Наличие:
Huawei USG6370/USG6380/USG6390 next-generation firewalls provide high-performance security protection for medium-sized businesses and branch offices with 800 to 1,500 users. The firewalls provide VPN, intrusion prevention, and antivirus functions, and can ensure high performance even when multiple security functions are enabled. With comprehensive application control and advanced threat prevention, the firewalls provide cost-effective and all-around security protection for users.
| Model | Interfaces |
|---|---|
USG6370/USG6380/USG6390  |
1. Two x USB Ports 2. Console Port 3. One x GE (RJ45) Management Port 4. Eight x GE (RJ45) Ports 5. Four x GE (SFP) Ports |
Software Features
| Function | Description |
|---|---|
| Integrated Protection | Provides firewall, VPN, intrusion prevention, antivirus, data leak prevention, bandwidth management, Anti-DDoS, URL filtering, and anti-spam functions |
| Application Identification and Control | Identifies common applications, supports application-specific access control, and combines application identification with intrusion prevention, antivirus, and data filtering to improve detection performance and accuracy |
| Intrusion Prevention and Web Protection | Obtains the latest threat information in a timely manner for accurate detection and prevention of vulnerability exploits and web attacks, such as cross-site scripting and SQL injection attacks |
| Antivirus | Rapidly detects over five million types of viruses through the daily-updated signature database |
| Anti-APT* | Interworks with the sandbox to detect and block malicious files |
| Data Leak Prevention | Inspects files to identify the file type, such as Word, Excel, PowerPoint, and PDF, based on file contents, and filters sensitive content |
| Bandwidth Management | Manages per-user and per-IP bandwidth in addition to identifying service applications to prioritize mission-critical services and users through methods such as peak bandwidth and committed bandwidth, Policy-Based Routing (PBR), and application forwarding priority adjustment |
| URL Filtering | Can access a URL category database of over 120 million URLs to manage access by URL category, such as blocking malicious URLs and accelerating access to specified categories |
| Behavior and Content Audit | Audits and traces the sources of URL access based on the user IP address and requested content |
| Load Balancing | Supports server load balancing and link load balancing, fully utilizing existing network resources |
| Intelligent Uplink Selection | Supports service-specific PBR and intelligent uplink selection based on multiple load balancing algorithms (for example, based on bandwidth ratio and link health status) in multi-homing scenarios |
| VPN Encryption | Supports multiple highly reliable VPN features, such as IPsec VPN, SSL VPN, L2TP VPN, and GRE. Supports IPsec intelligent link selection and dynamic IPsec tunnel switchover to improve link availability |
| SSL Encrypted Traffic Detection | Serves as a proxy to detect and defend against threats in SSL-encrypted traffic using application-layer protection methods such as intrusion prevention, antivirus, data filtering, and URL filtering |
| Anti-DDoS | Defends against more than 10 types of common DDoS attacks, including SYN flood and UDP flood attacks |
| User Authentication | Supports multiple user authentication methods, including local, RADIUS, HWTACACS, SecurID, AD, CA, LDAP, and Endpoint Security |
| Security Virtualization | Allows users to create and manage virtual security services, including firewall, intrusion prevention, and antivirus services, on the same physical device |
| Policy Management | Provides predefined common-scenario defense templates to facilitate security policy deployment Automatically evaluates risks in security policies and provides tuning suggestions Detects redundant and conflicting policies to remove unnecessary and incorrect policies |
| Provides the firewall policy management solution in partnership with FireMon to reduce O&M costs and potential faults* | |
| Diversified Reports | Provides visualized and multi-dimensional reports by user, application, content, time, traffic, threat, and URL1 |
| Generates network security analysis reports on the Huawei security center platform to evaluate the current network security status and provide optimization suggestions* | |
| Routing | Supports IPv4 static routes, policy-based routing, routing policies, multicast, RIP, OSPF, BGP, and IS-IS Supports IPv6 static routes, policy-based routing, routing policies, RIPng, OSPFv3, BGP4+, and IPv6 IS-IS |
| Working Mode and High Availability | Supports multiple working modes (transparent, routing, and hybrid), high availability modes (active/active and active/standby), and link high-availability technologies (IP-Link, BFD, and Link-group) |
| Device Management Capability | Built-in Web UI: Provides abundant device management and maintenance functions, including log report, configuration, and troubleshooting |
| eSight network management: Manages the performance, alarms, resources, configurations, and topology of the entire network | |
| Agile Controller: Implements application- and user-specific security policy control in the Huawei SDN Agile Network Solution* | |
| LogCenter security event management system: Provides functions such as security posture awareness, report management, log audit, and centralized alarm management | |
| API: Supports both NETCONF* and RESTCONF northbound APIs to enable users to centrally configure and maintain firewalls via an upper-level controller to simply the O&M |
1. If no hard disk is inserted, you can view and export system and service logs. By inserting a hard disk, you can also view, export, customize, and subscribe to reports
Functions marked with * are supported only in USG V500R001 and later versions
System Performance and Capacity
| Model | USG6370 | USG6380 | USG6390 |
|---|---|---|---|
| IPv4 Firewall Throughput1 (1,518/512/64-byte, UDP) | 4/4/1.2 Gbit/s | 6/6/1.2 Gbit/s | 8/8/1.2 Gbit/s |
| IPv6 Firewall Throughput1 (1,518/512/84-byte, UDP) | 4/4/1.6 Gbit/s | 6/6/1.6 Gbit/s | 8/8/1.6 Gbit/s |
| Firewall Throughput (packets per second) | 1.8 Mpps | 1.8 Mpps | 1.8 Mpps |
| Firewall Latency (64-byte, UDP) | 25 µs | 25 µs | 25 µs |
| FW + SA* Throughput2 | 4 Gbit/s | 5 Gbit/s | 6 Gbit/s |
| FW + SA + IPS Throughput2 | 2 Gbit/s | 2 Gbit/s | 2 Gbit/s |
| FW + SA + Antivirus Throughput2 | 2 Gbit/s | 2 Gbit/s | 2 Gbit/s |
| FW + SA + IPS + Antivirus + URL Throughput2 | 1.4 Gbit/s | 1.6 Gbit/s | 1.8 Gbit/s |
| FW + SA + IPS + Antivirus Throughput (real world)3 | 1 Gbit/s | 1.2 Gbit/s | 1.4 Gbit/s |
| Concurrent Sessions (HTTP1.1)1 | 4,000,000 | 4,000,000 | 4,000,000 |
| New Sessions/Second (HTTP1.1)1 | 60,000 | 70,000 | 80,000 |
| IPsec VPN Throughput1 (AES-128 + SHA1, 1,420-byte) | 3 Gbit/s | 3 Gbit/s | 3 Gbit/s |
| Maximum IPsec VPN Tunnels (GW to GW) | 4,000 | 4,000 | 4,000 |
| Maximum IPsec VPN Tunnels (client to GW) | 4,000 | 4,000 | 4,000 |
| SSL Inspection Throughput4 | 90 Mbit/s | 90 Mbit/s | 90 Mbit/s |
| SSL VPN Throughput5 | 200 Mbit/s | 200 Mbit/s | 200 Mbit/s |
| Concurrent SSL VPN Users (default/maximum) | 100/1,000 | 100/1,000 | 100/1,000 |
| Security Policies (maximum) | 15,000 | 15,000 | 15,000 |
| Virtual Firewalls (default/maximum) | 10/100 | 10/100 | 10/100 |
| URL Filtering: Categories | More than 130 | ||
| URL Filtering: URLs | Can access a database of over 120 million URLs in the cloud | ||
| Automated Threat Feed and IPS Signature Updates | Yes, an industry-leading security center from Huawei (http://sec.huawei.com/sec/web/index.do) | ||
| Third-Party and Open-Source Ecosystem6 | Open APIs for integration with third-party products through RESTCONF and NETCONF interfaces Other third-party management software based on SNMP, SSH, and syslog Collaboration with third-party tools, such as FireMon Collaboration with Anti-APT solution |
||
| Centralized Management | Centralized configuration, logging, monitoring, and reporting is performed by Huawei eSight and LogCenter | ||
| VLANs (maximum) | 4,094 | ||
| Virtual Interfaces (maximum) | 1,024 | ||
| High Availability Configurations | Active/Active, Active/Standby | ||
1. Performance is tested under ideal conditions based on RFC 2544 and RFC 3511. The actual result may vary with deployment environments
2. Antivirus, IPS, and SA performances are measured using 100 KB of HTTP files
3. Throughput is measured with the Enterprise Traffic Model
4. SSL inspection throughput is measured with IPS-enabled and HTTPS traffic using TLS v1.2 with AES256-SHA
5. SSL VPN throughput is measured using TLS v1.2 with AES128-SHA
6. USG6000 V100R001 supports only the RESTCONF interface and cannot interwork with sandbox or third-party tools
*SA indicates Service Awareness
Hardware Specifications
| Model | USG6370 | USG6380 | USG6390 |
|---|---|---|---|
| Dimensions (H x W x D) | 44.4 mm x 442 mm x 421 mm | ||
| Form Factor/Height | 1U | ||
| Fixed Interfaces | 8 x GE (RJ45) + 4 x GE (SFP) | ||
| USB 2.0 Port | Supported | ||
| Expansion Slot | 2 WSIC* |
||
| Expansion I/O | WSIC: 2 x 10 GE (SFP+) + 8 x GE (RJ45), 8 x GE (RJ45), 8 x GE (SFP), 4 x GE (RJ45) BYPASS | ||
| Maximum Number of Interfaces | 24 x GE (RJ45) + 4 x GE (SFP) + 4 x 10 GE (SFP+) or 20 x GE (SFP) + 8 × GE (RJ45) | ||
| MTBF | 11.96 years | ||
| Weight (full configuration) | 8.6 kg | ||
| Local Storage | Optional: Supports a 300 GB or 600 GB hard disk (the hard disk is hot-swappable, but the hard disk card is not) | ||
| AC Power Supply | 100V to 240V, 50 Hz/60 Hz | ||
| Power Consumption (average/maximum) | 56.13W/133.74W | ||
| Heat Dissipation | 456 BTU/h | ||
| Power Supplies | Single 170W AC power supply; optional dual AC power supplies | ||
| Operating Environment (temperature/humidity) | Temperature: 0°C to 45°C (without optional HDD); 5°C to 40°C (with optional HDD) Humidity: 5% to 95% (without optional HDD), non-condensing; 5% to 90% (with optional HDD), non-condensing |
||
| Non-operating Environment | Temperature: –40°C to 70°C Humidity: 5% to 95% (without optional HDD), non-condensing; 5% to 90% (with optional HDD), non-condensing |
||
| Operating Altitude (maximum) | 5,000 meters (without optional HDD); 3,000 meters (with optional HDD) | ||
| Non-operating Altitude (maximum) | 5,000 meters (without optional HDD); 3,000 meters (with optional HDD) | ||
| Noise | 63 dBA | ||
*WISC is not hot-swappable
Certifications
| Certifications | |
|---|---|
| Software | ICSA Labs: Firewall, IPS, IPsec, and SSL VPN CC: EAL4+ |
| Hardware | CB, CE-SDOC, ROHS, REACH & WEEE (EU), RCM, ETL, FCC & IC, VCCI, and BSMI |
| Regulatory Compliance | Products comply with CE markings per directives 2014/30/EU and 2014/35/EU |
| Safety | UL 60950-1 CSA-C22.2 No. 60950-1 EN 60950-1 IEC 60950-1 |
| EMC: Emissions | EN 55022 Class A ETSI EN 300 386 IEC 61000-3-2/EN 61000-3-2 IEC 61000-3-3/EN 61000-3-3 FCC CFR47 Part 15 Subpart B Class A ICES-003 Class A VCCI V-3 Class A CNS 13438 Class A |
| EMC: Immunity | EN 55024 ETSI EN 300 386 CNS 13438 Class A |
| Product | Model | Description |
|---|---|---|
| USG6370 | USG6370-AC | USG6370 AC Host (8 GE (RJ45) + 4 GE (SFP), 4 GB Memory, 1 AC Power) |
| USG6370 | USG6370-BDL-AC | USG6370 AC Host (8 GE (RJ45) + 4 GE (SFP), 4 GB Memory, 1 AC Power, with IPS-AV-URL Function Group Update Service Subscription 12 Months) |
| USG6380 | USG6380-AC | USG6380 AC Host (8 GE (RJ45) + 4 GE (SFP), 4 GB Memory, 1 AC Power) |
| USG6380 | USG6380-BDL-AC | USG6380 AC Host (8 GE (RJ45) + 4 GE (SFP), 4 GB Memory, 1 AC Power, with IPS-AV-URL Function Group Update Service Subscription 12 Months) |
| USG6390 | USG6390-AC | USG6390 AC Host (8 GE (RJ45) + 4 GE (SFP), 4 GB Memory, 1 AC Power) |
| USG6390 | USG6390-BDL-AC | USG6390 AC Host (8 GE (RJ45) + 4 GE (SFP), 4 GB Memory, 1 AC Power, with IPS-AV-URL Function Group Update Service Subscription 12 Months) |
| Business Module Group | ||
| WSIC | WSIC-8GE | 8 GE Electric Ports Interface Card |
| WSIC | WSIC-4GEBYPASS | 4 GE Electric Ports Bypass Card |
| WSIC | WSIC-8GEF | 8 GE Optical Ports Interface Card |
| WSIC | WSIC-2XG8GE | 2 x 10 GE Optical Ports + 8 GE Electric Ports Interface Card |
| Hard Disk Group | ||
| HDD | SM-HDD-SAS300G-B | 300 GB 10K RPM SAS Hard Disk for 1U rack Gateway |
| SM-HDD-SAS600G-B | 600 GB 10K RPM SAS Hard Disk for 1U rack Gateway | |
| Power Module | ||
| Power | Power-AC-B | 170W AC power module |
| Function License | ||
| Virtual Firewall | LIC-VSYS-10-USG6000 | Quantity of Virtual Firewall (10 Vsys) |
| Virtual Firewall | LIC-VSYS-20-USG6000 | Quantity of Virtual Firewall (20 Vsys) |
| Virtual Firewall | LIC-VSYS-50-USG6000 | Quantity of Virtual Firewall (50 Vsys) |
| Virtual Firewall | LIC-VSYS-100-USG6000 | Quantity of Virtual Firewall (100 Vsys) |
| SSL VPN Concurrent Users | LIC-SSL-100-USG6000 | Quantity of SSL VPN Concurrent Users (100 Users) |
| LIC-SSL-200-USG6000 | Quantity of SSL VPN Concurrent Users (200 Users) | |
| LIC-SSL-500-USG6000 | Quantity of SSL VPN Concurrent Users (500 Users) | |
| LIC-SSL-1000-USG6000 | Quantity of SSL VPN Concurrent Users (1,000 Users) | |
| NGFW License | ||
| IPS Update Service | LIC-IPS-12-USG6300-03 | IPS Update Service Subscription 12 Months (applies to USG6370/80) |
| LIC-IPS-36-USG6300-03 | IPS Update Service Subscription 36 Months (applies to USG6370/80) | |
| LIC-IPS-12-USG6300-04 | IPS Update Service Subscription 12 Months (applies to USG6390) | |
| LIC-IPS-36-USG6300-04 | IPS Update Service Subscription 36 Months (applies to USG6390) | |
| URL Filtering Update Service | LIC-URL-12-USG6300-03 | URL Filtering Update Service Subscription 12 Months (applies to USG6370/80) |
| LIC-URL-36-USG6300-03 | URL Filtering Update Service Subscription 36 Months (applies to USG6370/80) | |
| LIC-URL-12-USG6300-04 | URL Filtering Update Service Subscription 12 Months (applies to USG6390) | |
| LIC-URL-36-USG6300-04 | URL Filtering Update Service Subscription 36 Months (applies to USG6390) | |
| Anti-Virus Update Service | LIC-AV-12-USG6300-03 | Anti-Virus Update Service Subscription 12 Months (applies to USG6370/80) |
| LIC-AV-36-USG6300-03 | Anti-Virus Update Service Subscription 36 Months (applies to USG6370/80) | |
| LIC-AV-12-USG6300-04 | Anti-Virus Update Service Subscription 12 Months (applies to USG6390) | |
| LIC-AV-36-USG6300-04 | Anti-Virus Update Service Subscription 36 Months (applies to USG6390) | |
| IPS-AV-URL Function Group | LIC-IPSAVURL-12-USG6300-03 | IPS-AV-URL Function Group Subscription 12 Months (applies to USG6370/80) |
| LIC-IPSAVURL-36-USG6300-03 | IPS-AV-URL Function Group Subscription 36 Months (applies to USG6370/80) | |
| LIC-IPSAVURL-12-USG6300-04 | IPS-AV-URL Function Group Subscription 12 Months (applies to USG6390) | |
| LIC-IPSAVURL-36-USG6300-04 | IPS-AV-URL Function Group Subscription 36 Months (applies to USG6390) | |
Мы являемся надежным поставщиком сетевого оборудования ведущих мировых производителей на территории РФ. Закупки оборудования производятся исключительно у официальных дистрибьюторов — RRC, Comptek, OCS.
