HiSecEngine USG6700E Series AI Firewall
- Classification:Huawei firewall products
- Release time:2025-11-17
- Page views:0
HiSecEngine USG6700E Series AI Firewall
- Classification:Huawei firewall products
- Release time:2025-11-17
- Page views:0
Huawei's HiSecEngine USG6700E series AI firewall (box type) is a 10 Gigabit AI firewall designed for next-generation data centers and large enterprise campus networks. Building upon NGFW capabilities, it integrates with other security devices to proactively defend against network threats, enhance boundary detection capabilities, effectively defend against advanced threats, and address performance degradation issues. The NP engine provides fast forwarding capabilities, significantly improving firewall performance. It is widely applicable to industries such as finance, government, and large enterprises.
1. Superior performance
• Adaptive Security Engine (ASE): Dynamically allocates resources to business modules to maximize resource utilization and improve overall business performance.
• NP, pattern matching, encryption/decryption coprocessing engine: Improves small packet forwarding performance, reduces forwarding latency, and enhances application identification, intrusion prevention and detection, and IPSec and other service performance.
2. Intelligent Defense
• Hundreds of millions of virus samples: The antivirus content detection engine (CDE) based on intelligent AI technology covers hundreds of millions of virus samples, effectively defending against virus attacks.
• AI security detection algorithm: The AI detection algorithm is deployed to the local gateway. Based on in-depth analysis of malicious behavior, it can quickly detect unknown variant viruses and unknown threats with a detection rate of up to 95%.
3. Extremely simple operation and maintenance
• Unified Operation and Maintenance: The unified controller enables unified policy orchestration and automatic correlation analysis of alarms, and combined with cloud-network-edge-device linkage, it can achieve second-level threat handling.
• Simplify operations and maintenance: Threat visualization defines a new security interface that intuitively presents key information such as device status, alarms, traffic, and threat events, simplifying operations and maintenance.
Technical parameters
| model | USG6712E | USG6716E |
| Fixed interface | 2 x 100G (QSFP28) + 2 x 40G (QSFP+) + 20 x 10GE (SFP+) + 2 x 10GE (SFP+) HA + 1 x USB3.0 | |
| Product Form | 1U | |
| Local storage | Optional 2.5-inch form factor hard drive, supports SSD 240GB/HDD 1TB. | |
| Integrated protection | This device integrates multiple functions such as traditional firewall, VPN, intrusion prevention, antivirus, data loss prevention, bandwidth management, anti-DDoS, URL filtering, and anti-spam, with a global configuration view and unified policy management. | |
| Application Identification and Control | It identifies 6000+ applications, providing access control precision down to the application function level; for example, it distinguishes between text and voice messages in WeChat. Application identification is combined with intrusion detection, antivirus, and content filtering to improve detection performance and accuracy. | |
| Bandwidth management | Based on the identification of business applications, bandwidth usage per user/IP can be managed to ensure network experience for critical services and users. Control methods include: limiting maximum bandwidth or guaranteeing minimum bandwidth, application-based policy routing, and modifying application forwarding priorities. | |
| Intrusion prevention and web protection | Get the latest threat information immediately, accurately detect and defend against attacks targeting vulnerabilities. Protect against various web-based attacks, including SQL injection and cross-site scripting attacks. | |
| APT defense | It works in conjunction with local/cloud sandboxes to detect and block malicious files. It supports flow probe information collection, comprehensively collects traffic information, and sends the collected information to the network security intelligence system (HiSec Insight) for analysis, evaluation, and identification of network threats and APT attacks. Encrypted traffic does not require decryption; it can be integrated with HiSec Insight to detect threats in encrypted traffic. Proactively respond to malicious scanning behavior and analyze the behavior in conjunction with HiSec Insight to quickly detect and record malicious activities, achieving real-time protection against enterprise threats. | |
| Cloud management model | The device automatically initiates authentication and registration with the cloud management platform, enabling plug-and-play functionality and simplifying network creation and setup. Remote service configuration management and equipment monitoring and fault management enable cloud-based management of massive numbers of devices. | |
| Cloud application security awareness | It allows for refined and differentiated control over enterprise cloud applications, meeting enterprises' needs for managing user cloud application usage. | |
