| 防火墙 |
 Policy numbers: 2000
Performance:300 Mbps
Stateful inspection
NAT mode: one-to-one/one-to-many/many-to-many
Policy-based NAT
Popular NAT ALGs
DDoS/DoS and Port scan prevention
IP/MAC binding |
|
| 虚拟私有网络
|
VPN tunnels:200
168-bit 3DES performance:140 Mbps
Tunneling protocols: PPTP, L2TP, IPSec
Tunneling server: PPTP, L2TP
Hardware-based Encryption methods: DES, 3DES, AES
SHA-1 / MD5 authentication
PPTP and L2TP pass-through and IPsec NAT traversal
Hub and Spoke VPN support
IKE certificate: x.509 v3, PKCS#10
IKE authentication: RSA signature, DSA signature, Xauth
Dead peer and tunnel detection |
|
| 入侵检测
|
Performance:100 Mbps
New session/sec: 4000
Maximum sessions:512000
Support user-defined IPS rule
IPS rules: 2000+>
Operation mode: Inline, Monitor, Bypass>
Layer 3/Layer 4 integrity check
Protocol decoders: HTTP, FTP, telnet and others
Segment reassembly from the network layer to application layer |
|
| 应用程序管理 |
|
Support 50+ IM, P2P, Web access, FTP, Mail, and Multi-media applications |
|
3-level Application control: Category/Application/Behavior |
|
Control on login, chatting, file transfer, conferencing for IM, including MSN, Skype, Yahoo
Messenger, QQ, ICQ and others |
|
| 流量管理 |
|
Traffic shaping and quota limit on 50+ IM, P2P, Web access, FTP, Mail, and Multi-media
applications |
|
Policy-based traffic shaping and quota limit by application categories |
|
Control on bandwidth for P2P, including BT, eDonkey, Thunder, Share, Winny, and others
|
|
| 防毒功能
|
The streaming detection method
Performance:30 Mbps
Detect over 2000+ popular viruses
The ClamAV solution selected and fine-tuned by BSST
Scan HTTP, FTP, SMTP, POP3, IMAP and VPN Tunnels
Check compressed files with passwords
Destroy the infected file segment
White list for IP and mail addresses |
|
| 网页内容过滤
|
Highly scalble SurfControl CPA solution
Support user-defined URL exempt list
Support user-defined URL block list
Blocks Java applet, Cookies, Active X (by file extension)
Anti-SPAM by RBL approach by 2007 Q3 |
|
| 高备援与负载平衡
|
|
Built-in Dual-WAN Failover and redundancy in Active-Passive mode |
|
Load balancing on WAN links |
|
HA in Active-Passive mode with configuration, VPN tunnel, and session state
synchronization by 2007 Q3
; |
|
|
| 实时监测与日志
|
|
Graphical real-time monitoring in WebUI |
|
Top-N application statistics |
|
Firewall/IPS/AV statistics and network statistics |
|
VPN tunnel monitor |
| |
System CPU, memory and FLASH utilization |
|
Syslog to remote BroadWeb Security Event Reporter (SER) or 3rd party NMS |
|
| 警告与通知
|
Real-time events in WebUI
SNMP
Email
Windows popup message
Alarm filtering |
|
| 系统管理 |
|
Web UI (HTTPS), Command Line Interface (CLI), and Secure Command Shell (SSH) |
|
Setup wizard |
|
SNMP management
Multi-language support |
|
| 管理与维护
|
|
Export and import the IPS, firewall, anti-virus, application management policies and
system configuration |
|
Upgrade the policies and kernel image from BroadWeb Data Update Center (DUC)
automatically or via UI manually
|
|
| 使用者认证
|
Xauth over RADIUS support for IPsec VPN
Support Local database by 2007 Q3
Support RADIUS database by 2007 Q3 |
|
| 网络功能
|
VLAN Tagging (IEEE 802.1q)
PPPoE, static IP, DHCP client on WAN interfaces
DHCP server, static IP for LAN nodes
DHCP relay
DNS query proxy and dynamic DNS support
Static routing and dynamic routing (RIP)
|
|
| 网络接口
|
|
LAN port (GbE): 1 |
|
WAN ports (GbE): 2 |
|
Configurable port (GbE): 1 (DMZ/HA/Mirror) |
|
cUSB ports: 2 |
|
Serial port: 1 (console) |
|
| 硬件规格
|
|
Dimensions: 1U Rack-mount, 426 x 358 x 44 mm, 4.2 kg |
|
Compliance: FCC Class A Part 15, UL/CUL, C Tick, CE, VCCI |
|
Operating Temperature: 0 to 40℃ (32 to 104℉) (depends on CPU) |
|
Storage Temperature: -20 to 70℃ (-4 to 158℉) |
|
Humidity: 0% to 90%RH, non-condensing |
|
AC power: 90 to 264 V full range @ 47 to 63 Hz |
|
| 安全认证
|
ICSA: Firewall, IPSec, IPS
NSS: IPS |
|
|