With the development of information network technology, especially for cloud computing, virtualization,  and high-bandwidth mobile communication technology, network security will no longer apply in traditional sense. Security is actually distributed in network at different levels. Eventually, the secured borderless network should focus on different objects from business-oriented networks, ensuring that the right one in the right place, accessing right resources via the right terminal at the right time. Bluedon Next Generation Firewall (NGFW6000 platform) is based on latest information technology that provides the industry’s leading new generation of intelligent All-in-One architecture -NGFW6000firewallproducts, to meet the SME to large enterprises until the carrier-class network security solutions

System Architecture

Using a number of patented technologies, and virtualization software-defined networking technologies, Bluedon NGFW6000 platform integrates firewall, intrusion detection, intrusion prevention, virus scanning, and mobile secured accessing into a unified network security defense products to meet different business requirements and network band width. Via hardware blade expansion, its throughput is up to 160Gbps.  NGFW6000 Platform consists of three major components, a data plane, a control plane and a security applications plane. Depending on the virtual network data plane packet processing technology developed by Blue Shield independently, NGFW6000 has a variety of strong and efficient engines, such as FW engine, IPS engine, QoS engine, SDN engine, etc. To reach the market demand of high bandwidth, high reliability and high flexibility, Bluedon NGFW6000 is using All-in-One system architecture, saving network investment and maintenance expenses for the clients. NGFW6000 is scenario adaptive, which could be deployed in  private or public cloud, satisfying the security need of borderless network. In addition, the system uses an advanced flexible, network management interface, making it easy to integrate with thirt-party devices or applications, e.g. SOC and big data.

NGFW architecture


Multi-core High Concurrency Design

Based on the industry-leading multi-core network processor solutions, adopting control plane, data plane and application layer separation system design.


Using virtual networking flow control technology owned by Bluedon, implemented multi-level interaction of firewall virtualization, intrusion prevention systems.

Zero-copy technology

Zero-copy data using a single-state system architecture design, virtual network element nodes can share data directly.

Application-based content filtering

Based on content-filtering DPI with stateful and stateless, providing a better grained control.

Strongly Secured Engine

NGFW6000 platform integrates a variety of powerful network security and management engines, which are free to customize, such as network virtualization engine, content-filtering DPI engine, intrusion prevention engine(IPS), firewall engine, encryption and decryption engine, compression and decompression engine, QoS engine, VLAN and packet forwarding engine,..etc


High Reliability

Based on VRRP and ConnTrack protocols, Bluedon developed a proprietary HA protocol that supports 1:1 or 1:n hot standby mode, all the connection and configuration information for all users is synchronized real time among the host and backup slaves. It is guaranteed to operate 7/24.


NGFW6000platformsis using industry-leading Advanced-TCA architecture, which supports Intel or Cavium based solutions. Our software takes advantages to the virtualization technology developed by our own, with that, users can access private network via mobile devices, using applications from any platform through our virtual desktop. All of the above is backed up by user customized virtual security modules like virtual IDS, firewall, virus scanning, and etc., saving the expenses to our clients.


Smart Defensing and Learning

Using the state-of-the-art cloud computing technology, massive security event information is uploaded to the Bluedon cloud data analysis center for in-depth analysis. The processed information associated with data mining policy can accurately determine the threat trends, comprehensively assess net work security risk, and automatically update threat signatures to adjust defense strategies.