Products
Vulnerability Scanner
Vulnerability Management Platform
Hot Product
DayDayMap

A SaaS platform that provides comprehensive, precise, and real-time global network asset mapping services.
Web App Firewall
API Security
Hot Product
DayDayMap

A SaaS platform that provides comprehensive, precise, and real-time global network asset mapping services.
Attack Deception and Defense System
DayDayMap
RayFirewall
Hot Product
DayDayMap

A SaaS platform that provides comprehensive, precise, and real-time global network asset mapping services.
Solutions
Web App and API Protection Solutions
Asset Security Operation Solution
Hot Product
DayDayMap

A SaaS platform that provides comprehensive, precise, and real-time global network asset mapping services.
Partners

Growing Together, Succeeding Together

About WebRAY >
Partner Ecosystem
Partner Programs
Why Choose WebRAY
Get Started
Company
Who we are
What we do
Why choose us
News & Press Release
Contact us
Blog
Technical Blog is a platform offering the latest cybersecurity insights, covering recent threats, new defense strategies, popular security concepts, and so on.
Learn more >
Blog
Products
Solutions
Partners
Company
Blog
RayFirewall

it delivers a comprehensive set of functions to meet the diverse security needs of users in various environments.

Try now
Current Location: Home > Products > Network Security > RayFirewall
Product Overview
RayFirewall, the Next-Generation Firewall (NGFW) system, represents an intelligent evolution of traditional firewalls by addressing security from business, user, application, and behavioral perspectives. It seamlessly integrates a range of functions, including firewall, VPN, internet behavior management, traffic control, intrusion detection, antivirus, WAF, and SD-WAN. RayFirewall provides advanced control methodds, inclduing user, application, and behavioral policies, which has overcomed traditional firewalls' limitations. In general, it delivers a comprehensive set of functions to meet the diverse security needs of users in various environments.
Key features
  • Powerful Security Control

    Featuring 7-tuple access control, 7-tuple session control, application behavior control, as well as bandwidth and QoS management. It has strong security controls based on 7-tuple and 4-dimensional frameworks.

  • Intrusion Prevention and Virus Filtering

    The label-based integrated matching technology combines modules with redundant functions, thereby eliminating redundant data restoration and analysis processes.

  • Operation-Level Multi-Link Load Balancing

    Leveraging professional-grade link load balancing, the system dynamically monitors the real-time status of links and provides a range of specialized static and dynamic traffic distribution methods.

  • Web Security Protection

    It has Web security protection rules, including content keyword filtering, HTTP protocol compliance, and URL parameter compliance checks.

  • SD-WAN Networking

    An SD-WAN solution delivering real-time dynamic path selection, WAN optimization, dynamic VPN tunnels, stateful firewalls, and end-to-end QoS.

  • Intelligent Traffic Control

    It configures bandwidth limits, bandwidth guarantees, and per-IP bandwidth, with the ability to allow intelligent bandwidth borrowing (elastic bandwidth) within the maximum bandwidth range.

Key Technologies
Data Throughput Technology
In most scenarios, the firewall device is deployed at the serial gateway where it's responsible for carrying, parsing, and forwarding all users' traffic. It performs tasks including traffic audit and control, threat detection and virus scan. Therefore, high-performance data throughput is one of the core technologies of firewall devices.
Distributed Parallel Processing Technology
Based on a private distributed switch architecture, RayFirewall provides the distributed parallel processing capability. It includes two key modules: the distributed traffic offload module and the distributed management module, both combining hardware and software. The former enables multiple independent high-performance firewall engines to perform traffic in a distributed and parallel manner. The latter provides unified management of multiple firewall engines, supporting features such as active-standby switchover, fault isolation, and hot swapping, which can ensure the high reliability.
Intelligent Application Identification
It enables precise, application-based access control, which relies on efficient and accurate application identification. RayFirewall supports three core application identification technologies: Deep Packet Inspection (DPI), Deep Flow Inspection(DFI), and Intelligent Behavior Analysis.
Deep Packet Inspection (DPI) Technology
Deep Packet Inspection (DPI) technology encompasses three core stages: packet reassembly, protocol analysis, and signature match. Among these, packet reassembly can not only reconstruct fragmented IP and TCP at the network layer but also further restore the message content at the application layer. Once reassembled and restored, the packets undergo a protocol analysis pre-processing step to extract key protocol variables. These variables are then accurately identified through signature match, thereby significantly enhancing the accuracy of identification.