interface

8GE

8GE+2SFP

Extend the slot

not

Storage media

2.5 inch 500GB/1TB SATA hard drive, 2.5 inch 480G SSD hard drive

Ambient temperature

Work: 0 to 45 degrees C

Non-working: -40 to 70 degrees C

Run mode

Routing mode, transparent mode, promiscuous mode

Zero configuration is online

TR069 zero configuration on-line, USB stick zero-configuration on-line

AAA services

Portal certification, RADIUS certification, HWTACACS certification, PKI/CA (X.509 format),

Domain authentication, CHAP verification, PAP authentication

firewall

Safe zone division

Defend against malicious attacks such as Land, Smurf, Ping of Death, Tear Drop, IP Spoofing, IP Shard Messages, ARP Spoofing, ARP Active Reverse Query, TCP Message Flag Bit Illegal Oversized ICMP Messages, Address Scans, Port Scans, SYN Flood, UPD Flood, ICMP Flood, DNS Flood, etc

The basic and extended access control list

A list of access controls based on time periods

Access control list based on user, app

ASPF applies layer message filtering

Static and dynamic blacklisting features

MAC and IP binding capabilities

MAC-based access control list

Supports 802.1q VLAN transmission

Virus protection

Detection based on virus characteristics

Supports manual and automatic upgrade of virus libraries

Message flow processing mode

Supports HTTP, FTP, SMTP, POP3 protocols

Types of viruses supported: Backdoor, Email-Worm, IM-Worm, P2P-Worm, Trojan, AdWare, Virus, etc

Virus logs and reports are supported

Deep intrusion defense

Supports defense against common attacks such as hacking, worms/viruses, Trojans, malicious code, adware, DoS/DDoS, and more

Supports defense against attacks such as buffer overflow, SQL injection, IDS/IPS escape, and more

Supports the classification of attack feature libraries (classified by attack type, target system), rating (high, medium, low, prompt level four)

Support for manual and automatic upgrade of attack feature libraries (TFTP and HTTP)

Supports P2P/IM identification and control of BT and others

Mail/Web page/application layer filtering

Message filtering

SMTP email address filtering

Message title filtering

Message content filtering

Message attachment filtering

Web filtering

HTTP URL filtering

HTTP content filtering

Application layer filtering

Java Blocking

ActiveX Blocking

SQL Injection Attack Prevention

NAT

Multiple internal addresses are supported to map to the same public network address

Multiple internal addresses are supported to map to multiple public network addresses

Supports internal address-to-public address mapping

Supports simultaneous conversion of both the source and destination addresses

Supports external network hosts to access internal servers

It is supported for internal addresses to map directly to the interface public IP address

DNS mapping is supported

The effective time to support address conversion can be configured

Supports a variety of NAT ALGs, including DNS, FTP, H.323, ILS, MSN, NBT, PPTP, SIP, etc

VPN

L2TP VPN,IPSec VPN,GRE VPN,SSL VPN

IPv6

IPv6-based state firewall and attack prevention

IPv6 Protocol: IPv6 Forwarding, ICMPv6, PMTU, Ping6, DNS6, TraceRT6, Telnet6, DHCPv6 Client, DHCPv6 Relay, etc

IPv6 routing: RIPng, OSPFv3, BGP4 plus, static routing, policy routing, PIM-SM, PIM-DM, etc

IPv6 security: NAT-PT, IPv6 Tunnel, IPv6 Packet Filter, Radius, IPv6 interdomain policy, IPv6 connection limit, etc

High reliability

Support for dual-machine hot preparation (Active/Active and Active/Backup modes of operation)

Dual-machine configuration synchronization is supported

IKE state synchronization with IPSec VPN support

VRRP support

Easy to maintain

Supports command-line-based configuration management

Supports remote configuration management in a Web manner

Support SSM Security Management Center for device management

Supports standard network tube SNMPv3 and is compatible with SNMP v1 and v2

Smart security policy

Environmental protection and certification

Supports strict RoHS environmental certification in Europe