With More than 15,000 Enterprises Protected Today by Hillstone Solutions, It’s Clear our Solutions Work.
While network security companies boast about their products, Hillstone Networks has steadily added new products that match the needs of modern companies based on real-world needs. Our business model is to make network security work for your organization. We do that by inventing new technologies where one doesn’t exist; by optimizing existing, proven technologies to make them faster and more effective; and by delivering them as a solution to make deployment as easy as possible.
Four Network Security Initiatives
At Hillstone Networks we solve a wide array of security challenges for our enterprise customers and Service Providers. We’re highlighting four network security initiatives that you may be tasked to solve. Each initiative has a set of resources that you can download and read. If you don’t see your particular security challenge, please contact us so that can address your needs directly.
Advanced Threat Prevention
Today’s cyber attackers have become ever more sophisticated, using targeted, persistent, stealthy and multi-phased attacks to avoid detection at network perimeters through traditional security measures. These advanced threats frequently change and mutate, eventually, becoming the so-called zero-day attacks. Ransomware is the most typical advanced threat now, combining new malware variants and new attack tactics to make it an increasing threat to all organizations. It also makes conventional techniques ineffective.
Where We Fit
Hillstone Networks has a unique and effective approach to deal with advanced threats such as Ransomware. With its sophisticated layered defense, multiple robust threat detection engines, and targeted threat correlation capabilities, Hillstone solutions detect and mitigate ransomware at every stage of its threat trajectory.
Abnormal Behavior Detection
Network activities with active, dynamic behavior cannot be traced by static signatures or patterns. The Hillstone Abnormal Behavior Detection technology is designed to detect these malicious activities. Leveraging machine learning technology, Hillstone ABD uses hundreds of dimensional arrays to learn normal network behavior, which is called “behavior modeling.” It trains and optimizes the modeling algorithm with real hacking tools, then monitors and identifies abnormal activities continuously and timely.
Advanced Malware Detection
Hillstone has built a proprietary engine that has analyzed close to a million “known” malware samples, and each sample has been classified and characterized based on multiple dimensions that describe its actions, assets and attributes, which is called “statistical clustering.” When new “unknown” malware is encountered, it will be analyzed, characterized and classified, then patterned to the malware families, to decide if it has a similar “DNA” to the known malware families. The closer the DNA of the unknown and known malware, the higher the confidence level that it is a variant of a known malware.
Threat Correlation and Cyber Kill Chain
No single technique can prevent all advanced threats. This is the primary reason why Hillstone has also embedded cloud-sandbox, deception and other security technologies into the solution. Moreover, all the threat detection engines and events are systematically connected by the Hillstone threat correlation analytics platform and cyber kill chain, which allows it to quickly identify and track the traces of complex and hidden attacks.
Advanced Threat Prevention Resources
- Hillstone iNGFW White Paper: Threat Correlations on Hillstone intelligent Next-Generation Firewall Connecting the Dots
- An Introduction to the Hillstone Networks Server Breach Detection Solution
- Ransomware–Detection and Prevention via Hillstone’s Intelligent Next-Generation Firewall
- Hillstone Networks intelligent Next-Generation Firewall: Detecting Post-Breach Threats Using the Cyber Kill Chain
- Hillstone iNGFW White Paper: A Hybrid Approach to Detect Malicious Web Crawlers
Micro-Segmentation for Virtualized Data Centers
As datacenters have evolved from physical to virtual, enterprise to cloud, the security challenges they face have also evolved. The cloud-enabled data center needs a new security strategy and solution that can cope with virtual demands with minimal performance impact. Micro-Segmentation is critical in ensuring security in the cloud. It addresses the gaps in visibility and control of traffic at the virtual machine level.
Where We Fit
Hillstone CloudHive is an advanced Micro-segmentation solution designed from the ground up for the demands of the virtualized datacenter. It provides unprecedented traffic and threat visibility, reducing the datacenter threat surface to near-zero. It offers dynamic deployment flexibility and elasticity with business efficiency and cost effectiveness that today’s virtual environments require.
Hillstone CloudHive’s asset discovery builds a comprehensive display of virtual assets in the network, all inbound and outbound traffic. Applications and workloads rely on the traffic and trends of each communication path, which has visibility into east-west traffic and potential attacks between VMs that are typically blind to perimeter security solutions. CloudHive’s comprehensive visualization, logging and reporting allow enterprises and Cloud Service Providers (CSPs) to meet any and all compliance, security audit, policy review, and threat vulnerability analysis and remediation requirements.
Simple segmentation is not enough for the modern cloud that face advanced threats. Hillstone CloudHive protects all east-west traffic and applications in virtual networks with L2-L7 security services, including firewall features such as policy control and session limits, Intrusion Prevention, Anti-Virus and Attack Defense, and fine-grained application control. Real-time mitigation blocks, impedes or quarantines active attacks, with 100% traffic security coverage and a zero-attack surface.
Scalability and Performance
The virtual distributed architecture of Hillstone CloudHive separates management, control and security service planes, so that the solution can be deployed and scaled on demand to any and all new workloads and business needs. You can apply policy enforcements without traffic detours and bottlenecks that typically add latency and impact performance. The integration with vMotion and a patented flow session via a distributed technology helps maintain VM state without any service interruption or delay, regardless of whether the VMs grow, shrink or move across the cloud.
Security for Network Function Virtualization (NFV)
Network Function Virtualization (NFV) is designed to consolidate and deliver the networking components needed to support a fully virtualized infrastructure — including virtual servers, storage, and other functions such as the firewall, which are also known as Virtualized Network Function (VNF) modules. This NFV/VNF deployment is typically complex and requires automatic orchestration support.
Where We Fit
Hillstone provides a complete VNF solution for NFV environment which support various cloud platforms, deployment automation, service orchestration and more. This is the key reason that Hillstone Networks is a leading security vendor with the broadest compatibility and multiple production deployment for NFV.
Hillstone provides a highly compatible virtual firewall solution, which support all major hypervisors and multiple cloud management platforms (CMPs). It has been integrated into the NFV solutions from multiple cloud providers and deployed in several verticals. The highly compatible VNF enables cloud operators to manage multiple cloud platforms built on disparate environments.
Automatic deployment and configuration are necessary to support self-service and self-management for NFV customers. Hillstone provides multiple formats of VNF images to different cloud deployments to meet customer requirements. Virtual resources for the virtual firewall have been preconfigured to ensure a fast and successful deployment. An embedded agent is used to retrieve the initial configuration during the boot-up process to customize each VNF module based on customer requirements.
Rest API and Service orchestration
The VNF module is managed by a cloud orchestration software which orchestrates multiple types and multiple instances of NFV modules through a centralized console. To integrate with a cloud management platform or other types of management software, Hillstone VNF provides REST APIs for module management and service configuration. Cloud service providers can push configurations to VNF modules and provide a self-management service to users through its management portal. To best fit into customers’ environments and reduce challenges in deployment and integration, Hillstone provides three types of NFV orchestration solutions.
Network Function Virtualization Resources
Security as a Service for MSSPs
Security management is always a headache for customers, regardless of whether it’s a large enterprise or small business. On the one hand, customers need a more smart and flexible centralized management solution to maximize operational efficiency. On the other hand, Managed Security Service Providers (MSSPs) have evolved to help customers with security management and operations.
Where We Fit
Hillstone CloudView platform is designed to meet these requirements. CloudView’s robust cloud-based services enable customers to monitor their network security posture in real-time from anywhere on any device. Admins have an active pulse on the network health status. CloudView delivers to MSSPs the capabilities to make managing the security operations for customers more efficient, less costly, and faster to turn on. So once a customer signs-up for the service, the hand-off is fast. End-customers still appreciate having access to monitoring activities, licenses, and more.
Real-time Threat Monitoring
Hillstone CloudView centrally manages and monitors the system status and traffic information for all supported security devices, no matter the form factor (hardware or virtual appliance) or deployment model (in the perimeter, server front or in the cloud). With CloudView’s global view of the threat landscape combined with details of threat events, customers can easily monitor the network health, and get notified of any abnormal behavior or attacks targeted on their network, in order to take prompt action to mitigate the threat.
Security Inspection and Analytics
Hillstone CloudView allows customers to manually or automatically run security inspection, which is typically done onsite with dedicated personnel. It performs in-depth security analytics for the security systems to exploit potential security vulnerabilities, provides optimization and disposal suggestions for potential problems and risks, and outputs inspection reports in real time or at regular intervals, and ensures the health of the network.
Security Operation and Management
CloudView aims to improve security operations and management efficiency, and help save on operational costs and overhead, regardless of subscription levels between the customer and the MSSP. The multi-layered MSSP license is designed for MSSPs to manage security devices with layered privileges. The joint operation function allows multiple administrators work together to deliver security on the same device, allowing for shared tasks, ensuring that one administrator is not a bottleneck, and streamlining overall operations.