<< Назад на страницу выбора модели
| Throughput | Up to 20Gbps |
Standard interface | 2×40GE (QSFP+) + 12×10GE (SPF+) + 16×GE (RJ45) | |
Deployment mode | in-line; off-line (static defense); off-line (Dynamic defense) | |
Function | Options for detecting or cleaning | |
External Bypass | Multi mode or single mode GE link; Multi mode or single mode 10GE link | |
Height × Width × Depth | 43.6mm × 442mm × 420mm (1U) | |
Weight | 7.6kg | |
Power supply | Rated input voltage: AC: 100 V to 240 V, 50 Hz/60 Hz Maximum input voltage range: AC: 90 V to 290 V, 47 Hz to 63 Hz | |
Power Consumption | 136.1W | |
Power redundancy | AC: 1+1 power redundancy | |
Safety certifications | Electro Magnetic Compatibility (EMC) certification CB, CCC, CE-SDOC, ROHS, REACH&WEEE(EU), C-TICK, ETL, FCC&IC, VCCI, BSMI |
Function | Description |
Defense against protocol abuse attacks | Defense against Land, Fraggle, Smurf, WinNuke, Ping of Death, Teardrop, and TCP error flag attacks |
Web application protection | Defense against HTTP GET flood, HTTP POST flood, HTTP slow header, HTTP slow post, HTTPS flood, SSL DoS/DDoS, WordPress reflection amplification, RUDY, and LOIC attacks; packet validity check |
Defense against scanning and sniffing attacks | Defense against address and port scanning attacks, and attacks using Tracert packets and IP options, such as IP source route, timestamp, and record route |
DNS application protection | Defense against DNS query flood, DNS reply flood, and DNS cache poisoning attacks; source limit |
Defense against network-type attacks | Defense against SYN flood, SYN-ACK flood, ACK flood, FIN flood, RST flood, TCP fragment flood, UDP flood, UDP fragment flood, IP flood, ICMP flood, TCP connection flood, sockstress, TCP retransmission, and TCP empty connection attacks |
SIP application protection | Defense against SIP flood/SIP methods flood attacks, including Register, Deregistration, Authentication, and Call flood attacks; source limit |
Defense against UDP-based reflection amplification attacks | Defense against NTP, DNS, SSDP, Chargen, TFTP, SNMP, NetBIOS, QOTD, Quake Network Protocol, Portmapper, Microsoft SQL Resolution Service, RIPv1, and Steam Protocol reflection amplification attacks |
Filter | IP, TCP, UDP, ICMP, DNS, SIP, and HTTP packet filters |
Location-based filtering | Traffic block or limit based on the source IP address location |
Attack signature database | RUDY, slowhttptest, slowloris, LOIC, AnonCannon, RefRef, ApacheKill, and ApacheBench attack signature databases; automatic weekly update of these signature databases |
IP reputation | Tracking of most active 5 million zombies and automatic daily update of the IP reputation database to rapidly block attacks; local access IP reputation learning to create dynamic IP reputation based on local service sessions, rapidly forward service access traffic, and enhance user experience |
Management functions | Account management and permission allocation; defense policy configuration and report display based on Zones (up to 100,000 Zones, namely tenants); device performance monitoring; source tracing and fingerprint extraction through packet capture; email, short message, and audio alarms; log dumping; dynamic baseline learning |
Report functions | Comparison of traffic before and after cleaning; top N traffic statistics; application-layer traffic comparison and distribution; protocol distribution; traffic statistics based on the source location; attack event details; top N attack events (by duration or number of packets); distribution of attacks by category; attack traffic trend; DNS resolution success ratio; application-layer top N traffic statistics (by source IP address, HTTP URI, HTTP HOST, and domain name); download of reports in HTML/PDF/Excel format; report push via email; periodical generation of daily, weekly, monthly, and yearly reports; self-service portal for tenants |
Deployment mode | In-line or off-line deployment |
Traffic diversion and injection | Traffic diversion: supports manual, and PBR or BGP based automatic traffic diversion. Traffic injection: supports static route injection, MPLS VPN injection, MPLS LSP injection, GRE tunnel injection, Layer 2 injection, PBR based injection, etc |