Huawei AntiDDoS8000 DDoS Protection Systems

Terabitowa platforma chroniąca przed atakami DDoS

    Zapytaj o

    Huawei AntiDDoS8000 DDoS Protection Systems

    Opis produktu Huawei AntiDDoS8000 DDoS Protection Systems

    • Terabit-level anti-DDoS: 1.44 Tbit/s protection performance, second-level attack response
    • Precise anti-DDoS: 60+ traffic models, defense against 100+ types of DDoS attacks
    • Value-added operation: 100,000 tenants, differentiated operation, self-service portal for tenants

    Huawei AntiDDoS8000 employs big data analysis to conduct modeling for 60+ types of traffic, offering terabit-level protection, second-level response, and comprehensive defense against 100+ types of attacks. It works with Huawei cloud cleaning center to deliver layered cleaning, providing full-fledged protection that covers network link bandwidths and online services.

    Specyfikacja techniczna

    ModelAntiDDoS8030AntiDDoS8080AntiDDoS8160
    ThroughputUp to 120 Gbit/sUp to 720 Gbit/sUp to 1,440 Gbit/s
    Throughput/slotUp to 80 Gbit/sUp to 160 Gbit/sUp to 160 Gbit/s
    Mitigation rate/slotUp to 60 MppsUp to 60 MppsUp to 60 Mpps
    Latency80 μs80 μs80 μs
    Expansion slot3816
    Expansion LPUFW-LPUF-120, 2 sub-slotsFW-LPUF-120, 2 sub-slots
    FW-LPUF-240, 2 sub-slots
    FW-LPUF-120, 2 sub-slots
    FW-LPUF-240, 2 sub-slots
    Expansion interfaces24 x GE (SFP); 5 x 10 GE (SFP+); 6 x 10 GE (SFP+); 12 x 10 GE (SFP+); 1 x 40 GE (CFP); 1 x 100 GE (CFP)
    Height x Width x DepthDC: 175 mm x 442 mm × 650 mm (4U)
    AC: 220 mm x 442 mm x 650 mm (5U)
    620 mm x 442 mm x 650 mm (14U)1,420 mm x 442 mm x 650 mm (32U)
    Defense against protocol abuse attacks
    Defense against Land, Fraggle, Smurf, WinNuke, Ping of Death, Teardrop, and TCP error flag attacks
    Web application protection
    Defense against HTTP GET flood, HTTP POST flood, HTTP slow header, HTTP slow post, HTTPS flood, SSL DoS/DDoS, WordPress reflection amplification, RUDY, and LOIC attacks; packet validity check
    Defense against scanning and sniffing attacks
    Defense against address and port scanning attacks, and attacks using Tracert packets and IP options, such as IP source route,  timestamp, and record route
    DNS application protection
    Defense against DNS query flood, DNS reply flood, and DNS cache poisoning attacks; source limit
    Defense against network-type attacks
    Defense against SYN flood, SYN-ACK flood, ACK flood, FIN flood, RST flood, TCP fragment flood, UDP flood, UDP fragment flood, IP flood, ICMP flood, TCP connection flood, sockstress, TCP retransmission, and TCP empty connection attacks
    SIP application protection
    Defense against SIP flood/SIP methods flood attacks, including Register, Deregistration, Authentication, and Call flood attacks; source limit
    Defense against UDP-based reflection amplification attacks
    Defense against NTP, DNS, SSDP, Chargen, TFTP, SNMP, NetBIOS, QOTD, Quake Network Protocol, Portmapper, Microsoft SQL Resolution Service, RIPv1, and Steam
    Protocol reflection amplification attacks
    Filter
    IP, TCP, UDP, ICMP, DNS, SIP, and HTTP packet filters
    Location-based filtering
    Traffic block or limit based on the source IP address location
    Attack signature database
    RUDY, slowhttptest, slowloris, LOIC, AnonCannon, RefRef, ApacheKill, and ApacheBench attack signature databases; automatic weekly update of these signature databases
    IP reputation
    Tracking of most active 5 million zombies and automatic daily update of the IP reputation database to rapidly block attacks; local access IP reputation learning to create dynamic IP reputation based on local service sessions, rapidly forward service access traffic, and enhance user experience


    Inni przeczytali także: