|
|
|
|
|
 
Home > Solution > Successful Cases >
     
 
Multi-core security appliance successful case-- Hangzhou Transportation Group
 
Customer: Hangzhou Transportation Group
Industry: Transportation
Customer Request: A security network with functions including VPN, attack defense, AV, and bandwidth control for Hangzhou Transportation Group headquarters and branches
Platform: Hillstone SA-2005 、Hillstone SA-2003
Function:NAT/Firewall, IPSec VPN, SSL VPN, Security Defend, AV, OoS
 

Current Network Situation

Hangzhou Transportation Group has multiple branch offices and there are more than 200 employees and 5 servers in the headquarter. Router is used as the gateway to the Internet for headquarters and branch offices. With development of IT network, the following problems appeared and need to be addressed:

  • Headquarters and branch offices are connected to each other through Internet, without privacy. The unsafe way may lead to sensitive data leakage.
  • The network is not stable. Users’ applications are complex. Large amount of bandwidth is occupied by unimportant applications, especially P2P software. Normal business applications are affected. They badly need solutions to control traffic and guarantee key business application.
  • Viruses, Trojans and worms often invade the Intranet, which often resulted in network becoming abnormal and employees’ work efficiency are affected.
  • No effective isolation between servers and departments and no security protection for the web server.
  • Network often suffers unknown attacks, from external and internal. Sometimes, users’ operations by mistake can also bring immensurable losses.
Hangzhou Transportation Group urgently needs a security solution to solve the above problems.

Characteristics of Hillstone SA-2005 and Hillstone SA-2003 in Hangzhou Transportation Group Network



Network Topology of Hangzhou Transportation Group

Hangzhou Transportation Group has high requirements for appliance hardware. Through careful selection process which involves technical capability, service capability, functionality, performance, Hangzhou Transportation Group decided to use the solution Hillstone offers. Hillstone SA-2005 and Hillstone SA-2003 can effectively solve the problems faced by Hangzhou Transportation Group, guarantee network security, improve working efficiency, and reduce the maintenance work of IT department. The above topology gives a diagram of the In this project, Hillstone SA-2005 and Hillstone SA-2003 have the following characteristics in the network deployment:

IPSec VPN and SSL VPN

The integrated IPSec VPN and SSL VPN solution provides a perfect technical solution for the Group to connect branch offices, and remote access users. No matter which Internet access method is used (IPSec or SSL), VPN users could connect to the Intranet and access related resources easily, flexibly, and effectively, with security protection to data transfer and internal resource access.

Precise bandwidth control and effective monitor

Unavoidably, former network suffers bandwidth problem brought forth by P2P downloading. BT, Thunder, and eMule, are used the usages of online videos flooded the network. Hillstone SA-2005 and Hillstone SA-2003 offer powerful QoS function, including application bandwidth management per IP, maximum bandwidth control to P2P applications, priority control to key business applications, etc. When QoS is functioning together with monitoring and logging functions, the security device provides detailed network traffic report for IT department, and helps administrators control the bandwidth usage conditions easily. At the same time, users’ internet surfing experience are improved and key applications are guaranteed to run smoothly.

High-effective policy control and great anti-attack ability

After deploying Hillstone SA-2005 and Hillstone SA-2003 at the internet entrance of the headquarter and branch offices, internal malicious attacks and IP spoofing are controlled. Because of the changing of topology, each departments switches are all connected to the SA-2005 and SA-2003. With fine grained policy control, security access between departments is also implemented. The patented Hillstone Secure Defender solves ARP attacks on the layer 2 network, guaranteeing the non-stop running of the network.
Common external attacks like DoS/DDoS are effectively blocked by SA-2005 and SA-2003, protecting the intranet of the Group headquarter and branch offices. Besides, the powerful application layer inspection ability and processing ability of Hillstone SA series multi-core security appliance provide strong support for analyzing and preventing many kinds of application layer attacks.

High-performance AV

Before, virus attacks were frequent on the network. After deploying SA-2005 and SA-2003, the high-performance AV function examines and kills virus transferring through the network. The parallel stream based engine fully utilizes the hardware advantages, guarantees high processing performance and low latency for network traffic, providing a better user experience.

Customer’s Evaluations

Hillstone’s security solution solves many problems in the Hangzhou Transportation Group’s network. It provides a secure data transport between headquarters and branches, improves employees’ working efficiency, controls virus spread, and effectively manages key business traffic and non-business traffic. We are much satisfied with this purchase, and we will consider security solutions Hillstone provides in the future.

 
 
Hillstone SA-2005 introduction
Hillstone SA-2003 introduction
 
     
    
   
Contact Us  Strategy Statement  
Copyright © 2010-2012 Hillstone Networks,Inc. ICP07018022