1www.huawei-3com.com

H3C Security Solutions

2

Market Trends

3

TalkTalk

MusicMusic

TV/VideoTV/Video

ITIT

CommunicateCommunicate

ReferenceReference

PhotosPhotos

Convergence

MarketTrends

4

10G

QoS

MarketTrends

5

/?

Application ser

ver farm

?

Server,

Voice traffic? critical applications?

MarketTrends

Company

Overview

Huawei-3Com Company Overview

Huawei-3Com200311

(Ethernet Switch)(Wireless)(Security)(VoIP) (Video)SOHOIP

3Com, (Huawei), (Siemens), NEC , Marconi

3Com 20061128 H3C , 3COM 100%

Company Overview

2005 34.3%(Source 200603 CCID Consulting)

1000

900

800

700

600

500

400

300

200

100

02004 2005 2006(forecast)

2005 USD700 Million

60% 200%

TotalInternational

US

D M

illion

Company Overview

R&D 55% Supply Chain 12% Administration 3%Sales/Marketing 30%

4,500

/

30%

55%

12% 3%

Company Overview

.

USA

Brazil

South Africa

Nigeria

EgyptIndia

Russia

Malaysia

Mexico

Hong Kong

France Germany

Japan

UK

Thailand

KoreaHungary

Hangzhou

Huawei-3Com(Headquarters)

Canada

Why

Huawei-3Com

H3C Why Huawei-3Com

, Customer-oriented Philosophy

R&D Strong R&D Capabilities

Full Range of Products and Solutions

Fast Response and Powerful Support

Lower Total Cost of Ownership

R&D platform based on global technology, talent, experience

and quality management

2500 R&D employees15% of revenue invested in R&D

4 R&D Centers, 2 Testing Centers

Beijing China Router, Switch, Security, Voice, Wireless

LAN, Software, Testing Center

Hangzhou China SOHO, Storage, Security, High-end

Switch, Voice, Testing Center

Shenzhen China Core Network, Software, Storage

Bangalore India Software

CMM Practice and IPD Management

R&D CapabilitiesWhy Huawei-3Com

4000 Intellectual Property Rights

Huawei-3Com has applied for 300 patents, 80% of which are invention patents

Huawei-3Com is authorized to use the 4000 patents from its parent companies Huawei and 3Com.

Actively involved in national industry standards

Core ASIC chips with our own IPR

Software platform with our own IPR

IRF technology

DVPN technology

Network management system

Technology AchievementsWhy Huawei-3Com

15

04

16

Up-LayerSoftware

Driver

Hardware

Intelligent Resilient Fabric

DRR DDM DLA

IRF

17

IRF Stack - S5600

1 power module slot1 power module slot(POE upgradeable)(POE upgradeable)

AC/DC power supplyAC/DC power supply

1 Uplinks module 1 Uplinks module slotslot

2 Stacking ports2 Stacking ports

9696GbpsGbps Dedicated Dedicated Stacking PortStacking Port

Stackable (Stackable (uptoupto 8 devices) 8 devices)

S5648PS5648P

8* GE/1*10GE/2*10GE8* GE/1*10GE/2*10GE

10/100/1000Base-T Port1000Base-X SFP Port41000 Base-X SFP Port (combo)Switch Capacity : 136Gbps Throughput 101.19Mpps

IRF

18

8

8

Stack

IPSNMP, WEBCLI

ACL

Stack

IPSNMP, WEBCLI

ACL

Distributed Device Management (DDM)

Only one logical device1

4

2

3 4

IRF fabric

IRF

19

------

IRFIRF2~82~8IEEE 802.3ad LACP IEEE 802.3ad LACP aggregated linksaggregated links

Distributed Link Aggregation (DLA)

DLA will facilitate the re-distribution of traffic in case of any uplink failureDLA will facilitate the reDLA will facilitate the re--distribution of traffic in case of any uplink failuredistribution of traffic in case of any uplink failure

Quidway S5600

Quidway S3600

4 Gbps Load-balancedLAG

Quidway S3600

IRF

20

L3L3Master Master SwitchSwitch

L3 forwardingL3 forwarding

IRF stack devices IRF stack devices

Traditional stack devicesTraditional stack devices

FIBFIB

Router1

Router2

Router3Router4

IP packet

Unit1

Unit3Unit4

Unit2

Normal stack

Router1

Router2

Router3

Router4

IP packet

Unit1

Unit3Unit4

Unit2

IRF basedDistributed forwarding

Distributed Resilient Routing (DRR)

IRF

21

Voice VLAN

POE

IRF stacking

Wire SpeedS5600136G101Mpps

96Gbps IRF

Application s

erver farm

S3600

IRF IRF

Stacking

Stacking

IRF IRF

Stacking

Stacking

S3600

S3600

S3100

S5600

S5600

MACIP802.1XAAA

22

1. Mac address 00E0-BB00-0000 mask ffff-ff00-00002. Ah! It is an IP Phone of Vendor A, B, C( Totally, 16 Vendors)3. Put the traffic from IP Phone into Voice VLAN automatically4. Other traffic will be processed with lower priority

Voice QueueVoice Queue

Data Queue 1Data Queue 1

Data Queue 2Data Queue 2

Voice VLAN

23

Performance and Features-VCT

VCT (Virtual Cable Test)VCT (Virtual Cable Test)

S3100 series

Benefits: Easy maintenance

Save labour

Benefits: Easy maintenance

Save labour

XX

Manage

24

RRPPRRPP

S9500S9500

S5100S5100S3600S3600

S7502S7502

Application server farm

S7500S7500

InternetMAN

MailMailFTPFTP

S5100S5100

1000F1000FAR28AR28

S3100S3100

ERPERPVideoVideo

25

Intelligent Multi-service VII RRPP

RRPP Cost-effective ring technology Offering sub-second recovery from link failure

RRPP RRPP

RRPPS7500

S9500 S9500

S7500S7500

RRPP Ring

S9500S7500

26

Performance and Features-HGMPv2

HGMP v2 (Huawei Group Management Protocol v2)

Quidway S5600 series

QuidwayS5100 series

Command Switch

Member Switches Benefits:

Save IP address for network management

Easy to install and maintain

Manage the network more efficiently

Benefits: Save IP address for network management

Easy to install and maintain

Manage the network more efficiently

S5600 series are designated as command switch

S5100 series automatically join the cluster after startup as member switches

Manage several member switches through one command switch and only the command switch need a public network IP address

Handshake and status maintenance between S5600 and S5100 series

Alarm failure and recovery on line

QuidwayS5100 series

QuidwayS5100 series

QuidwayS5100 seriesHGMP v2HGMP v2

NDPNDP

NDPNDP

Security

27

Device Security IP+MAC+Port Control

IP+MAC+Port

DHCP Snooping+DHCP Snooping Trust DHCP Server DHCPgetIP

DHCP Relay Security IP

DHCP IP+MAC Binding DHCPMacIP

Security

28

Full Range Product Portfolio: SecurityWhy Huawei-3Com

SecPathFirewall

SecBladeSecurity Module

SecPath VPN

SecPath 1800F SecPath 1000F SecPath 500F SecPath 100F SecPath 10F

SecPath 1000SecPath 100NSecPath 100VSecPoint

SecBlade VPNSecBlade FW

29

VPN Series

Functionality

SMBSMB

Pric

e

Gigabit Ethernet

EnterpriseEnterpriseROBOROBOSOHOSOHO SPSP

SecPath 100V

SecPath 100N

SecPath 1000

30

VPN Series

3DES Encryption

Simultaneous IPSec Users

Fixed Interfaces

SecPath 1000 600MbpsSecPath 100V 60MbpsSecPath 100N 5Mbps

SecPath 1000 5000SecPath 100V 500

SecPath 100N 200

SecPath 1000 2GESecPath 100V 1FE WAN + 4FE LANSecPath 100N 1FE WAN + 4FE LAN

Huawei SecPath VPN series

High Performance:

31

Firewall SeriesPr

ice

SMBSMB EnterpriseEnterpriseROBOROBOSOHOSOHO SPSP

SecPath 10F

Gigabit Ethernet

SecPath 500F

SecPath 1000F

SecPath 100F

SecPath 1800F

32

Firewall Series

High Performance:BCM/IDT MIPS RISCIBM NetProcessor(SecPath 1800F)

Processor

3DES Encryption

Firewall Throughput

Throughput

SecPath 1800F 300MbpsSecPath 1000F 300MbpsSecPath 500F 250MbpsSecPath 100F 60MbpsSecPath 10F 3Mbps

SecPath 1800F 2.7GbpsSecPath 1000F 700MbpsSecPath 500F 500Mbps

SecPath 1800F 3GbpsSecPath 1000F 1GbpsSecPath 500F 1GbpsSecPath 100F 100MbpsSecPath 10F 10Mbps

Huawei SecPath Firewall

33

Case Study

05

34

Hunming Yanan hospital network topology

QuidwayS8505 core switch

Inpatient department building

14th floor S305011th floor S3050

7th floor S3050

3rd floor S3050

5th floor S3050

cardiology department

S3026E

existing 4507 switch

S3026ES3026E S3050canteen

INTERNET

WWW Email

DMZ NMSHIS server

Medical insurance server

Quidway S5516Financial affairs

Folks district

Network management

Authentication server

QuidwayS8505 core switch

S3026E

outpatient departmentfinancial affairsoffice

35

RS6000-S70

Quidway S8505 S8505

Quidway S5516 Quidway S5516

Activity building

Medical technician information point

Nurse school building

...

VRRP

MT building X-ray department

Quidway S6506R

NMS Quidview

Access control server CAMS

GE

GEGE

GE

GE

GE

GE

S3000S3000

S3000

Medicine buildingS3000

Guest building S3000

Quidway S3000

Outpatient

Inpatient

S3000

Teaching building

S3000

GERescue building S3000

/internetFirewall Eudemon 200

Mobile OA

VPN

FE

FE

H50

DMZ

IDS

S3000

Shanghai first hospital whole

network reform topology

36

Departmental Network of new HK EMSD HQ

10GE

Active 2GE

Active 2GEbackup

2GE

Active 2GE Active 1GEbackup 1GE

Core tier

Typical type 1 user Typical type 2 user Typical type 3 user Typical type 4 user

Achieve high bandwidth, reliability

and availability

Offer up to 240GE each

closet Offer up to 96FE ports

S8512

S6506R S6506R S3552G STACKS3552G S3026G

10GE

10GE

Active 10GE

37

H3C

RouterSwitchSecurityManagement

C/P

IRFRRPP

Netstream/NAT/DIG CAMS

Quidview

WhyH3C

38

Q & A

TEL+886-2-2701-6052FAX+886-2-2701-6053