The USG2100/2200/5100 BSR/HSR series is a new-generation product launched by Huawei to meet the requirements of small and medium-sized enterprises, branches of large enterprises, SOHO users, and cyber bars.
Based on the modular design, the USG2100/2200/5100 BSR/HSR series integrates multiple features such as security, routing, switching, and wireless (WiFi and 3G) features. With varieties of interface types and industry-leading performance, the USG2100/2200/5100 BSR/HSR series delivers sound security protection for small and medium-sized enterprises, branches of large enterprises, SOHO users, and cyber bars. In addition, the USG2100/2200/5100 BSR/HSR series provides the integrated network egress security and interworking solution, which helps enterprises decrease cost and increase production efficiency. The USG2100/2200/5100 BSR/HSR series, as a security protection device, is an ideal option for small and medium-sized enterprise networks.
As shown in Figure 1, the USG2100/2200/5100 BSR/HSR series integrates multiple services, and is excellent in terms of the reliability, processing capability, modular port, and service capability, which greatly reduces the initial investment and long-term operation and maintenance costs of the construction of enterprise networks.
Figure 1 USG2100/2200/5100 BSR/HSR series application
- Integrates security, routing, switching, VPN, and wireless functions, which greatly enhances the product integration capability.
- Completely integrates the functions of the Ethernet switch.
- Provides the Wireless Local Area Network (WLAN) function and Internet access through the Ethernet, ADSL2+, SHDSL, E1/CE1, serial, and 3G.
- Provides users with all the router, firewall, switch, VPN, and wireless features on a single device.
Refined Management over Thousands of Application Programs, Building an Efficient Network
- Identifies wide ranges of application layer protocols, providing visibility into the applications running on the network.
- Equips with mass Web sites, blocking Trojan horse-embedded and phishing Web sites, isolating pornographic and gambling Web sites, and preventing employees against maloperations.
- Offers multi-dimensional control measures specific to time, application, user, bandwidth, and connection number, effectively providing bandwidths for mission-critical applications, improving bandwidth usage and working efficiency.
Professional Content Security Defense, Providing a Secure Network
- Provide 99% detection ratio by using the AV engine that is built on the anti-virus technologies and has file-level scanning capability, and the world-leading emulation environment and virtual execution technology.
- Provides professional vulnerability patching technology to prevent attack variants: In the traditional attack code-based defense mode, a huge signature database needs to be maintained and updated due to the transformation of attack types, which overloads the IPS engine and leads to low detection performance and high false negative and false positive ratios. The USG is backed by advanced vulnerability defense technology and delivers virtual patches for vulnerabilities (not attack code), preventing attack variants.
- Maintains a professional team to provide updates, tracking the latest, most widespread, and most dangerous system and software vulnerabilities, and defending against attacks quickly, to improve the security of office networks.
One-Key Configuration, Freeing Users from Complicated Policy Optimization
- Provides a Web interface to make device management and configuration simple and intuitive.
- Provides wizards for key configurations, guiding administrators through the configuration processes.
- Provides one-key enabling of IPS and AV, freeing the administrators from repeated, strenuous, and time-consuming policy configuration efforts and make the device plug-and-play.
Identification-based Intranet Control and Policy Unification
- Provides multiple user authentication mechanisms: local user database authentication, portal authentication, and transparent authentication based on the data imported from the connected third-party servers.
- Delivers unified security policies, providing refined traffic control by users or user groups, application protocols categories, time periods, IP segments, MAC addresses, and ports based on the accurate identification of users or user groups and application protocol categories; Completes the configurations such as packet filtering, UTM, and application detection and control at one time.
Uses the independently developed software platform and Huawei-proprietary security operating system, separating the data plane and the management plane, which enhances the system security; provides brilliant flexibility and configurability with open Application Programming Interfaces (APIs), for further development and evolution.
Supports multiple new storage media such as the USB disks, and microSD cards, providing high scalability.