2 x 10GE SFP slots, 10 x GE RJ45 ports including 1 x MGMT port, 1 X HA port, 8 x switch ports, 8 x GE SFP slots, SPU NP6 and CP9 hardware accelerated and Centralized log analysis appliance - 2 x GE RJ45, 4TB storage, up to 100GB/Day of logs.
Other Specifications Download Specification | |
---|---|
Minimum 4 X 10/100/1000BaseTx (Scalable Upto 8 X 10/100/1000BaseTx) | Yes |
Prevention Of Denial-Of-Service Attacks | Yes |
More Than 100000 Concurrent Sessions And A Minimum Connection Establishment Rate Of 10000 Connections Per Second | Yes |
Filter Packets Based On Protocol And Source And Destination Address And Source And Destination Ports And Interface Of The Firewall That The Packet Entered. | Yes |
Enabled URL Filtering | Yes |
Support IDS And IPS Types Of Analysis | Yes |
Proxy Operations At A Minimum And Be Operable On The Content Of SMTP And FTP And HTTP Protocol Traffic. | Yes |
Integration With Any Standard URL Filtering Solution | Yes |
Network Address Translation. | Yes |
Dual Stack IPv4 / IPv6 Firewall | Yes |
IPv6 Routing With Support For RIPng And BFD / BGP For IPv6 And ICMPv6 And OSPFv3 And IPv6 NAT64 For Translation Of IPv6 Packets To IPv4 Packets And Vice Versa | Yes |
Log Different Type Of Events Viz. Traffic Allowed And Denied Etc. In Syslog Format. Filters Shall Allow Viewing Different Events Based On IP Address And Network Numbers And Connection Types And Domain Names And Date And Time Etc. Security Management Software For The Same Shall Also Be Provided. | Yes |
Facility To Query The Logs And Display The Appropriate Results. | Yes |
Change In Rule File Require Rebooting Of Firewall | No |
Internal Redundant Power Supplies | Yes |
Throughput | minimum 2 / 5 Gbps with real world / IMIX traffic |
IPV6 Enabled From Day One | Yes |
IPv4 And IPV6 Dual Stakes | Yes |
Real Time Intrusion Detection And Prevention. | Yes |
Anomaly Detection And Prevention Support | Yes |
Monitor And Block IP Fragmentation Attacks | Yes |
Support Following Attack Response Mechanisms- Drop Connection And Close Connection Session Packet Log And Session Summary And Email Custom Session | Yes |
Support Creation Of Custom Signature | Yes |
Support Compound Attacks Prevention With A Combination Of Stateful Signatures And Protocol Anomalies | Yes |
Block Only The Attack Sessions Without Effecting Service To Legitimate Clients Or Similar Feature | Yes |
Support Layer 2 Transparent Mode That Can Be Deployed In Active/Active Chassis Cluster Configurations | Yes |
The Feature To Define A Centralized Management System For All Device Configuration And Management And Reporting. | Yes |
Provide Comprehensive Logs And Security Events Reports | Yes |
Vendor Requirement | vendor must have a track record of continuous improvement in threat detection and completed NSS Labs NGFW Methodology testing with a minimum exploit blocking rate which should be recommended by NSS Lab.Must support site to site VPN using IPSec |