HP Firewall Series - HP AF5000-CMW520-R3206P22 Release Notes

ManualsBrandsHP ManualsComputer AccessoriesHP F5000 Firewall Main Processing Unit

Category

Features

Firewall

Packet filtering

Security zone-based access control

Time-based access control

ASPF status-based packet filtering

Virtual firewall

Attack detection and protection, against attacks including Land, Smurf,

Fraggle, WinNuke, Ping of Death, Tear Drop, IP Spoofing, IP fragments,

packet fragments, TCP Flag, large ICMP, address scanning, port scanning,

SYN flood, and ICMP flood attacks

URL filtering

Control of ICMP redirect or unreachable packets

Control of Tracert packets

Control of packets with the route record option

Static and dynamic blacklist functions

Security

management

Real-time attack logs

Blacklist logs

Session logs

Binary logs

Traffic statistics and analysis

Global/security zone-based connection rate monitoring

Global/security zone-based protocol packet percentage monitoring

Security event statistics

NAT

Address translation based on address pools

Using ACL to control address translation

Easy IP

NAT server

NAT aging time

ALG for protocols including FTP, DNS, QQ, MSN, H323, NBT, ILS, RTSP,

SQLNET, and SIP

VPN

IPsec/IKE

AH and ESP

Manually configured SAs and SAs negotiated by IKE

ESP supports the DES, 3DES, and AES encryption algorithms

MD5 and SHA-1 authentication algorithms

IKE main mode and aggressive mode

DPD

NAT traversal

L2TP

Network

connection

LAN protocols

Ethernet_II

VLAN

Network

protocols

IP services

ARP

Static domain name resolution

IP unnumbered

DHCP relay

DHCP server

DHCP client