic .
Massive URL classification and filtering: support local + cloud mode, 139 classification libraries, and more than 20 million URL rules.Comprehensive and timely security signature library. Through years of operation and accumulation, H3C has a senior attack signature database team in the industry, and is equipped with a professional attack and defense laboratory to keep up with the latest developments in the field of network security, so as to ensure the timely and accurate update of the signature database.
Industry-leading IPv6
It supports IPv6 stateful firewall, which truly realizes the firewall function under IPv6 conditions, and completes IPv6 attack prevention at the same time.
Support IPv4/IPv6 dual protocol stack, and support IPv6 data packet forwarding, static routing, dynamic routing and multicast routing functions.
Support various IPv6 transition technologies, including NAT-PT, IPv6 Over IPv4 GRE tunnel, manual tunnel, 6to4 tunnel, IPv4 compatible IPv6 automatic tunnel, ISATAP tunnel, NAT444, DS-Lite, etc.
Support IPv6 ACL, Radius and other security technologies.
An integrated security business processing platform that is highly integrated with basic security protection.
Comprehensive application-layer traffic identification and management: Through H3C's long-term accumulation of state machine detection and traffic interaction detection technology, it can accurately detect Thunder/Web Thunder (Thunder/Web Thunder), BitTorrent, eMule (Emule)/eDonkey (eDonkey), WeChat , Weibo, QQ, MSN, PPLive and other P2P/IM/online games/stocks/network
video/network multimedia and other applications; support P2P flow control function, through in-depth detection of traffic, that is, by combining network packets with P2P By matching the characteristics of protocol packets, it can accurately identify P2P traffic to achieve the purpose of managing P2P traffic. At the same time, it can provide different control strategies to realize flexible P2P traffic control.
High precision and high efficiency intrusion detection engine . It adopts the FIRST (Full Inspection with Rigorous State Test, comprehensive inspection based on accurate state) engine with independent intellectual property rights of H3C Company. The FIRST engine integrates a number of detection technologies, realizes comprehensive detection based on accurate status, and has extremely
high intrusion detection accuracy; at the same time, the FIRST engine adopts parallel detection technology, and the software and hardware can be flexibly adapted, which greatly improves the intrusion detection. efficiency.
Real-time virus protection: Using the streaming engine virus detection technology, it can quickly and accurately detect and kill malicious codes such as viruses in network traffic .
Massive URL classification and filtering: support local + cloud mode, 139 classification libraries, and more than 20 million URL rules.Comprehensive and timely security signature library. Through years of operation and accumulation, H3C has a senior attack signature database team in the industry, and is equipped with a professional attack and defense laboratory to keep up with the latest developments in the field of network security, so as to ensure the timely and accurate update of the signature database.
Industry-leading IPv6
It supports IPv6 stateful firewall, which truly realizes the firewall function under IPv6 conditions, and completes IPv6 attack prevention at the same time.
Support IPv4/IPv6 dual protocol stack, and support IPv6 data packet forwarding, static routing, dynamic routing and multicast routing functions.
Support various IPv6 transition technologies, including NAT-PT, IPv6 Over IPv4 GRE tunnel, manual tunnel, 6to4 tunnel, IPv4 compatible IPv6 automatic tunnel, ISATAP tunnel, NAT444, DS-Lite, etc.
Support IPv6 ACL, Radius and other security technologies.
Next-generation multi-service features
The integrated link load balancing feature, through link status detection, link busy protection and other technologies, effectively realizes the multi-link automatic balancing and automatic switching of enterprise Internet egress. The integrated SSL VPN feature can meet the security access requirements of mobile office and employees on business trips. It can not only be combined with USB-Key and SMS for mobile user identity authentication, but also can be combined with the original authentication system of the enterprise to realize integrated authentication connection. enter.
Data leakage prevention (DLP), support mail filtering, provide SMTP mail address, header, attachment and content filtering; support web page filtering, provide HTTP URL and content filtering; support file filtering of network transfer protocols; support application layer filtering, provide Java/ ActiveX Blocking and SQL injection attack prevention.
Intrusion Prevention (IPS), supports the identification and protection of web attacks, such as cross-site scripting attacks, SQL injection attacks, etc.
Anti-virus (AV), high-performance virus engine, can protect more than 5 million kinds of viruses and Trojans, and the virus signature database is updated daily.
Unknown threat defense, with the help of the situational awareness platform, the NGFW can quickly detect attacks and locate problems, ensuring that once a single point is attacked, the entire network implements policy upgrades and comprehensive early warning and response.
The integrated link load balancing feature, through link status detection, link busy protection and other technologies, effectively realizes the multi-link automatic balancing and automatic switching of enterprise Internet egress. The integrated SSL VPN feature can meet the security access requirements of mobile office and employees on business trips. It can not only be combined with USB-Key and SMS for mobile user identity authentication, but also can be combined with the original authentication system of the enterprise to realize integrated authentication connection. enter.
Data leakage prevention (DLP), support mail filtering, provide SMTP mail address, header, attachment and content filtering; support web page filtering, provide HTTP URL and content filtering; support file filtering of network transfer protocols; support application layer filtering, provide Java/ ActiveX Blocking and SQL injection attack prevention.
Intrusion Prevention (IPS), supports the identification and protection of web attacks, such as cross-site scripting attacks, SQL injection attacks, etc.
Anti-virus (AV), high-performance virus engine, can protect more than 5 million kinds of viruses and Trojans, and the virus signature database is updated daily.
Unknown threat defense, with the help of the situational awareness platform, the NGFW can quickly detect attacks and locate problems, ensuring that once a single point is attacked, the entire network implements policy upgrades and comprehensive early warning and response.
Professional intelligent management
Supports intelligent security policies: implements policy redundancy detection, policy matching optimization recommendations, and dynamic detection of intranet services to dynamically generate and recommend security policies.
Supports standard network management SNMPv3, and is compatible with SNMP v1 and v2.
Provides a graphical interface and easy-to-use Web management.
Device management and firewall function configuration can be performed through the command line interface to meet the needs of professional management and mass configuration.
H3C SecCenter SMP Security Management Center realizes unified management, integrates security information and event collection, analysis, response and other functions, and solves the problem of network and security equipment being isolated from each other, network security status is not intuitive, security incident response is slow, and network fault location is difficult. and other problems, so that IT and security administrators get rid of tedious management work, greatly improve work efficiency, and can
focus on core business.
Based on advanced in-depth mining and analysis technology, active collection and passive reception are adopted to provide users with centralized log management functions, and to normalize logs in different types of formats (Syslog, binary flow log, etc.). At the same time, it uses high aggregation compression technology to store massive events, and can automatically compress, encrypt and save log files to external storage systems such as DAS, NAS or SAN to avoid the loss of important security events.
Provides rich reports, mainly including application-based reports and network flow-based analysis reports.
Supports output in various formats such as PDF, HTML, WORD and TXT.
The report can be customized through the web interface. The customized content includes the time range of the data, the source device of the data, the generation cycle and the output type.
Supports intelligent security policies: implements policy redundancy detection, policy matching optimization recommendations, and dynamic detection of intranet services to dynamically generate and recommend security policies.
Supports standard network management SNMPv3, and is compatible with SNMP v1 and v2.
Provides a graphical interface and easy-to-use Web management.
Device management and firewall function configuration can be performed through the command line interface to meet the needs of professional management and mass configuration.
H3C SecCenter SMP Security Management Center realizes unified management, integrates security information and event collection, analysis, response and other functions, and solves the problem of network and security equipment being isolated from each other, network security status is not intuitive, security incident response is slow, and network fault location is difficult. and other problems, so that IT and security administrators get rid of tedious management work, greatly improve work efficiency, and can
focus on core business.
Based on advanced in-depth mining and analysis technology, active collection and passive reception are adopted to provide users with centralized log management functions, and to normalize logs in different types of formats (Syslog, binary flow log, etc.). At the same time, it uses high aggregation compression technology to store massive events, and can automatically compress, encrypt and save log files to external storage systems such as DAS, NAS or SAN to avoid the loss of important security events.
Provides rich reports, mainly including application-based reports and network flow-based analysis reports.
Supports output in various formats such as PDF, HTML, WORD and TXT.
The report can be customized through the web interface. The customized content includes the time range of the data, the source device of the data, the generation cycle and the output type.
Product number | F1000-C-G5-LI/ F1000-C-G5 | F1000-S-G5/ F1000-A-G5 | F1000-E-G5/F1000-H-G5 | ||
interface | 1 configuration port (CON) 1MGMT+16 Gigabit electrical port+4 Gigabit Combo port+6 Gigabit optical port+20 Gigabit optical port | 1 configuration port (CON) 1MGMT+16 Gigabit electrical port+4 Gigabit Combo port+4 Gigabit optical port+60 Gigabit optical port | 1 configuration port (CON) 2MGMT+14 Gigabit copper port+8 Gigabit optical port+80 Gigabit optical port | ||
USB interface | 2 | 2 | 3 (including 1 Micro USB) | ||
Expansion slot | 2 | 2 | 4 | ||
storage medium | 480G SSD | 480G SSD | 480G SSD | ||
ambient temperature | Working: 0~45ºC Non-working: -40~70ºC | ||||
operating mode | Routing mode, transparent mode, promiscuous mode | ||||
AAA service | Portal authentication, RADIUS authentication, HWTACACS authentication, PKI/CA (X.509 format) authentication, Domain authentication, CHAP authentication, PAP authentication | ||||
firewall | SOP virtual firewall technology supports complete virtualization of hardware resource division such as CPU, memory, storage, etc. Safe area division It can defend against Land, Smurf, Fraggle, Ping of Death, Tear Drop, IP Spoofing, IP fragmentation packets, ARP spoofing, ARP active reverse query, illegal TCP packet flags, large ICMP packets, address scanning, port scanning , SYN Flood, UPD Flood, ICMP Flood, DNS Flood and other malicious attacks Basic and extended access control lists Time period based access control list User, application based access control list ASPF application layer packet filtering Static and dynamic blacklist capabilities MAC and IP binding function MAC-based access control list Support 802.1q VLAN transparent transmission | ||||
virus protection | Detection based on virus signature Support manual and automatic update of virus database Packet flow processing mode Support HTTP, FTP, SMTP, POP3 protocols Supported virus types: Backdoor, Email-Worm, IM-Worm, P2P-Worm, Trojan, AdWare, Virus, etc. Support virus logs and reports | ||||
Intrusion Prevention in Depth | Support defense against common attacks such as hacker attacks, worms/viruses, Trojans, malicious codes, spyware/adware, DoS/DDoS, etc. Supports defense against attacks such as buffer overflow, SQL injection, and IDS/IPS escape Support the classification of attack signature database (classify according to attack type and target machine system), classification (high, medium, low, prompt four levels) Supports manual and automatic upgrade of attack signature database (TFTP and HTTP) Support P2P/IM identification and control such as BT | ||||
Email/web/application layer filtering | mail filtering SMTP email address filtering Email header filtering Email content filtering Email attachment filtering Web filtering HTTP URL filtering HTTP Content Filtering Application layer filtering Java Blocking ActiveX Blocking SQL injection attack prevention | ||||
NAT | Supports mapping of multiple internal addresses to the same public address Supports mapping of multiple internal addresses to multiple public addresses Support internal address to public network address one-to-one mapping Support simultaneous translation of source and destination addresses Support external network hosts to access internal servers Supports direct mapping of internal addresses to interface public IP addresses Support DNS mapping function Configurable valid time to support address translation Supports multiple NAT ALGs, including DNS, FTP, H.323, ILS, MSN, NBT, PPTP, SIP, etc. | ||||
VPN | L2TP VPN,IPSec VPN,GRE VPN,SSL VPN | ||||
IPv6 | Stateful Firewall and Attack Defense Based on IPv6 IPv6 protocol: IPv6 forwarding, ICMPv6, PMTU, Ping6, DNS6, TraceRT6, Telnet6, DHCPv6 Client, DHCPv6 Relay, etc. IPv6 routing: RIPng, OSPFv3, BGP4+, static routing, policy routing, PIM-SM, PIM-DM, etc. IPv6 security: NAT-PT, IPv6 Tunnel, IPv6 Packet Filter, Radius, IPv6 inter-domain policy, IPv6 connection limit, etc. | ||||
High reliability | Supports SCF 2:1 virtualization Support dual-machine state hot backup (Active/Active and Active/Backup two working modes) Support dual-machine configuration synchronization Supports IKE state synchronization for IPSec VPN VRRP support | ||||
Ease of maintenance | Supports command line based configuration management Support remote configuration management via Web Support H3C SSM Security Management Center for device management Support standard network management SNMPv3, and compatible with SNMP v1 and v2 Smart Security Policy | ||||
Environmental protection and certification | Support strict RoHS environmental certification in Europe | ||||
Похожие товары
Следующего поколения можжевельника брандмауэр SRX340-SYS-JB srx340
9 819,00 $ - 9 889,00 $
FPR-NM-4X40G огневая мощь 4-портовый 40GbE QSFP + сетевой модуль FPR серии
10 420,30 $ - 11 071,60 $
88035CTX LIC-USG6KE-SSLVPN-1000 USG6600E серии SSL VPN одновременных пользователей
4 900,00 $ - 5 150,00 $
Оригинальный FortiGate 60F FG-60F 10x GE RJ45 порты материнская плата брандмауэра обеспеченностью
480,00 $ - 699,00 $
Pfsense межсетевой маршрутизатор J4125 J1900 безвентиляторный промышленный мини-ПК 120 мм * 6 USB 4 LAN
95,00 $ - 102,00 $
Новая оригинальная материнская плата брандмауэра обеспеченностью сети FG-200F Fortinet FortiGate
3 300,00 $ - 3 950,00 $
Fortinet начального уровня серии FortiGate 30E брандмауэр
430,00 $
Новые поступления
Новинки товаров от производителей по оптовым ценам
Светлая Золотая морская солнечная энергия ландшафтное украшение постмодерн минималистский стиль чистая ручная роспись маслом 24x3 1 дюйм/60x80
35-53 $
Европейские антикварные простой Последние двойной металлической кровати
Автоматизированная складская система автоматического хранения в Гуанчжоу Eyda с эффективными стеллажами и
10 000-35 000 $
Декоративный чехол для PS5 Сменный Чехол консоли пластины Playstation5 пылезащитный с защитой от царапин
7,50-7,70 $
Лучшее качество детские подгузники для сухих подгузников новорожденных размер 2 4 и большие доставка или
3 $
Выключатель для формованного корпуса Schneider NSX100N 50KA AC 3P3D 25A TMD новая модель C10N3TM025
Буф2-.. М .. Краны
Оптовая продажа высококачественный сублимированный клубничный порошок Заводская поставка
5,50-6,40 $