With 17,000+ Enterprises Protected Today by Hillstone Solutions, It’s Clear our Solutions Work.
While network security companies boast about their products, Hillstone Networks has steadily added new products that match the needs of modern companies based on real-world needs. Our business model is to make network security work for your organization. We do that by inventing new technologies where one doesn’t exist; by optimizing existing, proven technologies to make them faster and more effective; and by delivering them as a solution to make deployment as easy as possible.
Key Initiatives for Enterprise’s Security and Risk Management Practice
At Hillstone Networks we solve a wide array of security challenges for our enterprise customers and Service Providers. We’re highlighting four network security initiatives that you may be tasked to solve. Each initiative has a set of resources that you can download and read. If you don’t see your particular security challenge, please contact us so that can address your needs directly.
Security Analytics: Intelligent Breach Prevention
Today’s cyber attackers have become ever more sophisticated, using targeted, persistent, stealthy and multi-phased attacks (ATP, Ransomware, advanced phishing) to avoid detection at network perimeters through traditional security measures. These techniques, combined with social engineering and malicious insider activity, guarantee that most enterprises today have been or will be breached. The creativity and craftiness behind these breaches, coupled with the zero-day nature of many of these threats makes them hard to detect and defend against since conventional techniques prove ineffective.
Where We Fit
Hillstone Networks has a unique and effective approach to deal with advanced threats. With its sophisticated layered defense, multiple patented detection engines, and targeted threat correlation capabilities, Hillstone solutions can detect and mitigate advanced threats at every stage of the threat trajectory. Hillstone’s Intelligent Next-Generation Firewall (iNGFW) and Server Breach Detection System (sBDS), provide a unique way to see and understand threats enterprise-wide, so security teams can rapidly act to stop them.
Abnormal Behavior Detection
Network activities with active, dynamic behavior cannot be traced by static signatures or patterns. The Hillstone Abnormal Behavior Detection technology is designed to detect these malicious activities. Leveraging machine learning technology, Hillstone ABD uses hundreds of dimensional arrays to learn normal network behavior, which is called “behavior modeling.” It trains and optimizes the modeling algorithm with real hacking tools, then monitors and identifies abnormal activities continuously and timely.
Advanced Malware Detection
Hillstone has built a proprietary engine that has analyzed close to a million “known” malware samples, and each sample has been classified and characterized based on multiple dimensions that describe its actions, assets and attributes, which is called “statistical clustering.” When new “unknown” malware is encountered, it will be analyzed, characterized and classified, then patterned to the malware families, to decide if it has a similar “DNA” to the known malware families. The closer the DNA of the unknown and known malware, the higher the confidence level that it is a variant of a known malware.
Threat Correlation and Cyber Kill Chain
No single technique can prevent all advanced threats. This is the primary reason why Hillstone has also embedded cloud-sandbox, deception and other security technologies into the solution. Moreover, all the threat detection engines and events are systematically connected by the Hillstone threat correlation analytics platform and cyber kill chain, which allows it to quickly identify and track the traces of complex and hidden attacks.
Intelligent Breach Prevention Resources
- Hillstone Security Analytics: See. Understand. Act.
- Hillstone iNGFW White Paper: Threat Correlations on Hillstone intelligent Next-Generation Firewall Connecting the Dots
- An Introduction to the Hillstone Networks Server Breach Detection Solution
- Ransomware–Detection and Prevention via Hillstone’s Intelligent Next-Generation Firewall
- Hillstone Networks intelligent Next-Generation Firewall: Detecting Post-Breach Threats Using the Cyber Kill Chain
- Hillstone iNGFW White Paper: A Hybrid Approach to Detect Malicious Web Crawlers
Cloud Security: Micro segmentation and NFV
As datacenters have evolved from physical to virtual, enterprise to cloud, the security challenges they face have also evolved. The cloud-enabled data center needs a new security strategy and solution that can cope with virtual demands with minimal performance impact. And with disparate virtual workloads sitting side-by-side, micro-segmentation is critical for fine-grained visibility and control. As well, the new cloud data center requires virtual solutions that have flexibility to be deployed in the largest public clouds and private clouds as well as within the telco core and edge (Network Functions Virtualization).
Where We Fit
Hillstone’s CloudHive is an advanced Micro-segmentation solution designed for the demands of the virtualized data center. It provides unprecedented fine-grained visibility to see deep into VM’s, intelligence to understand virtual network threats, and control to rapidly mitigate VM attacks. HIllstone’s CloudEdge provides both comprehensive security protection for the Virtual Private Network (VPC) in the public cloud, and Network Function Virtualization (NFV) environment. Hillstone’s Cloud Security Solution spans all cloud platforms, providing deployment automation, and efficient service orchestration.
Micro-segmentation and NSX
Hillstone’s CloudHIve integrates tightly with VMware’s NSX and SDDC to provide the visibility, automation, scalability and comprehensive security at the VM level needed to identify and remediate today’s advanced SDDC breaches and attacks. With CloudHive and VMware, organizations can reap all the business advantages of the software defined data center without exposing themselves to additional business risk.
Network Function Virtualization
NFV is a favorite choice in the path of transforming traditional networks to virtualized networks, Hillstone CloudEdge is an industry leading virtual firewall VNF solution for NFV deployment, it provides compatibility, elasticity, high performance, open API automatic orchestration and license management to meet the requirement of the NFV environment.
Micro-Segmentation and NFV Resources
- Hillstone CloudHive: Micro-Segmentation Security for Virtualized Data Centers
- CloudEdge For Network Function Virtualization (NFV) Solutions
Data Center Scale: Elastic Security Architecture
Data center traffic today is driven by the continued growth of business data generation and analytics, uptake in mobile and social applications, video consumption and IoT adoption. That, coupled with the move to larger centralized cloud data centers means a huge explosion in data center ingress traffic.
Where We Fit
Hillstone’s X10800 top-of-line chassis-based firewall is designed to meet the need of the most demanding service providers, large enterprise, and carrier networks. The X10800’s patented Elastic Security Architecture and innovative hardware design, provide outstanding performance, reliability, and scalability. With 1 Tbps of processing power and built-in security intelligence, data center operators have uncompromising visibility across all traffic. Hillstone’s patent-pending Twin Mode solution synchronizes firewall security states in redundant data centers ensuring uninterrupted service during vMotion between two data centers.
Elastic Security Architecture
Hillstone provides a highly compatible virtual firewall solution, which support all major hypervisors and multiple cloud management platforms (CMPs). It has been integrated into the NFV solutions from multiple cloud providers and deployed in several verticals. The highly compatible VNF enables cloud operators to manage multiple cloud platforms built on disparate environments.
Twin-mode firewall solution
Automatic deployment and configuration are necessary to support self-service and self-management for NFV customers. Hillstone provides multiple formats of VNF images to different cloud deployments to meet customer requirements. Virtual resources for the virtual firewall have been preconfigured to ensure a fast and successful deployment. An embedded agent is used to retrieve the initial configuration during the boot-up process to customize each VNF module based on customer requirements.
Elastic Security Architecture Resources
SD-WAN: Built on Security Foundation
Enterprises recognize that they have been investing in data centers and cloud platforms over the past years, but have neglected their enterprise edge. No longer, the enterprise edge is evolving, with new direct internet access options available to supplement existing expensive private MPLS links. At remote locations, in addition to a need for more bandwidth at higher reliability, there is also a demand for sophisticated security policies to ensure that the edge does not continue to be the weak spot in an enterprise’s security attack surface. In SD-WAN survey after survey, security continues to be the top requirement after basic connectivity. As such, any SD-WAN solution that does not include comprehensive security will be inadequate.
Where We Fit
Hillstone’s edge solution provides the most comprehensive security for SD-WAN deployment. In addition to a robust security platform that provides the visibility to see what’s going on at the edge, our SD-WAN solution also provides the intelligence to understand which of the 3,000+ applications are running, and act to dispatch traffic with the right level of security. Hillstone’s SD-WAN solutions also provide centralized management, zero-touch deployment, and superior QoS with active link monitoring.
Intelligent Multilink Management and Optimization
Hillstone’s SD-WAN supports multiple links, including private links, direct internet, and 3G/4G/LTE wireless connections. Our solution actively monitors the latency, jitter, and packet drops in real-time across each link. Utilizing fine-grained link information, our SD-WAN platform employs an intelligent algorithm to select the best path for traffic.
Seamless and Comprehensive Encryption
Hillstone’s SD-WAN solutions provide end-to-end encryption with one-click automated site-to-site VPNs. Enabling full- mesh encryption across remote sites, whether branch offices, or corporate HQ, or even virtual private clouds within large public clouds.
Centralized Management with effortless Provisioning
Hillstone Security Manager offers centralized policy management and global visibility, allowing quick set-up and deployment from a central console. This central control is coupled with an effortless deployment that allows units to be brought up in remote locations where experienced IT staff might not always be available.