manualshive.com logo in svg

Huawei AR500, Product Description, Page: 21 / 35

Share
Download
Huawei AR500 Product Description Download Page 21

l

URPF blocks packets sent from bogus source addresses.

Local Attack Defense

The Internet technology and size develop quickly and various network applications emerge.
Many enterprises try to boost their own development by using their networks. They are
concerned about how to protect confidential data and resources in an open network environment.
Some unconscious operations may attack network devices and degrade device performance or
even cause device failure.

A large number of packets including valid packets and malicious attack packets on a network
must be processed by devices' CPUs. The malicious attack packets affect services and may even
cause a system breakdown. In addition, excessive normal packets can also lead to high CPU
usage, which degrades the CPUs' performance and interrupts services. Therefore, protecting the
CPU is a necessary and important factor for processing services and system response.

The local attack defense and source tracing functions protect the AR500 against attacks. When
an attack occurs, these functions ensure nonstop service transmission and minimize the impact
of the attack on network services.

PKI

The public key infrastructure (PKI) is a system that generates public keys and digital certificates,
and verifies identities of certificate subjects to ensure information security. PKI issues digital
certificates that bind public keys to respective user identities by means of a certificate authority
(CA).

AAA

The AR500 supports Authentication, Authorization, and Accounting (AAA).

l

Authentication
Verifies users' identities.

l

Authorization
Grants different rights for different users to restrict the services that can be used by users.

l

Accounting
Records information about network service usage of users, including service type, start
time, and traffic volume.

For details about security features, see 

Feature Description - Security

.

3.2.5 QoS

Traffic Policing

Traffic policing discards excess traffic to limit the traffic within a specified range and to protect
network resources as well as the carriers' interests.

The AR500 uses committed access rate (CAR) to perform traffic policing. They support dual-
rate-three-color markers and precise bandwidth management.

Huawei AR500 Industrial Switch Routers
Product Description

3 Product Characteristics

Issue 01 (2013-5-10)

Huawei Proprietary and Confidential

Copyright © Huawei Technologies Co., Ltd.

16

Summary of Contents for AR500

Page 1: ...Huawei AR500 Industrial Switch Routers V200R002C08 Product Description Issue 01 Date 2013 5 10 HUAWEI TECHNOLOGIES CO LTD ...

Page 2: ...nt may not be within the purchase scope or the usage scope Unless otherwise specified in the contract all statements information and recommendations in this document are provided AS IS without warranties guarantees or representations of any kind either express or implied The information in this document is subject to change without notice Every effort has been made in the preparation of this docum...

Page 3: ...About This Document Huawei AR500 Industrial Switch Routers Product Description About This Document Issue 01 2013 5 10 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd ii ...

Page 4: ...ustrial Switch 5 2 3 AR500 as the Industrial Gateway 6 3 Product Characteristics 8 3 1 Feature List 9 3 2 Key Features 13 3 2 1 SEP 13 3 2 2 AMI 13 3 2 3 VPN 14 3 2 4 Security 14 3 2 5 QoS 16 3 2 6 IPv6 17 4 Device Structure of AR500 Series 19 5 Maintenance and Management 23 5 1 Various Maintenance Methods 24 5 1 1 CWMP 24 5 1 2 Remote Deployment and Maintenance Using USB 24 5 1 3 SNMP based Maint...

Page 5: ...n 25 6 Industry Standards 26 7 System Parameters 27 7 1 System Configuration 28 7 2 Physical Specifications 28 8 Component Selection Guide 30 Huawei AR500 Industrial Switch Routers Product Description Contents Issue 01 2013 5 10 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd iv ...

Page 6: ...Chapter 1 1 Product Positioning 1 2 Product Characteristics Huawei AR500 Industrial Switch Routers Product Description 1 Product Positioning and Characteristics Issue 01 2013 5 10 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 1 ...

Page 7: ...AR500 adapts to various industry environments l Complies with IEC 61000 6 2 l Provides IP51 protection level l Works at the temperature of 40 to 70 and uses fanless design l Provides built in power supply supports single phase 90 V to 290 V and three phase 304 V to 456 V 50 60 Hz high voltage input l Complies with transformer substation environment standard IEC61850 3 IEEE1613 1 2 2 Industry Class...

Page 8: ... premises equipment CPE remotely The remote maintenance function improves efficiency and greatly reduces maintenance costs 1 2 6 Strong Access Capability The AR500 provides FE GE and RS485 interfaces supports IEC62056 DLMS COSEM and PoweRline Intelligent Metering Evolution PRIME and connects to various networks to transmit different industry services which greatly reduces investment and maintenanc...

Page 9: ...ustrial Router 2 2 AR500 as the Industrial Switch 2 3 AR500 as the Industrial Gateway Huawei AR500 Industrial Switch Routers Product Description 2 Applications Issue 01 2013 5 10 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 4 ...

Page 10: ...d between the dispatch center and transformer substation A B so that the dispatch center can communicate with transformer substation A B and transformer substations A and B can communicate through the DSVPN tunnel You can also use an AR500 to directly connect the transformer substation to the dispatch center through dedicated lines to construct a private network Figure 2 1 AR500 as the industrial ...

Page 11: ... Router C and Router D are connected through FE interfaces that provide power outage survival and Router B and Router C are connected to carrier STAs SEP runs on the open ring network and ensures fast switching of data channels between the four AR500s Figure 2 2 AR500s as industrial switches 10GE fiber FE fiber FE Ethernet FE failover GE fiber SEP segment Monitoring subcenter 6 AP AP 6 Router C Ro...

Page 12: ...ith Router C Router D Router E and Router F through GE l Router connect to remote front end processors with data collection functions through Ethernet as gateways of Router C Router D Router E and Router F Router C Router D Router E and Router F function as concentrators to collect meter data through RS485 Figure 2 3 AR500s as industrial gateways Huawei AR500 Industrial Switch Routers Product Desc...

Page 13: ...out This Chapter 3 1 Feature List 3 2 Key Features Huawei AR500 Industrial Switch Routers Product Description 3 Product Characteristics Issue 01 2013 5 10 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 8 ...

Page 14: ...ing MAC address learning limit blackhole MAC entries sticky MAC entries and anti MAC flapping None STP Spanning Tree Protocol STP Rapid Spanning Tree Protocol RSTP and Multiple Spanning Tree Protocol MSTP STP security None Link aggregation Static link aggregation and Link Aggregation Control Protocol LACP based aggregation None LLDP Neighboring device discovery None WAN WAN interface Provides mult...

Page 15: ...te Basic routing functions None RIP and RIPng Routing protocol None OSPFv2 and OSPFv3 Routing protocol None ISIS and ISISv6 Routing protocol None BGP and BGP4 Routing protocol None Routing policy Basic routing functions and intelligent PBR None Multic ast IGMP Basic IGMP functions including IGMP snooping None Multicast routing Multicast route management multicast route load balancing and source sp...

Page 16: ...yer 4 to Layer 7 information in the packets SAC helps implement refined QoS management None Securi ty AAA AAA for administrators and access users including local RADIUS and TACACS AAA None Firewall DMZ firewall packet filtering firewall and stateful firewall blacklist and whitelist and attack detection None Traffic suppression Traffic suppression based on ports None Access security 802 1x authenti...

Page 17: ...rters and branches Used together with IPSec IPSec cannot protect multicast data but GRE VPN can protect multicast data None Devic e manag ement Information center monitoring Managing boards power supply units fans and e labels None Version management In service upgrade rollback and patch installation None Mirroring Port and flow based mirroring None Deployment Automatic deployment using a universa...

Page 18: ...ata concentrator to collect data from smart meters and provide data services for front end processors l An AR500 can function as a router to aggregate data on smart terminals on the AMI network An AR500 promotes interaction between the electricity systems and users meets serious challenges in the electricity industry and improves AMI network reliability An AR500 provides data collection data stora...

Page 19: ... establishment and SA maintenance functions to simplify IPSec use and management The AR500 supports IPSec VPN and provides high reliability transmission tunnels In addition the AR500 uses Generic Routing Encapsulation GRE and Layer 2 Tunneling Protocol L2TP to support the following VPN services l GRE VPN l IPSec VPN l SSL VPN l L2TP VPN l DSVPN l GRE over IPSec VPN l L2TP VPN over IPSec VPN For de...

Page 20: ...otential targets By using TCP scanning attackers can identify the operating system and the monitored services By scanning and snooping an attacker can know the service type and security vulnerability of the system and prepare for further intrusion to the system Malformed packet attack The malformed packet attack is to send malformed packets to the system If such an attack occurs the system breaks ...

Page 21: ...imize the impact of the attack on network services PKI The public key infrastructure PKI is a system that generates public keys and digital certificates and verifies identities of certificate subjects to ensure information security PKI issues digital certificates that bind public keys to respective user identities by means of a certificate authority CA AAA The AR500 supports Authentication Authori...

Page 22: ...idth allocation delay and jitter Congestion Avoidance Congestion avoidance is a flow control mechanism A system configured with congestion avoidance monitors network resource usage such as queues and memory buffers When congestion occurs or aggravates the system discards packets The AR500 supports tail drop and WRED l Tail drop When the queue length reaches the upper limit the excess packets buffe...

Page 23: ...t TFTP IPv6 server FTP IPv6 client FTP IPv6 server Telnet IPv6 client and Telnet IPv6 server l SNMP IPv6 For details about IPv6 functions see Feature Description IP Service IP Routing Huawei AR500 Industrial Switch Routers Product Description 3 Product Characteristics Issue 01 2013 5 10 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 18 ...

Page 24: ... AR500 is available in AR531 2C H and AR531 F2C H Huawei AR500 Industrial Switch Routers Product Description 4 Device Structure of AR500 Series Issue 01 2013 5 10 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 19 ...

Page 25: ... of the AR531 2C H and AR531 F2C H Huawei AR500 Industrial Switch Routers Product Description 4 Device Structure of AR500 Series Issue 01 2013 5 10 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 20 ...

Page 26: ...al interface The following shows the interface panels of AR500 models Figure 4 4 Interface panel of the AR531 F2C H Huawei AR500 Industrial Switch Routers Product Description 4 Device Structure of AR500 Series Issue 01 2013 5 10 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 21 ...

Page 27: ...terface 3 AC input cable 4 USB interface 5 CON interface NOTE RESERVE indicates a standby CON interface 6 FE6 optical electrical interface 7 GE interface 8 SURVIVAL interface 9 terminal cover opening detection button 10 running indicator 11 FE7 optical electrical interface 12 RS485 DI interface 13 LAN FE interface NOTE FE0 interface can be configured as a WAN interface Huawei AR500 Industrial Swit...

Page 28: ...Chapter 5 1 Various Maintenance Methods 5 2 Fault Location Huawei AR500 Industrial Switch Routers Product Description 5 Maintenance and Management Issue 01 2013 5 10 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 23 ...

Page 29: ... flash drive Software engineers do not need to commission devices onsite After installing the AR hardware engineers will insert the USB flash drive into the USB interface on the AR and power on the AR After being started the AR automatically loads and upgrades the software 5 1 3 SNMP based Maintenance The ARs support the Simple Network Management Protocol SNMP v1 v2c v3 and the Client Server model...

Page 30: ...collect traffic statistics and event statistics on WAN interfaces l Port mirroring and traffic mirroring The AR500 supports packet mirroring on Ethernet interfaces mirrors packets from a network side interface to a user side Ethernet interface and mirrors protocol packets sent to the CPU l Connection faults The AR500 tests connections and displays the connection status on network side interfaces a...

Page 31: ...lowing industry standards l IEC 62056 46 l IEC 62056 47 l IEC 62056 53 l IEC 62056 61 l IEC 62056 62 l PRIME l UPA DHS l OPERA Huawei AR500 Industrial Switch Routers Product Description 6 Industry Standards Issue 01 2013 5 10 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 26 ...

Page 32: ... configurations of AR500 models 7 2 Physical Specifications This section describes physical specifications of the AR500 Huawei AR500 Industrial Switch Routers Product Description 7 System Parameters Issue 01 2013 5 10 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 27 ...

Page 33: ... physical specifications of the AR500 Table 7 2 Physical specifications Item Description Dimensions H x W x D 220 mm x 250 mm x 88 mm Maximum power consumption empty chassis 50 W Weight 5 kg Storage temperature 40 C to 85 C Operating temperature 40 C to 70 C Relative humidity 5 RH to 95 RH Altitude Long term altitude Below 4000 m Storage altitude Below 4000 m AC input voltage Rated voltage 220 V s...

Page 34: ...tion Voltage range 38 4 V DC to 72 V DC Huawei AR500 Industrial Switch Routers Product Description 7 System Parameters Issue 01 2013 5 10 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 29 ...

Page 35: ...stic panel electrical interface and O E converter Mandatory AR531 F2C H Basic configuration including the chassis main control board panel plastic panel optical interface and O E converter Mandatory Huawei AR500 Industrial Switch Routers Product Description 8 Component Selection Guide Issue 01 2013 5 10 Huawei Proprietary and Confidential Copyright Huawei Technologies Co Ltd 30 ...

Reviews:

No comments