| Security defense | Packet filtering | -
Supporting basic ACL and advanced ACL. -
Supporting time range ACL. -
Supporting preference of configuration time for sequencing ACL rules. -
Supporting dynamic addition of ACL rules. -
Supporting blacklist. -
Supporting the ASPF and the state inspection. -
Providing the port mapping mechanism. |
| NAT | -
Supporting address translation (NAT and NAPT, NAT address pool). -
Providing static address mapping of internal server addresses. -
Supporting security zone-based static address mapping of internal server addresses. -
Supporting multiple NAT ALGs, including FTP, PPTP, SMTP, RTSP, MSN, QQ. |
| Attack defense | -
Defending against multiple DoS attacks, such as SYN Flood, ICMP Flood, UDP Flood, WinNuke, ICMP redirection and unreachable packet, Land, Smurf and Fraggle. -
Defending against scanning and snooping, such as IP sweeping, port scanning, IP source routing option, IP routing record option and ICMP snooping packet. -
Defending against other attacks, such as IP Spoofing. -
Reverse TCP Source IP Probing. |
| Authentication | -
Supporting AAA, RADIUS and HWTACACS. -
Supporting zone-based management. -
Supporting local user management. |
| Network interconnection | Link layer protocol | -
Supporting Ethernet. -
Supporting VLAN. -
Supporting PPP. -
Supporting HDLC. -
Supporting Trunk. -
Supporting IP-link. |
| IP service | Supporting ARP address resolution. |
| Routing protocol | -
Supporting static routing. -
Supporting dynamic routing through RIP, OSPF and BGP. -
Supporting policy-based routing. -
Supporting routing policy , routing iteration and routing management. |
| VPN | |
| Configuration and management | Working mode | |
| Configuration mode | -
Supporting local configuration and maintenance through console ports. -
Supporting remote configuration by dialing in through Modem -
Supporting local or remote configuration through Telnet; supporting Telnet server and Telnet client. -
Supporting secure maintenance and management through SSH. |
| Maintenance and management | -
Supporting hierarchical protection through command lines, and thus preventing intrusion by unauthorized users. -
Supporting file systems, providing multiple configuration files and multi-program files. -
Supporting NTP and guaranteeing high time precision. -
Delivering ping and tracert functions. -
Supporting dynamic uploading of hot patches and NP hot patches |
| Maintenance and reliability | Product design | -
Meeting domestic and international standards of certification and design. -
Supporting 1+1 power backup and power hot swap. -
Providing protection against reverse polarity. -
Supporting hot swap of interface boards running no services. -
Supporting 3 + 1 backup of Switch Fabric Units for load balancing. |
| System management | Supporting standard network management protocol SNMP v1/v2c/v3. |
| Dual-System Hot Backup | Supporting VRRP, VGMP and HRP. |
| System log | -
Outputting logs by means of Syslog and binary high-speed flow -
Enabling log browse and search through log servers; supporting eLog log server. -
Taking statistics of input and output IP packets, attack defense logs, traffic monitoring logs, and blacklist logs. |
Favorite (0)
Reply
