This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Need Help?

Updates

WORLDWIDE

USG9500 Series Terabit-level Next-Generation Firewall

The USG9500 is a new-generation, terabit-level, all-in-one DC firewall from Huawei for cloud service providers, large-scale DCs, and large-scale enterprise campus networks.

The USG9500 provides terabit-level processing performance and 99.999% reliability. It integrates multiple security features such as Network Address Translation (NAT), Virtual Private Network (VPN), Intrusion Protection System (IPS), virtualization, and Service Awareness (SA) to help enterprises construct cloud computing–oriented DCs under border security protection and reduce the equipment room investment and Total Cost of Ownership (TCO) per Mbit/s.

Listen to Our Customers

  • 0102

    Huawei Builds 100G SDN Campus Network for KMITL of Thailand

    Huawei developed a full-service comprehensive campus solution that provides KMITL an SDN-based 100G campus network.

  • 0202

    University Network Keeps Students Up to Speed

    Huawei’s USG9500 platform helps Peking University’s campus network bring education into the 21st century.

Specifications

Model USG9520 USG9560 USG9580
Expansion Slots 3 8 16
Maximum Firewall Throughput 120 Gbit/s 960 Gbit/s 1.92 Tbit/s
Maximum Number of Concurrent Sessions 160,000,000 1,280,000,000 2,560,000,000
Basic Functions Routing/Transparent/Composite mode, state validation detection, blacklist and whitelist, access control, Application Specific Packet Filter (ASPF), security zone division, virtual firewall, smart route, and load balancing
NAT/CGN Destination NAT/PAT, NAT NO-PAT, source NAT-IP address persistence, source IP address pool grouping, NAT Server, bi-directional NAT, NAT Application Layer Gateway (NAT-ALG), unlimited IP address expansion, policy-based destination NAT, port range pre-allocation, hair pinning mode, SMART NAT, NAT64, DS-Lite, and 6RD (IPv6 Rapid Deployment)
NGFW Functions Supports intrusion detection and prevention, URL filtering, antivirus, data loss prevention, etc.
PKI PKI certificate requests (PKCS 10), Certificate Authority (CA)
PKI authentications: EAP-SIM, EAP-AKA
PKI protocols: SCEP, OCSP, and CMPv2
Self-signed certificate
Virtual System 4,096-Virtual Firewall (VFW) definition, VLAN virtualization, security zones virtualization, user-defined virtual resources, route between VFW, and VFW-based traffic CAR
DDoS Mitigation SYN-flood, ICMP-flood, TCP-flood, UDP-flood, and DNS-flood
Port-scan, Smurf, Tear-drop, and IP-Sweep
IPv6-extension-header defense, TTL detection, TCP-mss detection, and attack log output
Data Leak Prevention (DLP) Identifies and filters the transferred files and contents. The USG9500 can identify more than 120 file types, regardless of whether filename extensions are maliciously changed. In addition, the USG9500 can restore and implement content filtering for over 30 types of files, such as Word, Excel, PPT, PDF, and RAR files, to prevent leaks of critical enterprise information.

For Partners

If you are already a partner, please click here to get more marketing resources.
Click here to visit partner zone to check enquiry status, manage orders, get support, or learn more about Huawei partners.

Huawei Enterprise APP

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved.