USG6525E-AC Specification |
| Description | USG6525E AC Host (2*10GE (SFP+) + 8*GE Combo + 2*GE WAN, AC power) |
| Dimensions (H x W x D) mm | 43.6 x 442 x 420 |
| Form Factor/Height | 1U |
| Fixed Interface | 2 x 10GE (SFP+) + 8 x GE Combo + 2 x GE WAN |
| Dedicated management port | Yes |
| USB Port | 1 x USB 2.0 + 1 x USB 3.0 |
| Weight (Full Configuration) | 5.8 kg |
| External Storage | Optional, SSD (M.2) card supported, 64 GB/240 GB |
| AC Power Supply | 100V to 240V |
| Typical power consumption of the machine | 35 W |
| Power Supplies | Single AC power supply; optional dual AC power supplies |
| Operating Environment (Temperature/Humidity) | Temperature: 0°C to 45°C Humidity: 5% to 95%, non-condensing |
| Non-operating Environment | Temperature: -40°C to +70°C Humidity: 5% to 95%, non-condensing |
| Firewall Throughput1 (1518/512/64-byte, UDP) | 2/2/2 Gbit/s |
| Firewall Latency (64-byte, UDP) | 18 µs |
| FW + SA + IPS Throughput2 | 1.5 Gbit/s |
| FW + SA + IPS + Antivirus Throughput2 | 1.5 Gbit/s |
| Concurrent Sessions (HTTP1.1)1 | 3,000,000 |
| New Sessions/Second (HTTP1.1)1 | 70,000 |
| Maximum IPsec VPN Tunnels (GW to GW) | 4,000 |
| Maximum IPsec VPN Tunnels (Client to GW) | 4,000 |
| IPsec VPN Throughput1 (AES-256 + SHA256, 1420-byte) | 2 Gbit/s |
| SSL Inspection Throughput3 | 300 Mbit/s |
| Concurrent SSL VPN Users (Default/Maximum) | 100/500 |
| Security Policies (Maximum) | 15,000 |
| Virtual Firewalls | 50 |
| URL Filtering: Categories | More than 130 |
| URL Filtering: URLs | A database of over 120 million URLs in the cloud |
| Automated Threat Feedback and IPS Signature Updates | Yes |
Third-Party and Open-Source Ecosystem | Open API for integration with third-party products, providing
RESTful and NetConf interfaces Other third-part management software based on SNMP, SSH, and Syslog Cooperation with third-party tools, such as Tufin, AlgoSec and
FireMon Collaboration with anti-APT solution |
| Centralized Management | Centralized configuration, logging, monitoring, and reporting is
performed by Huawei eSight and eLog |
| VLANs (Maximum) | 4094 |
| VLANIF Interfaces (Maximum) | 1024 |
1. The performance is tested under ideal conditions based on
RFC2544 and RFC3511. The actual result may vary with deployment
environments. 2. The Antivirus, IPS, and SA performance is measured using 100 KB
HTTP files. 3. SSL inspection throughput is measured with IPS enabled and HTTPS
traffic using TLS v1.2 with AES128-GCM-SHA256. *SA: indicates service awareness. |
| Local Storage | Optional, SSD (M.2) card supported, 64 GB/240 GB |
| Integrated Protection | Provides firewall, VPN, intrusion prevention, antivirus, data leak
prevention, bandwidth management, anti-DDoS, URL filtering, and
anti-spam functions. |
| Application Identification and Control | Identifies more than 6,000 applications with the access control
granularity to application functions, for example, distinguishing
between WeChat text and voice. Combines application identification
with intrusion detection, antivirus, and data filtering, improving
detection performance and accuracy. |
| Bandwidth Management | Manages per-user and per-IP bandwidth in addition to identifying
service applications to ensure the network access experience of key
services and users. Control methods include limiting the maximum
bandwidth, ensuring the minimum bandwidth, applying PBR, and
changing application forwarding priorities. |
| Intrusion Prevention and Web Protection | Obtains the latest threat information in a timely manner for
accurate detection and defense against vulnerability-based attacks.
The device can defend against web-specific attacks, including SQL
injection and XSS attacks. |
| AAPT | Interworks with the local or cloud sandbox to detect and block
malicious files.
Encrypted traffic does not need to be decrypted. It can associate
with the big data analysis platform CIS to detect threats in
encrypted traffic.
It proactively responds to malicious scanning behavior and
associates with the CIS for behavior analysis to quickly detect and
record malicious behavior, protecting enterprise against threats in
real time. |
| Cloud Management Mode | Initiates authentication and registration to the cloud management
platform to implement plug-and-play and simplify network creation
and deployment.
Remote service configuration management, device monitoring, and
fault management are used to implement cloud-based management of
mass devices. |
| Cloud Application Security Awareness | Controls enterprise cloud applications in a refined and
differentiated manner to meet enterprises’ requirements for cloud
application management. |
