The H3C SecBlade Intrusion Prevention System (IPS) is a high-performance intrusion prevention module for H3C S5800/S7500E/S9500E/S12500 series switches and SR6600/SR8800 routers. Integrating such functions as intrusion detection, intrusion prevention, virus filtering, and bandwidth management, it installs itself in the industry as the technology-leading integrated intrusion detection/prevention system. It can perform Layer-4 to Layer-7 in-depth analysis and detection, and therefore stop network attacks and abuses such as viruses, worms, Trojan horses, spyware, and webpage tampering in real time. Hence, the H3C SecBlade IPS module provides complete protection for network infrastructure, applications, and performance.
The following contents are relatively complicated, please use PC for browsing.
Pls enter c.h3c.com.cn in the PC browser and follow the instruction from the page, you will continue to sync to PC.
Continue mobile phone browsing.
The SecBlade IPS is the only product that integrates the vulnerability database, virus definitions, and application protocol signature database in the industry. Together with H3C’s proprietary technology Full Inspection with Rigorous State Test (FIRST), it can exactly identify and prevent various network attacks and abuses. SecBlade IPS has passed the compatibility authentication of Common Vulnerabilities and Exposures (CVE). It incorporates the top achievements in system vulnerability and attack prevention research.
The SecBlade IPS is integrated with the KasperSky anti-virus engine and virus definitions. It uses the most advanced anti-virus technologies in the world, including the second generation heuristic code analysis method, the iChecker realtime monitoring technology, and the unique script viruses blocking technology, and can therefore kill various file type viruses, network type viruses, and hybrid viruses in real time. In addition, it incorporates the next generation virtual machine unpack engine and behavior estimation technologies to kill derived viruses and unknown viruses accurately.
The H3C Security Specialist Group always watches out for security vulnerability bulletins from well-known security organizations and vendors around the globe. As soon as a security vulnerability is spotted, the Group performs exact analysis in no time and provides signature database updates for protection of operating systems, applications systems, and database systems accordingly. H3C has passed Microsoft Active Protections Program (MAPP) authentication and can get up-to-date vulnerability information from Microsoft early. Meanwhile, through the honeypot systems deployed around the world, the Group keeps close track of all emerging attack techniques and trends and issues signature database updates weekly or, for urgent cases, immediately. Users can upgrade their SecBlade IPS modules automatically or manually, equipping their SecBlade IPS modules with capability against the threats in time.
The SecBlade IPS module features powerful attack defense and traffic pattern self-learning capabilities. When an attack occurs or the network traffic increases sharply in a short period, the module can detect, identify, and block the attack or abnormal data flows immediately to protect the network infrastructure devices such as the routers, switches, VoIP systems, DNS servers, guaranteeing the operation of the key services.
The SecBlade IPS module can work in transparent mode and features plug-and-play installation. It can be deployed in online mode or bypass mode. Integrated with rich networking features, it can be used in complicated networking environments with MPLS, 802.1Q, QinQ, GRE, and the like.
With its industry-leading multi-core architecture and distributed search engine, the SecBlade IPS module can provide in-depth detection and defense capabilities at wire speed, even in complicated application environments with various types of heavy traffic. The delay is at millisecond level. SecBlade IPS modules can be embedded in switches and routers. This reduces single-point failures effectively, ensuring that the network systems can provide services even after the modules fail. The SecBlade IPS module can be deployed in bypass mode to provide IDS functions.
The SecBlade IPS module can be inserted in an H3C S5800/S7500E/S9500E/S12500 switch and SR6600/SR8800 routers to provide application layer security protection function. It shares the management platform of the switch and router, reducing the management difficulty. In addition, it can use any port of the switch and router, reducing both the initial investment and expansion cost.
H3C S5800/S7500E/S9500E/S12500 series Ethernet switches and SR6600/SR8800 routers
Dimensions (H × W × D)
l 35×250×243mm ( 1.38 × 9.84 × 9.57 in.)(for S5800 series switches)
l 40.1 × 399.2 × 376.5 mm (1.58 × 15.72 × 14.82 in.)(for S7500E/S9500E/S12500 series switches and SR6600/SR8800 routers)
0°C to 45°C (32°F to 113°F)
10% to 95%, noncondensing
Target network attack types
Worms, viruses, Trojan horses, backdoor programs, DoS/DDoS attacks, probing/scanning, spyware, Phishings, attacks exploiting vulnerabilities, SQL injection attacks, Buffer overflow attacks, protocol abnormities, and IDS/IPS bypass attacks
Target network abuse types
P2P abuses (BitTorent, Thunder, eMule, and eDonkey)
IM abuses (QQ, ICQ, and MSN)
Network video abuses, network games, and stock software
Unique integrated signature database, which combines the attack signature database, anti-virus signature database, and protocol signature database
Supporting both automatic upgrade and manual upgrade
Block, limit, TCP Reset, capture original packets, redirect, quarantine, record logs locally, send Email alarms, and report to syslog
Security policy management
Factory default security policies
User-defined security policies
Attack logs management
Attack logs query, export, and graphical reporting
Supporting SNMPv3 and compatible with SNMPv2c and SNMPv1
H3C S12500 Gigabit IPS module + one year signature database upgrade + one year virus definitions upgrade
H3C S7500E Gigabit IPS module + one year signature database upgrade + one year virus definitions upgrade
H3C S9500E Gigabit IPS module + one year signature database upgrade + one year virus definitions upgrade
H3C S5800 Series,IPS&AV Module
H3C SR8800 IPS module
H3C SR6600 Gigabit IPS module+ one year signature database upgrade + one year virus definitions upgrade
SecBlade IPS module + one year signature database upgrade + one year virus definitions upgrade
H3C SecCenter Module-IPS Manager-Software(CD)
H3C iMC SecCenter Module,IPS-D Manager,Software(CD)