| Fixed Ports |
8 GE + 4 SFP |
4 GE + 2 Combo |
8 GE + 4 SFP |
8 GE + 4 SFP |
4 x 10 GE + 16 GE + 8 SFP |
None
Supports 24 x GE, 6 x 10 GE,
12 x 10 GE, 3 x 40 GE, and 1 x 100 GE |
| Intrusion Prevention |
- Defends against common attacks, such as worms, Trojan horses, botnets, cross-site scripting, and SQL injection, based on the signature database, and provides user-defined signatures to defend against new attacks
|
| Intelligent Management |
- Detects the types, operating systems, and enabled services of protected IT assets; dynamically generates suitable intrusion prevention policies for the IT environment
- Evaluates the risk level of attack events based on the IT environment so that administrators can process critical attack events and ignore false positive attacks
|
| APT Detection |
- Detects APT attacks based on reputation systems and the sandbox. The NIP6300/NIP6600 sends suspect files to the sandbox for detection and then displays attack events based on the sandbox detection results
- Supports IP and C&C reputation to detect and prevent malicious IP addresses and domain names
|
| Application Security |
- Automatically learns traffic patterns and defends against multiple types of DDoS attacks at the application layer, including HTTP, HTTPS, DNS, and SIP flood attacks
- Scans for viruses in files transmitted through HTTP, FTP, SMTP, POP3, IMAP, NFS, and SMB to prevent virus-infected files from being transmitted
- Identifies more than 6,000 applications, including P2P, IM, online gaming, social networking, video, and audio applications; takes action (block, traffic limiting, application usage display) based on the identified applications
|
| Web Security |
- Decrypts HTTPS traffic and detects threats
- Provides a URL blacklist to control online behavior
|
| Network Security |
- Detects threats in VLAN, QinQ, MPLS, GRE, IPv4 over IPv6, and IPv6 over IPv4 tunnel traffic
- Defends against multiple types of single-packet attacks
- Blacklists the source or destination IP addresses of attacks to block the follow-up packets from or to the blacklisted IP addresses
|
| High Availability |
- Supports hot backup protocols, such as VRRP, VGMP, and HRP; provides a hot standby mechanism to ensure that services can automatically and smoothly switch to the standby device if the active device fails
|
| Signature Database Update |
- Supports online and offline updates of the IPS-SDB, SA_SDB, and antivirus SDB for the device to have the latest defense capabilities
|
