|
Expansion Slots
|
3
|
8
|
16
|
|
Maximum Firewall Throughput
|
120 Gbit/s
|
720 Gbit/s
|
1.44 Tbit/s
|
|
Maximum Number of Concurrent Sessions
|
120 million
|
720 million
|
1.44 billion
|
|
Basic Functions
|
Routing/Transparent/Composite mode, state validation detection, blacklist and whitelist, access control, Application Specific Packet Filter (ASPF), security zone division, virtual firewall, smart route, and load balancing
|
|
NAT/CGN
|
Destination NAT/PAT, NAT NO-PAT, source NAT-IP address persistency, source IP address pool grouping, NAT Server, bi-directional NAT, NAT-ALG (Application Layer Gateway), unlimited IP address expansion, policy-based destination NAT, port range pre-allocation, hair pinning mode, SMART NAT, NAT64, DS-Lite, and 6RD (IPv6 Rapid Deployment)
|
|
NGFW Functions
|
Supports intrusion detection and prevention, URL filtering, antivirus, data loss prevention, etc.
|
|
PKI
|
PKI certificate requests (PKCS 10), Certificate Authority (CA)
PKI authentication: EAP-SIM, EAP-AKA
PKI protocol: SCEP, OCSP, and CMPv2
Self-signed certificate
|
|
Virtual System
|
4,096-Virtual Firewall (VFW) definition, VLAN virtualization, security zones virtualization, user-defined virtual resources, route between VFW, and VFW-based traffic CAR
|
|
DDoS Mitigation
|
SYN-flood, ICMP-flood, TCP-flood, UDP-flood, and DNS-flood
Port-scan, Smurf, Tear-drop, and IP-Sweep
IPv6-extension-header defense, TTL detection, TCP-mss detection, and attack log output
|
