• Products
  • Switches
  • Routers
  • IP Multimedia
  • IP Storage
  • Security Products
  • Network Management
  • SOHO
  • Green Products
  • Other Products
• Solutions
  • Industry Solutions
  • Technology Solutions
• Success Stories
  • Education
  • Finance
  • Large Enterprise
  • E-Government
  • Others
• Technology
  • Comware Platform Overview
  • OAA
  • System Management
  • WAN
  • LAN
  • IPv4 & IPv6 Services
  • QoS
  • Security and VPN
  • IP Routing
  • IP Multicast
  • MPLS
  • Voice
  • Reliability
  • IRF
  • MIB

Features

The H3C S9500 series adopts many industry-leading features to realize the promise of excellent performance, multi-services support and high availability with investment protection for enterprise and service provider, including:

Ø         ASIC-based High Performance

Ø         Converged Network Security

Ø         Longest Network Uptime

Ø         Converged Multi-services Features

ASIC-based High Performance

l         Wire-speed MPLS Processing Capability

The H3C S9500 Series supports distributed MPLS processing with highest performance. The ASIC chip on the interface board is directly responsible for wire-speed processing of MPLS labels, eliminating the bottleneck found in centralized processing. Compared with other centralized MPLS devices, the S9500 series offers high availability even when service load is heavy, to bring customers with continual investment protection.

l         Wire-speed IPv6 Processing Capability

The H3C S9500 Series supports distributed IPv6 processing. The ASIC chip on the interface board offers full wire-speed processing of IPv6 packets, which can be realized through upgrades of the operating system. This significantly protects customer investment and meets the network service development.

l         High Capacity, High Performance Routing & Switching

The H3C S9500 Series provides industry-leading switching capability. The highest 1.44T routing and switching engine allows wire-speed forwarding on 576 GE ports or 48 10GE ports. The forwarding capability for layer 3 packets is up to 875 Mpps.

Converged Network Security

l         Integrated Security Features

The H3C S9500 Series can provide integrated firewall services module. The firewall module is an improvement-based status firewall, adopting a special high-reliability hardware system and a dedicated operating system with self-owned intellectual property rights. It integrates high-efficiency packet filtering, transparent proxy, improvement-based status detection security technology, abundant statistical analysis functions, and many security protection measures. In addition, it supports NAT-PAT, IPSec VPN encryption features, multiple encryption algorithms (such as DES and 3DES), certificate authentication, and dozens of attack defending capabilities.

The series provides integrated IPSec module, enabling secure VPN access service on Internet. The SecBlade VPN module can provide abundant VPN functions (such as L2TP VPN, GRE VPN, IPSec VPN) and support IPSec hardware encryption (such as DES, 3DES and AES).In addition, it provides simple packet filter and status firewall features.

l         Inherent Security Features

Adopting longest match routing policy and packet-by-packet forwarding, the H3C S9500 Series can resist the attack of network viruses. The series supports OSPF, RIPv2 and BGPv4 plain text and MD5 cipher text authentication; supports multiple binding modes of IP, VLAN, MAC and port, which can avoid address theft; supports broadcast packet suppression, which controls the impact caused by invalid broadcast traffic like ARP flood traffic; supports packet security filtering, which prevents illegal access and malicious packet attacks.

l         Management Security

The H3C S9500 Series supports IEEE 802.1x, AAA/Radius and HWTACACS to authenticate user identity; supports user level management that allows different configuration privilege to users of different level; supports secure SNMPv3  protocol; supports secure remote login SSH V2; and allows Telnet login only from restricted IP addresses.

Longest Network Uptime

l         Free of Single Point Failure

The H3C S9500 Series adopts a distributed architecture. All the key components of the S9500 series are designed with redundancy, including the main control board, the switch fabric, the power supply and the fan. The passive backplane avoids single point failure of the cabinet. All boards support hot swap that brings no influences to services on other boards.

l         High Reliability Routing Protocols

The H3C S9500 Series supports graceful restart of OSPF, IS-IS and BGP, bringing no interruption to forwarding. In addition, the series also supports virtual router redundancy protocol (VRRP) to ensure high speed and reliable running of the entire network.

l         Quick Self-healing Ring Network

The S9500 Series supports resilient packet ring (RPR), which integrates such advantages as the high reliability of SDH with fault self-healing and the economy, high bandwidth, flexibility and scalability of Ethernet. RPR can provide a failure switchover time that is less than 50ms, causing no influence to real-time services like audio and video services. The RPR technology provides customers with a high reliability, multi-service transmission solution.

Converged Multi-services Features

l         Network Service Analysis

The H3C S9500 Series analyzes network services through a high performance network processor. The series supports V5, V8 and V9 log formats. Working with the XLog system, these switches can provide a complete analysis to network traffic. The logs can be sent to the primary server and the secondary server simultaneously to avoid loss of statistics. Network service analysis provides visibility of the applications and services in the network, to help users optimize network structure and adjust resource deployment in time.

l         High Quality QoS

The S9500 Series provides perfect QoS, which includes the following functions: traffic policing, with a granularity precision of up to 8 Kbps; traffic shaping, which can be applied to a port or a queue; support of DSCP priority, IP priority, TOS priority, COS priority and Exp priority reset; packet redirection, which can adjust the packet forwarding path according to the network traffic; and support of multiple queue dispatching modes and multiple congestion avoidance mechanisms.

l         Customized Solutions

The S9500 Series includes some new features that can meet the individualized needs of customers in different fields. These features include: Portal authentication, which provides end user authentication without installing any client; BT traffic control, which prevents the abuse of bandwidth resource at the egress by P2P service; and support of separate accounting to different network segments in campus network and open programming interfaces.