|Maximum Firewall Throughput
|Maximum Number of Concurrent Sessions
||Routing/Transparent/Composite mode, state validation detection, blacklist and whitelist, access control, Application Specific Packet Filter (ASPF), security zone division, virtual firewall, smart route, and load balancing
||Destination NAT/PAT, NAT NO-PAT, source NAT-IP address persistence, source IP address pool grouping, NAT Server, bi-directional NAT, NAT Application Layer Gateway (NAT-ALG), unlimited IP address expansion, policy-based destination NAT, port range pre-allocation, hair pinning mode, SMART NAT, NAT64, DS-Lite, and 6RD (IPv6 Rapid Deployment)
||Supports intrusion detection and prevention, URL filtering, antivirus, data loss prevention, etc.
||PKI certificate requests (PKCS 10), Certificate Authority (CA)
PKI authentications: EAP-SIM, EAP-AKA
PKI protocols: SCEP, OCSP, and CMPv2
||4,096-Virtual Firewall (VFW) definition, VLAN virtualization, security zones virtualization, user-defined virtual resources, route between VFW, and VFW-based traffic CAR
||SYN-flood, ICMP-flood, TCP-flood, UDP-flood, and DNS-flood
Port-scan, Smurf, Tear-drop, and IP-Sweep
IPv6-extension-header defense, TTL detection, TCP-mss detection, and attack log output
|Data Leak Prevention (DLP)
||Identifies and filters the transferred files and contents. The USG9500 can identify more than 120 file types, regardless of whether filename extensions are maliciously changed. In addition, the USG9500 can restore and implement content filtering for over 30 types of files, such as Word, Excel, PPT, PDF, and RAR files, to prevent leaks of critical enterprise information.