• No results found

Hillstone Intelligent Next Generation Firewall

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Hillstone Intelligent Next Generation Firewall"

Copied!
16
0
0

Loading.... (view fulltext now)

Download now ( 16 Page )

Full text

(1)

www.hillstonenet.com

1 www.hillstonenet.com

Hillstone Intelligent Next Generation

Firewall

12thMarch 2015

Kris Nawani

Solution Manager (Thailand)

About Hillstone Networks

• Founded 2006 by Netscreen visionaries

• World class team with security, big data, and networking expertise • Builds Next Generation Firewalls that provide Visibility & Control of

Applications, Users, Content, and Threats

• Innovations: Data Mining and Correlation Analysis for Threat Detection and Analysis

• Global footprint with over 8000 customers • 36 Patents in multi-core security architecture

IPv6 Ready Gold 2012 ZDNet Best Data Global Top 100 Most 2012 Red Herring

Entered Magic Quadrant As a Visionary Challenger February 2014

(2)

www.hillstonenet.com

3

3

Hillstone Approach to Meet Changing

Customer Demands

Hillstone Elastic Firewall Architecture • Scales Firewall performance linearly

• Fully distributed architecture with patented resource allocation algorithm

• Can be deployed in a virtual distributed environment and managed as one

• Integrated with leading cloud management platforms Hillstone Elastic Firewall Architecture • Scales Firewall performance linearly

• Fully distributed architecture with patented resource allocation algorithm

• Can be deployed in a virtual distributed environment and managed as one

• Integrated with leading cloud management platforms Intelligent Next-Generation Firewall

• Real-time flow analytics to detect anomalies • Alert admins with early signs of unknown threats

• Full visibility via ongoing monitoring of user, host and server behaviors and overall network health

Intelligent Next-Generation Firewall • Real-time flow analytics to detect anomalies • Alert admins with early signs of unknown threats

• Full visibility via ongoing monitoring of user, host and server behaviors and overall network health

4

Entered Gartner Enterprise Firewall Magic

Quadrant

(3)

www.hillstonenet.com

5

5

Enhanced NGFW Functionalities

• User management based on organizational structure • Local identification of 1300+

applications

• More cloud-based application identification

User and Application Identification

Intelligent Traffic Management iQoS Multi-dimensional Threat Detection

• Six detection modules including Trojan, malware and web protection

• Unified threat signature library • High performance fully parallel

detection

• Eight-level traffic control at two layers

• Combined analysis and control • Current and historical traffic

comparison and analysis • Packet path detection

• Global fault detection • Extensive network log auditing

Operation Management Visibility

C om pa ny B u sin ess Un it T ea m U ser 6

StoneOS Core Features

Strong Networking Foundation • Dynamic routing (OSPF, BGP,RIPv2) • Policy based routing

• Route controlled by application • IPv6

• Tap mode – connect to SPAN port • L2/L3 switching & routing

• Virtual wire (Layer 1) transparent in-line deployment VPN • PnP VPN • SSL VPN (optional USB-key) • L2TP • L2TP over IPSec VPN QoS Traffic Shaping

• Max/guaranteed and priority • By user, group, app, IP address, time,

and more

• By Class of Service (CoS) and app priority (compatible with DiffServ tag)

High Availability • Active / passive • Configuration and session

synchronization Virtual Firewalls

• Multiple virtual firewalls in a single device Load Balancing • By Source IP • By Destination IP • By Session • By Bandwidth / Latency Centralized Mgt. • Centralized deployment and management • Unified policy mgt. • Performance and traffic

monitoring

Zone-Based Architecture • All interfaces assigned to

security zones for policy enforcement Threat Detection

• Over 1.3 million AV signatures • Over 3500 IPS signatures • Over 20 million domain names • DoS/DDoS DNS Query Flood • SYN Flood

• ARP spoofing • Malformed packets

(4)

www.hillstonenet.com 7 7 iNGFW NGFW Traditional FW L7 Application protection Visibility to Network Operation

Behavior-Based Risk Detection Visibility to Network Health Full Cycle Management:Detection, Visibility, Control

Firewall Value Evolution

Detection

Control 8

Reality: None of

Network is Clean

Assumption: Internal

Networks is Clean

“Wall”is an old concept

“Wall” is not effective in preventing the network from being

compromised.

(5)

www.hillstonenet.com

9

9

iNGFW Stop Attacks in Every Step of Kill Chain

Footprinting

Malware Assemble

& Transmit Implement

Foot Target Data Data Stealing

Traditional FW

NGFW

Malware Detection Software

Hillstone Intelligent NGFW

Initial Breach Reconnaissance &

Extend Foothold Data Exfiltration

10

Signature

Behavior

iNGFW

iNGFW,Addresses Unknown Threats based on Behavior Analysis

Next-Generation

NGFW

Intelligent

(6)

www.hillstonenet.com 11 11

可 视

控 制

Detection Visibility Control

Detect Unknown Threats

12

Detection

Visibility Control

Advanced Threat Detection (ATD) Engine

Identify Polymorphic Malware by Statistical Clustering

Abnormal Behavior Detection (ABD) Engine

Detect Attacks by Catching Behaviors off the Baseline

(7)

www.hillstonenet.com

13

13

Machine Learning

Malware Behavior Rules Known malware

Malware Behavior learning Unknown threat Identify malware variants

Behavior Pattern Matching

Advanced Threat Detection Engine

Behavior set 1 Behavior set 1 Behavior set 2 Behavior set 2 Behavior set n Behavior set n Detection Visibility Control 14

Host/User Behavior Learning & Modeling

Detect Hidden Cyber Attacks

Abnormal Behavior Detection Engine

Detection

Visibility Control

(8)

www.hillstonenet.com

15

15

Abnormal Behavior Detection Engine

Host/User Behavior

Baseline Modeling Attack Profile

Behavior Deviation Analysis DOS/Scanning crawlers Password attempt Data Exploitation Detection Visibility Control 16

360 Degree Visibility

Detection Visibility Control

(9)

www.hillstonenet.com 17 17 Hosts Threats Risk Real-time Network Risk Index

Risky hosts Distribution & Risk level

Threat types and detailed information

Top-Level Visibility

Detection Control Visibility 18 Traditional FW NGFW iNGFW Port IP User App Content Port IP User App Content Port IP Risk

Improved Visibility

Detection Control Visibility

(10)

www.hillstonenet.com

19

19

Intelligence

Risk and threat information

Next-Generation

User & application information

Firewall

Network traffic information

Intuitive Dashboard Design

Detection

Control Visibility

20

Risk endpoints/servers IP Severity,quantity

Risky host

distribution

Visibility by Hosts at Risk

Detection

Visibility Control

(11)

www.hillstonenet.com

21

21

Threat type,severity Threat name & occurrence time

Visibility by Threat Types

Detection

Visibility Control

22

Victim Attacker

Visibility on Threat Details

Detection

Visibility Control

(12)

www.hillstonenet.com

23

23

Mitigate Risks in Real-Time

Detection Visibility Control 24 iNGFW NGFW Risk

Security Policy Set Based on Risk Levels

Allow Continuous Risk Control IP

Port Protocol

User ID App ID

Risk Threat Level Intelligent threatinspection

Real-Time Mitigation

Detection

Visibility Control

(13)

www.hillstonenet.com

25

25

Risk type and level Mitigation method

Trigger Conditions & Policies Set

Real-Time Mitigation

Detection

Visibility Control 26

Secure Network

Layered Defenses

Operate in Efficiency

360 Degree Visibility to Network Health

Simply Control

Risks Level Triggers Mitigation in real-time

New Experience to Network Security

Detection

Visibility Control

Detection

Visibility Control

(14)

www.hillstonenet.com 27 27 Static Threshold 流量

Detect anomalies earlier and more accurate

based on dynamic behavior base line analysis

Dynamic Behavior Baseline

Hillstone iNGFW : Real-Time Flow Analytics

Time

28

NHI evaluates risk trends and provides early

warnings

Network Health Index (NHI) and

Behavior Reputation Index (BRI)

BRI accurately identifies known or unknown threats

Identify abnormal network Identify abnormal network behaviors based on data

mining and correlation analysis

Patented risk calculation model and massive data

mining

Proactively monitors threats and status of servers, network and resources

Learn about user and application behaviors to create baseline parameters

(15)

www.hillstonenet.com

29

29

Innovative, Green and Energy Efficient Advantages

15U 13U

Hillstone Offers

Similar

Performance at

Smaller Footprint

5U

Hillstone Data Center firewall

30

5,100

3,231

1,300

Competitor 1 Competitor 2 Hillstone X7180

Maximum power ( W)

13

34

72

Competitor 1 Competitor 2 Hillstone X7180

Throughput per U

(Gbps/U)

The throughput of each X7180 rack unit is higher than competitions:

2 - 4 times

Throughput per U

The power consumption of

1/4-1/3

The power consumption of each X7180 unit is only a fraction of alternative products from competitors:

1/4-1/3

Maximum power

Take X7180 for example

(16)

www.hillstonenet.com 31 31

Product Models

X T E HSA /HSM T5060(20G) E1700(1.5G) E2800(4.5G) E2300(2.5G) (360G) X7180 (360G) (10G) T3860 (10G) T5860(40G) E1600(1G) E5960(40G) HSM-200 HSA-10 E5560(20G) E5260(16G) E1100(1G) E3660(8G) E5760(32G) E3960(10G) UIF

+

Thank You!

Hillstone Networks Email: [email protected]

References

Download now ( PDF - 16 Page - 1.13 MB )

Related documents

Android App End User Installation Guide

Enter the User IP registration name and User IP Registration PIN, as they appear on the system IP Phone Registration browser programming page, under 'User Settings'... Android

WildFire Reporting. WildFire Administrator s Guide. Version 6.1

The following options are available: •  Source IP •  Source Port •  Destination IP •  Destination Port • 

ICAS Science Practice Questions Paper C

crac-ed bed roc-roc- eected bythe meteor/s impactmelted roc-bro-en pieces of older crac-ed bed roc-roc- eected bythe meteor/s impactmelted roc-bro-en pieces of older

Improving the physical health of people with mental health problems: Actions for mental health nurses

16 Improving the physical health of people with mental health problems: Actions for mental health nurses Improving the physical health of people with mental health problems:

An Active Approach to Measuring Routing Dynamics Induced by Autonomous Systems

Note that the maximum prepending length (MPL) we used for RRC10 is longer than the others, because we could still observe noticeable route changes after prepending six times. As can

Satellite sensor requirements for monitoring essential biodiversity variables of coastal ecosystems.

Making these observations requires a new genera- tion of satellite sensors able to sample with these combined characteristics: (1) spatial resolution on the order of 30 to 100-m

Power Supply SNMP Interface User Manual for SRL versions

Syslog Server IP: This displays the user specified IP address that is used for monitoring the Syslog data. Syslog Port: This displays the port number of the PC setup

Does Conditionality Work? A Test for an Innovative US Aid Scheme

The allocation to the treatment and control group was based on the assumption that candidate countries far below the median (first quartile) had no reasonable chance to get