Need Help?

USG9500 Data Center Firewall

World’s fastest data center firewall ensures secure services for large data centers, cloud computing environments, and enterprise campus networks. Integrated switching, routing, and security enable smooth upgrades, easy virtualization, and terabit-level processing capability – all with carrier-grade reliability in a compact, space-saving form factor.

NP + multi-core + distributed architecture integrates security, virtualization, and comprehensive service awareness with continuous database updates to optimize protection.

Minimize security risks, ensure ongoing protection, and reduce TCO with Huawei’s NSS-tested data center firewall.

Slash TCO and get ongoing, industry-leading security, high availability, terabit-level processing, and top performance with the world’s fastest data center firewall.

  • Integrated device provides up to 1.44 Tbit/s throughput and supports up to 1.44 billion concurrent sessions, delivering an industry-leading 160 Gbit/s Stream Processing Units (SPUs) while saving 75% of rack space
  • Integrates multiple services and provides traditional functions (such as NAT, VPN, IPS, and anti-DDoS) and enhanced functions (such as service awareness, virtualization, and IPv6 security) to significantly reduce TCO
  • Dual-MPU, hot standby, and load balancing ensure 99.999% uptime availability. Hot-swappable components enable online upgrades and capacity expansion without service interruption
  • The first Terabit, next-generation firewall to be tested by the NSS, the USG9500 is currently the world’s fastest firewall

Specifications

Product

USG9520

USG9560

USG9580

Expansion Slots

3

8

16

Maximum Firewall Throughput

120 Gbit/s

720 Gbit/s

1.44 Tbit/s

Maximum Number of Concurrent Sessions

120 million

720 million

1.44 billion

Basic Functions

Routing/Transparent/Composite mode, state validation detection, blacklist and whitelist, access control, Application Specific Packet Filter (ASPF), security zone division, virtual firewall, smart route, and load balancing

NAT/CGN

Destination NAT/PAT, NAT NO-PAT, source NAT-IP address persistency, source IP address pool grouping, NAT Server, bi-directional NAT, NAT-ALG (Application Layer Gateway), unlimited IP address expansion, policy-based destination NAT, port range pre-allocation, hair pinning mode, SMART NAT, NAT64, DS-Lite, and 6RD (IPv6 Rapid Deployment)

NGFW Functions

Supports intrusion detection and prevention, URL filtering, antivirus, data loss prevention, etc.

PKI

PKI certificate requests (PKCS 10), Certificate Authority (CA)

PKI authentication: EAP-SIM, EAP-AKA

PKI protocol: SCEP, OCSP, and CMPv2
Self-signed certificate

Virtual System

4,096-Virtual Firewall (VFW) definition, VLAN virtualization, security zones virtualization, user-defined virtual resources, route between VFW, and VFW-based traffic CAR

DDoS Mitigation

SYN-flood, ICMP-flood, TCP-flood, UDP-flood, and DNS-flood

Port-scan, Smurf, Tear-drop, and IP-Sweep

IPv6-extension-header defense, TTL detection, TCP-mss detection, and attack log output

Related resources

WORLDWIDE

Huawei Enterprise APP
Worldwide

Copyright © 2017 Huawei Technologies Co., Ltd. All rights reserved.