Select Page

Dec 16, 2020

Next Generation Firewall for Data Centers Offers Extended Security


Enterprise data center admins must constantly reassess and revise their security posture to protect against a rapidly evolving threat landscape. The stakes are even higher given the high-value assets hosted within the data center and given the ever-growing demands upon those assets, like data, applications, and infrastructure resources.

The network edge is the front line of protection for the data center. Next-gen firewalls specifically tailored for the data center are the weapon of choice. It’s critical that this vital protection has a comprehensive, future-proof, easy-to-use, and easy-to-manage feature set.

In addition, the data center firewall must ensure high performance, reliability, scalability, and availability of all security functions in order to meet the demands of the data center environment.

Next Generation Firewall for Data Centers

Hillstone X-Series Data Center Firewall is tailored specifically for the rigorous demands of data center security. It features a fully distributed architecture that supports the high throughput, concurrent connections, and new sessions necessary for service providers, carriers, and large enterprises.

In addition, the Hillstone Data Center Firewall features an elastic security architecture that supports a full-blown linear expansion of system performance. It supports multi-tenancy by logically dividing a physical firewall into a thousand or more distinct virtual firewalls to provide independent security services for different users, groups, and departments.

Next Generation Firewall Features – Extended Security

The Hillstone Next Gen Data Center Firewall security platform is even more powerful thanks to the latest operating system, StoneOS 5.5R8. This release extends and enhances the platform’s security features to deliver a front line of defense for the data center. A short technical demo is available below:

For data center admins, these enhancements provide improved data analysis and policy-based control, richer attack defenses, and other advanced features. Among them are:

  • Advanced policy-based firewall with granular control: The Hillstone Data Center Firewall is now armed with robust policy-based, granular control that allows data center operators to easily administer security policy enforcement and management. For example, user policies can be dynamically and automatically assigned upon authentication. In addition, enhanced data analysis provides both real-time and forensic insights. Advanced IPv6 support positions the enterprise data center for the future, and multicast support assists in media and application streaming.
  • Comprehensive protection for any traffic or activity: Hillstone’s high-performance, chassis-based data center network security system now integrates richer intrusion prevention, application control, anti-virus, attack defense, and URL filtering as well as updated VPN features. These enhancements provide the data center admin with a stronger arsenal of attack defenses.
  • Rich botnet C&C defenses: Botnet command-and-control (C&C) detection is now fully supported on Hillstone Data Center Firewall platforms. Admins can protect the data center against ransomware and other exploits by monitoring and blocking C&C connections from L3 to L7. These protections extend across almost any communication mechanism – HTTP, peer-to-peer, DNS, pseudo domains, and others.
  • Enhanced distributed iQoS: Hillstone Enhanced intelligent QoS is a powerful tool for admins to ensure bandwidth and other resources are flexibly segmented, shaped, and delivered where needed. Now, with IPv6 and service-based pipe allocation supported on distributed iQoS, the Data Center Firewall implements iQoS functions even in an IPv6 environment.
  • Terminal services monitoring: Now available for the next-gen data center firewall, the Hillstone TS-Agent implements user-based policy enforcement and traffic control for clients using terminal services (now known as remote desktop services) on Windows Server.

The majority of these capabilities are supported on a new CloudEdge VM-based firewall, the VM08, which addresses high-performance, high-bandwidth virtual workload conditions and strict SLA requirements typical of data centers, thus giving admins even more flexibility in deployment.

Upgrade to the Latest StoneOS Today!

Hillstone StoneOS 5.5R8 includes more than a hundred upgrades and enhancements to provide the most comprehensive, agile, reliable and easy-to-use security solution for enterprise data centers.

These capabilities are available for the enterprise Hillstone E- or T-Series NGFWs, X-Series data center firewalls, and the Hillstone CloudEdge virtual NGFWs in the data center or cloud. These security platforms provide future-proof protection and an intuitive user interface from the edge to the cloud.

Ensure high performance, reliability and availability for your data center by upgrading today. You can learn more about the latest StoneOS release in the Hillstone Resources section of our website, or by contacting us.