Wi-Fi IEEE 802.11a/b/g/n/ac/ax/be wireless protocol Maximum wireless speed 3571Mbps (2.4GHz 689Mbps, 5GHz 2882Mbps) Supports 4K-QAM Supports WiFi 7 features such as MLO, MRU, and Preamble puncture Wi-Fi multi-band in one Easy Exhibition 2.0/3.0 Ethernet port Four 10/100/1000Mbps adaptive WAN/LAN adaptive ports Antenna type External omnidirectional antennas: 2 x 2.4G antennas, 3 x 5G antennas Software Features Endpoint management Game Accelerator Acceleration The terminal binds the frequency band/AP Wireless IPTV Wake up remotely Dual WiFi acceleration Signal conditioning The IP address is bound to the MAC address AP isolation Virtual servers Dynamic Domain Name Service (DDNS) DMZ host Automatic cleanup Wireless timer switch Port customization Router / Wired AP / Wireless Trunk Mode Local Online/Local Firmware/Remote Upgrade Safe WPA-PSK, WPA2-PSK, WPA3 wireless encryption Host network, guest network Administrator qualifications Power supply DC power supply, factory delivery 12V/1A power adapter Packing list 1 router Power adapter 12V/1A 1pcs 1 network cable (1 meter). 1 quick installation guide 1 parameter record sticker Dimensional weight Length*width*height: 279*160*229mm

Wi-Fi IEEE 802.11a/b/g/n/ac/ax/be wireless protocol Maximum wireless speed 3571Mbps (2.4GHz 689Mbps, 5GHz 2882Mbps) Supports 4K-QAM Supports WiFi 7 features such as MLO, MRU, and Preamble puncture Wi-Fi multi-band in one Easy Exhibition 2.0/3.0 Ethernet port One 10/100/1000/2500Mbps adaptive WAN/LAN adaptive port Three 10/100/1000Mbps adaptive WAN/LAN adaptive ports Antenna type External omnidirectional antennas: 2 x 2.4G antennas, 3 x 5G antennas Software Features Endpoint management Game Accelerator Acceleration The terminal binds the frequency band/AP Wireless IPTV Wake up remotely Dual WiFi acceleration Signal conditioning The IP address is bound to the MAC address AP isolation Virtual servers Dynamic Domain Name Service (DDNS) DMZ host Automatic cleanup Wireless timer switch Port customization Router / Wired AP / Wireless Trunk Mode Local Online/Local Firmware/Remote Upgrade Safe WPA-PSK, WPA2-PSK, WPA3 wireless encryption Host network, guest network Administrator qualifications Power supply DC power supply, factory delivery 12V/1A power adapter Packing list 1 router Power adapter 12V/1A 1pcs 1 network cable (1 meter). 1 quick installation guide Dimensional weight Length*width*height: 279*160*229mm

Wi-Fi IEEE 802.11a/b/g/n/ac/ax/be wireless protocol Maximum wireless speed 5012Mbps (2.4GHz 689Mbps, 5GHz 4323Mbps) Supports 4K-QAM Supports WiFi 7 features such as MLO, MRU, and Preamble puncture Wi-Fi multi-band in one Easy Exhibition 2.0/3.0 Ethernet port One 10/100/1000/2500Mbps adaptive WAN/LAN adaptive port Three 10/100/1000Mbps adaptive WAN/LAN adaptive ports Antenna type External omnidirectional antennas: 2 x 2.4G antennas, 3 x 5G antennas Software Features Endpoint management Game Accelerator Acceleration The terminal binds the frequency band/AP Wireless IPTV Wake up remotely Dual WiFi acceleration Signal conditioning The IP address is bound to the MAC address AP isolation Virtual servers Dynamic Domain Name Service (DDNS) DMZ host Automatic cleanup Wireless timer switch Port customization Router / Wired AP / Wireless Trunk Mode Local Online/Local Firmware/Remote Upgrade Safe WPA-PSK, WPA2-PSK, WPA3 wireless encryption Host network, guest network Administrator qualifications Power supply DC power supply, factory delivery 12V/1A power adapter Packing list 1 router Power adapter 12V/1A 1pcs 1 network cable (1 meter). 1 quick installation guide 1 parameter record sticker Dimensional weight Length*width*height: 279*160*229mm

Wi-Fi IEEE 802.11a/b/g/n/ac/ax/be wireless protocol Maximum wireless speed 5012Mbps (2.4GHz 689Mbps, 5GHz 4323Mbps) Supports 4K-QAM Supports WiFi 7 features such as MLO, MRU, and Preamble puncture Wi-Fi multi-band in one Easy Exhibition 2.0/3.0 Ethernet port Four 10/100/1000/2500Mbps adaptive WAN/LAN ports Antenna type External omnidirectional antennas: 2 x 2.4G antennas, 3 x 5G antennas Software Features Endpoint management Game Accelerator Acceleration The terminal binds the frequency band/AP Wireless IPTV Wake up remotely Dual WiFi acceleration Signal conditioning The IP address is bound to the MAC address AP isolation Virtual servers Dynamic Domain Name Service (DDNS) DMZ host Automatic cleanup Wireless timer switch Port customization Router / Wired AP / Wireless Trunk Mode Local Online/Local Firmware/Remote Upgrade Safe WPA-PSK, WPA2-PSK, WPA3 wireless encryption Host network, guest network Administrator qualifications Power supply DC power supply, factory distribution of 12V/1.5A power adapter Packing list 1 router Power adapter 12V/1.5A 1pcs 1 network cable (1 meter). 1 quick installation guide 1 parameter record sticker Dimensional weight Length*width*height: 279*160*229mm

Wi-Fi IEEE 802.11a/b/g/n/ac/ax/be wireless protocol Up to 6500Mbps wireless speed (689Mbps for 2.4GHz, 5765Mbps for 5G) Beamforming 4×4 MU-MIMO Wi-Fi multi-band in one Easy to expand function Multi-Link Operation（MLO） Preamble puncture Ethernet port 4 x 2.5Gbps Ethernet interfaces Dimensional weight Bare metal size (length×width×height): 293*264*72mm Bare metal weight: 620g Antenna type External omnidirectional antennas: 2 dual-band antennas, 4 5G antennas Software Features Bridging (Wireless Relay) Signal conditioning Endpoint management The IP address is bound to the MAC address AP isolation Virtual servers Dynamic Domain Name Service (DDNS) DMZ host Automatic cleanup Wireless timer switch Local Online/Local Firmware/Remote Upgrade Safe WPA-PSK, WPA2-PSK, WPA3 wireless encryption Host network, guest network Administrator qualifications Power supply DC power supply, factory distribution of 12V/2.5A power adapter Packing list 1 router Power adapter 12V/2.5A 1pcs 1 network cable (1 meter). 1 quick installation guide 1 parameter record sticker

Wi-Fi IEEE 802.11a/b/g/n/ac/ax/be wireless protocol Maximum wireless speed 7141Mbps (2.4GHz 1376Mbps, 5GHz 5765Mbps) Supports 4K-QAM Supports WiFi 7 features such as MLO, MRU, and Preamble puncture Wi-Fi multi-band in one Easy Exhibition 2.0/3.0 Ethernet port One 10/100/1000/2500Mbps adaptive WAN/LAN adaptive port Four 10/100/1000Mbps adaptive WAN/LAN adaptive ports Antenna type External omnidirectional antennas: 3 x 2.4G antennas, 4 x 5G antennas, 1 x dual-band antenna Software Features Endpoint management Game Accelerator Acceleration The terminal binds the frequency band/AP Wireless IPTV Wake up remotely Dual WiFi acceleration Signal conditioning The IP address is bound to the MAC address AP isolation Virtual servers Dynamic Domain Name Service (DDNS) DMZ host Automatic cleanup Wireless timer switch Port customization Router / Wired AP / Wireless Trunk Mode Local Online/Local Firmware/Remote Upgrade Safe WPA-PSK, WPA2-PSK, WPA3 wireless encryption Host network, guest network Administrator qualifications power supply DC power supply, factory distribution of 12V/2A power adapter Packing list 1 router Power adapter 12V/2A 1pcs 1 network cable 1 quick installation guide Dimensional weight Length*Width*Height: 313*213*153mm

Wi-Fi IEEE 802.11a/b/g/n/ac/ax/be wireless protocol Maximum wireless speed 7141Mbps (2.4GHz 1376Mbps, 5GHz 5765Mbps) Supports 4K-QAM Supports WiFi 7 features such as MLO, MRU, and Preamble puncture Wi-Fi multi-band in one Easy Exhibition 2.0/3.0 Ethernet port Five 10/100/1000/2500Mbps adaptive WAN/LAN ports Antenna type External omnidirectional antennas: 3 x 2.4G antennas, 4 x 5G antennas, 1 x dual-band antenna Software Features Endpoint management Game Accelerator Acceleration The terminal binds the frequency band/AP Wireless IPTV Wake up remotely Dual WiFi acceleration Signal conditioning The IP address is bound to the MAC address AP isolation Virtual servers Dynamic Domain Name Service (DDNS) DMZ host Automatic cleanup Wireless timer switch Port customization Router / Wired AP / Wireless Trunk Mode Local Online/Local Firmware/Remote Upgrade Safe WPA-PSK, WPA2-PSK, WPA3 wireless encryption Host network, guest network Administrator qualifications Power supply DC power supply, factory distribution of 12V/2A power adapter Packing list 1 router Power adapter 12V/2A 1pcs 1 network cable 1 quick installation guide Dimensional weight Length*Width*Height: 313*213*153mm

Ethernet port 4 x 2.5Gbps Ethernet interfaces Dimensional weight Bare metal size (length×width×height): 291.7*261.2*159.3mm Packing size (L×W×H): 396.5*312.5*99.5mm Antenna type External omnidirectional antennas: 4 x 2.4G antennas, 4 x 5G antennas Software Features Bridging (Wireless Relay) Signal conditioning Endpoint management The IP address is bound to the MAC address AP isolation Virtual servers Dynamic Domain Name Service (DDNS) DMZ host Automatic cleanup Wireless timer switch Local Online/Local Firmware/Remote Upgrade Safe WPA-PSK, WPA2-PSK, WPA3 wireless encryption Host network, guest network Administrator qualifications Power supply DC power supply, factory distribution of 12V/4A power adapter Packing list 1 router Power adapter 12V/4A 1pcs 1 network cable (1 meter). 1 quick installation guide

TL-FW5600 is an enhanced firewall product launched by TP-LINK, which supports four signature libraries, including anti-virus, intrusion prevention, malicious domain name, and application identification, and integrates various functions such as firewall policy, attack protection, DPI in-depth security, security audit, bandwidth management, and VPN, effectively resisting network risks, achieving comprehensive protection, simplifying operation and maintenance, and ensuring the continuous and stable operation of enterprise core applications and services. Dual-core 64-bit network-specific processor, single-core frequency 1GHz, 1GB DDRIV high-speed memory 5 x 10/100/1000M RJ45 ports You can configure security policies, audit policies, bandwidth policies, and ALG policies It supports a variety of security protection functions to defend against ARP spoofing, ARP attacks, DDoS attacks, network scanning, and suspicious packet attacks Expandable all-in-one DPI security (intrusion prevention, anti-virus, file filtering, malicious domain name remote query, application behavior control) Rich support for policy objects (security zones, addresses, users, services, websites, security profiles, intrusion prevention, audit profiles, etc.) Supports rich network functions, such as static routing, policy-based routing, intelligent balancing, VPN (IPSec/PPTP/L2TP VPN), DDNS, etc Multi-administrator roles, refined permission management Abundant ports and powerful performance It adopts a professional dual-core 64-bit network-specific processor and 1GB DDRIV high-speed memory to provide powerful packet processing capabilities. It provides 4 10/100/1000M RJ45 service ports, 1 management port, 1 console port, 1 USB storage port, and 1 Micro SD card slot, which is convenient for users to manage and maintain the system while meeting the needs of high-speed data forwarding. Comprehensive security strategy Adopting the principle of minimum security, it supports security policies based on security zones, source IP addresses, destination IP addresses, source ports, destination ports, service groups, application groups, user groups, time periods, blacklists and whitelists, websites, anti-viruses, URL filtering, file filtering, application behavior control, email content filtering, intrusion prevention, audit profiles and other objects. All-round attack protection It supports a variety of intranet/extranet attack protection functions, and can effectively prevent various DoS attacks, scanning attacks, and suspicious packet attacks, such as TCP Syn Flood, UDP Flood, ICMP Flood, IP Scanning, Port Scanning, WinNuke Attacks, Fragment Packet Attacks, WAN Port Ping, TCP Scan (Stealth FIN/Xmas/Null), IP Spoofing, TearDrop, etc. ARP protection, such as ARP spoofing and ARP attacks, is supported to avoid service interruption and frequent network disconnection. Support IP and MAC binding, which can bind the IP and MAC address information of the LAN port (intranet) and WAN port (extranet) hosts at the same time to prevent ARP spoofing. MAC address filtering is supported to block access to unauthorized hosts. Expandable integrated DPI for in-depth security Support intrusion prevention, get the latest threat information in the first time, and accurately detect and defend against attacks against vulnerabilities; Support anti-virus, can quickly and accurately detect and kill viruses and other malicious programs in network traffic, and protect more than 1 million viruses and Trojans; It supports filtering file expansion types, which can easily filter all kinds of small files embedded in web pages to prevent viruses and Trojan horses from invading the enterprise network through small files and endangering network security. Support URL filtering, remote query of malicious domain names, effectively intercept phishing websites, Trojan attacks, hacker intrusions and network fraud through local + cloud methods; It supports application recognition, and the accuracy reaches the level of application behavior. The combination of application identification and intrusion detection, anti-virus, URL filtering, and filtering file expansion types greatly improves the detection performance and accuracy. Provide a comprehensive and timely security signature database, keep up with the latest developments in the field of network security, and ensure timely and accurate updates of the feature database. Refined identification and control of online behaviors It has a large-scale application identification feature database, and can control more than 500 common desktop and mobile Internet applications in China with one click, including video, social networking, shopping, finance and other applications; Accurately identify popular application behaviors such as WeChat, Weibo, and QQ, such as text communication, voice and video, file transfer, music playback, etc., and finely control these behaviors, and intercept or restrict them in a purposeful and targeted manner; Built-in database of more than 10 types of domestic URLs, which can restrict employees' access to the corresponding websites with one click; Support prohibiting web submission, restricting employees from logging in to various web-based forums, microblogs, mailboxes, etc. to publish information, filtering email content, and effectively avoiding the leakage of sensitive enterprise data; *The database of applications and URLs will be updated and added continuously. Complete security audit strategy Detailed and comprehensive logging: System logs, operation logs, policy hit logs, traffic logs, audit logs, threat logs, content logs, URL logs, and email filtering logs are supported to record firewall-related traffic and operation history in detail, helping administrators understand network status and quickly locate network problems. Graphical traffic statistics: Traffic statistics can be performed in three dimensions: interface, IP, and security policy, and the traffic data of security policies can be displayed graphically in real time, which is clear at a glance. The traffic analysis report can be output in the form of PDF report to help the administrator analyze the historical traffic distribution. Internet behavior audit: Support HTTP behavior audit, FTP behavior audit, email audit, IM audit, through audit logs, you can understand the Internet behavior of employees during work, including web access, APP application, etc., so that bad Internet behavior can be traced; TP-LINK security audit system: It can be used with the TP-LINK security audit system to store logs for a long time and in large capacity, and output more detailed analysis reports. Simple O&M and security management Full Chinese web interface, detailed and clear configuration guidance; Graphical interface display, real-time monitoring of key resources such as CPU utilization, clear and intuitive; Support local/remote management, convenient chain operation, remote assistance; Support password authentication/identity recognition to ensure authorization security; Support multi-administrator roles and refined permission management; Support license management and feature database upgrade; Support active/standby switchover and on-line detection to ensure high-reliability operation of the equipment; A separate console management port is provided to debug the device through the command line with the assistance of technical support personnel. Flexible bandwidth management policies Provides flexible bandwidth management policies to control the bandwidth used by each IP address in the network to ensure the network experience of key services and users. The management and control methods include bidirectional bandwidth control, connection limit, and connection monitoring. Abundant routing features Static routing, policy-based routing, intelligent balancing, VPN (IPSec/PPTP/L2TP VPN), dynamic DNS (Peanutshell, Kemai, 3322) and other functions are supported. Supports multiple deployment modes Layer 3 routing gateway mode As a Layer 3 routing gateway, the TL-FW5600 replaces the original router in the network, and the data communication between the internal network and the external network is NAT converted through the firewall. Layer 2 transparent bridge mode The TL-FW5600 supports setting up some or all interfaces as bridges, which work in a Layer 2 network, and the network can be protected by firewalls as long as data passes through the bridge interfaces. In this mode, firewall deployment does not need to change the original topology, which is more convenient and faster. Route + Bridge mode During actual network deployment, some interfaces of the firewall can be set as bridge interfaces and part of the firewall interfaces as routing interfaces according to on-site requirements, so that the two methods can be flexibly combined to achieve more cost-effective network protection.

TL-FW5600E is an enhanced version of the firewall product launched by TP-LINK, which supports anti-virus, intrusion prevention, malicious domain names, application identification, website classification and other characteristic libraries, and integrates firewall policies, attack protection, DPI in-depth security, security audit, bandwidth management, VPN and other functions. Scenarios such as hotel chains. Multi-core 64-bit network-specific processor, 2GB DDRIV high-speed memory 5 Gigabit RJ45 ports You can configure security policies, audit policies, bandwidth policies, and NAT policies Expandable all-in-one DPI security (intrusion prevention, anti-virus, file filtering, malicious domain name remote query, application behavior control) Supports rich policy objects (security zones, addresses, applications, blacklists and whitelists, security profiles, intrusion prevention, audit profiles, etc.) Supports rich network functions, such as static routing, policy-based routing, intelligent balancing, VPN (IPSec/PPTP/L2TP VPN), DDNS, etc Multi-administrator roles, refined permission management Supports first-pack application identification to improve application recognition performance Abundant ports and powerful performance It adopts a professional multi-core 64-bit network-specific processor and 2GB DDRIV high-speed memory to provide powerful packet processing capabilities. It provides 5 Gigabit RJ45 ports, which can meet the requirements of high-speed data forwarding and facilitate users to manage and maintain the system. First-pack application identification It supports TP-LINK's unique application identification of the first packet, which can identify the application in the first packet, realize application traffic selection, and improve the application recognition performance Comprehensive security strategy Adopting the principle of minimum security, it supports security policies based on security zones, source IP addresses, destination IP addresses, source ports, destination ports, service groups, application groups, user groups, time periods, blacklists and whitelists, websites, internal server certificates, anti-virus, URL filtering, file filtering, application behavior control, email content filtering, intrusion prevention, audit profiles and other objects. All-round attack protection It supports a variety of intranet/extranet attack protection functions, and can effectively prevent various DoS attacks, scanning attacks, and suspicious packet attacks, such as TCP Syn Flood, UDP Flood, ICMP Flood, IP Scanning, Port Scanning, WinNuke Attacks, Fragment Packet Attacks, WAN Port Ping, TCP Scan (Stealth FIN/Xmas/Null), IP Spoofing, TearDrop, etc. ARP protection, such as ARP spoofing and ARP attacks, is supported to avoid service interruption and frequent network disconnection. Support IP and MAC binding, which can bind the IP and MAC address information of the LAN port (intranet) and WAN port (extranet) hosts at the same time to prevent ARP spoofing. MAC address filtering is supported to block access to unauthorized hosts. Expandable integrated DPI for in-depth security Support intrusion prevention, get the latest threat information in the first time, and accurately detect and defend against attacks against vulnerabilities; It supports anti-virus, which can quickly and accurately detect and kill viruses and other malicious programs in network traffic, and protect more than 6 million viruses and Trojans. It supports filtering file expansion types, which can easily filter all kinds of small files embedded in web pages to prevent viruses and Trojan horses from invading the enterprise network through small files and endangering network security. Support URL filtering, remote query of malicious domain names, effectively intercept phishing websites, Trojan attacks, hacker intrusions and network fraud through local + cloud methods; It supports application recognition, and the accuracy reaches the level of application behavior. The combination of application identification and intrusion detection, anti-virus, URL filtering, and filtering file expansion types greatly improves the detection performance and accuracy. Provide a comprehensive and timely security signature database, keep up with the latest developments in the field of network security, and ensure timely and accurate updates of the feature database. Refined identification and control of online behaviors It has a large-scale application identification feature database, and one-click control of nearly 6,000 common desktop and mobile Internet applications in 36 categories, including video, social networking, shopping, finance and other applications; Accurately identify popular application behaviors such as WeChat, Weibo, and QQ, such as text communication, voice and video, file transfer, music playback, etc., and finely control these behaviors, and intercept or restrict them in a purposeful and targeted manner; Built-in database of more than 10 types of domestic URLs, which can restrict employees' access to the corresponding websites with one click; Support prohibiting web submission, restricting employees from logging in to various web-based forums, microblogs, mailboxes, etc. to publish information, filtering email content, and effectively avoiding the leakage of sensitive enterprise data; *The database of applications and URLs will be updated and added continuously. Complete security audit strategy Detailed and comprehensive logging: System logs, operation logs, policy hit logs, traffic logs, audit logs, threat logs, content logs, URL logs, and email filtering logs are supported to record firewall-related traffic and operation history in detail, helping administrators understand network status and quickly locate network problems. Graphical traffic statistics: Traffic statistics can be performed in three dimensions: interface, IP, and security policy, and the traffic data of security policies can be displayed graphically in real time, which is clear at a glance. The traffic analysis report can be output in the form of PDF report to help the administrator analyze the historical traffic distribution. Internet behavior audit: Support HTTP behavior audit, FTP behavior audit, email audit, IM audit, through audit logs, you can understand the Internet behavior of employees during work, including web access, APP application, etc., so that bad Internet behavior can be traced; TP-LINK security audit system: It can be used with the TP-LINK security audit system to store logs for a long time and in large capacity, and output more detailed analysis reports. Simple O&M and security management Full Chinese web interface, detailed and clear configuration guidance; Graphical interface display, real-time monitoring of key resources such as CPU utilization, clear and intuitive; Support local/remote management, convenient chain operation, remote assistance; Support password authentication/identity recognition to ensure authorization security; Support multi-administrator roles and refined permission management; Support hard disk management, license management, and signature database upgrade; Support active/standby switchover and on-line detection to ensure high-reliability operation of the equipment; A separate console management port is provided, which can be managed from the command line. Flexible bandwidth management policies Provides flexible bandwidth management policies to control the bandwidth used by each IP address in the network to ensure the network experience of key services and users. The management and control methods include bidirectional bandwidth control, connection limit, and connection monitoring. Abundant routing features Static routing, policy-based routing, intelligent balancing, VPN (IPSec/PPTP/L2TP VPN), dynamic DNS (Peanutshell, Kemai, 3322) and other functions are supported. Supports multiple deployment modes Layer 3 routing gateway mode As a Layer 3 routing gateway, the TL-FW5600E replaces the original router in the network, and the data communication between the internal network and the external network is NAT converted through the firewall. Layer 2 transparent bridge mode TL-FW5600E allows some or all of the interfaces to be set up as bridges, which work in a Layer 2 network, and the network can be protected by firewalls as long as data passes through the bridge interfaces. In this mode, firewall deployment does not need to change the original topology, which is more convenient and faster. Route + Bridge mode During actual network deployment, some interfaces of the firewall can be set as bridge interfaces and part of the firewall interfaces as routing interfaces according to on-site requirements, so that the two methods can be flexibly combined to achieve more cost-effective network protection.

TL-FW5600E-4G is an enhanced 4G firewall product launched by TP-LINK, which supports 4 characteristic libraries such as anti-virus, intrusion prevention, malicious domain name, and application identification, and integrates firewall policy, attack protection, DPI in-depth security, security audit, bandwidth management, VPN and other functions, effectively resisting network risks, achieving comprehensive protection, simplifying operation and maintenance, and ensuring the continuous and stable operation of enterprise core applications and services. Scenarios such as enterprise distributed office. 5 x 10/100/1000M RJ45 ports, 1 x RJ45 console port, 1 x SIM card slot, 1 x Micro SD card slot, 1 x USB 3.0 2 external detachable 4G antennas, support 4G/wired simultaneous connection, support dual-connection intelligent load balancing/redundant backup It is suitable for chain stores and distributed office networking You can configure security policies, audit policies, bandwidth policies, and ALG policies It supports a variety of security protection functions to defend against ARP spoofing, ARP attacks, DDoS attacks, network scanning, and suspicious packet attacks Expandable all-in-one DPI security (intrusion prevention, anti-virus, file filtering, malicious domain name remote query, application behavior control) Rich support for policy objects (security zones, addresses, users, services, websites, security profiles, intrusion prevention, audit profiles, etc.) Supports rich network functions, such as static routing, policy-based routing, intelligent balancing, VPN (IPSec/PPTP/L2TP VPN), DDNS, etc Supports first-pack application identification to improve application recognition performance Ports are abundant It provides 5 10/100/1000M RJ45 service ports, 1 management port and 1 RJ45 console port, 1 USB 3.0 storage port, 1 SIM card slot and 1 Micro SD card slot, which is convenient for users to manage and maintain the system while meeting the high-speed and stable forwarding of data. 4G/wired dual redundancy 2 external detachable 4G antennas, 1 SIM card slot, support 4G/wired connection dual redundancy, and the networking mode is more flexible and stable First-pack application identification It supports TP-LINK's unique application identification of the first packet, which can identify the application in the first packet, realize application traffic selection, and improve the application recognition performance Comprehensive security strategy Adopting the principle of minimum security, it supports security policies based on security zones, source IP addresses, destination IP addresses, source ports, destination ports, service groups, application groups, user groups, time periods, blacklists and whitelists, websites, anti-viruses, URL filtering, file filtering, application behavior control, email content filtering, intrusion prevention, audit profiles and other objects. All-round attack protection It supports a variety of intranet/extranet attack protection functions, and can effectively prevent various DoS attacks, scanning attacks, and suspicious packet attacks, such as TCP Syn Flood, UDP Flood, ICMP Flood, IP Scanning, Port Scanning, WinNuke Attacks, Fragment Packet Attacks, WAN Port Ping, TCP Scan (Stealth FIN/Xmas/Null), IP Spoofing, TearDrop, etc. ARP protection, such as ARP spoofing and ARP attacks, is supported to avoid service interruption and frequent network disconnection. Support IP and MAC binding, which can bind the IP and MAC address information of the LAN port (intranet) and WAN port (extranet) hosts at the same time to prevent ARP spoofing. MAC address filtering is supported to block access to unauthorized hosts. Expandable integrated DPI for in-depth security Support intrusion prevention, get the latest threat information in the first time, and accurately detect and defend against attacks against vulnerabilities; Support anti-virus, can quickly and accurately detect and kill viruses and other malicious programs in network traffic, and protect more than 1 million viruses and Trojans; It supports filtering file expansion types, which can easily filter all kinds of small files embedded in web pages to prevent viruses and Trojan horses from invading the enterprise network through small files and endangering network security. Support URL filtering, remote query of malicious domain names, effectively intercept phishing websites, Trojan attacks, hacker intrusions and network fraud through local + cloud methods; It supports application recognition, and the accuracy reaches the level of application behavior. The combination of application identification and intrusion detection, anti-virus, URL filtering, and filtering file expansion types greatly improves the detection performance and accuracy. Provide a comprehensive and timely security signature database, keep up with the latest developments in the field of network security, and ensure timely and accurate updates of the feature database. Refined identification and control of online behaviors It has a large-scale application identification feature database, and can control more than 500 common desktop and mobile Internet applications in China with one click, including video, social networking, shopping, finance and other applications; Accurately identify popular application behaviors such as WeChat, Weibo, and QQ, such as text communication, voice and video, file transfer, music playback, etc., and finely control these behaviors, and intercept or restrict them in a purposeful and targeted manner; Built-in database of more than 10 types of domestic URLs, which can restrict employees' access to the corresponding websites with one click; Support prohibiting web submission, restricting employees from logging in to various web-based forums, microblogs, mailboxes, etc. to publish information, filtering email content, and effectively avoiding the leakage of sensitive enterprise data; *The database of applications and URLs will be updated and added continuously. Complete security audit strategy Detailed and comprehensive logging: System logs, operation logs, policy hit logs, traffic logs, audit logs, threat logs, content logs, URL logs, and email filtering logs are supported to record firewall-related traffic and operation history in detail, helping administrators understand network status and quickly locate network problems. Graphical traffic statistics: Traffic statistics can be performed in three dimensions: interface, IP, and security policy, and the traffic data of security policies can be displayed graphically in real time, which is clear at a glance. The traffic analysis report can be output in the form of PDF report to help the administrator analyze the historical traffic distribution. Internet behavior audit: Support HTTP behavior audit, FTP behavior audit, email audit, IM audit, through audit logs, you can understand the Internet behavior of employees during work, including web access, APP application, etc., so that bad Internet behavior can be traced; TP-LINK security audit system: It can be used with the TP-LINK security audit system to store logs for a long time and in large capacity, and output more detailed analysis reports. Simple O&M and security management Full Chinese web interface, detailed and clear configuration guidance; Graphical interface display, real-time monitoring of key resources such as CPU utilization, clear and intuitive; Support local/remote management, convenient chain operation, remote assistance; Support password authentication/identity recognition to ensure authorization security; Support multi-administrator roles and refined permission management; Support license management and feature database upgrade; Support active/standby switchover and on-line detection to ensure high-reliability operation of the equipment; A separate console management port is provided to debug the device through the command line with the assistance of technical support personnel. Flexible bandwidth management policies Provides flexible bandwidth management policies to control the bandwidth used by each IP address in the network to ensure the network experience of key services and users. The management and control methods include bidirectional bandwidth control, connection limit, and connection monitoring. Abundant routing features Static routing, policy-based routing, intelligent balancing, VPN (IPSec/PPTP/L2TP VPN), dynamic DNS (Peanutshell, Kemai, 3322) and other functions are supported. Enterprise-grade quality with selected devices Built-in industrial-grade high-quality power supply, adaptable to 100V-240V wide voltage input range, effectively resisting voltage fluctuations; The steel shell design provides better heat dissipation performance and shielding performance, and has stronger anti-interference ability to ensure that the equipment works stably in various environments. Supports multiple deployment modes Layer 3 routing gateway mode As a Layer 3 routing gateway, TL-FW5600E-4G replaces the original router in the network, and the data communication between the internal network and the external network is NAT converted through the firewall. Layer 2 transparent bridge mode TL-FW5600E-4G supports setting up some or all interfaces as bridges, which work in a Layer 2 network, and the network can be protected by firewalls as long as data passes through the bridge interfaces. In this mode, firewall deployment does not need to change the original topology, which is more convenient and faster. Route + Bridge mode During actual network deployment, some interfaces of the firewall can be set as bridge interfaces and part of the firewall interfaces as routing interfaces according to on-site requirements, so that the two methods can be flexibly combined to achieve more cost-effective network protection.

TL-FW5800 is an enhanced firewall product launched by TP-LINK, which supports anti-virus, intrusion prevention, malicious domain name, application identification, website classification and other feature libraries, and integrates firewall policy, attack protection, DPI in-depth security, security audit, bandwidth management, VPN and other functions, effectively resisting network risks, achieving comprehensive protection, simplifying operation and maintenance, and ensuring the continuous and stable operation of enterprise core applications and services. Multi-core 64-bit network-specific processor, 2GB DDRIV high-speed memory 4 Gigabit RJ45 ports, 2 10 Gigabit SFP+ ports You can configure security policies, audit policies, bandwidth policies, and NAT policies Expandable all-in-one DPI security (intrusion prevention, anti-virus, file filtering, malicious domain name remote query, application behavior control) Supports rich policy objects (security zones, addresses, applications, blacklists and whitelists, security profiles, intrusion prevention, audit profiles, etc.) Supports rich network functions, such as static routing, policy-based routing, intelligent balancing, VPN (IPSec/PPTP/L2TP VPN), DDNS, etc Multi-administrator roles, refined permission management Anti-private IPC in hotel scenarios: Allow normal Internet terminals and block private IPC traffic Supports first-pack application identification to improve application recognition performance Abundant ports and powerful performance It adopts a professional multi-core 64-bit network-specific processor and 2GB DDRIV high-speed memory to provide powerful packet processing capabilities. It provides 4 Gigabit RJ45 ports and 2 10 Gigabit SFP+ ports, which can meet the requirements of high-speed data forwarding and facilitate users to manage and maintain the system. Anti-private connection IPC in hotel scenes TP-LINK's self-developed anti-private IPC function distinguishes between normal Internet terminals and IPC devices through machine learning traffic feature information, and realizes flexible blocking strategies: allow normal Internet terminals, block private IPC, and push alarm information through alarms or business cloud apps. First-pack application identification It supports TP-LINK's unique application identification of the first packet, which can identify the application in the first packet, realize application traffic selection, and improve the application recognition performance Comprehensive security strategy Adopting the principle of minimum security, it supports security policies based on security zones, source IP addresses, destination IP addresses, source ports, destination ports, service groups, application groups, user groups, time periods, blacklists and whitelists, websites, internal server certificates, anti-virus, URL filtering, file filtering, application behavior control, email content filtering, intrusion prevention, audit profiles and other objects. All-round attack protection It supports a variety of intranet/extranet attack protection functions, and can effectively prevent various DoS attacks, scanning attacks, and suspicious packet attacks, such as TCP Syn Flood, UDP Flood, ICMP Flood, IP Scanning, Port Scanning, WinNuke Attacks, Fragment Packet Attacks, WAN Port Ping, TCP Scan (Stealth FIN/Xmas/Null), IP Spoofing, TearDrop, etc. ARP protection, such as ARP spoofing and ARP attacks, is supported to avoid service interruption and frequent network disconnection. Support IP and MAC binding, which can bind the IP and MAC address information of the LAN port (intranet) and WAN port (extranet) hosts at the same time to prevent ARP spoofing. MAC address filtering is supported to block access to unauthorized hosts. Expandable integrated DPI for in-depth security Support intrusion prevention, get the latest threat information in the first time, and accurately detect and defend against attacks against vulnerabilities; It supports anti-virus, which can quickly and accurately detect and kill viruses and other malicious programs in network traffic, and protect more than 6 million viruses and Trojans. It supports filtering file expansion types, which can easily filter all kinds of small files embedded in web pages to prevent viruses and Trojan horses from invading the enterprise network through small files and endangering network security. Support URL filtering, remote query of malicious domain names, effectively intercept phishing websites, Trojan attacks, hacker intrusions and network fraud through local + cloud methods; It supports application recognition, and the accuracy reaches the level of application behavior. The combination of application identification and intrusion detection, anti-virus, URL filtering, and filtering file expansion types greatly improves the detection performance and accuracy. Provide a comprehensive and timely security signature database, keep up with the latest developments in the field of network security, and ensure timely and accurate updates of the feature database. Refined identification and control of online behaviors It has a large-scale application identification feature database, and one-click control of nearly 6,000 common desktop and mobile Internet applications in 36 categories, including video, social networking, shopping, finance and other applications; Accurately identify popular application behaviors such as WeChat, Weibo, and QQ, such as text communication, voice and video, file transfer, music playback, etc., and finely control these behaviors, and intercept or restrict them in a purposeful and targeted manner; Built-in database of more than 10 types of domestic URLs, which can restrict employees' access to the corresponding websites with one click; Support prohibiting web submission, restricting employees from logging in to various web-based forums, microblogs, mailboxes, etc. to publish information, filtering email content, and effectively avoiding the leakage of sensitive enterprise data; *The database of applications and URLs will be updated and added continuously. Complete security audit strategy Detailed and comprehensive logging: System logs, operation logs, policy hit logs, traffic logs, audit logs, threat logs, content logs, URL logs, and email filtering logs are supported to record firewall-related traffic and operation history in detail, helping administrators understand network status and quickly locate network problems. Graphical traffic statistics: Traffic statistics can be performed in three dimensions: interface, IP, and security policy, and the traffic data of security policies can be displayed graphically in real time, which is clear at a glance. The traffic analysis report can be output in the form of PDF report to help the administrator analyze the historical traffic distribution. Internet behavior audit: Support HTTP behavior audit, FTP behavior audit, email audit, IM audit, through audit logs, you can understand the Internet behavior of employees during work, including web access, APP application, etc., so that bad Internet behavior can be traced; TP-LINK security audit system: It can be used with the TP-LINK security audit system to store logs for a long time and in large capacity, and output more detailed analysis reports. Simple O&M and security management Full Chinese web interface, detailed and clear configuration guidance; Graphical interface display, real-time monitoring of key resources such as CPU utilization, clear and intuitive; Support local/remote management, convenient chain operation, remote assistance; Support password authentication/identity recognition to ensure authorization security; Support multi-administrator roles and refined permission management; Support hard disk management, license management, and signature database upgrade; Support active/standby switchover and on-line detection to ensure high-reliability operation of the equipment; A separate console management port is provided, which can be managed from the command line. Flexible bandwidth management policies Provides flexible bandwidth management policies to control the bandwidth used by each IP address in the network to ensure the network experience of key services and users. The management and control methods include bidirectional bandwidth control, connection limit, and connection monitoring. Abundant routing features Static routing, policy-based routing, intelligent balancing, VPN (IPSec/PPTP/L2TP VPN), dynamic DNS (Peanutshell, Kemai, 3322) and other functions are supported. Supports multiple deployment modes Layer 3 routing gateway mode As a Layer 3 routing gateway, the TL-FW5800 replaces the original router in the network, and the data communication between the internal network and the external network is NAT converted through the firewall. Layer 2 transparent bridge mode The TL-FW5800 supports setting up some or all of the interfaces as bridges, which work in a Layer 2 network, and the network can be protected by firewalls as long as data passes through the bridge interfaces. In this mode, firewall deployment does not need to change the original topology, which is more convenient and faster. Route + Bridge mode During actual network deployment, some interfaces of the firewall can be set as bridge interfaces and part of the firewall interfaces as routing interfaces according to on-site requirements, so that the two methods can be flexibly combined to achieve more cost-effective network protection.

TL-FW5900 is an enhanced firewall product launched by TP-LINK, which supports anti-virus, intrusion prevention, malicious domain names, application identification, website classification and other feature libraries, and integrates firewall policy, attack protection, DPI in-depth security, security audit, bandwidth management, VPN and other functions, effectively resisting network risks, achieving comprehensive protection, simplifying operation and maintenance, ensuring the continuous and stable operation of enterprise core applications and services, and is suitable for enterprises, government agencies, parks, chain hotels and other scenarios. Multi-core 64-bit network-specific processor, 2.2GHz, 4GB DDR4 high-speed memory 4 x 2.5G RJ45 ports, 8 x Gigabit RJ45 ports, 2 x 10 Gigabit SFP+ ports, 1 x HDD interface (HDD/SSD) You can configure security policies, audit policies, bandwidth policies, and NAT policies Expandable all-in-one DPI security (intrusion prevention, anti-virus, file filtering, malicious domain name remote query, application behavior control) Supports rich policy objects (security zones, addresses, applications, blacklists and whitelists, security profiles, intrusion prevention, audit profiles, etc.) Supports rich network functions, such as static routing, policy-based routing, intelligent balancing, VPN (IPSec/PPTP/L2TP VPN), DDNS, etc Multi-administrator roles, refined permission management Supports first-pack application identification to improve application recognition performance Abundant ports and powerful performance It adopts a professional multi-core 64-bit network dedicated processor, with a main frequency of 2.2GHz and 4GB DDR4 high-speed memory, providing powerful packet processing capabilities. It provides 4 2.5G RJ45 ports, 8 Gigabit RJ45 ports, 2 10 Gigabit SFP+ ports, and 1 hard disk interface (HDD/SSD), which is convenient for users to manage and maintain the system while meeting the needs of high-speed data forwarding. First-pack application identification It supports TP-LINK's unique application identification of the first packet, which can identify the application in the first packet, realize application traffic selection, and improve the application recognition performance Comprehensive security strategy Adopting the principle of minimum security, it supports security policies based on security zones, source IP addresses, destination IP addresses, source ports, destination ports, service groups, application groups, user groups, time periods, blacklists and whitelists, websites, internal server certificates, anti-virus, URL filtering, file filtering, application behavior control, email content filtering, intrusion prevention, audit profiles and other objects. All-round attack protection It supports a variety of intranet/extranet attack protection functions, and can effectively prevent various DoS attacks, scanning attacks, and suspicious packet attacks, such as TCP Syn Flood, UDP Flood, ICMP Flood, IP Scanning, Port Scanning, WinNuke Attacks, Fragment Packet Attacks, WAN Port Ping, TCP Scan (Stealth FIN/Xmas/Null), IP Spoofing, TearDrop, etc. ARP protection, such as ARP spoofing and ARP attacks, is supported to avoid service interruption and frequent network disconnection. Support IP and MAC binding, which can bind the IP and MAC address information of the LAN port (intranet) and WAN port (extranet) hosts at the same time to prevent ARP spoofing. MAC address filtering is supported to block access to unauthorized hosts. Expandable integrated DPI for in-depth security Support intrusion prevention, get the latest threat information in the first time, and accurately detect and defend against attacks against vulnerabilities; It supports anti-virus, which can quickly and accurately detect and kill viruses and other malicious programs in network traffic, and protect more than 6 million viruses and Trojans. It supports filtering file expansion types, which can easily filter all kinds of small files embedded in web pages to prevent viruses and Trojan horses from invading the enterprise network through small files and endangering network security. Support URL filtering, remote query of malicious domain names, effectively intercept phishing websites, Trojan attacks, hacker intrusions and network fraud through local + cloud methods; It supports application recognition, and the accuracy reaches the level of application behavior. The combination of application identification and intrusion detection, anti-virus, URL filtering, and filtering file expansion types greatly improves the detection performance and accuracy. Provide a comprehensive and timely security signature database, keep up with the latest developments in the field of network security, and ensure timely and accurate updates of the feature database. Refined identification and control of online behaviors It has a large-scale application identification feature database, and one-click control of nearly 6,000 common desktop and mobile Internet applications in 36 categories, including video, social networking, shopping, finance and other applications; Accurately identify popular application behaviors such as WeChat, Weibo, and QQ, such as text communication, voice and video, file transfer, music playback, etc., and finely control these behaviors, and intercept or restrict them in a purposeful and targeted manner; Built-in database of more than 10 types of domestic URLs, which can restrict employees' access to the corresponding websites with one click; Support prohibiting web submission, restricting employees from logging in to various web-based forums, microblogs, mailboxes, etc. to publish information, filtering email content, and effectively avoiding the leakage of sensitive enterprise data; *The database of applications and URLs will be updated and added continuously. Complete security audit strategy Detailed and comprehensive logging: System logs, operation logs, policy hit logs, traffic logs, audit logs, threat logs, content logs, URL logs, and email filtering logs are supported to record firewall-related traffic and operation history in detail, helping administrators understand network status and quickly locate network problems. Graphical traffic statistics: Traffic statistics can be performed in three dimensions: interface, IP, and security policy, and the traffic data of security policies can be displayed graphically in real time, which is clear at a glance. The traffic analysis report can be output in the form of PDF report to help the administrator analyze the historical traffic distribution. Internet behavior audit: Support HTTP behavior audit, FTP behavior audit, email audit, IM audit, through audit logs, you can understand the Internet behavior of employees during work, including web access, APP application, etc., so that bad Internet behavior can be traced; TP-LINK security audit system: It can be used with the TP-LINK security audit system to store logs for a long time and in large capacity, and output more detailed analysis reports. Simple O&M and security management Full Chinese web interface, detailed and clear configuration guidance; Graphical interface display, real-time monitoring of key resources such as CPU utilization, clear and intuitive; Support local/remote management, convenient chain operation, remote assistance; Support password authentication/identity recognition to ensure authorization security; Support multi-administrator roles and refined permission management; Support hard disk management, license management, and signature database upgrade; Support active/standby switchover and on-line detection to ensure high-reliability operation of the equipment; A separate console management port is provided, which can be managed from the command line. Flexible bandwidth management policies Provides flexible bandwidth management policies to control the bandwidth used by each IP address in the network to ensure the network experience of key services and users. The management and control methods include bidirectional bandwidth control, connection limit, and connection monitoring. Abundant routing features Static routing, policy-based routing, intelligent balancing, VPN (IPSec/PPTP/L2TP VPN), dynamic DNS (Peanutshell, Kemai, 3322) and other functions are supported. Supports multiple deployment modes Layer 3 routing gateway mode As a Layer 3 routing gateway, the TL-FW5900 replaces the original router in the network, and the data communication between the internal network and the external network is NAT converted through the firewall. Layer 2 transparent bridge mode The TL-FW5900 supports setting up some or all of the interfaces as bridges, which work in a Layer 2 network, and the network can be protected by firewalls as long as data passes through the bridge interfaces. In this mode, firewall deployment does not need to change the original topology, which is more convenient and faster. Route + Bridge mode During actual network deployment, some interfaces of the firewall can be set as bridge interfaces and part of the firewall interfaces as routing interfaces according to on-site requirements, so that the two methods can be flexibly combined to achieve more cost-effective network protection.

TL-NASG5003 is a network-wide behavior management controller launched by TP-LINK, which supports visual analysis of user behavior, has a variety of feature libraries such as anti-virus, intrusion prevention, malicious domain name, application identification, website classification, etc., and integrates multiple functions such as user behavior analysis, firewall policy, attack protection, DPI in-depth security, security audit, bandwidth management, VPN, etc., effectively auditing network user behavior, resisting network risks, achieving comprehensive protection, and simplifying operation and maintenance. Ensure the continuous and stable operation of core applications and services of enterprises, and apply to scenarios such as enterprises, government agencies, parks, and chain hotels. Multi-core 64-bit network-specific processor, 2GB DDRIV high-speed memory 5 Gigabit RJ45 ports User behavior visualization, traffic destination analysis, control analysis, access analysis, leakage analysis, etc Built-in 10 million+ website classification database and 6000+ application feature database You can configure security policies, audit policies, bandwidth policies, and NAT policies Expandable all-in-one DPI security (intrusion prevention, anti-virus, file filtering, malicious domain name remote query, application behavior control) Supports rich policy objects (security zones, addresses, applications, blacklists and whitelists, security profiles, intrusion prevention, audit profiles, etc.) Supports rich network functions, such as static routing, policy-based routing, intelligent balancing, VPN (IPSec/PPTP/L2TP VPN), DDNS, etc Multi-administrator roles, refined permission management Supports first-pack application identification to improve application recognition performance The bandwidth of Internet behavior audit is greater than 100 Mbit/s Abundant ports and powerful performance It adopts a professional multi-core 64-bit network-specific processor and 2GB DDRIV high-speed memory to provide powerful packet processing capabilities. It provides 5 Gigabit RJ45 ports, which can meet the requirements of high-speed data forwarding and facilitate users to manage and maintain the system. Precise control of network-wide behaviors to ensure enterprise information security It has rich user behavior analysis functions, including the traffic statistics of applications/application groups (traffic destination analysis, access tendency analysis, violation and leakage risk analysis), website access duration, user blocking behavior ranking, user outgoing file size ranking, website type distribution, user traffic ranking and other audit and analysis functions, comprehensively audit user online behavior, make office more standardized, more efficient and safer. It has a large-scale application identification feature database, and one-click control of nearly 6,000 common desktop and mobile Internet applications in 36 categories, including video, social networking, shopping, finance and other applications; Accurately identify popular application behaviors such as WeChat, Weibo, and QQ, such as text communication, voice and video, file transfer, music playback, etc., and finely control these behaviors, and intercept or restrict them in a purposeful and targeted manner; Built-in database of more than 10 types of domestic URLs, which can restrict employees' access to the corresponding websites with one click; Support prohibiting web submission, restricting employees from logging in to various web-based forums, microblogs, mailboxes, etc. to publish information, filtering email content, and effectively avoiding the leakage of sensitive enterprise data; *The database of applications and URLs will be updated and added continuously. First-pack application identification It supports TP-LINK's unique application identification of the first packet, which can identify the application in the first packet, realize application traffic selection, and improve the application recognition performance Comprehensive security strategy Adopting the principle of minimum security, it supports security policies based on security zones, source IP addresses, destination IP addresses, source ports, destination ports, service groups, application groups, user groups, time periods, blacklists and whitelists, websites, internal server certificates, anti-virus, URL filtering, file filtering, application behavior control, email content filtering, intrusion prevention, audit profiles and other objects. All-round attack protection It supports a variety of intranet/extranet attack protection functions, and can effectively prevent various DoS attacks, scanning attacks, and suspicious packet attacks, such as TCP Syn Flood, UDP Flood, ICMP Flood, IP Scanning, Port Scanning, WinNuke Attacks, Fragment Packet Attacks, WAN Port Ping, TCP Scan (Stealth FIN/Xmas/Null), IP Spoofing, TearDrop, etc. ARP protection, such as ARP spoofing and ARP attacks, is supported to avoid service interruption and frequent network disconnection. Support IP and MAC binding, which can bind the IP and MAC address information of the LAN port (intranet) and WAN port (extranet) hosts at the same time to prevent ARP spoofing. MAC address filtering is supported to block access to unauthorized hosts. Expandable integrated DPI for in-depth security Support intrusion prevention, get the latest threat information in the first time, and accurately detect and defend against attacks against vulnerabilities; It supports anti-virus, which can quickly and accurately detect and kill viruses and other malicious programs in network traffic, and protect more than 6 million viruses and Trojans. It supports filtering file expansion types, which can easily filter all kinds of small files embedded in web pages to prevent viruses and Trojan horses from invading the enterprise network through small files and endangering network security. Support URL filtering, remote query of malicious domain names, effectively intercept phishing websites, Trojan attacks, hacker intrusions and network fraud through local + cloud methods; It supports application recognition, and the accuracy reaches the level of application behavior. The combination of application identification and intrusion detection, anti-virus, URL filtering, and filtering file expansion types greatly improves the detection performance and accuracy. Provide a comprehensive and timely security signature database, keep up with the latest developments in the field of network security, and ensure timely and accurate updates of the feature database. Complete security audit strategy Detailed and comprehensive logging: System logs, operation logs, policy hit logs, traffic logs, audit logs, threat logs, content logs, URL logs, and email filtering logs are supported to record firewall-related traffic and operation history in detail, helping administrators understand network status and quickly locate network problems. Graphical traffic statistics: Traffic statistics can be performed in three dimensions: interface, IP, and security policy, and the traffic data of security policies can be displayed graphically in real time, which is clear at a glance. The traffic analysis report can be output in the form of PDF report to help the administrator analyze the historical traffic distribution. Internet behavior audit: Support HTTP behavior audit, FTP behavior audit, email audit, IM audit, through audit logs, you can understand the Internet behavior of employees during work, including web access, APP application, etc., so that bad Internet behavior can be traced; TP-LINK security audit system: It can be used with the TP-LINK security audit system to store logs for a long time and in large capacity, and output more detailed analysis reports. Simple O&M and security management Full Chinese web interface, detailed and clear configuration guidance; Graphical interface display, real-time monitoring of key resources such as CPU utilization, clear and intuitive; Support local/remote management, convenient chain operation, remote assistance; Support password authentication/identity recognition to ensure authorization security; Support multi-administrator roles and refined permission management; Support hard disk management, license management, and signature database upgrade; Support active/standby switchover and on-line detection to ensure high-reliability operation of the equipment; A separate console management port is provided, which can be managed from the command line. Flexible bandwidth management policies Provides flexible bandwidth management policies to control the bandwidth used by each IP address in the network to ensure the network experience of key services and users. The management and control methods include bidirectional bandwidth control, connection limit, and connection monitoring. Abundant routing features Static routing, policy-based routing, intelligent balancing, VPN (IPSec/PPTP/L2TP VPN), dynamic DNS (Peanutshell, Kemai, 3322) and other functions are supported. Supports multiple deployment modes Layer 3 routing gateway mode As a Layer 3 routing gateway, TL-NASG5003 replaces the original router in the network, and the data communication between the internal network and the external network is NAT converted through the firewall. Layer 2 transparent bridge mode TL-NASG5003 allows some or all of the interfaces to be set up as bridges, which work in a Layer 2 network and are protected by firewalls as long as data passes through the bridge interfaces. In this mode, firewall deployment does not need to change the original topology, which is more convenient and faster. Route + Bridge mode During actual network deployment, some interfaces of the firewall can be set as bridge interfaces and part of the firewall interfaces as routing interfaces according to on-site requirements, so that the two methods can be flexibly combined to achieve more cost-effective network protection.

TL-NASG5005 is a network-wide behavior management controller launched by TP-LINK, which supports visual analysis of user behavior, has a variety of feature libraries such as anti-virus, intrusion prevention, malicious domain name, application identification, website classification, etc., and integrates multiple functions such as user behavior analysis, firewall policy, attack protection, DPI in-depth security, security audit, bandwidth management, VPN, etc., to effectively audit network user behavior, resist network risks, achieve comprehensive protection, and simplify operation and maintenance. Ensure the continuous and stable operation of core applications and services of enterprises, and apply to scenarios such as enterprises, government agencies, parks, and chain hotels. Multi-core 64-bit network-specific processor, 2GB DDRIV high-speed memory 4 x Gigabit RJ45 ports, 2 x 10 Gigabit SFP+ ports User behavior visualization, traffic destination analysis, control analysis, access analysis, leakage analysis, etc You can configure security policies, audit policies, bandwidth policies, and NAT policies Expandable all-in-one DPI security (intrusion prevention, anti-virus, file filtering, malicious domain name remote query, application behavior control) Supports rich policy objects (security zones, addresses, applications, blacklists and whitelists, security profiles, intrusion prevention, audit profiles, etc.) Supports rich network functions, such as static routing, policy-based routing, intelligent balancing, VPN (IPSec/PPTP/L2TP VPN), DDNS, etc Multi-administrator roles, refined permission management Supports application-based intelligent routing Supports first-pack application identification to improve application recognition performance Abundant ports and powerful performance It adopts a professional multi-core 64-bit network-specific processor and 2GB DDRIV high-speed memory to provide powerful packet processing capabilities. It provides 4 Gigabit RJ45 ports and 2 10 Gigabit SFP+ ports, which can meet the requirements of high-speed data forwarding and facilitate users to manage and maintain the system. Precise control of network-wide behaviors to ensure enterprise information security It has rich user behavior analysis functions, including the traffic statistics of applications/application groups (traffic destination analysis, access tendency analysis, violation and leakage risk analysis), website access duration, user blocking behavior ranking, user outgoing file size ranking, website type distribution, user traffic ranking and other audit and analysis functions, comprehensively audit user online behavior, make office more standardized, more efficient and safer. It has a large-scale application identification feature database, and one-click control of nearly 6,000 common desktop and mobile Internet applications in 36 categories, including video, social networking, shopping, finance and other applications; Accurately identify popular application behaviors such as WeChat, Weibo, and QQ, such as text communication, voice and video, file transfer, music playback, etc., and finely control these behaviors, and intercept or restrict them in a purposeful and targeted manner; Built-in database of more than 10 types of domestic URLs, which can restrict employees' access to the corresponding websites with one click; Support prohibiting web submission, restricting employees from logging in to various web-based forums, microblogs, mailboxes, etc. to publish information, filtering email content, and effectively avoiding the leakage of sensitive enterprise data; *The database of applications and URLs will be updated and added continuously. First-pack application identification It supports TP-LINK's unique application identification of the first packet, which can identify the application in the first packet, realize application traffic selection, and improve the application recognition performance Comprehensive security strategy Adopting the principle of minimum security, it supports security policies based on security zones, source IP addresses, destination IP addresses, source ports, destination ports, service groups, application groups, user groups, time periods, blacklists and whitelists, websites, internal server certificates, anti-virus, URL filtering, file filtering, application behavior control, email content filtering, intrusion prevention, audit profiles and other objects. All-round attack protection It supports a variety of intranet/extranet attack protection functions, and can effectively prevent various DoS attacks, scanning attacks, and suspicious packet attacks, such as TCP Syn Flood, UDP Flood, ICMP Flood, IP Scanning, Port Scanning, WinNuke Attacks, Fragment Packet Attacks, WAN Port Ping, TCP Scan (Stealth FIN/Xmas/Null), IP Spoofing, TearDrop, etc. ARP protection, such as ARP spoofing and ARP attacks, is supported to avoid service interruption and frequent network disconnection. Support IP and MAC binding, which can bind the IP and MAC address information of the LAN port (intranet) and WAN port (extranet) hosts at the same time to prevent ARP spoofing. MAC address filtering is supported to block access to unauthorized hosts. Expandable integrated DPI for in-depth security Support intrusion prevention, get the latest threat information in the first time, and accurately detect and defend against attacks against vulnerabilities; It supports anti-virus, which can quickly and accurately detect and kill viruses and other malicious programs in network traffic, and protect more than 6 million viruses and Trojans. It supports filtering file expansion types, which can easily filter all kinds of small files embedded in web pages to prevent viruses and Trojan horses from invading the enterprise network through small files and endangering network security. Support URL filtering, remote query of malicious domain names, effectively intercept phishing websites, Trojan attacks, hacker intrusions and network fraud through local + cloud methods; It supports application recognition, and the accuracy reaches the level of application behavior. The combination of application identification and intrusion detection, anti-virus, URL filtering, and filtering file expansion types greatly improves the detection performance and accuracy. Provide a comprehensive and timely security signature database, keep up with the latest developments in the field of network security, and ensure timely and accurate updates of the feature database. Complete security audit strategy Detailed and comprehensive logging: System logs, operation logs, policy hit logs, traffic logs, audit logs, threat logs, content logs, URL logs, and email filtering logs are supported to record firewall-related traffic and operation history in detail, helping administrators understand network status and quickly locate network problems. Graphical traffic statistics: Traffic statistics can be performed in three dimensions: interface, IP, and security policy, and the traffic data of security policies can be displayed graphically in real time, which is clear at a glance. The traffic analysis report can be output in the form of PDF report to help the administrator analyze the historical traffic distribution. Internet behavior audit: Support HTTP behavior audit, FTP behavior audit, email audit, IM audit, through audit logs, you can understand the Internet behavior of employees during work, including web access, APP application, etc., so that bad Internet behavior can be traced; TP-LINK security audit system: It can be used with the TP-LINK security audit system to store logs for a long time and in large capacity, and output more detailed analysis reports. Simple O&M and security management Full Chinese web interface, detailed and clear configuration guidance; Graphical interface display, real-time monitoring of key resources such as CPU utilization, clear and intuitive; Support local/remote management, convenient chain operation, remote assistance; Support password authentication/identity recognition to ensure authorization security; Support multi-administrator roles and refined permission management; Support hard disk management, license management, and signature database upgrade; Support active/standby switchover and on-line detection to ensure high-reliability operation of the equipment; A separate console management port is provided, which can be managed from the command line. Flexible bandwidth management policies Provides flexible bandwidth management policies to control the bandwidth used by each IP address in the network to ensure the network experience of key services and users. The management and control methods include bidirectional bandwidth control, connection limit, and connection monitoring. Abundant routing features Static routing, policy-based routing, intelligent balancing, VPN (IPSec/PPTP/L2TP VPN), dynamic DNS (Peanutshell, Kemai, 3322) and other functions are supported. Supports multiple deployment modes Layer 3 routing gateway mode As a Layer 3 routing gateway, TL-NASG5005 replaces the original router in the network, and the data communication between the internal network and the external network is NAT converted through the firewall. Layer 2 transparent bridge mode TL-NASG5005 allows some or all of the interfaces to be set up as bridges, which work in a Layer 2 network and are protected by firewalls as long as data passes through the bridge interfaces. In this mode, firewall deployment does not need to change the original topology, which is more convenient and faster. Route + Bridge mode During actual network deployment, some interfaces of the firewall can be set as bridge interfaces and part of the firewall interfaces as routing interfaces according to on-site requirements, so that the two methods can be flexibly combined to achieve more cost-effective network protection.

TL-NASG5007 is an enhanced firewall product launched by TP-LINK, which supports anti-virus, intrusion prevention, malicious domain names, application identification, website classification and other feature databases, and integrates firewall policies, attack protection, DPI in-depth security, security audit, bandwidth management, VPN and other functions, effectively resisting network risks, achieving comprehensive protection, simplifying operation and maintenance, and ensuring the continuous and stable operation of enterprise core applications and services. Scenarios such as hotel chains. Multi-core 64-bit network-specific processor, 2.2GHz, 4GB DDR4 high-speed memory 4 x 2.5G RJ45 ports, 8 x Gigabit RJ45 ports, 2 x 10 Gigabit SFP+ ports, 1 x HDD interface (HDD/SSD) User behavior visualization, traffic destination analysis, control analysis, access analysis, leakage analysis, etc You can configure security policies, audit policies, bandwidth policies, and NAT policies Expandable all-in-one DPI security (intrusion prevention, anti-virus, file filtering, malicious domain name remote query, application behavior control) Supports rich policy objects (security zones, addresses, applications, blacklists and whitelists, security profiles, intrusion prevention, audit profiles, etc.) Supports rich network functions, such as static routing, policy-based routing, intelligent balancing, VPN (IPSec/PPTP/L2TP VPN), DDNS, etc Multi-administrator roles, refined permission management Supports first-pack application identification to improve application recognition performance The bandwidth of Internet behavior audit is greater than 1,000 Mbit/s With redundant power supply (1+1 redundancy) Abundant ports and powerful performance It adopts a professional multi-core 64-bit network dedicated processor, with a main frequency of 2.2GHz and 4GB DDR4 high-speed memory, providing powerful packet processing capabilities. It provides 4 2.5G RJ45 ports, 8 Gigabit RJ45 ports, 2 10 Gigabit SFP+ ports, and 1 hard disk interface (HDD/SSD), which is convenient for users to manage and maintain the system while meeting the needs of high-speed data forwarding. Precise control of network-wide behaviors to ensure enterprise information security It has rich user behavior analysis functions, including the traffic statistics of applications/application groups (traffic destination analysis, access tendency analysis, violation and leakage risk analysis), website access duration, user blocking behavior ranking, user outgoing file size ranking, website type distribution, user traffic ranking and other audit and analysis functions, comprehensively audit user online behavior, make office more standardized, more efficient and safer. It has a large-scale application identification feature database, and one-click control of nearly 6,000 common desktop and mobile Internet applications in 36 categories, including video, social networking, shopping, finance and other applications; Accurately identify popular application behaviors such as WeChat, Weibo, and QQ, such as text communication, voice and video, file transfer, music playback, etc., and finely control these behaviors, and intercept or restrict them in a purposeful and targeted manner; Built-in database of more than 10 types of domestic URLs, which can restrict employees' access to the corresponding websites with one click; Support prohibiting web submission, restricting employees from logging in to various web-based forums, microblogs, mailboxes, etc. to publish information, filtering email content, and effectively avoiding the leakage of sensitive enterprise data; *The database of applications and URLs will be updated and added continuously. First-pack application identification It supports TP-LINK's unique application identification of the first packet, which can identify the application in the first packet, realize application traffic selection, and improve the application recognition performance Comprehensive security strategy Adopting the principle of minimum security, it supports security policies based on security zones, source IP addresses, destination IP addresses, source ports, destination ports, service groups, application groups, user groups, time periods, blacklists and whitelists, websites, internal server certificates, anti-virus, URL filtering, file filtering, application behavior control, email content filtering, intrusion prevention, audit profiles and other objects. All-round attack protection It supports a variety of intranet/extranet attack protection functions, and can effectively prevent various DoS attacks, scanning attacks, and suspicious packet attacks, such as TCP Syn Flood, UDP Flood, ICMP Flood, IP Scanning, Port Scanning, WinNuke Attacks, Fragment Packet Attacks, WAN Port Ping, TCP Scan (Stealth FIN/Xmas/Null), IP Spoofing, TearDrop, etc. ARP protection, such as ARP spoofing and ARP attacks, is supported to avoid service interruption and frequent network disconnection. Support IP and MAC binding, which can bind the IP and MAC address information of the LAN port (intranet) and WAN port (extranet) hosts at the same time to prevent ARP spoofing. MAC address filtering is supported to block access to unauthorized hosts. Expandable integrated DPI for in-depth security Support intrusion prevention, get the latest threat information in the first time, and accurately detect and defend against attacks against vulnerabilities; It supports anti-virus, which can quickly and accurately detect and kill viruses and other malicious programs in network traffic, and protect more than 6 million viruses and Trojans. It supports filtering file expansion types, which can easily filter all kinds of small files embedded in web pages to prevent viruses and Trojan horses from invading the enterprise network through small files and endangering network security. Support URL filtering, remote query of malicious domain names, effectively intercept phishing websites, Trojan attacks, hacker intrusions and network fraud through local + cloud methods; It supports application recognition, and the accuracy reaches the level of application behavior. The combination of application identification and intrusion detection, anti-virus, URL filtering, and filtering file expansion types greatly improves the detection performance and accuracy. Provide a comprehensive and timely security signature database, keep up with the latest developments in the field of network security, and ensure timely and accurate updates of the feature database. Complete security audit strategy Detailed and comprehensive logging: System logs, operation logs, policy hit logs, traffic logs, audit logs, threat logs, content logs, URL logs, and email filtering logs are supported to record firewall-related traffic and operation history in detail, helping administrators understand network status and quickly locate network problems. Graphical traffic statistics: Traffic statistics can be performed in three dimensions: interface, IP, and security policy, and the traffic data of security policies can be displayed graphically in real time, which is clear at a glance. The traffic analysis report can be output in the form of PDF report to help the administrator analyze the historical traffic distribution. Internet behavior audit: Support HTTP behavior audit, FTP behavior audit, email audit, IM audit, through audit logs, you can understand the Internet behavior of employees during work, including web access, APP application, etc., so that bad Internet behavior can be traced; TP-LINK security audit system: It can be used with the TP-LINK security audit system to store logs for a long time and in large capacity, and output more detailed analysis reports. Simple O&M and security management Full Chinese web interface, detailed and clear configuration guidance; Graphical interface display, real-time monitoring of key resources such as CPU utilization, clear and intuitive; Support local/remote management, convenient chain operation, remote assistance; Support password authentication/identity recognition to ensure authorization security; Support multi-administrator roles and refined permission management; Support hard disk management, license management, and signature database upgrade; Support active/standby switchover and on-line detection to ensure high-reliability operation of the equipment; A separate console management port is provided, which can be managed from the command line. Flexible bandwidth management policies Provides flexible bandwidth management policies to control the bandwidth used by each IP address in the network to ensure the network experience of key services and users. The management and control methods include bidirectional bandwidth control, connection limit, and connection monitoring. Abundant routing features Static routing, policy-based routing, intelligent balancing, VPN (IPSec/PPTP/L2TP VPN), dynamic DNS (Peanutshell, Kemai, 3322) and other functions are supported. Supports multiple deployment modes Layer 3 routing gateway mode As a Layer 3 routing gateway, TL-NASG5007 replaces the original router in the network, and the data communication between the internal network and the external network is NAT converted through the firewall. Layer 2 transparent bridge mode TL-NASG5007 allows some or all of the interfaces to be bridged, which works in a Layer 2 network and is protected by firewalls as long as data passes through the bridge interface. In this mode, firewall deployment does not need to change the original topology, which is more convenient and faster. Route + Bridge mode During actual network deployment, some interfaces of the firewall can be set as bridge interfaces and part of the firewall interfaces as routing interfaces according to on-site requirements, so that the two methods can be flexibly combined to achieve more cost-effective network protection.

Access to multiple network modes It provides three access modes: dynamic IP, static IP and PPPoE, which supports both ADSL line users and cell broadband users. The PPPoE access mode supports three modes: automatic dialing, on-demand dialing, and manual dialing, to meet the dial-up needs of different users. IP bandwidth control function According to the Internet access needs of different users, the Internet bandwidth of each computer is reasonably allocated to avoid excessive preemption of bandwidth resources by individual users when using P2P software such as BT and Xunlei, which will affect the normal network use of other users. ARP attack protection feature It supports IP and MAC address binding, effectively preventing ARP attacks and ensuring the safe and stable operation of intranet communication. Economical and practical, simple and convenient, the first choice for home Internet access Provide a variety of access modes and dial-up modes to meet the network access needs of different users The built-in firewall can effectively control the Internet access rights of LAN users DHCP dynamic address allocation and static address allocation are supported

For users with large apartments and complex building layouts, it is difficult to obtain good Wi-Fi coverage with only one router. TP-LINK provides a set of professional and convenient solutions for this purpose. The AC all-in-one VPN router is paired with the wireless panel APs and routers in each room to provide high-quality, high-speed, and stable wireless network coverage experience for home users and small and micro enterprises. TL-R5406PE-AC is a new generation of 2.5G PoE· The AC all-in-one VPN router product has built-in AC (wireless controller) and standard PoE (Power over Ethernet) functions, providing 4 x 2.5Gbps PoE ports and 2 Gigabit PoE ports, which can be used with up to 4 x 2.5G APs at the same time to provide a faster Wi-Fi coverage experience. At the same time, it also supports rich software functions such as web authentication, IPSec/PPTP/L2TP VPN, Internet behavior management, PPPoE server, firewall, and intelligent bandwidth control. Dual-core CPU, 512MB DDRIII high-speed memory, powerful performance Four 2.5G network ports and two Gigabit network ports can be set as WAN ports, and up to four ports can be used as WAN ports All network ports support standard PoE power supply, and there is no need to purchase additional PoE switches The built-in wireless controller can manage the TP-LINK AP products in a unified manner It supports easy-to networking, and can be conveniently networked with easy-to-show series enterprise wireless routers, APs, and home routers IPSec/PPTP/L2TP VPN makes long-distance communication more secure Access Authentication (Web Authentication, SMS Authentication, PPPoE Server) Online behavior management (mobile APP control/desktop application control/website filtering/web security) Built-in AC+PoE function simplifies wireless networking in small and micro enterprises/villa environments Built-in AC (wireless controller) function, which is both a router and a wireless controller, can manage up to 100 TP-LINK AP products in a unified manner to build a wireless network; It can automatically discover the TP-LINK AP in the network, configure and manage the AP in a unified manner, realize zero-configuration AP access, plug and play, and support AP status monitoring, AP upgrade, and scheduled restart, which is easy to maintain. All ports support standard PoE power supply, in line with the IEEE802.3af/at standard, and the maximum output power of a single port is 30W. It is suitable for small enterprises, offices, villas and other environments to build wireless networks, without the need to purchase additional AC and PoE switches, simple deployment and maintenance, and cost-effective. A variety of VPNs for secure communication over long distances Support IPSec VPN to encrypt confidential data of enterprises and branches to ensure data security; It supports PPTP VPN and L2TP VPN server/client modes, which is convenient for employees on business trips and mobile office workers to remotely access the internal server of the enterprise, and easily realize remote work. Manage online behavior and standardize employees' use of the Internet Built-in database of common Internet applications, which can control various desktop and mobile Internet applications with one click, including social software/video software/music software/shopping and leisure software/news and information software/P2P software/financial software/online games/app stores/basic applications, etc.; Built-in database of hundreds of URLs in more than a dozen categories, which can restrict employees' access to the corresponding website with one click; It supports filtering file expansion types, which can easily filter various small files embedded in web pages to prevent viruses and Trojans from invading the enterprise network and endangering network security through these small files. A variety of authentication methods, control the Internet access, and realize advertising and marketing Support web authentication, and push merchant advertising information through the authentication page; Support SMS authentication, meet the requirements of real-name authentication, and can carry out secondary marketing based on mobile phone number; It supports PPPoE servers, which can realize unified dial-up Internet access for intranet users. Efficient firewall to ensure internal and external network security Support IP and MAC address binding, effectively preventing intranet/extranet ARP spoofing; In the event of ARP spoofing, the system can send ARP correction messages at specified frequencies to restore the normal state of the network in a timely manner. It supports intranet/extranet attack protection and can effectively prevent various common DoS attacks, scanning attacks, and suspicious packet attacks. It supports MAC address-based filtering to effectively block the access of unauthorized hosts. It can assign permissions through routers for various network services to ensure internal and external network security, and supports access control rules based on user groups and time periods to achieve more refined management. Flexible bandwidth control to ensure reasonable bandwidth utilization It supports elastic policies that enable bandwidth control based on bandwidth utilization, and can perform bidirectional bandwidth control for each host (IP) in the network, effectively inhibiting P2P applications such as BT and Thunderbolt from over-occupying bandwidth and ensuring smooth network at all times. It provides an IP-based connection limit function, which can limit the number of connections occupied by each computer, prevent a small number of users from excessively occupying a large number of connections, and ensure the smooth operation of games, Internet surfing, chatting, video and voice, etc. More useful features Support dynamic IP and static IP access technology; Intra/extranet two-way port monitoring to meet the data monitoring needs of relevant departments; Support DDNS and virtual server functions, easy to build intranet servers and private websites; Support UPnP and ALG service functions to ensure that special network applications can smoothly penetrate NAT; Full Chinese WEB management interface, management and maintenance are more convenient and fast; Support automatic cleaning function, which can automatically clean up the device cache when the network is idle to improve the stability of the device; Provide log list function to record network operation status in detail; Multiple fault detection tools, such as Ping and Tracert, are supported to help you quickly find and troubleshoot network faults.

For users with large apartments and complex building layouts, it is difficult to obtain good Wi-Fi coverage with only one router. TP-LINK provides a set of professional and convenient solutions for this purpose. The AC all-in-one VPN router is paired with the wireless panel APs and routers in each room to provide high-quality, high-speed, and stable wireless network coverage experience for home users and small and micro enterprises. TL-R5408PE-AC is a new generation of 2.5G PoE· The AC all-in-one VPN router product has built-in AC (wireless controller) and standard PoE (Power over Ethernet) functions, providing 4 2.5Gbps PoE ports and 4 Gigabit PoE ports, which can be used with up to 4 2.5G APs at the same time to provide a faster wireless network coverage experience. At the same time, it also supports rich software functions such as web authentication, IPSec/PPTP/L2TP VPN, Internet behavior management, PPPoE server, firewall, and intelligent bandwidth control. Dual-core CPU, 512MB DDRIII high-speed memory, powerful performance 4 x 2.5G LAN ports and 4 Gigabit LAN ports, both of which can be set as WAN ports, and up to 4 ports can be used as WAN ports (2.5G WAN ports are only supported in version 2.0) The built-in wireless controller can manage the TP-LINK AP products in a unified manner Support E-Zhan networking, which can be conveniently networked with E-Zhan series enterprise wireless routing, AP, and home router (*No hardware button, easy-to-show networking is required through the WEB interface) IPSec/PPTP/L2TP VPN makes long-distance communication more secure Access Authentication (Web Authentication, SMS Authentication, PPPoE Server) Online behavior management (mobile APP control/desktop application control/website filtering/web security) Built-in AC+PoE function simplifies wireless networking in small and micro enterprises/villa environments Built-in AC (wireless controller) function, which is both a router and a wireless controller, can manage up to 100 TP-LINK AP products in a unified manner to build a wireless network; It can automatically discover the TP-LINK AP in the network, configure and manage the AP in a unified manner, realize zero-configuration AP access, plug and play, and support AP status monitoring, AP upgrade, and scheduled restart, which is easy to maintain. All ports support standard PoE power supply, in line with the IEEE802.3af/at standard, and the maximum output power of a single port is 30W. It is suitable for small enterprises, offices, villas and other environments to build wireless networks, without the need to purchase additional AC and PoE switches, simple deployment and maintenance, and cost-effective. A variety of VPNs for secure communication over long distances Support IPSec VPN to encrypt confidential data of enterprises and branches to ensure data security; It supports PPTP VPN and L2TP VPN server/client modes, which is convenient for employees on business trips and mobile office workers to remotely access the internal server of the enterprise, and easily realize remote work. Manage online behavior and standardize employees' use of the Internet Built-in database of common Internet applications, which can control various desktop and mobile Internet applications with one click, including social software/video software/music software/shopping and leisure software/news and information software/P2P software/financial software/online games/app stores/basic applications, etc.; Built-in database of hundreds of URLs in more than a dozen categories, which can restrict employees' access to the corresponding website with one click; It supports filtering file expansion types, which can easily filter various small files embedded in web pages to prevent viruses and Trojans from invading the enterprise network and endangering network security through these small files. A variety of authentication methods, control the Internet access, and realize advertising and marketing Support web authentication, and push merchant advertising information through the authentication page; Support SMS authentication, meet the requirements of real-name authentication, and can carry out secondary marketing based on mobile phone number; It supports PPPoE servers, which can realize unified dial-up Internet access for intranet users. Efficient firewall to ensure internal and external network security Support IP and MAC address binding, effectively preventing intranet/extranet ARP spoofing; In the event of ARP spoofing, the system can send ARP correction messages at specified frequencies to restore the normal state of the network in a timely manner. It supports intranet/extranet attack protection and can effectively prevent various common DoS attacks, scanning attacks, and suspicious packet attacks. It supports MAC address-based filtering to effectively block the access of unauthorized hosts. It can assign permissions through routers for various network services to ensure internal and external network security, and supports access control rules based on user groups and time periods to achieve more refined management. Flexible bandwidth control to ensure reasonable bandwidth utilization It supports elastic policies that enable bandwidth control based on bandwidth utilization, and can perform bidirectional bandwidth control for each host (IP) in the network, effectively inhibiting P2P applications such as BT and Thunderbolt from over-occupying bandwidth and ensuring smooth network at all times. It provides an IP-based connection limit function, which can limit the number of connections occupied by each computer, prevent a small number of users from excessively occupying a large number of connections, and ensure the smooth operation of games, Internet surfing, chatting, video and voice, etc. More useful features Support dynamic IP and static IP access technology; Intra/extranet two-way port monitoring to meet the data monitoring needs of relevant departments; Support DDNS and virtual server functions, easy to build intranet servers and private websites; Support UPnP and ALG service functions to ensure that special network applications can smoothly penetrate NAT; Full Chinese WEB management interface, management and maintenance are more convenient and fast; Support automatic cleaning function, which can automatically clean up the device cache when the network is idle to improve the stability of the device; Provide log list function to record network operation status in detail; Multiple fault detection tools, such as Ping and Tracert, are supported to help you quickly find and troubleshoot network faults.

For users with large apartments and complex building layouts, it is difficult to obtain good Wi-Fi coverage with only one router. TP-LINK provides a set of professional and convenient solutions for this purpose. The AC all-in-one VPN router is paired with the wireless panel APs and routers in each room to provide high-quality, high-speed, and stable wireless network coverage experience for home users and small and micro enterprises. TL-R5408PEF-AC is a new generation of 2.5G PoE· AC optoelectronic all-in-one VPN router products have built-in AC (wireless controller) and standard PoE (Power over Ethernet) functions, providing 1 2.5Gbps network port, 3 2.5Gbps fiber expansion ports and 4 Gigabit PoE network ports (one of which is the WAN port by default), which can be used with Wi-Fi 6 AP and 2.5G E-Zhan router to provide a faster wireless network coverage experience. At the same time, it also supports rich software functions such as web authentication, IPSec/PPTP/L2TP VPN, Internet behavior management, PPPoE server, firewall, and intelligent bandwidth control. Dual-core CPU, 512MB DDRIII high-speed memory, powerful performance It supports one 2.5G RJ45 electrical port and three 2.5G optical fiber expansion ports, and can be used with 2.5G/1G optical modules and electrical modules The built-in wireless controller can manage the TP-LINK AP products in a unified manner Three 10/100/1000M RJ45 electrical ports support standard PoE power supply IPSec/PPTP/L2TP VPN makes long-distance communication more secure Access Authentication (Web Authentication, SMS Authentication, PPPoE Server) Online behavior management (mobile APP control/desktop application control/website filtering/web security) It supports easy-to networking, and can be conveniently networked with easy-to-show series enterprise wireless routers, APs, and home routers It supports the centralized management of TP-LINK commercial network cloud platform/APP Built-in AC+PoE function simplifies wireless networking in small and micro enterprises/villa environments Built-in AC (wireless controller) function, which is both a router and a wireless controller, can manage up to 100 TP-LINK AP products in a unified manner to build a wireless network; It can automatically discover the TP-LINK AP in the network, configure and manage the AP in a unified manner, realize zero-configuration AP access, plug and play, and support AP status monitoring, AP upgrade, and scheduled restart, which is easy to maintain. All ports support standard PoE power supply, in line with the IEEE802.3af/at standard, and the maximum output power of a single port is 30W. It is suitable for small enterprises, offices, villas and other environments to build wireless networks, without the need to purchase additional AC and PoE switches, simple deployment and maintenance, and cost-effective. A variety of VPNs for secure communication over long distances Support IPSec VPN to encrypt confidential data of enterprises and branches to ensure data security; It supports PPTP VPN and L2TP VPN server/client modes, which is convenient for employees on business trips and mobile office workers to remotely access the internal server of the enterprise, and easily realize remote work. Manage online behavior and standardize employees' use of the Internet Built-in database of common Internet applications, which can control various desktop and mobile Internet applications with one click, including social software/video software/music software/shopping and leisure software/news and information software/P2P software/financial software/online games/app stores/basic applications, etc.; Built-in database of hundreds of URLs in more than a dozen categories, which can restrict employees' access to the corresponding website with one click; It supports filtering file expansion types, which can easily filter various small files embedded in web pages to prevent viruses and Trojans from invading the enterprise network and endangering network security through these small files. A variety of authentication methods, control the Internet access, and realize advertising and marketing Support web authentication, and push merchant advertising information through the authentication page; Support SMS authentication, meet the requirements of real-name authentication, and can carry out secondary marketing based on mobile phone number; It supports PPPoE servers, which can realize unified dial-up Internet access for intranet users. Efficient firewall to ensure internal and external network security Support IP and MAC address binding, effectively preventing intranet/extranet ARP spoofing; In the event of ARP spoofing, the system can send ARP correction messages at specified frequencies to restore the normal state of the network in a timely manner. It supports intranet/extranet attack protection and can effectively prevent various common DoS attacks, scanning attacks, and suspicious packet attacks. It supports MAC address-based filtering to effectively block the access of unauthorized hosts. It can assign permissions through routers for various network services to ensure internal and external network security, and supports access control rules based on user groups and time periods to achieve more refined management. Flexible bandwidth control to ensure reasonable bandwidth utilization It supports elastic policies that enable bandwidth control based on bandwidth utilization, and can perform bidirectional bandwidth control for each host (IP) in the network, effectively inhibiting P2P applications such as BT and Thunderbolt from over-occupying bandwidth and ensuring smooth network at all times. It provides an IP-based connection limit function, which can limit the number of connections occupied by each computer, prevent a small number of users from excessively occupying a large number of connections, and ensure the smooth operation of games, Internet surfing, chatting, video and voice, etc. More useful features Support dynamic IP and static IP access technology; Intra/extranet two-way port monitoring to meet the data monitoring needs of relevant departments; Support DDNS and virtual server functions, easy to build intranet servers and private websites; Support UPnP and ALG service functions to ensure that special network applications can smoothly penetrate NAT; Full Chinese WEB management interface, management and maintenance are more convenient and fast; Support automatic cleaning function, which can automatically clean up the device cache when the network is idle to improve the stability of the device; Provide log list function to record network operation status in detail; Multiple fault detection tools, such as Ping and Tracert, are supported to help you quickly find and troubleshoot network faults.

For users with large apartments and complex building layouts, it is difficult to obtain good Wi-Fi coverage with only one router. TP-LINK provides a set of professional and convenient solutions for this purpose. The AC all-in-one VPN router is paired with the wireless panel APs and routers in each room to provide high-quality, high-speed, and stable wireless network coverage experience for home users and small and micro enterprises. The new generation of optoelectronic all-in-one VPN router supports 2.5G/10G functional custom ports, which can be used with the newly released Dadao, Feiliu and Shengshi series routers to form a "whole house super gigabit" solution, which is not only fiber-to-the-home, but also truly realizes 10G fiber-to-the-room! TL-R6812TP-AC is a new generation of optoelectronic all-in-one VPN router product developed by TP-LINK for small and micro enterprises, offices, villas and other environments, with built-in AC (wireless controller) and standard PoE (Power over Ethernet) functions, providing 8 10 Gigabit SFP+ fiber expansion ports and 4 Gigabit PoE network ports, and also supports Web authentication, IPSec/PPTP/L2TP VPN, Internet behavior management, PPPoE server, firewall, intelligent bandwidth control and other rich software functions. Quad-core CPU, 512MB DDRIV high-speed memory, powerful performance 8 10 Gigabit SFP+ fiber expansion ports, supporting 10G/2.5G/1G optical modules and electrical modules The built-in wireless controller can manage the TP-LINK AP products in a unified manner Four 10/100/1000M RJ45 electrical ports support standard PoE power supply, no need to purchase additional PoE switches IPSec/PPTP/L2TP VPN makes long-distance communication more secure Access Authentication (Web Authentication, SMS Authentication, PPPoE Server) Online behavior management (mobile APP control/desktop application control/website filtering/web security) It supports easy-to networking, and can be conveniently networked with easy-to-show series enterprise wireless routers, APs, and home routers It supports the centralized management of TP-LINK commercial network cloud platform/APP Built-in AC+PoE function simplifies wireless networking in small and micro enterprises/villa environments Built-in AC (wireless controller) function, which is both a router and a wireless controller, can manage up to 100 TP-LINK AP products in a unified manner to build a wireless network; It can automatically discover the TP-LINK AP in the network, configure and manage the AP in a unified manner, realize zero-configuration AP access, plug and play, and support AP status monitoring, AP upgrade, and scheduled restart, which is easy to maintain. All LAN ports support standard PoE power supply, in line with the IEEE802.3af/at standard, and the maximum output power of a single port is 30W. It is suitable for small enterprises, offices, villas and other environments to build wireless networks, without the need to purchase additional AC and PoE switches, simple deployment and maintenance, and cost-effective. A variety of VPNs for secure communication over long distances Support IPSec VPN to encrypt confidential data of enterprises and branches to ensure data security; It supports PPTP VPN and L2TP VPN server/client modes, which is convenient for employees on business trips and mobile office workers to remotely access the internal server of the enterprise, and easily realize remote work. Manage online behavior and standardize employees' use of the Internet Built-in database of common Internet applications, which can control various desktop and mobile Internet applications with one click, including social software/video software/music software/shopping and leisure software/news and information software/P2P software/financial software/online games/app stores/basic applications, etc.; Built-in database of hundreds of URLs in more than a dozen categories, which can restrict employees' access to the corresponding website with one click; It supports filtering file expansion types, which can easily filter various small files embedded in web pages to prevent viruses and Trojans from invading the enterprise network and endangering network security through these small files. A variety of authentication methods, control the Internet access, and realize advertising and marketing Support web authentication, and push merchant advertising information through the authentication page; Support SMS authentication, meet the requirements of real-name authentication, and can carry out secondary marketing based on mobile phone number; It supports PPPoE servers, which can realize unified dial-up Internet access for intranet users. Efficient firewall to ensure internal and external network security Support IP and MAC address binding, effectively preventing intranet/extranet ARP spoofing; In the event of ARP spoofing, the system can send ARP correction messages at specified frequencies to restore the normal state of the network in a timely manner. It supports intranet/extranet attack protection and can effectively prevent various common DoS attacks, scanning attacks, and suspicious packet attacks. It supports MAC address-based filtering to effectively block the access of unauthorized hosts. It can assign permissions through routers for various network services to ensure internal and external network security, and supports access control rules based on user groups and time periods to achieve more refined management. Flexible bandwidth control to ensure reasonable bandwidth utilization It supports elastic policies that enable bandwidth control based on bandwidth utilization, and can perform bidirectional bandwidth control for each host (IP) in the network, effectively inhibiting P2P applications such as BT and Thunderbolt from over-occupying bandwidth and ensuring smooth network at all times. It provides an IP-based connection limit function, which can limit the number of connections occupied by each computer, prevent a small number of users from excessively occupying a large number of connections, and ensure the smooth operation of games, Internet surfing, chatting, video and voice, etc. More useful features Support dynamic IP and static IP access technology; Intra/extranet two-way port monitoring to meet the data monitoring needs of relevant departments; Support DDNS and virtual server functions, easy to build intranet servers and private websites; Support UPnP and ALG service functions to ensure that special network applications can smoothly penetrate NAT; Full Chinese WEB management interface, management and maintenance are more convenient and fast; Support automatic cleaning function, which can automatically clean up the device cache when the network is idle to improve the stability of the device; Provide log list function to record network operation status in detail; Multiple fault detection tools, such as Ping and Tracert, are supported to help you quickly find and troubleshoot network faults.

IP bandwidth control function According to the Internet access needs of different users, the Internet bandwidth of each computer is reasonably allocated to avoid excessive preemption of bandwidth resources by individual users when using P2P software such as BT and Xunlei, which will affect the normal network use of other users. ARP attack protection feature It supports IP and MAC address binding, effectively preventing ARP attacks, and supports DoS attack prevention, with ping packet control function, to ensure the safe and stable operation of intranet communication. Free Peanut Shell DDNS The built-in peanut shell DDNS client can be used to build personal websites, obtain personal domain names, and build personal servers such as Web/FTP for free. The IP bandwidth control function can freely allocate the bandwidth of intranet users The smart housekeeper function can reasonably control the Internet access and Internet access time of family children and enterprise employees The binding function of IP address and MAC address effectively prevents intranet ARP attacks Support peanut shell DDNS, free to set up a personal website DoS attack prevention, with ping packet control function, making the network more secure

Protocol Standards IEEE802.11a IEEE802.11b IEEE802.11g IEEE802.11n IEEE802.11ac IEEE802.3 IEEE802.3u IEEE802.3ab Wireless rate 2.4GHz frequency band: 300Mbps 5GHz band: 867Mbps The type of network 4G：LTE-TDD，LTE-FDD 3G：WCDMA 2G：GSM Frequency range LTE-TDD BAND 34/38/39/40/41 LTE-FDD BAND 1/3/5/8 UTMS(WCDMA) BAND 1/8 GSM 900/1800MHz Interface 3 x 10/100/1000M adaptive WAN/LAN ports, support Auto MDI/MDIX Button Reset button Easy to expand buttons LED SYS system indication Link/Act indication for each port Dimensional weight Bare metal size (length×width×height): 113*113*95mm Packing size (L×W×H): 171*152.5*152.5mm Bare weight: 0.32kg (single, without accessories and packaging) Weight: 0.58kg (single unit, including accessories and packaging) Network status Wireless setup Guest network settings The network status of the mobile network/WAN port LAN port network status Device management Device information Real-time internet speed speed limit Time management online Disable the device App features Wireless bridging Guest network Signal conditioning The IP address is bound to the MAC address Administrator qualifications AP isolation Virtual servers DMZ host DDNS Advanced features TP-LINK ID INFORMATION Internet settings Wireless setup Traffic management LAN port settings Software Upgrades Change the administrator password Back up and onboard configurations Reboot and factory reset System logs Packing accessories 4G Wireless Router TL-TR960G Power adapter User Manual Warranty card Use environment Operating temperature: 0°C to 40°C Storage temperature: -40°C to 70°C Operating humidity: 10% to 90% RH non-condensing Storage humidity: 5% to 90% RH non-condensing

Protocol Standards IEEE802.11a IEEE802.11b IEEE802.11g IEEE802.11n IEEE802.11ac IEEE802.11ax IEEE802.3 IEEE802.3u IEEE802.3ab Wireless rate 2.4GHz frequency band: 574Mbps 5GHz band: 2402Mbps Network type and frequency band 5G NR SA：n1/n28/n41/n77/n78/n79 5G NR NSA： n41/n78/n79 LTE-TDD：B34/B38/B39/B40/B41 LTE-FDD：B1/B2/B3/B5/B7/B8/B20/B28 WCDMA：B1/B2/B5/B8 Interface 3 x 10/100/1000M adaptive WAN/LAN ports, support Auto MDI/MDIX Button Reset button Easy to expand buttons LED SYS system indication Link/Act indication for each port Dimensional weight Bare metal size (length×width×height): 150*150*82.3mm Packing size (L×W×H): 200.5*200.5*149mm Bare weight: 0.6kg (single, excluding accessories and packaging) Weight: 0.96kg (single unit, including accessories and packaging) Network status Wireless setup Guest network settings The network status of the mobile network/WAN port LAN port network status Device management Device information Real-time internet speed speed limit Time management online Disable the device App features Wireless bridging Guest network Signal conditioning The IP address is bound to the MAC address Administrator qualifications AP isolation Virtual servers DMZ host DDNS Advanced features TP-LINK ID INFORMATION Internet settings Wireless setup Traffic management LAN port settings Software Upgrades Change the administrator password Back up and onboard configurations Reboot and factory reset System logs Packing accessories 5G wireless router TL-TR970G Power adapter User Manual Warranty card Use environment Operating temperature: 0°C to 40°C Storage temperature: -40°C to 70°C Operating humidity: 10% to 90% RH non-condensing Storage humidity: 5% to 90% RH non-condensing

Interface USB 2.0 interface Antenna Built-in smart antenna Dimensions 44.2mm*19.72mm*10.3mm Use environment Operating temperature: 0°C~40°C Storage temperature: -40°C~70°C Humidity: 10% ~ 90%RH non-condensing What's in the package: AC650 Dual-Band Wireless USB Network Card TL-WDN5200 User Manual Follow the standards IEEE802.11ac；IEEE802.11n；IEEE802.11g；IEEE802.11b；IEEE802.11a Transmission rate 11b：1/2/5.5/11Mbps 11g：6/9/12/18/24/36/48/54Mbps 11n：200Mbps 11ac：433Mbps Frequency range 2.4~2.4835GHz 5.150~5.250GHz 5.725~5.850GHz Working channel 1~13，36~48，149~165 Transmit power 20dBm (max) Safety features WPA-PSK/WPA2-PSK WPA/WPA2 Other features Analog AP functions Operating system support Windows XP/XP 64 Windows 7/Windows7 64 Windows 8/Windows8 64 Windows 8.1/Windows8.1 64 Windows 10/Windows10 64 Note: For better system compatibility, we recommend that you install the latest system upgrade patches

Interface USB 2.0 interface Antenna Built-in smart antenna Dimensions 44.2mm*19.72mm*10.3mm Use environment Operating temperature: 0°C~40°C Storage temperature: -40°C~70°C Humidity: 10% ~ 90%RH non-condensing What's in the package: AC650 Dual-Band Wireless USB Network Card TL-WDN5200 Drive-free Version User Manual Follow the standards IEEE802.11ac IEEE802.11a IEEE802.11b IEEE802.11g IEEE802.11n Transmission rate 11b：1/2/5.5/11Mbps 11g：6/9/12/18/24/36/48/54Mbps 11n：200Mbps 11ac：433Mbps Frequency range 2.4~2.4835GHz 5.150~5.250GHz 5.725~5.850GHz Working channel 1~13，36~48，149~165 Transmit power 20dBm (max) Safety features WPA-PSK/WPA2-PSK WPA/WPA2 Other features Analog AP functions Operating system support Windows XP/XP 64 Windows 7/Windows7 64 Windows 8/Windows8 64 Windows 8.1/Windows8.1 64 Windows 10/Windows10 64 Note: For better system compatibility, we recommend that you install the latest system upgrade patches

Interface USB 2.0 interface Antenna External 5dBi dual-band antenna Dimensions 42mm*18mm*13mm Use environment Operating temperature: 0°C~40°C Storage temperature: -40°C~70°C Humidity: 10% ~ 90%RH non-condensing What's in the package: AC650 Dual-Band High Gain Wireless USB Network Card TL-WDN5200H User Manual Follow the standards IEEE802.11ac IEEE802.11a IEEE802.11b IEEE802.11g IEEE802.11n Transmission rate 11b：1/2/5.5/11Mbps 11g：6/9/12/18/24/36/48/54Mbps 11n：200Mbps 11ac：433Mbps Frequency range 2.4~2.4835GHz 5.150~5.250GHz 5.725~5.850GHz Working channel 1~13，36~48，149~165 Transmit power 20dBm (max) Safety features WPA-PSK/WPA2-PSK WPA/WPA2 Other features Analog AP functions Operating system support Windows XP/XP 64 Windows 7/Windows7 64 Windows 8/Windows8 64 Windows 8.1/Windows8.1 64 Windows 10/Windows10 64 Note: For better system compatibility, we recommend that you install the latest system upgrade patches

Interface USB 2.0 interface Antenna External 5dBi dual-band antenna Dimensions 42mm*18mm*13mm Use environment Operating temperature: 0°C~40°C Storage temperature: -40°C~70°C Humidity: 10% ~ 90%RH non-condensing What's in the package: AC650 Dual-Band High Gain Wireless USB Network Card TL-WDN5200H Drive-Free Version User Manual Follow the standards IEEE802.11ac IEEE802.11a IEEE802.11b IEEE802.11g IEEE802.11n Transmission rate 11b：1/2/5.5/11Mbps 11g：6/9/12/18/24/36/48/54Mbps 11n：200Mbps 11ac：433Mbps Frequency range 2.4~2.4835GHz 5.150~5.250GHz 5.725~5.850GHz Working channel 1~13，36~48，149~165 Transmit power 20dBm (max) Safety features WPA-PSK/WPA2-PSK WPA/WPA2 Other features Analog AP functions Operating system support Windows XP/XP 64 Windows 7/Windows7 64 Windows 8/Windows8 64 Windows 8.1/Windows8.1 64 Windows 10/Windows10 64 Note: For better system compatibility, we recommend that you install the latest system upgrade patches

Interface USB 3.0 interface Antenna Built-in smart antenna Dimensions 90mm×29mm×14.5mm Use environment Operating temperature: 0°C~40°C Storage temperature: -40°C~70°C Humidity: 10% ~ 90%RH non-condensing What's in the package: AC1300 Dual-Band Wireless USB Network Card TL-WDN6200 Instructions Follow the standards IEEE802.11ac；IEEE802.11n；IEEE802.11g；IEEE802.11b；IEEE802.11a Transmission rate 11b：1/2/5.5/11Mbps 11g：6/9/12/18/24/36/48/54Mbps 11n：400Mbps 11ac：867Mbps Frequency range 2.4~2.4835GHz 5.150-5.250GHz 5.725~5.850GHz Working channel 1~13，36~48，149~165 Transmit power 20dBm (max) Safety features WPA-PSK/WPA2-PSK WPA/WPA2 WEP QSS Quick Security Setup Other features Analog AP functions Operating system support Windows XP/XP 64 Windows 7/Windows7 64 Windows 8/Windows8 64 Windows 8.1/Windows8.1 64 Note: For better system compatibility, we recommend that you install the latest system upgrade patches

Interface USB 3.0 interface Antenna Built-in smart antenna Dimensions 90mm×29mm×14.5mm Use environment Operating temperature: 0°C~40°C Storage temperature: -40°C~70°C Humidity: 10% ~ 90%RH non-condensing What's in the package: AC1300 Dual-band Wireless USB Network Card TL-WDN6200 Drive-Free Version Instructions Follow the standards IEEE802.11ac；IEEE802.11n；IEEE802.11g；IEEE802.11b；IEEE802.11a Transmission rate 11b：1/2/5.5/11Mbps 11g：6/9/12/18/24/36/48/54Mbps 11n：400Mbps 11ac：867Mbps Frequency range 2.4~2.4835GHz 5.150-5.250GHz 5.725~5.850GHz Working channel 1~13，36~48，149~165 Transmit power 20dBm (max) Safety features WPA-PSK/WPA2-PSK WPA/WPA2 WEP QSS Quick Security Setup Other features Analog AP functions Operating system support Windows XP/XP 64 Windows 7/Windows7 64 Windows 8/Windows8 64 Windows 8.1/Windows8.1 64 Windows 10/Windows10 64 Note: For better system compatibility, we recommend that you install the latest system upgrade patches