Back Home

Evolution of Firewall Technology

NGFW Defined by Gartner


Misconceptions of NGFW

Challenges Facing the NGFW

  • The popularity of BYOD, cloud technologies, and social networks increases control complexity 75% of today's attacks are Web applications

    Fine-grained control?

  • The transition from port-based to application-based control exponentially increases management complexity Administrators have insufficient technologies management
    expertise, which is why a large number of administrators are required

    Easy to manage?

  • APT attacks are growing in scale and strength 50% of attacks are organized attacks

    Identify unknown threats?

  • Comprehensive protection is a rigid requirement of
    security gateways
    NGFW is reduced to a UTM

    Sufficient performance?


2009 to 2013: The ever-changing IT environment brings new security challenges

NGFW Defined by Huawei

  • Fine-grained control

    Keep pace with virtualization, mobility,and social networking Be aware not only of applications,users,and content,but also locations,risks,and devices

  • Intelligent management

    Suggest new control policies Provide intelligent risk analysis and suggest handling methods

  • Comprehensive protection

    Identify not only applications, but threats in applications as well Detect unknown threats and APT attacks

  • High

    Base performance = Firewall + Application identification When all threat prevention functions are enabled, the performance drop should be lower than 50%

  • Next-Generation
    Network Security

Introduction to Huawei NGFW


USG6000 Series Next Generation Firewall

  • Fine-grained application access control: 6 control dimensions and 6,000+ identifiable applications
  • Simple management: learn proactive traffic patterns and automatic policy suggestions
  • Comprehensive threat prevention: cloud and sandbox technologies and defense against unknown threats
  • Excellent performance: 10 G attack defense performance, Layer 7 protection, Layer 4 speed

Details on Huawei NGFW

Huawei NGFW Highlights

Brand-new next generation context awareness and access control: globally identifies ever-increasing application-layer attacks and implements all-round application-layer protection by application, content, time, user, attack, and location


Predefined policy templates for fast deployment of application-based policies. Automatically generates policy tuning suggestions using the minimum permission control principle, based on network traffic and application risks. Simplifies policy management by analyzing policy matching ratios in order to discover and remove redundant and invalid policies.


Worldwide security centers provide samples of suspicious threats. Huawei NGFW evaluates suspicious samples within the sandbox in the cloud to monitor their activities and identify unknown threats.


Dedicated software and hardware architecture and Intelligent Awareness Engine (IAE): capable of parallel processing with all security functions enabled after intelligent application identification

Hardware acceleration for content awareness: improves application-layer protection efficiency and ensures 10 G+ performance with all security functions enabled


Global Debuts



RSA 2013
CEBIT 2013
INTEROP Japan 2013

Channel materials


Copyright © Huawei Technologies Co., Ltd. 1998-2013. All rights reserved.

Contact Local TAC