Huawei NIP6300/6600 series is an advanced, new generation intrusion prevention system (NGIPS) designed to provide application and service security for carriers. The NIP6300/6600 provides context, application, and content awareness capabilities and defends against unknown threats to better protect network infrastructures, bandwidth performance, servers, and clients.
Uses a dedicated multi-core and multi-CPU platform, which greatly improves detection performance.
Provides dedicated hardware for decompression and pattern matching to ensure high traffic processing efficiency and optimal performance with multi-level protection.
Uses a new intelligent awareness engine (IAE) for threat detection, which enables multi-level protection and concurrent processing and improves threat detection efficiency.
Protects operating systems and applications from malware and attacks.
Identifies more than 120 types of files, prevents file name extension tampering, and identifies malicious code in files.
Provides superior anti-DDoS capabilities to mitigate application-layer DDoS attacks (such as HTTP, DNS, and SIP attacks).
Implements SSL encryption and advanced evasion detection.
Detects unauthorized connections to servers and protects information assets.
Identifies security risks to both static assets and dynamic traffic.
Automatically tunes security policies based on the security risks.
Analyzes the detection logs based on the security risks for hierarchical log management.
Interworks with the sandbox for suspect file analysis and threat file detection.
Interworks with the IP and C&C reputation systems for rapid threat detection and prevention.
Captures the latest attacks, worms, viruses, and Trojan horses, extracts signatures from them, and determines the threat trend using a global honeynet.
Updates the signature database and inspection engine promptly when new and zero-day threats and vulnerabilities are identified.
Certified "CVE-Compatible". Threat analysis and verification are compatible with Common Vulnerabilities and Exposures (CVE) requirements.
The NIP6300/6600 series next-generation intrusion prevention system can be deployed in carrier IDCs and enterprise networks to detect and block attacks in real time. Intelligent context awareness, dynamic policy tuning, and hierarchical log management help improve attack defense capabilities and reduce customers' network O&M costs.