The hottest Huawei usg9500 series products passed

  • Detail

Did you know that Huawei usg9500 series products have passed the NSS laboratory evaluation in the United States? At present, more than 90% of the data in the world are generated in recent years, while the data on the Internet is growing at a high speed of 50% every year, that is, it will double every two years. In the era of big data, data has a series of characteristics such as large volume, high flow rate, various types and strong unstructured, which also makes the data center carrying big data face unprecedented challenges. In addition to improving the ability to process and analyze massive and diverse data, it also needs to meet the explosive growth of network bandwidth and comprehensively ensure the security of data. Therefore, in order to better adapt to the changes in the era of big data, the data center also needs to step into a new era of T-level security protection to protect the safety of big data

when it comes to T-level security protection, we have to mention the industry's first T-level high-performance data center firewall usg9500 series released by Huawei. As a cross era firewall product, Huawei usg9500 series has received the attention of the industry since its inception. In the public test of the industry's first data center firewall organized by the industry's authoritative third-party security evaluation agency NSS laboratory in 2014, Huawei successfully passed the test based on the data center firewall test methodology, becoming the fastest firewall in the industry; At the same time, it was officially crowned as the industry's first T-class data center firewall certified by a third party. So how did the fastest firewall in the industry come about? Let me tell you the answer now

np+ multi-core + distributed innovative architecture enables the performance to reach

Huawei usg9580 is the highest model of Huawei usg9500 series data center firewall products, with 16 expansion slots; Support Ge, 10GE, 40ge, 100ge and other interface types (support high-density interface boards, which can support 48 Ge or 10 10GE interfaces; and support single port 40g/100g board cards); The theoretical throughput performance can reach 960Gbps (i.e. level T). In order to verify its T-level performance, NSS laboratory equipped up to 100 10GE interfaces and 6 next-generation high-performance security business modules for the usg9580 data center firewall. The test results show that the Huawei usg9580 firewall can achieve the line speed throughput of 96 10GE interfaces in the UDP tests with message sizes of 512, 1024 and 1514 bytes respectively, that is, it has truly reached the theoretical performance of 960Gbps

Huawei usg9580 data center firewall has such excellent performance because of its revolutionary np+ multi-core + distributed architecture. Compared with the traditional architecture adopted by the mainstream firewalls in the industry at present (i.e. using a single CPU to support business forwarding), the np+ multi-core + distributed innovative architecture of the usg9500 series integrates multiple multi-core CPUs on a business board, optimizes the shunting hash algorithm of business traffic on the distributed multi-CPU platform, and solves the problems of power consumption and heat dissipation under such high-density processing with the innovative air duct design, Thus, the processing performance of the usg9500 series firewall has been improved to level t

usg9500 series' np+ multi-core + distributed innovative architecture not only enables it to have T-level throughput, but also enables it to perform in real environments (i.e. when dealing with complex traffic at the L layer), which has more obvious advantages than traditional architectures. NSS lab's real world real traffic combination test for usg9580 firewall is a good proof of this

various business scenarios perform stably and excellently.

the test uses different protocol combinations to reflect the real user usage scenarios based on the predetermined location (network core or boundary) of the tested equipment. NSS lab selected five common data center business scenarios (finance, virtualization, mobile app, webapp, ISP) for verification. Huawei usg9580 tested high performance of about 390gbps under these business models. In particular, according to the NSS laboratory test methodology, TCP test traffic is only sent in one direction, so the throughput of each pair of ports is limited to 10Gbps (96 10 Gigabit ports become 48 10 Gigabit ports), that is, the maximum theoretical throughput should be 480gbps. In other words, the measured performance of Huawei usg9580 is very close to the theoretical performance

regarding the excellent performance of Huawei usg9580 data center firewall in the test, Vikram phatak, CEO of NSS lab, commented that Huawei usg9580 data center firewall is the fastest firewall in the industry we have tested. We believe that security experts and any customers who will consider Huawei solutions will be very interested in our test results

indeed, through the performance measurement in NSS lab, the T-level throughput performance of Huawei usg9580 data center firewall has been perfectly demonstrated. Today, with the rapid growth of global data center traffic (with a compound annual growth rate of 31%), Huawei usg9580, as a data center security defender, has responded to the explosive growth of big data traffic and network bandwidth with T-level performance, completely eliminated the bottleneck of business interconnection, and become a performance benchmark in the era of T-level security protection

safety, effectiveness, stability and scalability standard accessories (accessories): reliability, manageability and TCO are also excellent.

in addition to the verification of T-level performance, NSS lab data center test methodology also investigated various indicators of Huawei usg9580 firewall, including safety, effectiveness, stability and reliability, manageability, if there is excess peak rationality in gradient elution, TCO (total cost of ownership), etc. In the security effectiveness test, NSS laboratory conducted baseline configuration test, multi domain configuration test under complex real business, policy test, application protocol and detection engine test on Huawei usg9580. Thanks to the comprehensive security protection capabilities of usg9580 (supporting NAT and URL traceability, virtualization, VPN, IPS, anti DDoS, application identification, intelligent routing, load balancing and other functions), especially the application identification capabilities based on packet protocol analysis and feature matching technology, it successfully passed all test projects. The test results of NSS laboratory show that the specified traffic passes successfully, the rest traffic is rejected, and the log system records the appropriate log entries. In other words, usg9580 realizes the transparent visualization of network data in the data center, providing a reliable guarantee for the protection of application security

in the stability and reliability test, Huawei usg9580 can block 100% of the traffic that has been blocked before, and send alarms for all blocked traffic. It successfully passed the tests of blocking long-term attacks, forwarding legitimate traffic normally under long-term attacks, and protocol ambiguity and variation. At the same time, Huawei usg9580 has successfully passed the power failure test, redundancy test and data persistence test with the technical support of hrp/ha/link binding and redundancy of key components. As a direct connection equipment in the data center, Huawei is well aware of the important jisg3191-66 (94) of its stability and reliability (the shape, size, weight and allowable difference of hot rolled bar steel and coiled bar steel); Therefore, at the beginning of design, Huawei usg9580 referred to the high standards of operators, and the test results of NSS laboratory also well verified its outstanding stability and reliability

although Huawei usg9580 is a high-end T-level firewall, its performance in management and configuration is also excellent. It provides cli, webui, SNMP and other means of operation. It can be maintained through the self-contained sweb system of a single device or through Huawei esight professional management software, so as to effectively reduce the workload of later operation and maintenance; At the same time, in view of the difficulty in maintaining and simplifying the original security policies of the enterprise, the usg9580 also simplifies the policies through hit rate analysis and redundancy analysis, which can at least help the operation and maintenance personnel reduce the workload by 30%. Based on this, Huawei usg9580 also successfully passed the strict management and configuration test of NSS laboratory

through the comprehensive test of NSS lab based on data center testing methodology, Huawei usg9580 data center firewall shows the leading security protection ability in the industry, and also enables the global security market (especially enterprises in developed countries and regions) to have a new understanding of Huawei's brand and security products. In this regard, Andy Purdy, Huawei's CSO in the United States, pointed out that: we are happy to share the independent evaluation results of NSS laboratories in the United States with the global security field. We firmly believe that the evaluation of ICT products by authoritative and independent third-party evaluation institutions with good reputation such as NSS laboratories is of great value. This kind of independent evaluation should be more applied in the global ICT industry. In fact, it should also become the recognized cornerstone of effective risk management, because when purchasing platforms or products, enterprises need to obtain relevant suggestions from the industry where we should actively recycle waste plastics and make them into printing materials to build confidence in the platform or products

of course, as a decision-maker of data center construction, in addition to paying attention to the product performance (capability), we should also consider the construction cost, that is, we hope to maximize the return on investment value. For this reason, NSS lab also calculated the total cost of ownership (TCO) per Mbps of Huawei usg9580. The calculation formula is as follows:

3-year TCO (including initial procurement cost and later maintenance cost within the three-year life cycle)/nss lab measured throughput mbps= total cost of ownership per Mbps

through calculation, Huawei usg9580 provides a very competitive performance price ratio, and the total cost of ownership per Mbps is only $1.74. Just imagine that if the performance provided by a relatively cheap product is much lower than that provided by a slightly more expensive product, the return on investment value of this cheap product must not be high. Especially for the firewall, a key equipment in data center construction, its core value is to achieve low TCO while providing high throughput, just like Huawei usg9580 data center firewall. Therefore, Huawei usg9580 is not only a leader in the era of T-class security protection, but also an ideal choice for the construction of the world's next-generation data center

Copyright © 2011 JIN SHI