The H3C SecBlade FW modules are industry-leading 10000-Mbps high-performance firewall modules. They can be used on the H3C S5800, S7500E, S9500E or S12500 switches, or SR6600 routers, and SR8800 routers. Integrating the functions of firewall, VPN, content filtering, and NAT, the SecBlade FW modules can improve the security service capabilities of network devices, providing full security protection.
The H3C SecBlade FW modules can defend your network against external attacks, guarantee internal network security, monitor traffic, and implement URL filtering and application layer filtering. Employing the Application Specific Packet Filter (ASPF) technology, they can monitor the status of application layer connections to achieve security protection at layers from Layer 3 to Layer 7. In addition, they support alarm notification, attack logging, traffic logging, and network management monitoring, helping you with the network management.
The H3C SecBlade FW modules are plug-and-play and feature good extensibility, and therefore can ease management and reduce the maintenance costs.
Figure 1 Appearance of a SecBlade FW module
The following contents are relatively complicated, please use PC for browsing.
Pls enter c.h3c.com.cn in the PC browser and follow the instruction from the page, you will continue to sync to PC.
Continue mobile phone browsing.
The SecBlade FW modules use multi-core hardware and can provide 10000-Mbps wire speed security protection. As the firewall modules are with the highest processing capability of the industry, they have boosted the network security protection to a new stage.
The SecBlade FW modules provide these security protection functions:
l Defense against various attacks, including DoS/DDoS, ARP spoofing, invalid TCP flag, large ICMP packet, address/port scanning, ICMP redirect, ICMP unreachable, Tracert, IP packets with the Record Route option, Java/ActiveX blocking and SQL injection.
l Static and dynamic blacklist.
l MAC address binding.
l Security zone management.
l System statistics.
The SecBlade FW modules are integrated with multiple mature VPN access technologies, such as IPSec, L2TP, and GRE, allowing mobile users, partners, and branch organizations to access the corporate network securely and conveniently.
The SecBlade FW modules support various NAT functionalities, such as one-to-one NAT, many-to-many NAT, net-to-net static NAT, bidirectional NAT, Easy IP, and DNS mapping. They also support NAT ALG for multiple application protocols, such as DNS, FTP, H.323, and NBT.
The SecBlade FW modules support advanced virtual firewall technology. You can create multiple virtual firewall instances to satisfy the requirements of multiple user services on a single firewall module, and manage them respectively. When the service separation changes or a new service appears, you can add or delete virtual firewall instances to meet the needs. This simplifies the complexity of network management dramatically.
The SecBlade FW modules can be directly plugged into an H3C network device to extend the device’s firewall function. It shares the same management platform with the network device, and is therefore easy to manage. Besides, any port on a network device can be used as the port of the SecBlade FW module, without the need of extra investment.
A SecBlade FW module is plugged into an H3C network device as a service card. This reduces single-node failures and improves network reliability.
S5800 /S7500E /S9500E/S12500 series switches, and SR6600/ SR8800 routers
1 console port (CON)
2 Gigabit RJ-45 electrical ports
2 Gigabit Combo ports
Dimension (H × W × D)
40.1 × 399.2 × 376.5 mm (1.58 × 15.72 × 14.82 in.)
0°C to 40°C (32°F to 113°F)
Prevention against attacks of SYN Flood, UDP Flood, ICMP Flood, HTTP Get Flood, Land, Smurf, Fraggle, WinNuke, Ping of Death, Tear Drop, invalid TCP flag, IP address scanning, port scanning, Java/ActiveX Blocking and SQL injection.
IPSec VPN, GRE VPN, and L2TP VPN
l Many-to-many NAT through address pool
l NAT control using ACLs
l Easy IP and NAT server
l Aging of NAT address table entries
l NAT ALG for many applications, such as FTP, DNS, QQ, MSN, H323, NBT, ILS, RTSP, SQLNET, and SIP
H3C S12500 Firewall Board Module
H3C S9500E Firewall Board Module
H3C S7500E Firewall Board Module
H3C S5800 Series,Firewall Module,OSM Slot
H3C SR6600 Gigabit Firewall Board Module
H3C SR8800 Firewall Service Processing Board