Advanced Security Services for Virtual Networks and Applications

Hillstone Virtual Next-Generation Firewall, CloudEdge, embedded with the Hillstone Networks StoneOS operation system, is deployed as a virtual machine, and provides advanced security services for applications and users in any virtualized environment. It provides comprehensive security features including granular application identification and control, VPN, intrusion prevention, anti-virus, attack defense and cloud-sandbox to fully keep a business secure and operational. It provides price- performance solutions for both public and private cloud customers, and can be rapidly provisioned and deployed at scale.

Highly Compatible with Virtual Environments

In virtual environments, compute, storage, and data resources run on virtual machines. Hillstone CloudEdge supports major hypervisor technologies including ESXi, KVM, Hyper-V, and Xen server, and can be rapidly deployed on a virtual machine, to provide advanced security services for virtual networks or virtualized applications. Deployed as a virtual appliance, CloudEdge can overcome the limitation of physical firewalls, and inspect all traffic inside the virtual network, to protect both south-north and east-west traffic. In addition, users can flexibly deploy and manage network resources based on the requirements of network topologies, and thereby fully leverage the advantage of vitalization.

Advanced Threat Protection Capability

CloudEdge shares a base technology with Hillstone Next-Generation Firewall (NGFW). It can satisfy the network security requirements of both public cloud and private cloud users. Hillstone CloudEdge provides fine-grained control of web applications regardless of port, protocol, or evasive action. It can identify and prevent potential threats associated with high-risk applications while providing policy-based control over applications, users, and user-groups. In addition, CloudEdge incorporates a unified threat detection engine that shares packet details with multiple security engines (AD, IPS, URL filtering, Anti-Virus, Cloud-sandbox etc.), which significantly enhance security efficiency while reducing network latency.

Visualized Security Management with Cloud Management Platform

Hillstone CloudEdge provide exclusive security segmentation and policy protection for independent tenants in cloud deployments. It can realize instant recovery based on the snapshot system. If a virtual appliance has an issue or outage, it can be recovered via the snapshot of a saved configuration, and start a new virtual firewall on the original or a new virtual machine. The CloudEdge graphical management interface has multiple logging query functions, which can effectively monitor and track the network status; and a reporting function that provides real-time details of traffic and security events. These tools help administrators fully visualize and grasp the network operation status, and improve operational efficiency.

Deployment Automation and Service Orchestration

Hillstone CloudEdge provides multiple integrated solutions to address the needs and requirements of cloud platforms and has already been deployed into multiple test and production cloud environments to serve diverse industries and customer requirements. Hillstone CloudEdge’s automation deployment and license management functions enable the cloud user the capability of self-service and self-management based on their business needs without interruption from cloud administrators. Orchestration ensures each CloudEdge can be deployed and configured automatically. License management ensures CloudEdge can automatically enter operation mode. Hillstone CloudEdge REST API supports system configuration, security policy configuration, interfaces and network configurations, to integrate with major cloud management platforms.

Resources