|
| Producent | Huawei | | Part Number | AntiDDoS1550-AC (ANTIDDOS1550AC) |
| Specifications | Huawei AntiDDoS1550-AC DDoS protection system |
| Unit Price | 18,58 EUR |
| Minimum Order Quantity | 1 |
| Tariff No. | |
| Lead Time | |
| Weight and Dimension | |
| Description | Products Status: Stock Type: Wired VPN Support: No Brand Name: Huawei Model Number: AntiDDoS1550-AC Place of Origin: Guangdong, China (Mainland) Detecting/Cleaning performance: 5 Gbit/s Fixed interface: 4*GE RJ45, 4*GE combo Expansion slot: 2*FIC Packaging & Delivery Packaging Details: Net Dimension (mm): 867*597*205 Pack Volume(m^3): 0.106 Pack Weight (kg): 12 Delivery Detail: 3-4 weeks AntiDDoS1550 AC Host(4GE(RJ45)+4GE Combo,4G Memory,2 AC Power)AntiDDoS1550 , DDoS attacks defend System1U height ,with 4GE+4 Combo interface in default.With two expansion slots and two USB interface.Support dual AC/DC power.Over 100 kind of DDoS defend against.Max performance is 5Gbps. Product OverviewBackgroundWith the IT and network evolution, the Distributed Denial of Service (DDoS) attack has already broken away from original hacker behaviors. Instead, it forms an integral dark industry chain with overwhelming damages.Severe DDoS attacksAt present, a single DDoS attack consumes more than 100 Gbit/s bandwidth. The number of DDoS attacks is 20 times of that in 2007, and over 30,000,000 zombie hosts flood the network. Moreover, attack tools become easily available. Large numbers of botnets break off the technical threshold for DDoS attacks. A DDoS attack is launched by only three steps, namely, downloading the attack tool, purchasing zombie hosts, and initiating the attack.Traffic DDoS attacks evolve to application attacksIn the past, flood attacks were prevailing on the carrier network and infrastructure. In comparison, current DDoS attacks are specific to applications and services, such as enterprise portal applications, e-shopping, online videos, online games, DNS, and email. The targets of attacks become more extensive. A single attack consumes less traffic and fewer costs. The attack behavior becomes more complex and difficult to distinguish. This brings difficulty in detecting and defending against DDoS attacks.Service interruption adversely affects enterprise operationDDoS attacks frequently intrude into the service systems of enterprises, and severely interrupt the normal service operation. On the one hand, service interruption damages enterprises' brand images, takes away their customers, and reduces their profits, especially for small Internet enterprises on e-business, online games, and portals. On the other hand, constructing an anti-DDoS system brings intensive investment and maintenance pressure on these enterprises and deteriorates their normal service operation.DDoS attacks cause IDC customer lossIf a service system suffers from DDoS attacks, the attack traffic occupies the entire IDC bandwidth, affecting the service systems of other leasers. As a result, IDC leasers quit, competitiveness lowers, and operation costs rise. These side impacts severely deteriorate the service operation and profits.Solution OverviewDesigned for carriers, enterprises, data centers, and ICP service providers (including providers for Web portals, online games, online videos, and DNS services), Huawei anti-DDoS solution incorporates extensive experience in network security and full understanding of customer demands.Huawei anti-DDoS solution enhances defense against application-layer attacks, IPv4-IPv6 attack defense, and defense against zombies, Trojan horses, and worms. This fully ensures network security and service continuity.Product FeaturesService-based defense policyHuawei anti-DDoS solution supports continuously periodic learning and analysis on the service traffic of the Zone, draws the outline of normal service traffic, and enables differentiated defense types and policies for various services or one service in different time ranges, therefore implementing refined defense.Accurate abnormal traffic cleaningHuawei anti-DDoS solution uses the per-packet detect technology. Defense is triggered immediately by an attack. This solution applies multiple technologies, including seven-layer filtering, behavior analysis, and session monitoring, to accurately defend against various flood attacks, Web application attacks, DNS attacks, SSL DoS/DDoS attacks, and protocol stack vulnerability attacks. In this way, application servers are protected.Intelligently caching DNS trafficBesides accurately defending against various attacks on the DNS server, Huawei anti-DDoS solution supports DNS cache for improved performance under heavy DNS server traffic.Defense against prevailing zombies/Trojan horses/wormsBy spreading Trojan horses and worms to large numbers of hosts, hackers control the hosts hierarchically and form the botnet to launch attacks. Therefore, botnets breed DDoS attacks. Huawei anti-DDoS solution identifies and blocks over 200 common zombies/Trojan horses/worms worldwide, therefore smashing botnetsPerfect IPv4-IPv6 defenseIn February 2011, IANA declared that IPv4 addresses were exhausted. Enterprises have no new IPv4 addresses and begin to put IPv6 network construction into agenda. The particular IPv4-IPv6 technology of Huawei anti-DDoS solution supports concurrent defense against DDoS attacks on both IPv4 and IPv6 networks. The solution addresses the DDoS attack defense requirements in dual stack and helps users transit to the next generation network.Flexible networkingThe anti-DDoS solution must be adaptive to various network environments and address different grades of service requirements.On this basis, Huawei anti-DDoS solution provides multiple in-line and off-line deployments, which enable customers to select flexibly by their services and networks.In-line deployment: serially connects the detecting and cleaning modules to the network to be protected for direct traffic detecting and cleaning. The high-performance and multi-core hardware platform in use not only ensures the detecting and cleaning accuracy, but also minimizes the processing delay. Moreover, Huawei anti-DDoS solution provides the bypass module. When an anomaly occurs, traffic is sent to the cleaning module, which avoids introducing new failures.Off-line traffic-diversion deployment: deploys the cleaning module on the network in off-line mode. Once detecting DDoS attack traffic, the detecting and cleaning centers perform actions based on the policies configured in the management center.HighlightsEfficient and speedy: 5 Gbit/s defense performance and response within secondsHigh-performance multi-core CPU as well as dedicated anti-DDoS operating system, providing 5 Gbit/s performance.Self-learning of the service model and per-packet detect technology. Once a traffic or packet anomaly is found, the defense policy is automatically triggered.The defense latency is within two seconds.Accurate and comprehensive: “V-ISA” reputation technical to defend against hundreds of attacksParticulaer “V-ISA” reputation technical to defend against over 100 DDoS attacks, with the industry-leading defense types. Defense against over 200 zombies, Trojan horses, and worms, protecting users from hackers.IPv4/IPv6, as the first to support IPv6 attack defense.Terminal identification technology, accurately identifying illegitimate clients and ensuring zero false positive.Easy-to-use: easy management and enriched reportsUser/Service-centered management design, supporting the self-learning of the service traffic model and the automatic policy generation, and resulting in easy management.Enriched reports display attack status in multiple perspectives, such as the service traffic, attack statistics, and attack trend analysis, providing a visibility into services and threats.Self-extraction of attack fingerprints, implementing emergency defense and effectively defending against zero-day attacks.Specifications AntiDDoS1000 seriesModelAntiDDoS1520AntiDDoS1550AntiDDoS1500-DFlood defense performance3 Mpps3 Mpps3 MppsDetecting/Cleaning performance2 Gbit/s5 Gbit/s5 Gbit/s (detecting)Defense start latency≤ 2 seconds≤ 2 seconds≤ 2 secondsFixed interface4 × GE (RJ45)+4 × GE (combo)Expansion slot2 × FICExpansion interface card2 × 10GE (SFP+),2 × 10GE (SFP+)+8 × GE (RJ45),8 × 1GE (SFP),8 × 1GE (RJ45)Bypass card4 × 1 GE (RJ45),Dual-link LC/UPC multi-mode optical interface, Dual-link LC/UPC single-mode optical interfaceDimensions (H × W × D)43.6 × 442 × 560Maximum power consumption150 WIPv4 defense typesAnomaly filteringBlacklist, HTTP field-based filtering, and TCP/UDP/Other protocol load feature-based filteringProtocol vulnerability defenseDefense against IP spoofing, LAND, Fraggle, Smurf, WinNuke, Ping of Death, Tear Drop, IP Option, IP fragment control packet, TCP label validity check, large ICMP control packet, ICMP redirect control packet, and ICMP unreachable control packet attacksTransport-layer attack defenseDefense against SYN flood, ACK flood, SYN-ACK flood, FIN/RST flood, TCP fragment flood, UDP flood, UDP fragment flood, and ICMP flood attacksScanning and sniffing attack defenseDefense against port scanning, address scanning, Tracert control packet, IP Option, IP timestamp, and IP routing record attacksDNS attack defenseDefense against forged source DNS query flood attacks, real source DNS query flood attacks, DNS reply flood attacks, DNS cache poisoning attacks, DNS protocol vulnerability attacks, and fast flux botnetWeb attack defenseDefense against HTTP get/post flood attacks, CC attacks, HTTP slow header/post attacks, HTTPS flood attacks, SSL DoS/DDoS attacks, TCP connection attacks, Sockstress attacks, TCP retransmission attacks, and TCP null connection attacksVoIP attack defenseDefense against SIP flood attacksZombie/Trojan horse/Worm attack defenseDefense against over 200 zombies, Trojan horses, and worms, such as LOIC, HOIC, Slowloris, Pyloris, HttpDosTool, Slowhttptest, and Thc-ssl-dosIPv6 defense typesIPv6 defense typesDefense against ICMP fragment attacks, blacklist, HTTP field-based filtering, TCP/UDP/Other protocol load feature-based filtering, SYN flood attacks, ACK flood attacks, SYN-ACK flood attacks, FIN/RST flood attacks, TCP fragment flood attacks, UDP flood attacks, UDP fragment flood attacks, ICMP flood attacks, Forged source DNS query flood attacks, real source DNS query flood attacks, DNS reply flood attacks, DNS cache poisoning attacks, DNS protocol vulnerability attacks, fast flux botnet, HTTP get/post flood attacks, CC attacks, HTTP slow header/post flood attacks, HTTPS flood attacks, SSL DoS/DDoS attacks, TCP connection attacks, Sockstress attacks, TCP retransmission attacks, TCP null connection attacks, and SIP flood attacksIPv4/IPv6 dual-stack attack defenseSupported Ordering Information Basic configurations of the AntiDDoS1500-DAntiDDoS1500D-ACAntiDDoS1500 D-SUBZ31UAH-AMS1500-D AC Host, with HS General Security Platform SoftwareAlternativeAntiDDoS1500D-DCAntiDDoS1500 D-SUBZ31UDH-AMS1500-D DC Host, with HS General Security Platform SoftwareBasic configurations of the AntiDDoS1520AntiDDoS1520-ACAntiDDoS1520-SUBZ11UAH-AMS1520 AC Host, with HS General Security Platform SoftwareAlternativeAntiDDoS1520-DCAntiDDoS1520-SUBZ11UDH-AMS1520 DC Host, with HS General Security Platform SoftwareBasic configurations of the AntiDDoS1550AntiDDoS1550-ACAntiDDoS1550-SUBZ21UAH-AMS1550 AC Host, with HS General Security Platform SoftwareAlternativeAntiDDoS1550-DCAntiDDoS1550-SUBZ21UDH-AMS1550 DC Host, with HS General Security Platform SoftwareInterface modules of the AntiDDoS seriesFIC-2SFP+&8GE2 x 10GE optical interface card+8 GE electrical interface card, with HS General Security Platform SoftwareOptionalFIC-8GE8 GE electrical interface card, with HS General Security Platform SoftwareOptionalFIC-2SFP+2 x 10GE optical FIC, with HS General Security Platform SoftwareOptionalFIC-8SFP8 GE optical FIC, with HS General Security Platform SoftwareOptionalFIC-8SFP8 GE optical FIC, with HS General Security Platform SoftwareOptionalFIC-2LINE-M-BYPASS2 Link LC/UPC Multimode Optical Interface Bypass Protect Card, with HS General Security Platform SoftwareOptionalFIC-2LINE-S-BYPASS2 Link LC/UPC Single mode Optical Interface Bypass Protect Card ,with HS General Security Platform SoftwareOptionalAnti-DDoS componentsADSCT001WIN01Windows Chinese Platform(AC PC Server, Hard Disk, Microsoft Windows Server and Patches, Chinese),Including OS LicenseOptionalADSCT001WIN03Windows Chinese Platform(DC PC Server, Hard Disk, Microsoft Windows Server and Patches, Chinese),Including OS LicenseOptionalNS19MKM00KB&Mouse, Monitor 19-Inch TFT LCDOptionalAnti-DDoS management centerLIC-ADS-NOFA00ATIC Basic Feature Summary, with HS General Security Platform Software |
| Datasheets | |
E-shop Coming Soon
 | |
E-shop Coming Soon
| |
Related Parts
| |
|
