Copyright Huawei Technologies Co., Ltd All rights reserved. Trademark Notice General Disclaimer

Similar documents
One Net Campus Huawei Campus Network Solution

Venusense UTM Introduction

USG2110 Unified Security Gateways

Huawei Enterprise S2700 Series Switches

Quidway S2700 Series Enterprise Switches

Huawei Cloud Fabric Data Center Security and Application Optimization Solution

Huawei BYOD Network Solution

DPX17000 Deep Service Core Switch

Huawei Enterprise S2700 Series Switches

Future-ready security for small and mid-size enterprises

Huawei Agile Controller. Agile Controller 1

Huawei Enterprise Network esight Channel Sales Guide HUAWEI TECHNOLOGIES CO., LTD. Issue 3.2. Date

Huawei Enterprise Wireless Access Controller Brochure

DPX19000 Next Generation Cloud-Ready Service Core Platform

Next-Generation Firewall Series Datasheet

HUAWEI UMA Full Product Datasheet

Huawei SD-WAN Solution

Security Assessment Checklist

Huawei NIP2000/5000 Intrusion Prevention System

DATA SHEET MODEL AXC1000 HIGHLIGHTS OVERVIEW. Redefining Enterprise Wireless Management

Lightning Fast Rock Solid

Huawei Enterprise AP Series ac Brochure

Huawei S2300 Series Switches Product Brochure

OceanStor 5300F&5500F& 5600F&5800F V5 All-Flash Storage Systems

Hardening the Education. with NGFW. Narongveth Yutithammanurak Business Development Manager 23 Feb 2012

Data Sheet. DPtech IPS2000 Series Intrusion Prevention System. Overview. Series IPS2000-MC-N. Features

HUAWEI USG6000 Series Next-Generation Firewall Technical White Paper VPN HUAWEI TECHNOLOGIES CO., LTD. Issue 1.1. Date

N-Dimension n-platform 340S Unified Threat Management System

Huawei Agile Campus Network Solution

DATASHEET. Advanced 6-Port Gigabit VPN Network Router. Model: ER-6. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

Anti-DDoS. User Guide (Paris) Issue 01 Date HUAWEI TECHNOLOGIES CO., LTD.

DPtech IPS2000 Series Intrusion Prevention System User Configuration Guide v1.0

CloudEngine 1800V Virtual Switch

ISG-600 Cloud Gateway

NIP6000 Next-Generation Intrusion Prevention System

OceanStor 6800F V5 Mission-Critical All-Flash Storage Systems

Eudemon8000E-X Series

HUAWEI TECHNOLOGIES CO., LTD. Huawei FireHunter6000 series

Eudemon 1000E. Eudemon 1000E Series Product Quick Reference. Huawei Technologies Co., Ltd.

Eudemon200E-X Series Unified Security Gateway

Huawei AntiDDoS Cases

Huawei Next-Generation Network Security

Huawei AR1000V Brochure

Training UNIFIED SECURITY. Signature based packet analysis

Systrome Next Gen Firewalls

Seqrite TERMINATOR (UTM) Unified Threat Management Solution.

Introduction. Network Architecture Requirements of Data Centers in the Cloud Computing Era

Huawei Agile Controller. Agile Controller

Huawei esight LogCenter Technical White Paper HUAWEI TECHNOLOGIES CO., LTD. Issue 1.0. Date PUBLIC

Angelo Gentili Head of Business Development, EMEA Region, PartnerNET

HUAWEI Tecal X8000 High-Density Rack Server

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Anti-DDoS. FAQs. Issue 11 Date HUAWEI TECHNOLOGIES CO., LTD.

Huawei Enterprise Communications Solution V3.0 Product Portfolio

Substation. Communications. Power Utilities. Application Brochure. Typical users: Transmission & distribution power utilities

CloudEngine 6800 Series Data Center Switches

IBM SmartCloud Notes Security

H3C SecBlade SSL VPN Card

Synchronized Security

McAfee Public Cloud Server Security Suite

Cisco SCE 2020 Service Control Engine

SAP HANA. HA and DR Guide. Issue 03 Date HUAWEI TECHNOLOGIES CO., LTD.

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

PCI DSS Compliance. White Paper Parallels Remote Application Server

NetDefend Firewall UTM Services

HikCentral V1.3 for Windows Hardening Guide

HUAWEI TECHNOLOGIES CO., LTD. HUAWEI FusionServer X6000 High-Density Server

CDN. Product Description. Issue 03 Date HUAWEI TECHNOLOGIES CO., LTD.

Content. Initial Contact. Further Follow-Up. Bidding Guidance

Cloud-Oriented Converged Storage

Next-Generation Firewall Series Datasheet

Cloud-Oriented Converged Storage

HUAWEI TECHNOLOGIES CO., LTD. HUAWEI Secospace USG2000&5000 Datasheet

AT&T Dedicated Internet Express

Enabling Agile Service Chaining with Service Based Routing

Total Threat Protection. Whitepaper

Optimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution

SERVICE DESCRIPTION SD-WAN. from NTT Communications

Technical Overview of DirectAccess in Windows 7 and Windows Server 2008 R2. Microsoft Windows Family of Operating Systems

Network Security Platform Overview

Author: Tonny Rabjerg Version: Company Presentation WSF 4.0 WSF 4.0

SECURING THE NEXT GENERATION DATA CENTER. Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011

The Fastest Scale-Out NAS

DPI-SSL. DPI-SSL Overview

NE20E-S Series Unified Service Router

Accelerating Metro. Huawei MPLS-TP Solution HUAWEI TECHNOLOGIES CO., LTD.

Wireless and Network Security Integration Solution Overview

Edge for All Business

HikCentral V.1.1.x for Windows Hardening Guide

HiPER 518W-Plus. 300Mbps Wireless 3G VPN Router. Overview. Features DATA SHEET. Highlights

Brocade Virtual Traffic Manager and Parallels Remote Application Server

ATN 910C Product Brochure

Palo Alto Networks PAN-OS

Features. HDX WAN optimization. QoS

WatchGuard Total Security Complete network protection in a single, easy-to-deploy solution.

White Paper. Huawei Campus Switches VXLAN Technology. White Paper

Business Strategy Theatre

Unified Threat Management

Data Sheet. DPtech Anti-DDoS Series. Overview. Series

NETSMART Network Management Solutions

Transcription:

Copyright Huawei Technologies Co., Ltd. 2011. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd. Trademark Notice, HUAWEI, and are trademarks or registered trademarks of Huawei Technologies Co., Ltd. Other trademarks, product, service and company names mentioned are the property of their respective owners. General Disclaimer The information in this document may contain predictive statements including, without limitation, statements regarding the future financial and operating results, future product portfolio, new technology, etc. There are a number of factors that could cause actual results and developments to differ materially from those expressed or implied in the predictive statements. Therefore, such information is provided for reference purpose only and constitutes neither an offer nor an acceptance. Huawei may change the information at any time without notice.

Huawei Security Solution Enterprise Campus Network Campus Network Security Solution

Campus Network Security Solution Overview Enterprise campus networks are facing increasing security issues in applications and services, such as malicious intrusions, Trojan horses, viruses, phishing, overuse of P2P applications, and threats from internal users. These issues impact campus network efficiency and service security. In the information era, a network must provide very high bandwidth for emerging applications, such as Web 2.0, P2P video, and broadband access over cable networks. It has become a trend to use gigabit switches as desktop switches and 10G routers or switches as backbone devices, and many switches and routers provide 10G ports. As more services are deployed on large-scale enterprise networks and the network capacity keeps expanding, traditional security systems have become a vulnerability on campus networks and cannot guarantee enterprises' information security. On a campus network, information leakage, unauthorized access, slow response or crashing of devices, interruption of core services, network breakdown, and other security or availability issues cause losses to the enterprise. Traditional desktop/ terminal security management solutions cannot force user terminals to install the authentication client or effectively prevent attacks. IT administrators have to spend a lot of time in taking anti-attack measures. Enterprises require a security solution that can force user terminals to install the authentication client. Huawei has an industry-leading network protocol analysis team and a complete protocol library. Based on in-depth understanding of security threats to various network protocols, Huawei endeavors to provide comprehensive network security solutions and technical support for customers to deal with security threats. Huawei information security products and professional security solutions help build a complete security system for enterprise campus networks. Principle Through in-depth understanding of campus network construction and services, and rich experience in network and terminal security management, Huawei has developed a systematic approach to information security system construction, following the principle of "creating values for customers." 1

High availability Traffic cleaning Disaster recovery Clear structure Service in spection gateway(sig) Simple man agement Security Routing Gateway Edge security Low cost Increaseprofit Manageable Simple management Availability Visible Customer service Integration Improve efficiency Reliable service Protectasset Comply with standards Active protection Global security Reliable business Terminal security and data protection soution Reliable connection VRN remote access solution Reliable service UTM& Firewall edge security solution Campus Network Security Solution Security Solution Components Huawei has a world-leading security capability center and excellent security solution teams. They use carrier-grade security hardware products and versatile software products to provide an environmentally adaptive and user-friendly security solution with the following advantages: Retains original user network topologies and devices and secures campus networks without degrading network performance and reliability. Provides better user experience through refined designs of solutions that are easy to deploy and manage. Supports flexible configuration of security policies and reports. Supports flexible configuration of security policies and reports and updates them using a cloud knowledge base. Ensures secure and reliable network operation using a service continuity design, patented file network fast forwarding technique, and real-time intelligent security monitoring platform. The Huawei campus network security solution consists of the following components. 2

Campus Network Security Solution Campus Edge Security Solution Remote Access Security Solution DIP-based Fine-grained Management Solution Huawei campus network security solution Terminal Security Management Solution Traffic Cleaning Solutiom Icache Solution Advantages Campus Edge Security Solution High performance and reliability The advanced NP+multi-core+distributed architecture dramatically improves network performance. The large capacities of edge devices ensure fast transmission of key services. The most stable and reliable security gateways are deployed at the network edge to ensure service continuity. High VPN performance allows a large number of services to be encrypted and transmitted in a timely manner. A URL library with more than 55 million URLs ensures fast filtering and classification of URLs. A network integrating the routing, switching, Wi-Fi, 3G, and security, reducing network construction costs Support for flexible expansion and smooth upgrade An open Encapsulation Security Protocol (ESP) platform, supporting multi-service expansion Industry-leading UTM features A comprehensive intrusion protection system (IPS) is used to prevent various security threats. The signature library can save more than 2500 signature rules, allowing users to identify and analyze attacks efficiently. Powerful and stable antivirus features are provided, which can quickly obtain the latest virus characteristics and antivirus engines. 3

Terminal Security Management Solution Comprehensive terminal security management The admission control feature applies to various terminals, providing consistent and user-friendly operating environments. Terminal security is easy to manage, reducing the overall operation and maintenance workload. Security policy updates can be obtained from a cloud knowledge base, making network evolution more flexible. CA authentication, UKEY authentication, and RSA authentication. Well-designed hardware and software are capable of providing 24/7 services. Easy maintenance Supports unified security management of remote access devices. Supports multiple management modes, such as CLI, web, and SNMP. Campus Network Security Solution Powerful file permission management Dynamic file encryption enhances file security. Dynamic file permission control protects files during transfer and storage. Various permissions allow for flexible authorization. Group policies and policy templates help manage file permission consistently. Versatile file formats meet various service requirements. This solution provides user management functions and supports all existing directory management and authentication services. Remote Access Security Solution Rich functions IP VPN functions, including Security Socket Layer (SSL) VPN and IPS VPN Virtual VPN gateway Flexible configuration A series of security products help achieve the optimal configuration. The maximum number of concurrent users and tunnels will increase when products are upgraded. High reliability Enhanced security features are provided, including Traffic Cleaning Solution Most excellent solution Excellent performance: 160 Gbit/s capacity to defend against large-scale attacks Excellent fault detection: DPI technology, effectively protecting the network against DDoS attacks Excellent response speed: quick response to attacks in seconds, ensuring stable network operation Excellent reliability: 99.9999% availability, providing a reliable network environment Easiest solution Easy to manage: low OPEX Easy to expand: low network expansion costs DPI-based Fine-grained Management Solution Powerful traffic identification Multiple DPI features are provided, including feature identification, association identification, behavior identification, and dynamic decryption. These DPI features can identify more than 20 types of services (such as P2P, VoIP, instant messaging, video, game, and stock), 850 protocols, and 1000 applications. 4

Campus Network Security Solution The knowledge base supports manual upgrade and automatic upgrade. Automatic upgrade does not require manual operations of administrators and will not interrupt running services, facilitating management. Fine-grained traffic management Analyzes traffic on the entire campus network. Controls traffic rate based on applications and users. Reducing network congestions and reducing costs on egress bandwidth expansion ICache Solution Combination of traffic control and traffic caching The icache devices work with Huawei DPI devices to combine traffic control and traffic caching. This prevents low-value traffic from occupying bandwidth of high-value traffic, improving user experience. High scalability The icache solution uses a distributed network structure. The icache system performance can be improved quickly by simply increasing icache devices on the network. Upgrade of the icache system does not affect running services. Functions on one icache device can be migrated to other icache devices flexibly, improving device utilization. icache systems. The NMS has user-friendly GUIs that are easy to navigate and provides various traffic statistical reports. High reliability The P2P and video traffic caching system is connected to the carrier network in bypass mode and cache traffic using port mirroring or optical splitters. This deployment mode does not change the carrier network structure or deteriorate the carrier network performance. Key components work in redundancy mode; therefore, services will not be interrupted when a disk or a device fails. Energy conservation Following the principle of environmental protection, the icache solution uses multiple energy-saving technologies, including hard disk soft start, hard disk sleeping, and intelligent fan speed control. In addition, icache devices use highly efficient power modules, lowpower interface cards, and low-power chips. These energy-saving technologies and components dramatically reduce customers' OPEX. Comprehensive traffic caching The icache system platform can identify various protocols and cache traffic of services such as web browsing, P2P downloading, HTTP downloading, and online video. As the platform develops, it will be able to cache the traffic of more services. Uniform and simple management Huawei provides an NMS to manage the DPI and 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback