Select Page

Jan 31, 2022

Hillstone’s HSM v5.1: Master the “Branch of One” and Merge Connectivity with Security


The economy has found a way to survive COVID, but the resulting pandemic-laden landscape has changed drastically, namely via the adjustment to a hybrid workforce reality. With it, comes the ever-increasing importance of connectivity in tandem with security, best achieved by the SD-WAN solution. A few months ago, Hillstone Networks announced the release of its own stand-alone SD-WAN controller. Now, v5.1 brings updates on the routing capability while streamlining the operation of HSM.

Enterprises of all different industries and sizes are looking for SD-WAN solutions to connect NGFW from different branch offices/”branch of ones” back to headquarters, where the central controller, such as HSM v5.1, lies. By possessing a central controller like HSM v5.1, our standalone SD-WAN’s scalability and ZTP benefits can truly be realized. By configuring provisions beforehand and delineating how future branches will be set up, zero-touch-provisioning will take care of the rest. Hillstone’s HSM can manage up to thousands of CPE devices with ease and its comprehensive visibility can display clearly how the devices are interacting with each other, and what type of traffic is present. The addition of IKE VPN naming support in v5.1 means the set-up process can be easier to track, manage, and debug.

“The most difficult thing is the decision to act, the rest is merely tenacity”. While simply choosing to use the SD-WAN solution is indeed the most important and most difficult part of the process, we here at Hillstone Networks also wish to greatly streamline the configuration process to make the entire proceeding as painless as possible. Similar to how the recently released StoneOS 5.5R9 possesses the VPN configuration wizard for a smoother set-up experience, HSM v5.1 can now establish VPNs via domain name on the WAN ports, in addition to IP address. By enabling this flexibility, a more stable network environment can be built. This flexibility is further enhanced by an increase in WAN ports. In terms of the security policy configuration, it can now support batch distribution, make the central management process more seamless.

One of Hillstone’s HSM standout features is the support of advanced routing. For example, routing policies and configuration can be contextually aware. Say, voice over IP and a redirect to a simple HTML page are present. HSM’s intelligent routing will understand link priorities and place precedence on delivering the voice over IP traffic. Priorities can further be manually configured to adjust to changing needs and situations, thereby maximizing bandwidth efficiency. With this update, HSM v5.1 can now configure and distribute static routing entries to the associated spoke devices. Static routing enables the creation of a failsafe in the scenario that dynamic routing is unavailable. This is also very beneficial for network administrators operating on a smaller network. By adding little load on the CPU, static routing can bypass the complexities of alternative routing methods and leave the network administrator with full control over the routing of a network.

Additionally, SD-WAN also holds potential for the future, as it is the cornerstone into an eventual SASE convergence.

HSM for SD-WAN provides multiple organizations a powerful tool to control, manage and orchestrate Hillstone’s secure SD-WAN, NGFW and virtual NGFW solutions. SD-WAN holds potential for the future and helps you establish a foundation that supports both connectivity and security. As such, it can be the cornerstone for an eventual SASE convergence. For more information, contact your Hillstone sales representative or authorized reseller.