|ICT Part #:||H3C-0235A0CT|
|Manufacturer Part #:||0235A0CT|
|Item Availability:||90 pcs|
|Usually Shipped:||Same Day|
|Package contents:||Security Platform|
- Enhanced firewall functions: The U200-CS provides such basic functions as security zone configuration, static/dynamic blacklist, MAC-IP binding, ACL application, and instruction prevention. In addition, it offers enhanced functions like status-based filtering, virtual firewall, and transportation of 802.1Q-tagged packets. It protects the network against attacks of ARP spoofing, invalid TCP flag, large ICMP packets, Challenge Collapsar (CC), SYN flooding, address/port scanning.
- Abundant VPN features: The U200-CS supports access through L2TP VPN, GRE VPN, and IPsec VPN. The integrated hardware encryption engine implements VPN handling of high performance.
- Realtime anti virus: The U200-CS adopts Kaspersky's anti-virus engine to detect and remove codes of malicious attacks in time.
- Realtime spam filtering: The U200-CS filters spam in real time, which purifies your mail system.
- URL filtering: The U200-CS implements user-based URL access control to deny access to unauthorized Websites, such as the phishing websites.
- Traffic management: The U200-CS detects P2P and IM applications of BitTorrent, Thunder, QQ, and so on. It supports alarms, rate limiting, and interruption to ensure the operation of core services.
- Behavior auditing: The U200-CS audits the applications of P2P, instant message, Web game, mails, and data transmission, and generates logs to implement behavior auditing in granularity.
- Full support of NAT applications: The U200-CS supports NAT applications including many-to-one, many-to-many, static NAT, dual translation, easy IP and DNS mapping. It supports NAT traversal with multiple protocols, and delivers NAT ALG functions such as DNS, FTP, H.323, and NBT.
- U200-CS provides the following features to achieve high reliability:
- Software and hardware platform developed by H3C. The product is applicable to carriers and small- and medium-sized enterprises, meeting the marketing requirements so long.
- Stateful failover, which supports the modes of active/active and active/passive, implementing load balancing and service backup.
- An MTBF of 36 years
- Easy-to-use Web-based management system
- Management based on SNMP and TR-069
- Unified management through H3C UTM
- Unified management through H3C SecCenter
|Performance:||Firewall Throughput: 100Mbps|
Concurrent Connection: 20,000
3DES Performance: 80Mpbs
|Interface:||One console port (CON)|
Five Gigabit Ethernet interfaces
|Slot:||One mini slot that can be expanded for network interface|
|CF card:||An optional external CF card that can be expanded|
|DDR SDRAM:||512 MB|
|Operating mode:||Routing mode|
|Network security:||AAA services:|
PKI/CA (x.509 format) authentication
Security zone configuration
Defense against attacks of ARP spoofing, invalid TCP flag, large ICMP packets, SYN flooding, address/port scanning.
Basic and extended ACLs
Interface-based access control
Time range-based access control
Dynamic packet filtering
ASPF packet filtering
Static and dynamic blacklists
MAC-based access control
Transportation of 802.1Q-tagged packets
Virus definition-based detection
Library upgrading manually and automatically
Flow handing mode
Supporting protocols of HTTP, FTP, SMTP, and POP3.
Preventing virus types of Backdoor, Email-Worm, IM-Worm, P2P-Worm, Trojan, AdWare, Virus
Supporting virus logs and reports
Custom-defined URL filtering library
Supporting Java Blocking and ActiveX Blocking
Blacklist of IP addresses
Matching keywords of the mail address, attachment name, content, sender, and receiver
Depth security protection:
Preventing hiker attacks, worms, and Trojans.
Supporting to identify P2P and IM applications like BT
Security logs and statistics:
User behavior flow logs
NAT translation logs
Real time logs of attacks
Address binding log
Traffic alarm logs
Traffic statistics and analysis
Global/security zone-based connection rate monitoring
Global/security zone-based protocol packet rate monitoring
E-mail notification of real-time alarms
Information distribution through E-mail
Translation of source address and destination address
Accessing internal network from an external host
NAT aging time
NAT ALG for multiple application protocols, including DNS, FTP, H.323, ILS, MSN, NBT, PPTP, SIP
Initiating tunneling requests to specific LNS for users with fully qualified name or the domain name
Address allocation of VPN users
LCP re-negotiation and mandatory CHAP authentication
Manual SA setup or through IKE
ESP supports encryption algorithms of DES, 3DES, AES
Algorithms of MD5 and SHA-1
IKE main mode and aggressive mode
|Network connectivity:||LAN protocols:|
Link layer protocol:
|Network protocols:||IP services:|
Domain name resolution
|High reliability:||Stateful failover in two modes: Active/Active and Active/Passive, implementing load balancing and service backup|
Support of VRRP
|QoS:||Traffic policing: CAR|
|Configuration management:||CLI:Local configuration through console portLocal or remote configuration through Telnet or SSHAuthorization of commands by user levels, so that unauthorized users cannot log in to the deviceDetailed debugging information for troubleshootingLogin and management through TelnetFTP Server/Client for downloading and uploading configuration files and application programsLogging functionConfiguration of user interface to configure authentication modes and authorize functions to usersSupporting SNMPv3, and is compatible with SNMPv2c and SNMPv1Supporting time synchronization through NTPSupporting Web-based managementSupporting SNMP and TR-069Supporting management through H3C SecCenter|
For more details about the optional products for 0235A0CT please visit H3C web site.
For more details about the alternative products for 0235A0CT please visit H3C web site.
Call 781-321-9070 for pickup instructions