H3C MSR2600 Series Enterprise Network Router with Integrated Secure VPN 5G Access

The MSR2600 router series can be deployed as an egress router for small- to medium-sized enterprise networks to operate with VPN, NAT, and IPSec service gateways. Together with other H3C products, the MSR2600 can provide comprehensive network solutions for government, power, financial, tax, public security, railway, and education customers.

The MSR2600 series has the following models:

• MSR2600-6-X1-GL
• MSR2600-15-X1
• MSR2630E-X1

• Packet filtering, including stateful filtering, MAC address filtering, IP and port number filtering, and time range filtering.
• Real-time traffic analysis.

• Rich and comprehensive VPN technologies, including IPSec, L2TP, GRE, MPLS VPN and mix usage of different VPN technologies.
• Routing security protection, including OSPF/RIP/IS-IS/BGP dynamic routing protocol, OSPFv3/RIPng/IS-ISv6/BGP IPSec encryption and rich routing policy control functions.

• Unified endpoint access binding authentication, including EAD secure check authentication, 802.1X authentication, endpoint MAC address authentication, web-based portal authentication, endpoint access static binding, and MAC address auto-learning and binding.
• ARP attack prevention, including fixed source MAC address, ARP attack protection, ARP source suppression, ARP detection, source MAC consistency check and protection, ARP rate limit, and ARP active acknowledgement mechanism.

• Role-based access control that allocates resources based on roles, and provides users and roles mapping.
• Control plane traffic restriction, traffic control and filtering based on protocol type, queue, known protocol and specific protocol.
• Remote security management, such as SNMPv3, SSH, and HTTPS remote management.
• Management behavior control and audit, including AAA server central authentication, command line authority and real-time report of operation records.

• Uses granular identification and control to rate limit and filter application layer services and ensure bandwidth and provides detailed network statistics for network optimization.
• Performs load balancing based on bandwidth, user, user group, service, or application by using asymmetric link, traffic load balancing, and multi-topology dynamic routing technologies.
• Supports flexible bandwidth sharing based on service, user, user group, link, and user bandwidth.

• Comprehensive network management methods—Supports command line and SNMP.
• Zero-configuration setup—Enables zero configuration setup and USB-based automatic configuration.
• Comware embedded EAA function—Monitors the internal events and status of the system's software and hardware components. If a fault occurs, it collects diagnostic information and attempts to make automatic repairs as well as sending the diagnostic information to a specific email address.

• Independent hardware processing module for monitoring and programmable components that supports online upgrade and auto loading to strengthen product reliability.
• Millisecond link fault detection technology Bidirectional Forwarding Detection (BFD) and Track between BFD and static routing, RIP/OSPF/BGP/ISIS dynamic routing, VRRP, or interface backup.
• Network quality analyzer (NQA) and Track between NQA and static routing, VRRP, or interface backup.
• Multi-device redundancy and load balancing (VRRP/VRRPE).
• Fast reroute, and GR/NSR.