How To Sell Hillstone 303. X Series DCFW v5.5r9

Hillstone X-Series
Data Center Firewall
1
Security Challenges for Data Centers
Hillstone Data Center Firewall Value Proposition
Hillstone Data Center Firewall Portfolio
Deployment Scenarios & Winning Cases
© 2022 Hillstone Networks All Rights Reserved | 2

Security Challenges for Data Centers
and Hillstone Solution

Data Center Security Challenges
Performance
• More traffic
• More users
• More servers
Complexity Scalability Management

• Discrete, virtualized, and Agility
cloud data centers
• Software defined networks
• BYOD
Security
• Adapt security to evolving Security as a
infrastructure (virtualization, Service
cloud, SDN/NFV)
• Respond to rapidly evolving
threat environments

Hillstone Data Center Firewall
Value Proposition

Limitation of Legacy DC Firewall Architecture
Stackable Architecture Shared-Distribution Architecture
IOM Security Module IOM
Security Module
IOM IOM
• System has low performance if traffic • System performance is limited by single

crosses different modules database
• Unable to implement mutual • Performance scalability mainly depends
redundancy between modules on the main module
• System Management is complex • Single point of failure problem
Hillstone Innovative Elastic Firewall Architecture
Hillstone EFA
Separation of the network layer and the

application layer, higher performance
Patent Elastic Firewall Architecture, Linear

Scalability
HA for Security Service Modules, high

reliability

Carrier Grade High Reliability
System Bypass Hardware Modules Software

AA/AP Hardware Bypass Power/Fan SCM/SSM ISSU,
deployment Modules Redundancy Redundancy Resource Allocation
.
Enable Carrier Grade Reliability at 99.999%

Industry Leading Twin-Mode Firewall Solution
Twin-Mode Firewall Solution for

Redundant Data Centers
A highly reliable networking Firewalls in different DCs are The two groups of firewalls are If asymmetric flow is found in a
able to synchronize the session group of firewalls, they will send
solution based on traditional connected through dedicated and configuration information with traffic to to the firewall it originally
device HA data link and control link each other. passed
Asymmetric flow Ensure business Configuration between

Complete access Traffic between Supporting a
across data centers continuity during multiple firewalls can
control and data centers can variety of data
cannot be properly virtual devices be automatically
security functions be visualized center networking
solved. movement synchronized.

Advanced Virtual Systems for MSSPs
Virtualized Protection
Vsys Vsys
Virtual Firewall
Support up to 1000 Virtual Systems
Dynamically configure each virtual

firewall(CPU/Session/ Policy/port etc.)
according to different service
requirements, enable customized
deployment.
Each virtual firewall can be configured

and managed independently, provides
an independent logic security service
XXX plane, meets independent security
OS OS OS OS OS OS requirement of each tenant, enable
comprehensive security management
VSwitch VSwitch VSwitch for each tenants

Excellent NAT/IPv6 Transition Technology
NAT444
DS-Lite
IPv4 NAT64 IPv6
Past Now Future
Support traditional NAT&ALG, Support Support NAT444 to meet Carriers’ CGN Support multiple IPv6 transition
full-cone NAT and Port multiplexing, to standard functionality, relieve IP technologies -- Dual-Stack, DS-Lite tunnel,
improve multiplexing rate of IPV4 address depletion problem and resolve NAT64/DNS64, IPv6 ISATAP, IPv6 GRE,
address. IP address traceability. etc., fully support next-generation internet

Rich Security Functions
Intelligent QoS
• QoS based on granular application identification and nested user identification.
• Support priority management and elastic QoS, flexibly optimizes links.
Comprehensive VPN Solution

• Completed compatible with standard IPSec VPN and the third generation SSL VPN.
• Distinctive PnP VPN, simplifies configuration and maintenance.
L2-L7 Full Security Features

• SQL insertion, XSS cross-site scripts, DoS/DDoS network-layer attacks prevention. Botnet
filtering and isolation. Two-way attack detection, and full traffic protection.
• High-performance and high efficient IPS, URL-detection engine to identify and filter all
application and traffic including SSL-encrypted traffic.
• Support AV to protect users from malicious websites and files

Policy Management Reducing Operation Overhead
Policy Assistant Policy Analysis
• To understand interconnection and access • Discover old policies for reference of

status when new service launched deletion
• Check hit count of existing policies to make • Decide whether the policy can be deleted
adjustment according to the hit time of the policy
• Refine policies and deactivate/delete invalid • Adjust the policies by observing the hit
policies trends
• App-based and service-based policy
generation
Utilizing the Policy Assistant and Policy Analysis together
Block unlawful
Refine a general traffic while not
Encountered policy into Observe the hit
abnormal traffic count and trend blocking legal
detailed policy
traffic
Policy Assistant Policy Analysis

Comprehensive Reports Tailored for Different Audiences
Granular Customizable Template Rich and Helpful Content

Users can define a template based Analysis, summary and actionable
on the user’s specific needs, and recommendations are provided
export a report containing only the based on traffic statistics.
data that the user is interested in.
Better Readability Easy to Utilize

The report is easy to ready with its The report can be exported into PDF,
new layout, color scheme and HTML or WORD and be shared via
comprehensible icons. Email or FTP for user’s specific
purpose of use.

Hillstone Data Center
Firewall Portfolio X7180

15
Hillstone Data Center Firewall: X7180
• High Performance
• Carrier-Grade Reliability
• Low Power Consumption
• Unique Twin-Mode Firewall

l Customers
• Massive Virtual Firewall for MSSPs
Ø Carriers, Large Enterprises, Higher Education &
Government, Managed Security Service Providers
l Deployment Scenarios • Comprehensive NAT/IPV6 support
Ø Carrier MAN and Mobile
Ø Carrier IDC, Government Cloud Data-Center • Rich L2-L7 Security Functionality
Ø Data Center or University Campus Internet Exit

High Performance
n ce
Concurrent
a
r m i l i ty
e rfo lab Throughput：680G
p ca
h
g rs
H i ea New Sessions：4.8M
lin
New sessions
Concurrent Sessions：
240M
Throughput
Lower Energy Consumption, Cost Reduction
14U
8U
5U
Vendor A Vendor B Hillstone
136G/U
120G/U
8.25W/G
4.27W/G
34G/U
2.87W/G
Throughput/U（G/U） Maximum Power Consumption (W/G)

X7180 – Front Panel
Backbone Switch
IOM-2Q8SFP+
Fan Module
IOM-8SFP+
IOM-2SM-BE/IOM-2MM-
BE
6 general slots,
12 in total
• Single-width module use one slot only, while double-width modules use two slots, please see details on “Module Capacity”
• Double-width modules include IOM-2Q8SFP+, IOM-8SFP+, IOM-2Q8SFP+-200, SSM-200 and QSM-200

X7180 – Rear Panel
2 * 2 or 3*1 Redundant
Power Supply
16 SFP IO Module
4 XFP IO Module
Fan Module
2x SSM Server Module
Dual SCM Control

Module
6 slots in the back,
2 for SCM
• If use 200 Series modules, must use at least 3 power supply (3+1 redundancy only)

X7180 Hardware Specification
Specification SG-6000-X7180
FW Throughput (Maximum) 680 Gbps
IPSec Throughput (Maximum) 90 Gbps
Concurrent Sessions (Maximum) 240 Million
New Sessions/Second 4.8 Million
IPS Throughput (Maximum) 100 Gbps
Management I/O 1 x Console Port, 1 x AUX Port, 2 x USB 2.0 Port
Fixed I/O Ports 4 x GE Combo slot (1 x MGT+3 x HA)
Available Slots for Extensible Modules 10 x Generic Slot, 2 x System Control Module Slot, 1 x SD Card Slot
SCM-100!SSM-100!SSM-200!QSM-100!QSM-200!IOM-16SFP-100!IOM-2MM-BE!
Extension Modules
IOM-2SM-BE!IOM-2Q8SFP+!IOM-2Q8SFP+-200!IOM-8SFP+
2+2 redundant, Max.1300W ; 3+1 redundant, Max.1950W (SSM200 must use 3+1
Maximum Power Consumption
redundancy)
Power Supply AC 100-240V (50/60Hz), DC -40 to -72V
Dimension (W×D×H) 5U 17.3×23.2×8.9 in (440×590×225 mm)
Weight <116.6 lb (52 kg)
Temperature 32-104 °F (0-40 °C)
Relative Humidity 10-95%

X7180 Capacity
Capacity X7180（100 series module） X7180 Upgrade ( 200 series module）
IOM-100 IOM-200（Full width）
SSM-100 SSM-200（Full width）
Expansion Modules
QSM-100 QSM-200（Full width）
SCM-100 SCM-100
Max. System Performance
Firewall throughput(1500 byte) 360Gbps (9 IOM + 1 SSM) 680Gbps (4 IOM-200+1 IOM-100)
New sessions/sec(HTTP) 2.4M (4 IOM + 6 SSM) 4.8M (2 IOM-200+3 SSM-200)
Concurrent Sessions 120M (6 IOM + 4 SSM) 240M (3 IOM-200+2 SSM-200)
IPSec throughput 90Gbps (5 IOM + 5 SSM) 90Gbps(1)

IPS throughput 90Gbps (5 IOM + 5 SSM) 100Gbps(2)
Real-world Performance
NAT Link throughput 30Gbps (6 SSM-100) 60Gbps (3 SSM-200)
IPSec throughput 18Gbps (6 SSM-100) 40Gbps (4 SSM-200)
IPS Link throughput 18Gbps (6 SSM-100) 40Gbps (4 SSM-200)
(1) IPSec need decryption, so # of SSM must equal to # of IOM, the highest IPSec performance need 5*IOM100+5*SSM100 (18*5=90）
(2) Backplane bandwidth limitation is 32G between SSM to IOM，the highest IPS throughput need 2*IOM-200+3*SSM-200 (32*3=96)

Expansion Modules Capacity
Firewall Concurrent Concurren

IPS IPSec New Session
Module Slots Interface Throughput Sessions t Sessions
Throughput Throughput (HTTP)
(1518-byte) (IPV4) (IPV6)
SSM-200 2 N/A N/A 32 Gbps 32 Gbps 1.6 M 120 M 80 M

SSM
SSM-100 1 N/A N/A 18 Gbps 18 Gbps 0.4 M 30 M 20 M
IOM-16SFP-100 1 16*SFP 20 Gbps N/A 18 Gbps 0.6 M 10 M 5M
IOM-8SFP+ 1 8*SFP+ 10 Gbps N/A 18 Gbps 0.3 M 5M 2.5 M
IOM-2Q8SFP+-200 2 2*QSFP+, 8*SFP+ 160 Gbps N/A 72 Gbps 2.4 M 80 M 54 M
IOM-2Q8SFP+-100 2 2*QSFP+, 8*SFP+ 80 Gbps N/A 36 Gbps 1.2 M 60 M 40 M
QSM-100 1 N/A 18 Gbps N/A N/A 0.5 M 10 M 5M

QSM
QSM-200 2 N/A 32 Gbps N/A N/A 2.0 M 40 M 20 M
SCM SCM-100 1 N/A N/A N/A N/A N/A N/A N/A
• Bypass Modules IOM-2MM-BE/IOM-2SM-BE occupies 1 slot

X7180 Hardware Configuration Recommendation
Typical HW Firewall Firewall Concurrent Concurrent New IPS IPSec Note
Scenario Configuratio Throughput Throughput Sessions Sessions Session Throughput Throughput
n (1816-byte) (64-byte) (IPV4) (IPV6) (HTTP)
Highest 1*Chassis 680 Gbps 253 Gbps 30 M 20 M 4M 18 Gbps 18 Gbps 4*160Gbps/I

Firewall 4*IOM200 OM200+1*4
throughput 1*IOM100 0Gbps/IOM1
1*SSM100 00
2*SCM100
Highest 1*Chassis 480 Gbps 180 Gbps 240M 160 M 3.2 M 64 Gbps 64 Gbps 2*120M/SS
Concurrent 3*IOM200 M200
Session 2*SSM200
2*SCM100
Highest IPS 1*Chassis 320 Gbps 120 Gbps 160 M 108 M 4.8 M 96 Gbps 64 Gbps 3*32Gbps
throughput or 2*IOM200 /SSM200,
Highest New 3*SSM200 public # is
Session 2*SCM100 100Gbps
Highest 1*Chassis 200 Gbps 65 Gbps 100 M 68 M 2M 90 Gbps 90 Gbps 5*18Gbps/S

IPsec 5*IOM100 SM100
throughput 5*SSM100
2*SCM100
• Total total available expansion slots for SSM and IOM are 10, the other 2 slots are dedicated for SCM
• Please refer the X7180 performance calculation tool for more configurations
• It is always recommended to work with Hillstone SE on the sizing for X projects


25
X10800 at a Glance
Product Name!SG-6000-X10800
Size!18U
Performance!1.2Tbps throughput"10 million new sessions per second"480 million concurrent sessions
Processing capability: 2 times more than X7180
Architecture: Same as X7180 platform, scalable to 7 Tbps in the future
HW highlights!Front and rear air supply, 100GE interface, switching Module redundancy, and 12 full-width slots
Software features: application identification and control, IPS, URL filtering, AV, Cloud sandbox, etc.

Well designed air ventilation for Inspiring design
extreme environment over 4000 Logo light and operation status light
meters
Two redundant fan array, each fan array has 5 long
lasting fans.
X10800 12 slots for SSM, QSM, IOM, SIOM or Bypass

modules.
Support 3 types of SIOM modules:
• 2*40GE+12*10GE
• 4*100GE+8*10GE
• 2*100GE+20*10GE
2 rack handles on each
side
Front and rear air ventilation for future data center.

Back air vent
Redundant Service Control Module Console, AUX, USB, MGT and 2*HA interface
Dual Switch Module, up to 2 Tbps
8 power supply slots

N+M redundant power supply.
DC or AC

SG-6000-X10800
Model SG-6000-X10800
Firewall Throughput (Maximum) 1.2 Tbps
Concurrent sessions (Maximum) 480 Million

New Sessions/s 10 Million
Expansion Modules SSM-300, QSM-300, IOM-P40-300, IOM-P100-300,

SWM-300, SCM-300, SIOM-P40-300, SIOM-P100-300,
SIOM-P100D-300
Maximum Interfaces Maximum 12*2 40GE+12*12 10GE
Or Maximum 12*4 100GE + 12*8 10GE
Or Maximum 12*2 100GE + 12*20 10GE
Maximum power consumption 4400W, N+M(1) redundant hot swap power supply
Power Supply AC 100-240 (50/60 Hz), DC -40 ~ -72V
Management Interfaces 1 Console port, 1 AUX port, 1 MGT management, 1 USB
2.0 port (single SCM-300 module)
Network Interfaces 2 Gigabit optical interfaces (2 HA interfaces, single SCM-
300 module)
Expansion Module Slot 12 universal expansion slots, 2 system control module
expansion slots, 2 switching module expansion slots
Dimension (W ! D ! H) 18U 17.3 ! 31.4 ! 25 in (440mm x797mm x 635mm)
Weight 253 lb (114.75kg)
Compliance and Certificate CE, CB, FCC, ROHS, IEC/EN61000-4-5 Power Surge
Protection, ISO 9001:2015, ISO 14001:2015, CVE
Compatibility, IPv6 Ready, ICSA Firewalls
Note: (1) At least 3 AC power modules are required for full load operation with AC power, and at least 4 DC power modules are required for full load
operation with DC power. © 2022 Hillstone Networks All Rights Reserved | 29
Performance Matrix
Actual link（Gbps）
300G
10M Connections/s,480M CC
X10800
180G
4.8M Connections/s, 240M CC X10800
X7180\X10800
80G X7180
(New IOM/SSM/QSM-200) *-200 module
60G X7180
2.4M Connections/s, 120M CC *-100 module
30G X7180
(IOM/SSM/QSM-100) E6360
20G E6160
E6360
E6160/6360
10G 700K-900K
60/0G Connections/s,
FW 20M-30M CC
E6160 UDP Throughput (Gbps）
60G 80G 360G 680G 1000G

Product Highlight
• 1.2Tbps throughput, actual link more than 300Gbps

High Performance • 10M new sessions per second, 480M concurrent session
• Support up to 7Tbps throughput in the future
• N+M redundant power supply, dual fan arrays design

• Dual switch board, dual service control board, SSM redundancy
High Reliability • Hardware Bypass and front and back ventilation design
• Support complete HA with AA, and firewall twin mode deployment
• Support 100GE, 40GE, and 10GE interfaces
• Maximum 12*2 40GE+12*12 10GE
High Density Interface • Maximum 12*4 100GE+12*8 10GE
• Maximum 12*2 100GE+12*20 10GE
• On demand expand for higher performance

Scalable Architecture • Support high performance redundant switch board
• Hardware platform design with powerful expansion capabilities, 12 slots

support service and interface card
It’s a Platform • Support multiple service modules including Storage, Intelligence
• The card is compatible with small-sized or large-sized chassis

Performance Configuration
Configuration Performance
Max. Throughput 12*SIOM-P100D-30 or 12*SIOM-P100-30 1.2 Tbps
Max. IPSec VPN 12*SIOM-P100D-30 or 12*SIOM-P100-30 500Gbps
QoS Max. performance 3*SSM-300, 5*IOM-300 and 4*QSM-300 405 Gbps
IPS Max. performance 8*SSM-300 and 4*IOM-300 400 Gbps
Max. Session 4*SSM-300 and 8*IOM-300 480 Million
Max. new sessions/s 7*SSM-300 and 5*IOM-300 11 Million

Module Specification
IOM-P40-300 IOM-P100-300 SSM-300 QSM-300
40GE, 10GE interface 100GE, 10GE interface Security Service QoS service module
module module module
Slot 1 1 1 1
CPU/Slot 1 1 2 2
Memory/Slot 32G 32G 128G 64G
Interface 2*QSFP+ and 12*SFP+ 4*QSFP28 and 8*SFP+ N/A N/A
Throughput (Gbps) 96/36 96/36 N/A 130
IPS throughput (Gbps) N/A N/A 50 N/A
IPSec throughput (Gbps) 51 51 66 N/A
Concurrent Sessions 60 M 60 M 120 M N/A
HTTP new sessions/s 2.2 M 2.2 M 1.8M N/A

SIOM Specifications
SIOM-P40-300 SIOM-P100-300 SIOM-P100D-300
40GE, 10GE service and I/O 100GE, 10GE service and I/O 100GE, 10GE service and
module module I/O module
Slot 1 1 1
CPU/Slot 1 1 1
Memory/Slot 64G 64G 64G
Interface 20*10G +2*100G 8*10G +4*100G 12*10G + 2*40G

Throughput (Gbps) 96/27 105/28 105/28
(1518bytes/ 64bytes)
IPS throughput (Gbps) 37 43 43
IPSec throughput (Gbps) 51 56 54
Concurrent Sessions 34M 34M 34M
HTTP new sessions/s 680,000 770,000 770,000

Power Consumption and Power Supply
Power Consumption "W# Power Supply"W#
PS AC (1600) / DC(1100)
IOM-P40-300 232
SCM-300 116
SWM-300 150
SSM-300 257
QSM-300 257
SIOM-P40-300 232
SIOM-P100-300 262
SIOM-P100D-300 262
Fan 175 *2
Note 1: At least 3 AC power modules are required for full load operation with AC power, and at least 4 DC power modules are required
for full load operation with DC power. It is based on the boards in use to determine whether the power supply is redundant. If the power
is twice more than need of boards, then it’s redundant. 1600/1100 is for single AC/DC power.

36
X9180 at a Glance
Product Name$SG-6000-X9180
Product: 7U, front panel 6 horizontal slots, rear panel 4 vertical slots, 4 power supplies, 20 fans, maximum power 2300W
Performance: 600 Gbps throughput, 4M new sessions per second, 200M concurrent sessions, IPSec 250G, IPS 200G
HA: Carrier grade reliability at 99.999%; support twin-mode HA deployment for redundant data centers
Architecture: Fully distributed architecture; same HW & SW architecture with X10800; can use X10800 expansion modules
HW highlights$Fully redundant architecture; front and rear air supply; 100GE interface; support future upgrade and expansion
Software features: 3000+ applications identification and control, tens of millions of URL filtering; support up to1000 vSys

X9180 – Front and Rear Panel
LOGO and Air vent 2 & SWM-280 slot *2 SCM-280 slot *2

system indicators Air vent 1 Fan tray (10 fans)
Universal
expansion Power module Fan tray (10 fans)
slot *6
Carrying handle
Modules：
IOM-P40-300,
IOM-P100-300,
SSM-300,
QSM-300,
SIOM-P40-300, Power control:
SIOM-P100-300, Power button &
SIOM-P100D-300 CLR button
Front Panel Rear Panel
• A set of front fan trays are hidden inside the air vents. Both the two air vents support live cleaning and replacement.

SG-6000-X9180 Specification
Model SG-6000-X9180
Firewall Throughput (Maximum) 600 Gbps
IMIX Throughput 300 Gbps
NGFW Throughput 140 Gbps
Threat Protection Throughput 100 Gbps
Concurrent sessions (Maximum) 200 Million
New Sessions/s 4 Million
IOM-P40-300, IOM-P100-300, SSM-300, QSM-300, SWM-280, SCM-280, SIOM-P40-300, SIOM-
Expansion Modules
P100-300, SIOM-P100D-300
Maximum Interfaces Maximum 12*40GE + 72*10GE or 24*100GE + 48*10GE or 12*100GE + 120*10GE
Maximum power consumption 3200W, N+M, redundant hot swappable power supply
Power Supply AC 90-140V / 180-264V (50/60H z), DC -36 ~ -72V
Management Interfaces 1 Console port, 1 AUX port, 1 MGT management, 1 USB 2.0 port (single SCM-280 module)
Network Interfaces 2 Gigabit optical interfaces (2 HA interfaces, single SCM-280 module)
6 universal expansion slots, 2 system control module expansion slots, 2 switching module
Expansion Module Slot
expansion slots, 1 USB 2.0 port
Dimension (W × D × H) 7U W17.3 in × D28.9 in × H12.1 in ( W440mm × D735mm × H308mm)
• Firewall Throughput can be Weight 130 lb (59.0 KG)
upgraded to 3.2T in the future.
CE, CB, FCC, ROHS, IEC/EN61000-4-5 Power Surge Protection, ISO 9001:2015, ISO
Compliance and Certificate
14001:2015, CVE Compatibility, IPv6 Ready, ICSA Firewalls

What’s Different From X7180 & X10800?
Compare Items X7180 X10800 X9180 1. Support 100GE interface

2. Improved heat dissipation with
Support 100GE No Yes Yes
front and rear ventilation
Front and rear ventilation, Front and rear ventilation,
Ventilation Left and right ventilation 3. Switching module redundancy
good heat dissipation good heat dissipation
for stability increasing
Redundant SWM No Yes Yes
4. Reduced power consumption
Maximum Power 5. Smaller size with reduced heat
1950W 4400W 3200W
Consumption
but still powerful (over 70Gbps
Size 5U 18U 7U throughput per 1U)
Does not support future Support future module Support future module 6. Strong upgrade capability
Upgrade capability
module upgrade upgrade upgrade
7. Reduce overall costs and
Cost Low Relatively high Low improve overall performance

What’s Different From X7180 & X10800?
Compared Items X7180 X9180 Difference Compared Items X10800 X9180 Difference
FW Throughput FW Throughput
680 Gbps 600 Gbps 1.2 Tbps 600 Gbps
(Maximum) (Maximum)
IPSec Throughput IPSec Throughput
90 Gbps 250 Gbps 500 Gbps 250 Gbps
(Maximum) (Maximum)
IMIX Throughput 500 Gbps 300 Gbps IMIX Throughput 600 Gbps 300 Gbps
NGFW Throughput 70 Gbps 140 Gbps NGFW Throughput 280 Gbps 140 Gbps
Half of
Threat Protection Threat Protection X10800
Throughput Throughput
Concurrent Sessions Concurrent Sessions
240 Million 200 Million 480 Million 200 Million
(Maximum) (Maximum)
New Sessions/s 4.8 Million 4 Million New Sessions/s 10 Million 4 Million
IPS Throughput IPS Throughput

(Maximum) (Maximum)
X9180 provides half of X10800’s capacity with smaller than half of X10800 size and higher power efficiency. It can utilize X10800’s IOM, SSM, QSM and SIOM.

X9180 Positioning
Actual Link
(bps)
300G
X9180
Throughput：600G
Actual Link：150G
New Sessions/s：4M X10800
Concurrent Sessions： Throughput: 1.2T, Actual Link: 300G
New Sessions/s: 10 Million
200 Million Concurrent Sessions: 480 Million
180G
X7180(200 Module)
Throughput: 680G, Actual Link: 180G
150G New Sessions/s: 4.8 Million
Concurrent Sessions: 240 Million
100G
E6360
X7180 (100 Module)
Throughput: 80G, Actual Link: 20G
60G New Sessions/s: 900k, Concurrent Sessions: Throughput: 360G， Actual Link: 60G
New Sessions/s: 2.4 Million, Concurrent Sessions: 120 Million
30 Million
E6160
20G Throughput: 60G, Actual Link: 10G
10G New Sessions/s: 700k, Concurrent Sessions: 20 Million FW Throughput (bps)
60G80G 200G 300G 360G 500G 680G 1200G
X9180 Performance Configuration
FW Max.
Expansion IPSec IPS Max. New
Throughpu Concurrent 100GE 40GE SFP+
Modules Throughput Throughput Sessions/s
t Sessions
IOM-P40-300 98G 51G / 60M 2.2M 0 2 12
IOM-P100-300 107G 51G / 60M 2.2M 4 0 8
SSM-300 / 50G 50G 120M 1.8M / / /
QSM-300 99G / / 20M / / / /
SIOM-P100-300 105G 56G 43G 34M 0.77M 4 / 8
Configuration Performance
Max. Throughput 6*SIOM-P100-300 600Gbps
Max. IPSec Throughput 6*SIOM-P100-300 300Gbps
QoS Max. performance 2*SSM-300, 2*IOM-300 and 2*QSM-300 180Gbps
IPS Max. performance 6*SIOM-P100-300 200Gbps
Max. Concurrent Session 2*SSM-300 and 4*IOM-300 240 Million
Max. new sessions/s 3*SSM-300 and 3*IOM-P40-300 5.4 Million

Module Specifications
IOM-P40-300 IOM-P100-300 SSM-300 QSM-300 SCM-280 SWM-280
40GE, 10GE 100GE, 10GE Security Service QoS Service System Control Switching
interface module interface module Module Module Module Module
Slot 1 1 1 1 1 1
CPU/Slot 1 1 2 2 1 N/A
Memory/Slot 32G 32G 128G 64G N/A N/A
2*QSFP+ and 4*QSFP28 and 1*GE(MGT)

Interface N/A N/A N/A
12*SFP+ 8*SFP+ 2*SFP(HA)
Throughput (Gbps)
96/36 96/36 N/A 99/16 N/A N/A
1518Bytes/64Bytes
IPS throughput (Gbps) N/A N/A 50 N/A N/A N/A
IPSec throughput
51 51 50 N/A N/A N/A
(Gbps)
Concurrent Sessions 60 M 60 M 120 M N/A N/A N/A
HTTP new sessions/s 2.2 M 2.2 M 1.8M N/A N/A N/A

SIOM Specifications
SIOM SIOM-P100D-300 SIOM-P100-300 SIOM-P40-300
Interface 20*10G +2*100G 8*10G +4*100G 12*10G + 2*40G
Firewall Throughput (Gbps)

105 105 96
1518Bytes
New Sessions/s (HTTP) 770,000 770,000 680,000
Max. Concurrent Sessions

34 Million 34 Million 34 Million
(IPv4)
IPS Throughput (Gbps) 43 43 37
IPSec Throughput
54 56 55
(Gbps)

Power Consumption and Power Supply
PS AC (1600) / DC(1100)
IOM-P40-300 232
IOM-P100-300 262
SCM-280 100
SWM-280 100
SSM-300 257
QSM-300 257
SIOM-P40-300 232
SIOM-P100-300 262
SIOM-P100D-300 262
Fan 175 *2
Note: At least 2 AC power modules are required for full load operation with AC power, and at least 2 DC power modules are required for
full load operation with DC power.

47
X8180 at a Glance
Product: 3U, front 3 horizontal slots, rear 2 horizontal slots, 1+1 redundant power supplies, 4 fans, maximum power 1300W
Performance: 450 Gbps throughput, 2.5M new sessions/s, 130M concurrent sessions, IPS 180G
Architecture: Fully distributed architecture; same HW & SW architecture with X9180 & X10800
HW highlights$Fully redundant architecture; front and rear air supply; 100GE interface

X8180 – Front and Rear Panel
Rear Air Vent, Fan * 4
Front Air Vent
Power * 2 SCM slot * 2

SIOM-P100-260 * 3
Front Panel Rear Panel

X8180 Service and IO Module
STA SFP+(0-15) QSFP28

PWR
SIOM-P100-260
16 SFP+, 2 QSFP28
Note: The 100GE port can be reduced to 40GE via command line. It can also be divided into 4 * 25GE via command line.

X8180 System Control Module
STA Management and

CLR
PWR Network Interfaces
SCM-260
1 * USB 2.0 port, 1 * Console port, 1 * MGT management, 2 * Gigabit optical ports (HA)
Note: PWR – power indicator; STA – system status indicator; CLR button - to restore the factory configuration.
X8180 Specification
Model SG-6000-X8180
1. industry’s leading throughput (150
Firewall Throughput (Maximum) 450 Gbps
IPSec Throughput (Maximum) N/A (under testing)
Gbps throughput per U, 43 Million
IMIX Throughput N/A (under testing) Concurrent Sessions and 800,000 New
NGFW Throughput N/A (under testing)
Sessions/s per U)
Threat Protection Throughput N/A (under testing)
2. Powerful application layer protection
Concurrent Sessions (Maximum) 130 Million
New Sessions/s 2.5 Million (60 Gbps IPS Throughput per U)
IPS Throughput (Maximum) 180 Gbps 3. Simple module configuration, better
Expansion Modules SCM-260, SIOM-P100-260
redundancy
Maximum Interfaces Maximum 6*100GE + 48*10GE
Maximum power consumption Max. 1300W, 1+1 redundant 4. Support 100GE
Power Supply AC 100-127 V / 200-240 V (50/60 Hz), DC -48 ~ -60 V 5. Front and rear ventilation that satisfy
Management Interfaces 1 Console port, 1 MGT management, 1 USB 2.0 port (single SCM-260 module)
the energy efficiency needs of modern
Network Interfaces 2 Gigabit optical interfaces (2 HA interfaces, single SCM-260 module)
DC
Expansion Module Slot 3 universal expansion slots, 2 system control module expansion slots
6. Hot swap power supply, low power
Dimension (W × D × H) 3U W 17.3 in × D 21.7 in × H 5.2 in (W 440 mm × D 552 mm × H 132 mm)
Weight 44.5 lb (20.2 kg) consumption
ROHS, IEC/EN61000-4-5 Power Surge Protection, ISO 9001:2015, ISO 14001:2015, CVE
Compliance and Certificate
Compatibility, IPv6 Ready, ICSA Firewalls

X8180 Positioning
New Sessions/s
10 Million
X10800
Throughput: 1.2T, IPS: 400G
X8180
Throughput：450G
IPS：180G
X7180(200 Module)
New Sessions/s：2.5M Throughput: 680G, IPS: 100G
4.8 Million Concurrent Sessions： New Sessions/s: 4.8 Million
130 Million Concurrent Sessions: 240 Million
4 Million
X9180
Throughput: 600G, IPS: 250G
2.5 Million
X7180 (100 Module)
2.4 Million Throughput: 360G， IPS: 90G
New Sessions/s: 2.4 Million,
FW Throughput (bps)
360G 450G 600G 680G 1,200G
X8180 Performance Configuration
SIOM-P100-260 Configuration Performance (Max. configuration)
Max. Throughput 157 Gbps 3 * SIOM-P100-260 450 Gbps
Max. IPSec Throughput N/A 3 * SIOM-P100-260 N/A
IPS Max. performance 60 Gbps 3 * SIOM-P100-260 180 Gbps
Max. Concurrent Session 45 Million 3 * SIOM-P100-260 130 Million
Max. new sessions/s 900,000 3 * SIOM-P100-260 2.5 Million
Note: The performance of max configuration is rounded number based on 3 SIOM-P100-260 modules.

X8180 Power Consumption
PS 1,300 (AC), 1,300 (DC)

SIOM-P100-260 (max. *3) 230
SCM-260 (max. *2) 40
FAN (max. *4) 56
X8180 max. configuration power

2 * SCM + 4 * FAN + 3 * SIOM = 2 * 40 + 4 * 56 + 3 * 230 = 994 < 1300

X-Series Comparison
Model X7180 X8180 X9180 X10800
Height 5U 3U 7U 18U
FW Throughput 680 Gbps 450 Gbps 600 Gbps 1.2 Tbps
Max. Concurrent Session 240 Million 130 Million 200 Million 480 Million
New sessions/s 4.8 Million 2.5 Million 4 Million 10 Million
IPSec VPN Throughput 90 Gbps N/A 250 Gbps 500 Gbps
IPS Throughput 100 Gbps 180 Gbps 250 Gbps 400 Gbps
Interfaces 1GE/10GE/40GE 10GE/100GE 10GE/40GE/100GE 10GE/40GE/100GE
Max. Power Supply 1700W 1300W 3200W 4400W
Power/Throughput (W/G) 2.5 2.9 5.3 3.7
Throughput/Height (G/U) 136 150 85.7 66.7

Comparison with Other Vendors
Hillstone Palo Alto Check Point Juniper Fortinet
Product Model X8180 PA7060 26000 SRX5400 6301F 6501F
Height 3U 9U 3U 5U 3U 3U
FW Throughput 450 Gbps 430 Gbps 316 Gbps 285 Gbps 239 G 239 G
Max. Concurrent
130 Million 192 Million 32 Million 90 Million 120 Million 200 Million
Session
New sessions/s 2.5 Million 2.9 Million 550,000 1.75 Million 2 Million 3 Million
IPSec VPN
N/A 144 Gbps 40 Gbps 60 Gbps 96 Gbps 160 Gbps
Throughput
IPS Throughput 180 Gbps 210 Gbps 43 Gbps 230 Gbps 110 Gbps 170 Gbps
Max. No. of Virtual

1000 225 250 2000 500 500
Systems
Max. Power
1300W 2500W 1200W 4100W 1237W 1568W
Consumption
Power/Throughput
2.9 5.8 3.8 14.4 5.2 6.6
(W/G)
Throughput/Height
150 47.8 105.3 57 79.7 79.7
(G/U)

X8180 Summary
Product: 3U, front 3 horizontal slots, rear 2 horizontal slots, 1+1 redundant power supplies, 4 fans, maximum power 1300W
Performance: 450 Gbps throughput, 2.5M new sessions/s, 130M concurrent sessions, IPS 180G
Architecture: Fully distributed architecture; same HW & SW architecture with X9180 & X10800
HW highlights$Fully redundant architecture; front and rear air supply; 100GE interface
Advanced Security
High Performance High Availability Compact & Energy Saving
Technologies
Deployment Scenarios &
Winning Cases

59
X-Series Firewall Deployment Scenario
Internet Partners
North/South
BYOD Data Center Branch Offices

ICP Private Cloud Solution
OA， Portal，Mail，Online-game Storage，B2B/B2C，IM，Search Engine

Customer Pain Points
VM
APP
VM
APP
VM
APP
VM
OS
VM
AP
VM
APP
VM
APP
VM
APP üSecurity isolation for east-west traffic
#1
VM #2
VM #3
VM #4
VM #5
VM #6
VM #7
VM #8
VM
OS OS OS OS OS OS OS OS
#1 #2 #3 #4 #5 #6 #7 #8 üSecurity guarantee for service system
VM VM VM VM VM VM VM VM
#1 #2 #3 #4 #5 #6 #7 #8 migration
vSwitch vSwitch üSupport elastic scalability
VMM VMM
Hillstone Offerings
Traffic Re-direction üvSYS solution
Hillstone X-Series Hillstone X-Series
TRUNK TRUNK
üTraffic re-direction
HA
VSYS VSYS VSYS VSYS üVLAN ID division
VSYS VSYS VSYS VSYS üHigh performance firewall
üScalable architecture

Government Cloud Data Center Solution

üMassive access requests
üIsolation of services
üSupport virtualization
Hillstone Offerings
üHigh performance firewall
üHigh reliability architecture
üScalable architecture
üVirtual System

Carrier Public Cloud Service Isolation Solution

X-series X-series
üEast-west traffic growth of Data Center
üMultiple tenants
üIncreasing energy consumption
Hillstone Offerings
üHigh performance DC firewall
üVirtual System (vSYS) solution
üGranular application identification

Broadband MAN and Mobile Internet CGN Solution
MAN Exit
Active Standby üIPv4 address exhausting

NAT üIncreasing P2P traffics
NAT
HSA üIncreasing OTT App services
VRRP Mobile Multi-
Media System
Active
ü Regulatory/compliance requirement
HSA
Hillstone Offerings
BTS Internet
üHigh performance CGN
Access network
Standby üHA Tapping deployment
Broadband MAN solution üNAT
Mobile Malware Business
Detection System Application
System üApplication identification
üIntelligent bandwidth management
Mobile Internet Solution üLog audit

Solution for Universities Internet Connectivity

üFast growth of users
üMultiple internet links
üLarge P2P traffic
üRegulatory/compliance requirement
Hillstone NGFW üIPv6
Hillstone Offerings
üHigh performance NAT
X-series üLink load balancing

üBandwidth management/QoS
üLog audit
üIPv6
üURL filtering

Financial Data Center Solution
High performance DC Firewall can sustain under the

massive edge traffic and transactions
Active Standby
vSYS support segmentation of different business
department and business applications
vSYS supports NAT, Load Balance, VPN, Access Control,

AD, IPS, Session Limit, URL Filtering, providing tenant
level security
Biz A Biz B Biz C Biz D

Openstack FWaaS Solution
Internet
Active Standby
vSYS Core Switch vSYS

Admins create firewall vSYS for tenants and configure
policies through Openstack
Tenants are segmented through vSYS and can configure

policy through independent vSYS
ToR
Switch Admin
vSYS support NAT, load balance, VPN, access control,

AD, session limits, QoS, IPS, URL filtering, IP reputation,
AV, etc.
Servers
Twin-Mode Firewall for Redundant Data Centers
• A transaction sends traffic from servers in data center A (on the left) to servers in data center B (right).
• IT policy requires all Data Center A traffic to traverse Data Center A firewalls (see green line).
• Instantly Twin-Mode Link synchronizes the Data Center A Firewall session configuration and state information with Data Center B
firewalls (Red dotted line labeled Twin-Mode ).
• The return flow hits the Data Center B firewalls, which, thanks to Twin-Mode , are aware of the session established on firewalls in Data
Center A. They forward the return flow to Data Center A firewalls.
• The return flow passes through the Data Center A firewalls successfully and completes the transaction (red line), providing access to
the requested information.
• Dual data link ports supports for twin mode connections to reduce the single point failure. © 2022 Hillstone Networks All Rights Reserved | 68
X-Series Winning Cases

NEDETEL
ISP1 ISP2
X10800 ØNEDETEL is one of largest ISP and carriers in
DMZ Ecuador. Its customers include second tier ISPs and

large enterprises. NEDETEL looks for an appliance
that could provide security for their network with 100G
ISP City4
interface.
ØNEDETEL deployed Hillstone X10800 Next
Generation Data Center Firewall with 100G interfaces,
ISP City1 ISP City3
ISP City2 together with security service including IPS, QoS and
URL filtering.
Unified solution: CGN + Security ØWith Hillstone X10800, NEDETEL provides high
performance network and trusted security to its end
High performance and reliability users.

Pakistan Carrier 2.5G/3G Network
Ø Through partnership with ZTE, Hillstone provided

high-performance security protection for the
GPRS/WCDMA network that was built by Telenor in
Pakistan.
ØThe core network of the globally leading carrier fully

uses the high-performance Hillstone 100G offerings,
including 12 Data Center Firewalls and 6 NGFWs.
Maturity and stability of the high-end firewall
Overseas implementation and service capabilities

China Telecom WAP Service Platform
ØChina Telecom’s expansion projects for its nodes in

twelve cities/provinces, including Beijing, Guizhou,
Henan, Hubei, Hunan, Ningxia, Shandong, Shanxi,
Tianjin, Xinjiang, Chongqing, and Chengdu.
ØHillstone Security Gateway, through its unique high

performance, has become a typical choice in China.
Stable operation of Hillstone Security offerings in the

mission-critical systems of the carrier
Capabilities of parallel implementation across nodes and

rapid response during after-sale services

China Telecom SOC Platform
ØChina Telecom needed to deploy a SOC platform on

the intranet of its provincial branches to provide
comprehensive control. Additionally, the security of the
SOC system also required applicable protection.
ØThe innovative high-performance Hillstone security

gateways are recognized by users and adopted by
branches in 20 cities/provinces, including Shanghai,
Fujian, Zhejiang, Xinjiang, Qinghai, Ningxia, Hebing,
Comprehensive security protection through
multiple security features on a single device Tianjin, Hunan, Guangdong, Beijing, Hainan, Hubei,
Sichuan, Shandong, Liaoning, Henan, Shanxi,
Capabilities of parallel implementation across Heilongjiang, and Chongqing.
nodes and support with after-sale services

China Telecom 3G Internet
ØChina Telecom made up its mind to reconstruct

security in order to increase its protection against
mobile internet threats. With its high performance,
high reliability and scalability, the high-end Hillstone
firewall ( up to 100Gbps) has been chosen by China
Telecom for its 3G Internet. 2 Data Center Firewalls
were deployed by Sichan Telecom and 2 by Fujian
Telecom.
Unified solution: CGN + Security ØThe high-end Hillstone 100G firewall not only settled
the security but also solved the shortage of CTWAP
High performance and reliability and CTNET addresses.

Xinjiang Mobile Internet
ØAfter some special events, Xinjiang Mobile urgently

needs to granularly manage Internet access and focus
on preventing illegal speech and gatherings.
ØHillstone’s first regular control case in the case of

high traffic, which enables an actual traffic throughput
up to 10G bps，with 2 Data center Firewalls, 8 NGFW,
and a HSM platform. Two operating modes, including
interception at ordinary times and online control in
Internet content, behaviors, and
specific account control special periods, are perfectly enabled.
Fine-grained control ,high flow and

concurrent sessions

Bank of Changsha
Ø As the first regional joint-equity commercial bank

in Hunan, Bank of Changsha planned and built both
local and remote backup disaster recovery centers
based on its layout spanning two places and three
centers.
Ø To safeguard its disaster recovery center, the
customer needed the high-performance, high-reliability,
and high-scalability Datacenter Firewall.
High performance and reliability safeguard the secure Ø Hillstone provided 2 Hillstone Data center firewall
operation of the disaster recovery datacenter
during the current period of the project, to provide high
Performance scalability can help the bank protect its performance and scalable protection.
existing investment

PBC’s Reconstruction of Clearing Center
ØThe People’s Bank of China (PBC) needed to

reconstruct its security system for its clearing center. It
focused most of its efforts on low delay - one of its
performance KPIs.
ØThe high-performance Hillstone security gateway
greatly outperformed competitions in delay. It is
recognized by PBC and deployed on 7 of the largest
city finance networks in the country.
ØThe parallel hardware architecture of Hillstone
Guarantee for rapid money transactions
across banks security gateways can also address PBC’s
requirements for high reliability.
Guarantee for continuous system running
with high device reliability by design

Guangdong Baiyun University
ØGuangdong Baiyun University has four Internet

outlet links for up to 3G traffic and tens of thousands of
users, which cannot be supported by the original NAT
equipment
ØA single Hillstone 100G datacenter firewall can
support all the online traffic of the university and its
multi-link load balancing fully suits the network of the
university.
ØThe datacenter firewall offers application drainage,
Datacenter firewall is widely used by
dozens of universities. reducing tens of thousands of link costs for the
university each year.
High-performance NAT won
recognition from universities.

+1 408 508 6750
inquiry@hillstonenet.com
5201 Great America Pkwy, #420
Santa Clara, CA 95054
www.hillstonenet.com
79

How To Sell Hillstone 303. X Series DCFW v5.5r9

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

How To Sell Hillstone 303. X Series DCFW v5.5r9

Uploaded by

Copyright:

Available Formats

Hillstone X-Series

Data Center Firewall

Hillstone Data Center Firewall Value Proposition

Hillstone Data Center Firewall Portfolio

Deployment Scenarios & Winning Cases

© 2022 Hillstone Networks All Rights Reserved | 2

© 2022 Hillstone Networks All Rights Reserved | 33

Complexity Scalability Management

© 2022 Hillstone Networks All Rights Reserved | 4

© 2022 Hillstone Networks All Rights Reserved | 55

IOM Security Module IOM

IOM Security Module IOM

IOM Security Module IOM

• System has low performance if traffic • System performance is limited by single

Separation of the network layer and the

Patent Elastic Firewall Architecture, Linear

HA for Security Service Modules, high

© 2022 Hillstone Networks All Rights Reserved | 7

System Bypass Hardware Modules Software

Enable Carrier Grade Reliability at 99.999%

Twin-Mode Firewall Solution for

Asymmetric flow Ensure business Configuration between

© 2022 Hillstone Networks All Rights Reserved | 9

Dynamically configure each virtual

Each virtual firewall can be configured

© 2022 Hillstone Networks All Rights Reserved | 10

IPv4 NAT64 IPv6

Past Now Future

© 2022 Hillstone Networks All Rights Reserved | 11

Comprehensive VPN Solution

L2-L7 Full Security Features

© 2022 Hillstone Networks All Rights Reserved | 12

• To understand interconnection and access • Discover old policies for reference of

Utilizing the Policy Assistant and Policy Analysis together

© 2022 Hillstone Networks All Rights Reserved | 13

Granular Customizable Template Rich and Helpful Content

Better Readability Easy to Utilize

© 2022 Hillstone Networks All Rights Reserved | 14

© 2022 Hillstone Networks All Rights Reserved | 15

• Low Power Consumption

• Unique Twin-Mode Firewall

© 2022 Hillstone Networks All Rights Reserved | 16

Vendor A Vendor B Hillstone

Throughput/U（G/U） Maximum Power Consumption (W/G)

© 2022 Hillstone Networks All Rights Reserved | 18

© 2022 Hillstone Networks All Rights Reserved | 19

Dual SCM Control

© 2022 Hillstone Networks All Rights Reserved | 20

© 2022 Hillstone Networks All Rights Reserved | 21

New sessions/sec(HTTP) 2.4M (4 IOM + 6 SSM) 4.8M (2 IOM-200+3 SSM-200)

Concurrent Sessions 120M (6 IOM + 4 SSM) 240M (3 IOM-200+2 SSM-200)

IPSec throughput 90Gbps (5 IOM + 5 SSM) 90Gbps(1)

© 2022 Hillstone Networks All Rights Reserved | 22

Firewall Concurrent Concurren

SSM-200 2 N/A N/A 32 Gbps 32 Gbps 1.6 M 120 M 80 M

IOM-16SFP-100 1 16*SFP 20 Gbps N/A 18 Gbps 0.6 M 10 M 5M

IOM-8SFP+ 1 8*SFP+ 10 Gbps N/A 18 Gbps 0.3 M 5M 2.5 M

IOM-2Q8SFP+-200 2 2*QSFP+, 8*SFP+ 160 Gbps N/A 72 Gbps 2.4 M 80 M 54 M

IOM-2Q8SFP+-100 2 2*QSFP+, 8*SFP+ 80 Gbps N/A 36 Gbps 1.2 M 60 M 40 M

QSM-100 1 N/A 18 Gbps N/A N/A 0.5 M 10 M 5M

SCM SCM-100 1 N/A N/A N/A N/A N/A N/A N/A

• Bypass Modules IOM-2MM-BE/IOM-2SM-BE occupies 1 slot

© 2022 Hillstone Networks All Rights Reserved | 23

IOM-2Q8SFP+-200 2 2QSFP+, 8SFP+ 160 Gbps N/A 72 Gbps 2.4 M 80 M 54 M

IOM-2Q8SFP+-100 2 2QSFP+, 8SFP+ 80 Gbps N/A 36 Gbps 1.2 M 60 M 40 M

Highest 1Chassis 680 Gbps 253 Gbps 30 M 20 M 4M 18 Gbps 18 Gbps 4160Gbps/I

Highest 1Chassis 200 Gbps 65 Gbps 100 M 68 M 2M 90 Gbps 90 Gbps 518Gbps/S

Max. Throughput 12SIOM-P100D-30 or 12SIOM-P100-30 1.2 Tbps

Max. IPSec VPN 12SIOM-P100D-30 or 12SIOM-P100-30 500Gbps

QoS Max. performance 3SSM-300, 5IOM-300 and 4*QSM-300 405 Gbps

IPS Max. performance 8SSM-300 and 4IOM-300 400 Gbps

Max. Session 4SSM-300 and 8IOM-300 480 Million

Max. new sessions/s 7SSM-300 and 5IOM-300 11 Million

Interface 2QSFP+ and 12SFP+ 4QSFP28 and 8SFP+ N/A N/A

Interface 2010G +2100G 810G +4100G 1210G + 240G

LOGO and Air vent 2 & SWM-280 slot 2 SCM-280 slot 2

QoS Max. performance 2SSM-300, 2IOM-300 and 2*QSM-300 180Gbps

Max. Concurrent Session 2SSM-300 and 4IOM-300 240 Million

Max. new sessions/s 3SSM-300 and 3IOM-P40-300 5.4 Million

2QSFP+ and 4QSFP28 and 1*GE(MGT)

Interface 2010G +2100G 810G +4100G 1210G + 240G