-
Huawei HiSecEngine USG6510E and USG6530E are new-generation
desktop firewalls designed
for small enterprises, industry branches, and chain business
organizations. In addition to the
traditional firewall management mode, the cloud-based management
mode is supported. The
cloud-based management mode provides plug-and-play, automated
service configuration,
automated and visualized O&M, and big data analytics for a
large number of branches to
access the network securely. The Huawei-proprietary network
processing chip provides pattern
matching and encryption/decryption service processing
acceleration capabilities, which greatly
improve the performance for firewalls to process content
security detection and IPSec services.
HUAWEI HiSecEngine USG6500E Series Firewalls (Desktop)
Product Appearances
HiSecEngine USG6500E Series (Desktop)
-
Product HighlightsComprehensive and integrated protection•
Integrates the traditional firewall,VPN,
intrusionprevention,antivirus,data leakprevention,
bandwidthmanagement,andonlinebehaviormanagementfunctionsallinonedevice.•
Providesrefinedbandwidthmanagementandguaranteesbandwidthforkeyservicesbasedon
applicationsandwebsitecategories,sothatkeyservicescanbepreferentiallyforwarded.
Quick deployment, simple O&M, and cloud-based management•
Initiatesauthenticationandregistrationtothecloud-basedmanagementplatformtoimplement
plug-and-playandsimplifynetworkcreationanddeployment.• Uses
remoteserviceconfigurationmanagement,devicemonitoring,and
faultmanagement,
implementingcloud-basedmanagementofmassdevicesandsimplifyingO&M.
Chip-based performance improvement• Uses
theHuawei-proprietarynetworkprocessing chip, improving
forwardingperformance
significantly.• Enables
chip-levelpatternmatchingandacceleratesencryption/decryption,
improving the
performanceforprocessingIPS,antivirus,andIPSecservices.
DeploymentCloud-based management• Firewalls canproactively
registerwithandbequickly incorporated into the cloud-based
managementplatformtoimplementquickdevicedeploymentwithoutmanualattendance.•
Remoteserviceconfigurationmanagement,devicemonitoring,andfaultmanagementareused
toimplementcloud-basedmanagementofmassdevicesandsimplifyO&M.
Enterprise HQ
Huawei Public Cloud
Enterprise Branch
Internet
......
-
Access to enterprise networks• Thedevices
supportUSB-baseddeployment, simplifyingdevicedeployment.
Centralized
managementissupportedtoreducedeviceO&Mcosts.•
IPSecVPNensuresaccesssecurity. IPSec
intelligentuplinkselectionautomaticallydetects link
qualityandperformsintelligenttunnelswitchingtoensureservicecontinuity.•
Thedevices canworkwith theAgileController to formabranchaccess
security solution
thatprovides services suchasuserauthenticationandportal
customization.This
solutionimplementsunifiedauthentication,unifiedO&M,andunified
logmanagement.Centralizedservicemanagementeasesthedifficultyofmanagingbranchofficeswhileallowingforplatformcustomizationforbranchestoperformtargetedmarketing.
AC NMS LogCenter
Customer devices Customer devices
AAA
Branch
Outlet Outlet
IPSec VPN
......
Internet
-
Software Features
Feature Description
IntegratedprotectionIntegrates firewall,VPN,
intrusionprevention,antivirus,data
leakprevention,bandwidthmanagement, andURL filtering functions;
provides a
globalconfigurationviewandintegratedpolicymanagement.
Applicationidentificationandcontrol
Identifies commonapplications;
supportsapplication-specificaccess control;combinesapplication
identificationwith
intrusiondetection,antivirus,anddatafiltering,improvingdetectionperformanceandaccuracy.
Cloud-basedmanagementmode
Initiatesauthenticationandregistrationtothecloud-basedmanagementplatformtoimplementplug-and-playandsimplifynetworkcreationanddeployment.Supportsremoteserviceconfiguration,devicemonitoring,andfaultmanagement,implementingthemanagementofmassdevicesinthecloud.
Cloudapplicationsecurityawareness
Controlsenterprisecloudapplications
inarefinedanddifferentiatedmannertomeetenterprises'requirementsforcloudapplicationmanagement.
Intrusionpreventionandwebprotection
Accuratelydetectsanddefendsagainstvulnerability-specificattacksbasedonup-to-datethreat
information.Thefirewallcandefendagainstweb-specificattacks,includingSQLinjectionandXSSattacks.
AntivirusRapidlydetectsover5milliontypesofvirusesbasedonthedaily-updatedvirussignaturedatabase.
Dataleakprevention(DLP)
Inspectsfilestoidentifythefiletypes,suchasWORD,EXCEL,POWERPOINT,andPDF,basedonfilecontent,andfiltersthefilecontent.
Bandwidthmanagement
Managesper-user andper-IPbandwidth in addition to identifying
serviceapplicationstoensurethenetworkaccessexperienceofkeyservicesandusers.Controlmethodsincludelimitingthemaximumbandwidth,ensuringtheminimumbandwidth,andchangingapplicationforwardingpriorities.
URLfiltering
ProvidesaURLcategorydatabasewithover120millionURLsandacceleratesaccesstospecificcategoriesofwebsites,improvingaccessexperienceofhigh-prioritywebsites.SupportsDNSfiltering,inwhichaccessedwebpagesarefilteredbasedondomainnames.Supports
theSafeSearchfunctiontofilter
resourcesofsearchengines,suchasGoogle,toguaranteeaccesstoonlyhealthynetworkresources.
Behaviorandcontentaudit
Auditsandtracesthesourcesoftheaccessedcontentbasedonusers.
Loadbalancing
Supportslinkloadbalancingtomakefulluseofexistingnetworkresources.
Intelligentuplinkselection
Supportsservice-specificPBRand
intelligentuplinkselectionbasedonmultipleloadbalancingalgorithms(forexample,basedonbandwidthratioandlinkhealthstatus)inmulti-egressscenarios.
VPNencryptionSupportsmultiplehighlyavailableVPNfeatures,suchasIPSecVPN,SSLVPN,L2TPVPN,andGRE,andprovidestheHuawei-proprietaryVPNclientSecoClientforSSLVPN,L2TPVPN,andL2TPoverIPSecVPNremoteaccess.
DSVPNDynamicsmartVPNestablishesVPNtunnelsbetweenbrancheswhosepublicaddressesaredynamicallychanged,reducingthenetworkingandO&Mcostsofthebranches.
-
Feature Description
SSL-encryptedtrafficdetection
DetectsanddefendsagainstthreatsinSSL-encryptedtrafficusingapplication-layerprotectionmethods,suchasintrusionprevention,antivirus,datafiltering,andURLfiltering.
UserauthenticationSupportsmultiple user authenticationmethods,
including local,
RADIUS,HWTACACS,AD,andLDAP;supportsbuilt-inPortalandPortalredirectionfunctions;workswiththeAgileControllertoimplementmultipleauthenticationmodes.
SecurityvirtualizationSupportsvirtualizationofmultiple
typesofsecurityservices,
includingfirewall,intrusionprevention,antivirus,andVPN.Userscanseparatelyconductpersonalmanagementonthesamephysicaldevice.
PolicyManagement
Managesandcontrols trafficbasedonVLAN IDs,quintuples,
securityzones,regions,applications,URLcategories,andtimeranges,andimplementsintegratedcontentsecuritydetection.Providespredefinedcommon-scenariodefense
templates to
facilitatesecuritypolicydeployment.Providessecuritypolicymanagementsolutions
inpartnershipwithFireMonandAlgoSectoreduceO&Mcostsandpotentialfaults.
Diversifiedreports
Providesvisualizedandmulti-dimensional
reportdisplaybyuser,application,content,time,traffic,threat,andURL.
Generatesnetwork security analysis reportson theHuawei security
centerplatformtoevaluatethecurrentnetworksecuritystatusandprovideoptimizationsuggestions.
RoutingSupportsmultipletypesofroutingprotocolsandfeatures,suchasRIP,OSPF,BGP,IS-IS,RIPng,OSPFv3,BGP4+,andIPv6IS-IS.
Deploymentmode
Supportstransparent,routing,andhybridworkingmodes.
1.TheHiSecEngineUSG6510Esupportsthedetectionof2millionviruses.
Model USG6510E USG6530E
FirewallThroughput1
(1518/512/64-byte,UDP)1.2/1.2/1.2Gbit/s 4/4/4Gbit/s
FirewallLatency(64-byte,UDP) 15µs 18µs
FW+SA+IPSThroughput2 0.6Gbit/s 1.5Gbit/s
FW+SA+IPS+AntivirusThroughput2 0.6Gbit/s 1.5Gbit/s
ConcurrentSessions(HTTP1.1)1 300,000 500,000
NewSessions/Second(HTTP1.1)1 20,000 30,000
IPsecVPNThroughput1(AES-256+SHA256,1420-byte)
1Gbit/s 3Gbit/s
SpecificationsSystem Performance and Capacity
-
Model USG6510E USG6530E
Dimensions(HxWxD)mm 43.6x250x210
FormFactor/Height Desktop
FixedInterface 2xGE(SFP)+10xGE 2x10GE(SFP+)+10xGE
USBPort 1xUSB3.0
Weight(FullConfiguration) 1.5kg
ExternalStorage Optional,Micro-SDcardsupported,64GB/128GB
ACPowerSupply 100Vto240V
Power 36W
PowerSupplies Externalpoweradapter
Hardware Specifications
1.TheperformanceistestedunderidealconditionsbasedonRFC2544andRFC3511.Theactualresultmayvarywithdeploymentenvironments.
2.TheAntivirus,IPS,andSAperformanceismeasuredusing100KBHTTPfiles.3.SSLinspectionthroughputismeasuredwithIPSenabledandHTTPStrafficusingTLSv1.2withAES128-GCM-SHA256.*SA:indicatesserviceawareness.
Model USG6510E USG6530E
SSLInspectionThroughput3 200Mbit/s 300Mbit/s
ConcurrentSSLVPNUsers(Default/Maximum)
100/100 100/500
SecurityPolicies(Maximum) 1,000 3,000
VirtualFirewalls 10 20
URLFiltering:Categories Morethan130
URLFiltering:URLs Adatabaseofover120millionURLsinthecloud
AutomatedThreatFeedbackandIPSSignatureUpdates
Yes,anindustry-leadingsecuritycenterfromHuawei(http://sec.huawei.com/sec/web/index.do)
Third-PartyandOpen-SourceEcosystem
OpenAPIforintegrationwiththird-partyproducts,providingRESTfulandNetConfinterfacesOtherthird-partymanagementsoftwarebasedonSNMP,SSH,andSyslogCooperationwiththird-partytools,suchasTufin,AlgoSec,andFireMonCollaborationwithanti-APTsolution
CentralizedManagementCentralizedconfiguration,logging,monitoring,andreportingisperformedbyHuaweieSightandeLog.
VLANs(Maximum) 4094
VLANIFInterfaces(Maximum) 256 1024
-
GENERAL DISCLAIMERThe information in this document may contain
predictive statement including, without limitation, statements
regarding the future financial and operating results, future
product portfolios, new technologies, etc. There are a number of
factors that could cause actual results and developments to differ
materially from those expressed or implied in the predictive
statements. Therefore, such information is provided for reference
purpose only and constitutes neither an offer nor an acceptance.
Huawei may change the information at any time without
notice.Copyright © 2019 HUAWEI TECHNOLOGIES CO., LTD. All Rights
Reserved.
Ordering Information
Product Model Description
USG6510E
USG6510E-ACUSG6510EACHost(2*GE(SFP)+10*GE,withAC/DCAdapter)
USG6530E
USG6530E-ACUSG6530EACHost(2*10GE(SFP+)+10*GE,withAC/DCAdapter)
Function License
SSLVPNConcurrentUsers
LIC-USG6KE-SSLVPN-100
QuantityofSSLVPNConcurrentUsers(100Users)
LIC-USG6KE-SSLVPN-200
QuantityofSSLVPNConcurrentUsers(200Users)
LIC-USG6KE-SSLVPN-500
QuantityofSSLVPNConcurrentUsers(500Users)
NGFW License
ThreatProtectionBundle(IPS,AV,URL)
LIC-USG6510E-TP-1YThreatProtectionSubscription12Months(AppliestoUSG6510E)
LIC-USG6510E-TP-3YThreat Protection Subscription36Months
(Applies toUSG6510E)
LIC-USG6530E-TP-1YThreatProtectionSubscription12Months(AppliestoUSG6530E)
LIC-USG6530E-TP-3YThreat Protection Subscription36Months
(Applies toUSG6530E)
CloudSandboxInspection
LIC-USG6530E-CS-1Y
CloudSandboxInspection12Months(AppliestoUSG6530E)
LIC-USG6530E-CS-3Y
CloudSandboxInspection36Months(AppliestoUSG6530E)
N1 License
Foundationpackagefunction
N1-USG6510E-F-Lic N1-USG6510EFoundation,PerDevice
N1-USG6530E-F-Lic N1-USG6530EFoundation,PerDevice
Model USG6510E USG6530E
OperatingEnvironment(Temperature/Humidity)
Temperature:0°Cto45°C;Humidity:5%to95%,non-condensing;
Non-operatingEnvironmentTemperature:-40°Cto+70°CHumidity:5%to95%,non-condensing;
