H3C SecPath F100-C-A1 Firewall Appliance (without license)
H3C SecPath F100-C-A1 and F100-C-A2 firewalls are next-generation high-performance firewalls for small- and medium-size enterprises, campus network egress, and WAN branches to embrace the Web 2.0 era and follow the technology trend of deep security and network integration.
H3C SecPath F100-C-A1 and F100-C-A2 firewalls support multi-dimensional integrated security protection, which can perform integrated security access control of IPS, AV, DLP and other traffic from multiple dimensions such as user, application, time, and quintuple.
F100-C-A1 and F100-C-A2 support multiple VPN services, such as L2TP VPN, GRE VPN, IPsec VPN, and SSL VPN. They can cooperate with intelligent endpoints to provide mobile office service, and provide rich routing capabilities, support RIP, OSPF, BGP, routing strategies, and policy routing based on applications and URLs. The firewalls also support IPv4/IPv6 security protection.
Specifications
| Ports | 5 × GE + 2 × SFP (MTU: 1500 defaultly) |
| Storage media | TF card with a maximum size of 500 GB |
| Ambient temperature | Operating: 0°C to 45°C (32°F to 113°F) Storage: –40°C to +70°C (–40°F to +158°F) |
| Operating mode | Route, transparent, or hybrid |
| AAA | Portal authentication , RADIUS authentication , HWTACACS authentication , PKI/CA (X.509 format) authentication , Domain authentication , CHAP authentication, PAP authentication |
| Firewall | SOP virtual firewall technology, which supports full virtualization of hardware resources, including CPU, memories, and storage Security zone , Attack protection against malicious attacks, such as land, smurf, fraggle, ping of death, teardrop, IP spoofing, IP fragmentation, ARP spoofing, reverse ARP lookup, invalid TCP flag, large ICMP packet, address/port scanning, SYN flood, ICMP flood, UDP flood, and DNS query flood Basic and advanced ACLs , Time range-based ACL , User-based and application-based access control , ASPF application layer packet filtering , Static and dynamic blacklist function , MAC-IP binding , MAC-based ACL , 802.1Q VLAN transparent transmission , Sub-Interface VLAN |
| Antivirus | Signature-based virus detection, Manual and automatic upgrade for the signature database , Stream-based processing , Virus detection based on HTTP, FTP, SMTP, and POP3, Virus types include Backdoor, Email-Worm, IM-Worm, P2P-Worm, Trojan, AdWare, and Virus Virus logs and reports |
| VPN | L2TP VPN , IPSec VPN , GRE VPN , SSL VPN |
| IP Services | IP Forwarding ICMP, Tracert, ping, Telnet, DHCP Server, DCHP Relay, and DHCP Client Routing: Static, RIP, OSPF, BGP , Multicast: IGMP, PIM-SM and PIM-DM , VRRP , IPv6 status firewall , IPv6 attack protection , IPv6 forwarding , IPv6 protocols such as ICMPv6, PMTU, Ping6, DNS6, TraceRT6, Telnet6, DHCPv6 Client, and DHCPv6 Relay , IPv6 routing: RIPng, OSPFv3, BGP4+, static routing, policy-based routing , IPv6 multicast: PIM-SM, and PIM-DM , IPv6 transition techniques: NAT-PT, IPv6 tunneling, NAT64 (DNS64), and DS-LITE IPv6 security: NAT-PT, IPv6 tunnel, IPv6 packet filter, RADIUS, IPv6 zone pair policies, IPv6 connection limit |