Eudemon1000E-X Series

Burgeoning services such as high-speed Internet access, video, and critic applications in the case of so many new applications?
media stream lead to the rocketing of network traffic and ever- How to deal with flooding worms, effectively protecting intranets
increasing service requirements of large organizations, intranets, and securing office environments?
and data centers in the 10-Gigabit epoch. New applications emerge
With in-depth understanding of service and customer requirements,
and occupy the fixed ports of traditional services, making traditional
Huawei launches its Eudemon1000E-X series. This series employs the
port-dependent firewalls inadequate to cope with such applications.
new 10-Gigabit multi-core hardware platform and constructs a more
For the sake of illegal profits, hacker attacks and malware are
high-speed network with no delay for processing mass services. By
spreading at will. Under this background, false positive and false
integrating advanced Symantec intrusion prevention and anti-virus
negative are frequently seen in traditional traffic-based attacks.
technologies, it delivers content security protection and builds a secure
IT administrators find it difficult to deal with so many problems;
network; with Huawei industry-leading deep packet inspection (DPI)
therefore, large organizations, intranets, and data centers have to
technology, it manages thousands of application programs subtly and
be confronted with such predicaments:
provides an effective network. All in all, the Eudemon1000E-X series
How to select a cost-effective product to deal with ever-
brings "continuous, cost-effective, and secure" network experience
increasing service requirements at present and in the future?
for large organizations, intranets, and data centers.
How to block abuse and provide sufficient bandwidths for mission-

Eudemon1000E-X3

Eudemon1000E-X6

Eudemon1000E-X5

Highlights
10-Gigabit Multi-Core Hardware Platform Delivers 64 Gigabit+14 x 10-Gigabit high-density interfaces.

Prominent performance, realizing mass service processing
Provides 15G firewall throughput, 200,000 new connections
per second, 4,000,000 concurrent connections, and 15,000
concurrent VPN tunnels.
Supports high-capacity NAT.
High-density 10G interfaces, suiting different application
scenarios
Super-long mean time between failures (MTBF), safeguarding
service continuity
Supplies redundant key components and mature link conversion.
Provides built-in bypass cards for both optical and electrical links.
Relies on a stable software platform for over 10 years'
commercial use, and more than 100,000 devices concurrently
online in the world.

HUAWEI TECHNOLOGIES CO., LTD.

Eudemon1000E-X Series
Refined Management over Thousands of
Application Programs, Building an Efficient
Network
Wide application identification, providing visibility into the
applications running on your network
Possesses 150 application identification experts, and over 850
identifiable categories.
Massive Web site categories, constructing a green Internet
access environment
Equips with 65 million Web sites and over 130 content
categories, blocking Trojan horse-embedded and phishing
Web sites, isolating pornographic and gambling Web sites,
and preventing employees against maloperations.
Refined application management, creating an efficient
working network
Offers multi-dimensional control measures specific to time,
application, user, bandwidth, and connection number,
effectively providing bandwidths for mission-critic applications,
improving bandwidth usage and working efficiency, and
making P2P/IM//Web sites at your mercy.
Professional Content Security Defense,
Providing a Secure Network
Industry-leading anti-virus engine with 99% high identification
accuracy
Bases on Symantec accumulative anti-virus technologies,
adopts the anti-virus engine with file-level content scanning,
combines the globally leading emulation environment and
virtual execution technology, provides a 99% identification
ratio, and gains good reputation from the international
assessment organization.
Application Scenarios
Network Isolation and VPN Interconnection
Customer challenges
Because user networks reside in different network areas,
problems such as unclear borders, improper access control
management, and disordered mutual access may occur.
When branches and mobile employees communicate with the
headquarters, data may be intercepted or tampered.
Solution strengths
1
Dedicated vulnerability patching, making transformation
illuminated
Maintains and updates the huge signature database by the
traditional attack code-based defense mode due to the
transformation of attack types, which imposes overload on the
IPS engine and leads to low detection performance and high
false negative and false positive ratios. The Eudemon1000E-X
is backed by advanced Symantec vulnerability defense
technology and delivers virtual patches for vulnerabilities (not
attack code), disabling various attacks from transforming.
Real-time update by a professional team, realizing zero-day
attack defense
Supplies the honeynet system deployed globally together
with a professional team of over 300 experts to keep tracking
the latest, hottest, and most dangerous system and software
vulnerabilities, and to defend against zero-day attacks quickly.
One-Key Configuration, Freeing You from
Complicated Policy Optimization
GUI, a farewell to CLI
Delivers the Web pagebased configuration and management,
visualized and simple.
Professional configuration wizard, simplifying policy configuration
Provides a professional configuration wizard for each independent
service.
One-key enabling of IPS and anti-virus, reducing maintenance
workload
Builds the IPS/anti-virus rule base, with a 99% detection
ratio, which can be directly enabled without commissioning.
Therefore, administrators are freed from time-consuming,
strenuous, and complicated policy optimization, and quick
deployment comes true, that is, plug and play.
Delivers 15G processing performance, avoiding the bottleneck
of border deployment.
Divides security zones on demand, clearly planning network
borders.
Provides the flexible packet filtering policies, accurately
controlling mutual access.
Comes with 15,000 concurrent VPN tunnels, 7G VPN
encryption and decryption capabilities, ensuring mass secure
interconnection and securing data communication.
Eudemon1000E-X Series

Office network

IP Sec VPN

Branch Eudemon1000E-X Service system

IP Sec VPN

Mobile office
Office network

External Threat Prevention concurrent connections, easily coping with millions of DDoS
attack packets per second.
Customer challenges
Empowered by advanced IPS and anti-virus technologies
Coming along with the abundant Internet resources are of Symantec as well as vulnerability-based and abundant
threats such as DDoS attacks, malicious intrusions, and viruses. signature database, ensuring near-zero false positives and
Solution strengths negatives, and a detection ratio of higher than 99%; provides
Supplies 200,000 new connections per second and 4,000,000 powerful security defense against diversified security threats.

Office network
Malicious intrusion

Branch Eudemon1000E-X Service system

Worms and
Trojan horses
Office network

2
Eudemon1000E-X Series

Online Behavior Management
Customer challenges
None-work-related Internet surfing, P2P download, online
games, and stock transaction waste bandwidths for business,
reduce productivity, and increase the risks of potential
malicious code and hacker attacks.
Solution strengths
Provides over 850 identifiable application categories, providing
visibility into the applications running on your network.
Equips with 65 million Web sites, blocking Trojan horse-
embedded and phishing Web sites, isolating pornographic
and gambling Web sites, and preventing employees against
maloperations.
Offers multi-dimensional control measures specific to the
time, application, user, and bandwidth, effectively providing
bandwidths for mission-critic applications, improving working
efficiency, and making P2P/IM//Web sites at your mercy.

P2P

Service system
Service related-
Web site

Eudemon1000E-X
Office network

Illegitimate Web site IM

Office network

Product Specifications
Model Eudemon1000E-X3 Eudemon1000E-X5 Eudemon1000E-X6
Performance
Firewall throughput (Gbit/s) 6 10 15
64-byte packet forwarding per second (Gbit/s) 1.5 2 3
IPSec VPN performance (Gbit/s) 3 5 7
Number of new connections per second 100,000 150,000 200,000
Maximum number of concurrent sessions 2,000,000 3,000,000 4,000,000
Maximum number of security policies 30,000 30,000 30,000
Maximum number of users Unlimited Unlimited Unlimited
Expansion and I/0
4GE electrical+4GE combo +
Interface under standard configuration 4GE electrical+4GE combo interfaces
8GE optical interfaces
Expansion slot 2FIC 2MIC+6FIC
Interface module type 10GE/GE electrical/GE optical/Bypass card

3
Eudemon1000E-X Series

Model Eudemon1000E-X3 Eudemon1000E-X5 Eudemon1000E-X6

Basic Firewall Features
Working mode Transparent, routing, and composite
Virtual firewall Y
Zone-based security Y
Packet filtering Y
Blacklist and whitelist Y
ASPF Y
Application protocol identification Y
IM control Y
P2P traffic limiting Y
GTP Y
Anti-DDoS
SYN flood attack defense Y
UDP flood attack defense Y
ICMP flood attack defense Y
HTTP flood attack defense Y
TCP full-connection attack defense Y
ARP flood attack defense Y
ARP spoofing attack defense Y
IP spoofing attack defense Y
LAND attack defense Y
Smurf attack defense Y
Fraggle attack defense Y
WinNuke attack defense Y
Ping of Death attack defense Y
Tear Drop attack defense Y
Address scanning attack defense Y
Port scanning attack defense Y
IP option control attack defense Y
IP fragment control attack defense Y
TCP label validity check attack defense Y
Large ICMP packet attack defense Y
ICMP redirection packet attack defense Y
ICMP unreachable packet attack defense Y
Tracert packet attack defense Y
Address Translation
NO-PAT Y
PAT Y
Address pool mode Y
Policy-based source address translation Y
Policy-based destination address translation Y
Bidirectional address translation Y
Intrazone address translation Y
NAT-ALG Y
NAT Server Y
Infinite address expansion Y
IPSec VPN
Number of concurrent tunnels A maximum of 15,000
Hardware encryption Y
IKE v1, v2

4
Eudemon1000E-X Series

Model Eudemon1000E-X3 Eudemon1000E-X5 Eudemon1000E-X6

Perfect forward secrecy (DH group) 1, 2, 5
Security protocol AH, ESP, ESP_NULL, AH+ESP
Encryption algorithm DES, 3DES, AES
Authentication algorithm MD5, SHA1
SA establishment Manual, and IKE negotiation
SA update Periodic and by traffic
Dynamic security policy Y
Fragment reassembly Y
Data flow classification Y
Anti-replay Y
IPSec NAT traversal Y
SSL VPN
Hardware encryption Y
SSL protocol version TLS1.0, TLS1.0+SSL3.0, TLS1.0+SSL3.0+SSL2.0
Security protocol AH, ESP, ESP_NULL, AH+ESP
Encryption algorithm DES, 3DES, AES
Authentication algorithm MD5, SHA1
Authentication protocol VPNDB, RADIUS, LDAP
MPSL VPN
Forwarding table Y
Layer 3 VPN Y
GRE tunnel Y
LDP Y
MPLS ping Y
MPLS traceroute Y
LSP Y
LSR Y
Cross-domain SSL VPN Y
IPv6
OSPFv3 Y
BGP4+ Y
IPv6 ISIS Y
IPV6 policy-based routing Y
IPv6 ACL standard Y
IPv6 ACL extended Y
IPv6 interface statistics Y
NATPT (4 to 6 and 6 to 4) Y
Anti-Virus
Identifiable virus Over 7000,000 (keep updating)
File-based anti-virus Y
Unpacking Y
Script parsing Y
Resumable download virus removal Y
PDF scanning engine Y
Virtual execution technology Y
Full protocol resolution Y
Heuristic virus removal Y
Complicated string scanning engine Y
Scanning file type setting Y
Compressed file virus removal Y (21 compression algorithms)

5
Eudemon1000E-X Series

Model Eudemon1000E-X3 Eudemon1000E-X5 Eudemon1000E-X6

Web page virus removal Y
Email virus removal Y
VPN scanning Y
Anti-Trojan horses and worms Y
Anti-spyware Y
Anti-greyware Y
Anti-malware Y
Overload protection Y
Virus database update frequency Daily update and emergent update
IPS
Detectable attack type Over 8000 (keep updating)
Vulnerability-based signature database Y
User-defined signature Y
Zero configuration Y
Zero-day attack defense Y
PDF attack defense Y
Associated behavior analysis Y
Traffic anomaly detection Y
Protocol anomaly detection Y
Protocol status signature Y
Cross-packet attack detection Y
Unauthorized download blocking Y
Web 2.0 attack defense Y
Evasion prevention IP fragment reassembly, TCP flow reassembly, URL decoding
Overload protection Y
Update frequency Weekly update, and emergent update
URL Filtering
11 languages (Chinese, English, French, Russian, Spanish, Portuguese, Arabic, Persian, Czech, Ukrainian,
Multi-language
and German)
URL category Over 130
Number of monitored domain names Over 65,000,000
User-defined URL category Y
URL blacklist and whitelist Y
List of remission IP addresses Y
Routing
Static route Y
Policy-based routing Y
Route iteration Y
Static multicast Y
RIPv2 routing 200,000
RIPv1/v2 instance 100
OSPF routing 300,000
OSPF route instance 100
BGP routing 16,000
BGP instance 1000
BGP peer 100
Logging/Monitoring
Log server eLog
Log format Syslog and binary log
Device status log Y

6
Eudemon1000E-X Series

Model Eudemon1000E-X3 Eudemon1000E-X5 Eudemon1000E-X6

Session log Y
Blacklist log Y
Traffic statistics and monitoring log Y
User operation log Login/Logout, CLI configuration
NAT log Y
ASPF log Y
Attack defense log Y
P2P traffic monitoring log Y
IPS log Y
Anti-virus scanning log Y
URL filtering log Y
Management
Web-based UI HTTP/HTTPS
CLI Local, Telnet, SSH
Management protocol SNMP, TR069
NMS U2000, VSM
High Availability
HA Active/standby, active/active
1+1 power supply backup Y
Hot swappable key component Power supply
Configuration synchronization Y
Session status synchronization Y
Operating Environment
Ambient temperature 0oC to 40oC
Environment humidity 5% to 95%, non-condensing
Certification
Security certification Y
Electromagnetic compatibility (EMC) certification Y
CB certification Y
Rohs Y
FCC Y
MET Y
C-tick Y
VCCI Y

Copyright Huawei Technologies Co., Ltd. 2011. All rights reserved. HUAWEI TECHNOLOGIES CO., LTD.
Huawei Industrial Base
General Disclaimer
Bantian Longgang
The information in this document may contain predictive statements including,
without limitation, statements regarding the future financial and operating results, Shenzhen 518129, P.R. China
future product portfolio, new technology, etc. There are a number of factors Tel: +86-755-28780808
that could cause actual results and developments to differ materially from those Version No.: M3-110019999-20110805-C-1.0
expressed or implied in the predictive statements. Therefore, such information
is provided for reference purpose only and constitutes neither an offer nor an
acceptance. Huawei may change the information at any time without notice. www.huawei.com