secospace usg5300

8/9/2019 Secospace USG5300

1/6

Secospace USG5300

Secospace USG5300


2/6


3/6

Secospace USG5300

access, which provede the orwarding rate hight-speed and

low delay. In addition, this per ormance advantage enables

the USG5300 to efectively process burst and attack tra c. The

USG5300 can ully meet customers' requirements or high-

speed bandwidth increase.

Super-Capacity VPN

With the service extension, the number o branches and

employees on business trips increases, imposing more

requirements or encrypted data transmission. The USG5300

series supports the L2TP, GRE, and IPSec VPN unctions,

acilitating lexible selection and con iguration. Based on its

advanced hardware architecture, the USG5300 series provides

high VPN per ormance and 15000 VPN tunnels, reeing

users rom worries about the per ormance o encrypted

data transmission. The data o various network applications,

including the heavy-tra ic applications o video and audio,

can be transmitted at a high speed in the encrypted tunnel,

enabling users to experience the encrypted data transmission

o the Gbps level.

Note: The VPN unction is optional. Customers can purchase related license to

apply this unction.

Power ul DDoS De ense

Protecting key network services against DDoS attacks is a vital

security problem or organization-level users. With the large

number o new connections per second, the USG5300 series

de ends against DDoS attacks at a speed o up to millions

o packets per second, providing e ective DDoS de ense

or users' service systems. Based on its power ul protocol

analysis capability, the USG5300 series accurately identi ies

and controls many DDoS attacks such as SYN ood, UDP ood,

ICMP ood, DNS ood, and CC attacks, and also identi es and

de ends against worm-in ected tra c. In addition, integrating

Huawei Symantec-proprietary ICA, the USG5300 series

precisely identi es DDoS tra c without afecting users' access,

and provides genuine security protection on complicated

networks. All these demonstrate the USG5300 series an

industry-leading DDoS de ense device.

Accurate P2P Trafc Control

P2P tra ic, a broadband killer, interrupts the service

applications o organizations and has been the top concern

o most organizations. P2P tra ic control has been a hard

practice due to the protocol lexibility. The USG5300 series,

based on the power ul network protocol analysis capability o

Huawei Symantec, precisely identi ies up to 50 types o P2P

tra c. The USG5300 series supports the upgrade o the library,

and the number o protocols that can be identi ed increases

with the upgrade. In so doing, the USG5300 series controls the

P2P tra c o abundant protocols at a speed o the Kbps level.

Moreover, the USG5300 series controls P2P tra c in diferent

modes such as single user-based control, group-based control,

and global control, which e ectively sa eguards bandwidth

resources, helps users plan network tra c, and enhances the

application values o users' networks.

Leading UTM FunctionsIPS Intrusion Detection

Using Symantec's advanced IPS detection engine, IPS

Intrusion Detection untion can provide e cient and accurate

scanning capability o the network packet, Any IPS evasion

and deception techniques can also be accurately identi ied.

With advanced so tware and hardware plat orms and a rich

signature library, USG5300 series uni ed security gateway can

rapidly and accurately identi y the application layer attacks that

mixed in the normal low. Symantec's global deployment o

honeypot systems can catch the latest attacks, worms, Trojans,

other threats and extract the signatures o those threats at the

irst time, and timely provided updates or USG5300 series.

USG5300 series uni ed security gateway will have the zero-day

attack de ense capability.

Anti-Virus Anti-Virus

Using Symantec's advanced virus detection engine, Anti-Virus

unction provide high e ciency and precise antivirus ability or

hidden viruses in the network tra c. Advanced so tware and

hardware plat orms and a rich Accessible Virus library make

USG5300 series uni ed security gateway unique advantages in

antivirus unique advantages, For compression shelling other

techniques to evade detection. USG5300 series uni ed security

gateway can also have power ul process ability.

Symantec's global distribution network o analysis virus

monitoring, and pro essional team o the virus, USG5300


4/6

Secospace USG5300

series o uni ed security gateways can obtain the latest virus

signatures and the latest anti-virus engines timely. USG5300

series uni ied security gateway can keep high e iciency and

precise antivirus ability.

URL Filtering

Using advanced matching engine, URL iltering unction

greatly shortens the URLs match time, and makes the URL

iltering more e icient. Huge URL classi ication database

and power ul URL classi ication capability make URL iltering

unction more accurate. Flexible security policy makes URL

iltering unction apply to more scenarios. Friendly, easy

con guration, which greatly improved URL ltering unction's

usability. All o above eatures make USG5300 series uni ied

security gateway provides power ul unction and easy

operation and maintenance at the same time.

Eco- riendly Experience"High per ormance and low power consumption" has been

a compulsive speci ication that guides the design o the

USG5300 series. The design o multiple parts is optimized or

lower power consumption. The power consumption o the

USG5300 series is only a quarter that o similar products, which

reduces the maintenance costs to a large extent.

The USG5300 series strictly ollows the Restriction o the use

o certain Hazardous substances in Electrical and Electronic

Equipment (RoHS) released by the European Union, and is

made o nuisance- and pollution- ree environmental materials,

bringing Eco- riendly user experience.

Typical Application

Typical networking diagram o the USG5300

Link aggregation

F i r e w a l l V P N I P S A n t i - v i r u s

U R L f i l t e r i n g

VPN tunnel

Key service system

USG2000

USG2000

USG5300

Remote userIPSec VPN

BranchIPSec VPN

SOHOIPSec or L2TP VPN

IntranetOnline behavior management

Data center

Internet


5/6

Secospace USG5300

Product Specifcations

Model USG5310 USG5320 USG5330 USG5350 USG5360Firewall Maximum throughput 1.5 Gbps 2 Gbps 4 Gbps 6 Gbps 8 Gbps

IPS Goodput (UDP) 600Mbps 800Mbps 1Gbps 1.3Gbps 1.5Gbps

AV Goodput 60Mbps 80Mbps 100Mbps 130Mbps 150Mbps

URL Filtering Support Support Support Support Support

Connections per second 50,000 60,000 80,000 100,000 150,000

Number o concurrent connections 1,600,000 1,600,000 1,600,000 2,000,000 2,000,000

Maximum VPN throughput 1 Gbps 2 Gbps 4 Gbps 5 Gbps 6 Gbps

Number o VPN tunnels 15,000 15,000 15,000 15,000 15,000

Maximum number o ACL rules 30,000 30,000 30,000 30,000 30,000

Maximum GTP throughput 1.5 Gbps 2 Gbps 4 Gbps 6 Gbps 8 Gbps

Maximum number o GTP tunnels 200,000 200,000 200,000 200,000 200,000

Maximum number o virtual rewalls 100 100 100 100 100

Fixed inter ace4 GE optical and electrical (mutually exclusive) inter aces1 console port2 USB inter aces

Number o extension slots 2

Type o extension modules4FE (10/100M) inter ace module2GE optical and electrical inter ace module

4GE inter ace module

Dimensions (mm) (WDH) 43656044.2

Weight 10 kg

Input voltageAC: 100 V to 240 V

DC: -48 V to -60 V

Maximum/Average power 100/75 W

Mean Time Between Failures (MTBF) 37.54 years


6/6

Secospace USG5300

The in ormation contained in this document is or re erence purpose only, do not constitute the warranty o any kind, experss or implied. It is

subject to change or withdrawal according to speci c customer requirements and conditions.

All the trademarks, pictures, and brands mentioned in this document are the property o Huawei Symantec Technologies Co., Ltd or their

respective holders.

Copyright 2010 Huawei Symantec Technologies Co., Ltd. All rights reserved.

Version No.: M3-110019999-20100120-V-1.0

Secospace USG5300

secospace usg5300

Documents