AntiDDoS8030-CHAS-DC

AntiDDoS8030 Specifications

Interfaces and performance

Throughput

Up to 120 Gbit/s

Throughput/Slot

Up to 80 Gbit/s

Mitigation Rate/Slot

Up to 60 Mpps

Latency

80 μs

Expansion Slots

3

Expansion LPU

FW-LPUF-120, 2 sub-slots

Expansion Interfaces

24 x GE (SFP); 5 x 10 GE (SFP+); 6 x 10 GE (SFP+); 12 x 10 GE (SFP+); 1 x 40 GE (CFP); 1 x 100 GE (CFP)

Dimensions

Height x Width x Depth

DC: 175 mm x 442 mm x 650 mm (4U) 
AC: 220 mm x 442 mm x 650 mm (5U)

Weight

DC chassis: 15 kg (empty), 30.7 kg (full) 
AC chassis: 25 kg (empty), 40.7 kg (full)

Power and Environment

Power Supply

Rated input voltage: 
DC: -48V 
AC: 175V to 264V; 50 Hz/60 Hz 
Maximum input voltage range: 
DC: -72V to -38V 
AC: 90V to 264V; 50 Hz/60 Hz

Power Consumption

1 x FW-LPUF-120 + 2 x ADS-SPUC-B + 2 x ADS-SPC-80-01: 
DC: 1,066W (avg.), 1,272W (max.) 
AC: 1,185W (avg.), 1,414W (max.)

Power Redundancy

DC: Double hot-swappable power modules 
AC: Double hot-swappable power modules

Operating Temperature

0°C to 45°C (long-term), -5°C to 50°C (short-term)

Storage Temperature

-40°C to 70°C

Operating Humidity

5% RH to 85% RH, non-condensing (long-term), 5% RH to 95% RH, non-condensing (short-term)

Storage Humidity

0% RH to 95% RH

Certifications

Safety Certifications

Electro Magnetic Compatibility (EMC) certification 
CB, Rohs, FCC, MET, C-tick, and VCCI certification

DDoS Defense Specifications

Defense against protocol abuse attacks 
Defense against Land, Fraggle, Smurf, WinNuke, Ping of Death, Teardrop, and TCP error flag attacks

Web application protection 
Defense against HTTP GET flood, HTTP POST flood, HTTP slow header, HTTP slow post, HTTPS flood, SSL DoS/DDoS, WordPress reflection amplification, RUDY, and LOIC attacks; packet validity check

Defense against scanning and sniffing attacks 
Defense against address and port scanning attacks, and attacks using Tracert packets and IP options, such as IP source route, timestamp, and record route

DNS application protection 
Defense against DNS query flood, DNS reply flood, and DNS cache poisoning attacks; source limit

Defense against network-type attacks 
Defense against SYN flood, SYN-ACK flood ACK flood, FIN flood, RST flood, TCP fragment flood, UDP flood, UDP fragment flood, IP flood, ICMP flood, TCP connection flood, sockstress, TCP retransmission, and TCP empty connection attacks

SIP application protection 
Defense against SIP flood/SIP methods flood attacks, including Register, Deregistration, Authentication, and Call flood attacks; source limit

Defense against UDP-based reflection amplification attacks 
Defense against NTP, DNS, SSDP, Chargen, TFTP, SNMP, NetBIOS, QOTD, Quake Network Protocol, Portmapper, Microsoft SQL Resolution Service, RIPv1, and Steam Protocol reflection amplification attacks

Filter 
IP, TCP, UDP, ICMP, DNS, SIP, and HTTP packet filters

Location-based filtering 
Traffic block or limit based on the source IP address location

Attack signature database 
RUDY, slowhttptest, slowloris, LOIC, AnonCannon, RefRef, ApacheKill, and ApacheBench attack signature databases; automatic weekly update of these signature databases

IP reputation 
Tracking of most active 5 million zombies and automatic daily update of the IP reputation database to rapidly block attacks; local access IP reputation learning to create dynamic IP reputation based on local service sessions, rapidly forward service access traffic, and enhance user experience

Management and Reporting

Management functions 
Account management and permission allocation; defense policy configuration and report display based on Zones (up to 100,000 Zones, namely tenants); device performance monitoring; source tracing and fingerprint extraction through packet capture; email, short message, and audio alarms; log dumping; dynamic baseline learning

Report functions 
Comparison of traffic before and after cleaning; top N traffic statistics; application-layer traffic comparison and distribution; protocol distribution; traffic statistics based on the source location; attack event details; top N attack events (by duration or number of packets); distribution of attacks by category; attack traffic trend; DNS resolution success ratio; application-layer top N traffic statistics (by source IP address, HTTP URI, HTTP HOST, and domain name); download of reports in HTML/PDF/Excel format; report push via email; periodical generation of daily, weekly, monthly, and yearly reports

Traffic Diversion and Injection

Traffic diversion
Supports manual, and PBR or BGP based automatic traffic diversion

Traffic injection 
Supports static route injection, MPLS VPN injection, MPLS LSP injection, GRE tunnel injection, Layer 2 injection, PBR based injection, etc