Huawei Symantec is bringing a new firewall to North America. The new USG 9300 platform is a next generation firewall including intrusion prevention and an anti-distributed denial of service (DDOS) capability.

Huawei Symantec is a joint venture of Chinese networking giant Huawei and U.S. based security vendor Symantec that was first established in 2008. The joint venture focuses on storage and security solutions, bringing together components from both vendors as well as leveraging new research and development.

Jane Li, general manager of North America for Huawei Symantec told that the USG 9300 is an important platform for her company.

"The need for firewall technology is increasing and many of today's suppliers are networking vendors trying to do security and some of the throughput numbers are not nearly as good as ours," Li said. "On the technical merits the 9300 will really stand out."

The USG 9300 provides 80 Gbps of firewall performance per chassis. Each chassis can support 14, 10 gigabit Ethernet interfaces and 168 gigabit Ethernet interfaces. Two USG 9300s can be combined to deliver a maximum firewall throughput of 160 Gbps.

The USG 9300 also includes an intrusion prevention system (IPS), that benefits from Symantec's intellectual property. The system also provides DDOS protection.

"We leverage Symantec's IPS engine because Symantec has the most accurate detection rate and the worldwide coverage of the update infrastructure," Sichao Wang, director, Enterprise Security Solutions, Huawei Symantec told "For DDOS, we developed our own anti-DDOS technology to defend customer infrastructures against application level attacks."

In terms of the underlying hardware for the USG 9300, Wang noted that Huawei Symantec developed their own network processor (NP) and used an off-the-shelf multi-core architecture. Huawei Symantec develops their own embedded real-time operating system to power the platform.

"We leveraged the advanced hardware design technology from Huawei, and developed the core components ourselves," Wang said.

The overall market for next generation firewalls has also been moving toward including application capabilities with embedded Web application firewall (WAF). IBM recently expanded its IPS efforts with a 20 Gbps system that includes WAF capabilities.

"We have some application level security capabilities, and we continue to enhance the Web application security to defend our customers from Web application threats such as SQL injection and cross-site scripting," Wang said. "We use DPI (deep packet inspection) technology to discover network level attacks and detect application level threats."

Sean Michael Kerner is a senior editor at, the news service of, the network for technology professionals.