| Firewall |
 Policy numbers: 2000
Performance:300 Mbps
Stateful inspection
NAT mode: one-to-one/one-to-many/many-to-many
Policy-based NAT
Popular NAT ALGs
DDoS/DoS and Port scan prevention
IP/MAC binding |
|
| VPN |
VPN tunnels:200
168-bit 3DES performance:140 Mbps
Tunneling protocols: PPTP, L2TP, IPSec
Tunneling server: PPTP, L2TP
Hardware-based Encryption methods: DES, 3DES, AES
SHA-1 / MD5 authentication
PPTP and L2TP pass-through and IPsec NAT traversal
Hub and Spoke VPN support
IKE certificate: x.509 v3, PKCS#10
IKE authentication: RSA signature, DSA signature, Xauth
Dead peer and tunnel detection |
|
| IPS |
Performance:100 Mbps
New session/sec: 4000
Maximum sessions:512000
Support user-defined IPS rule
IPS rules: 2000+>
Operation mode: Inline, Monitor, Bypass>
Layer 3/Layer 4 integrity check
Protocol decoders: HTTP, FTP, telnet and others
Segment reassembly from the network layer to application layer |
|
| Application Management |
|
Support 50+ IM, P2P, Web access, FTP, Mail, and Multi-media applications |
|
3-level Application control: Category/Application/Behavior |
|
Control on login, chatting, file transfer, conferencing for IM, including MSN, Skype, Yahoo
Messenger, QQ, ICQ and others |
|
| Traffic Management |
|
Traffic shaping and quota limit on 50+ IM, P2P, Web access, FTP, Mail, and Multi-media
applications |
|
Policy-based traffic shaping and quota limit by application categories |
|
Control on bandwidth for P2P, including BT, eDonkey, Thunder, Share, Winny, and others
|
|
| Anti-Virus |
The streaming detection method
Performance:30 Mbps
Detect over 2000+ popular viruses
The ClamAV solution selected and fine-tuned by BSST
Scan HTTP, FTP, SMTP, POP3, IMAP and VPN Tunnels
Check compressed files with passwords
Destroy the infected file segment
White list for IP and mail addresses |
|
| Content Filtering |
Highly scalble SurfControl CPA solution
Support user-defined URL exempt list
Support user-defined URL block list
Blocks Java applet, Cookies, Active X (by file extension)
Anti-SPAM by RBL approach by 2007 Q3 |
|
| Load Balancing and High Availability |
|
Built-in Dual-WAN Failover and redundancy in Active-Passive mode |
|
Load balancing on WAN links |
|
HA in Active-Passive mode with configuration, VPN tunnel, and session state
synchronization by 2007 Q3
; |
|
|
| Real-time Monitoring and Logging |
|
Graphical real-time monitoring in WebUI |
|
Top-N application statistics |
|
Firewall/IPS/AV statistics and network statistics |
|
VPN tunnel monitor |
| |
System CPU, memory and FLASH utilization |
|
Syslog to remote BroadWeb Security Event Reporter (SER) or 3rd party NMS |
|
| Alarm and Notification |
Real-time events in WebUI
SNMP
Email
Windows popup message
Alarm filtering |
|
| System Management |
|
Web UI (HTTPS), Command Line Interface (CLI), and Secure Command Shell (SSH) |
|
Setup wizard |
|
SNMP management
Multi-language support |
|
| Administration and Maintenance |
|
Export and import the IPS, firewall, anti-virus, application management policies and
system configuration |
|
Upgrade the policies and kernel image from BroadWeb Data Update Center (DUC)
automatically or via UI manually
|
|
| User Authentication |
Xauth over RADIUS support for IPsec VPN
Support Local database by 2007 Q3
Support RADIUS database by 2007 Q3 |
|
| Networking (Router/Switch) |
VLAN Tagging (IEEE 802.1q)
PPPoE, static IP, DHCP client on WAN interfaces
DHCP server, static IP for LAN nodes
DHCP relay
DNS query proxy and dynamic DNS support
Static routing and dynamic routing (RIP)
|
|
| Interfaces |
|
LAN port (GbE): 1 |
|
WAN ports (GbE): 2 |
|
Configurable port (GbE): 1 (DMZ/HA/Mirror) |
|
cUSB ports: 2 |
|
Serial port: 1 (console) |
|
| Hardware |
|
Dimensions: 1U Rack-mount, 426 x 358 x 44 mm, 4.2 kg |
|
Compliance: FCC Class A Part 15, UL/CUL, C Tick, CE, VCCI |
|
Operating Temperature: 0 to 40℃ (32 to 104℉) (depends on CPU) |
|
Storage Temperature: -20 to 70℃ (-4 to 158℉) |
|
Humidity: 0% to 90%RH, non-condensing |
|
AC power: 90 to 264 V full range @ 47 to 63 Hz |
|
| Security Certifications |
ICSA: Firewall, IPSec, IPS
NSS: IPS |
|
|