hillstone corporate overview - proficomms · 2018. 10. 11. · 2. endpoint detection and response...
TRANSCRIPT
www.hillstonenet.com
Hillstone Corporate OverviewHillstone Networks
Hillstone at a Glance
Hillstone Core Technologies
Hillstone Product Portfolio
1
2
3
www.hillstonenet.com
Hillstone at a Glance
• Founded in 2006 by founding engineers from Netscreen
• 15,000+ customers in 50+ countries: financial, telecom, education etc.
• 800+ employees globally, >40% in engineering
Beijing
Singapore
Silicon Valley
Dubai
LatinAmerica
Czech
Suzhou • Experienced leadership
from Netscreen, Cisco,
Juniper, Intel
World Class Team
3
Mexico
www.hillstonenet.com
Hillstone – A Security Technology Innovator
4
2006
2007
2008
2010
2012
2013
2014
Hillstone Networks Founded
1st vendor to release NGFW with multi-core parallel processing OS
Release multi-core Plus G2 Security Architecture
Released multi-core multiple CPU parallel processing based high performance DCFW
1st vendor to release 32 core product
1st vendor to release intelligent NGFW using behavior analysis
Enter Gartner MQ
Partnership with VMware and Citrix
20141st vendor to release micro-segmentation for private cloud security
2018
2016NSS Labs Recommended NGFW with the
Best Value
Hillstone CloudEdge Demonstrates Broad
Compatibility During ETSI’s NFV Plugtests
www.hillstonenet.com
Hillstone – A Security Technology Innovator
5
2006
2007
2008
2010
2012
2013
2014
Hillstone Networks Founded
1st vendor to release NGFW with multi-core parallel processing OS
Release multi-core Plus G2 Security Architecture
Released multi-core multiple CPU parallel processing based high performance DCFW
1st vendor to release 32 core product
1st vendor to release intelligent NGFW using behavior analysis
Enter Gartner MQ
Partnership with VMware and Citrix
20141st vendor to release micro-segmentation for private cloud security
2018
2016NSS Labs Recommended NGFW with the
Best Value
Hillstone CloudEdge Demonstrates Broad
Compatibility During ETSI’s NFV Plugtests
www.hillstonenet.com
Hillstone Layered Threat ProtectionEnabling a Defensible Network
6
www.hillstonenet.com
NSS Labs Recommended NGFW with the Best Value!
7
99.60% Block Rate in Static test
98.32% Block Rate in Live Test
NSS Labs 2016
www.hillstonenet.com
Positioned in Three of Gartner Magic Quadrants for its vision of Layered Defense
8
“Hillstone firewalls are a good candidate for enterprises with hybrid networks, such as on-premises, cloud and virtualized
environments in the abovementioned regions.”…
“Hillstone CloudHive offers a micro-segmentation solution for virtual VMware networks along with CloudEdge virtual firewalls
for the networks over the cloud. This offering makes Hillstone a strong vendor for cloud security use cases.”…
… ...
“Hillstone supports a wide range of detection and prevention options with signatures, behavioral analytics, anti-malware and
cloud-based sandboxing available as options..”…
www.hillstonenet.com
Positioned in Three of Gartner Magic Quadrants for its vision of Layered Defense
9
“
www.hillstonenet.com
HSAHillstone Security
Audit Platform
ManagementCloudServerPerimeter
Security Service
Hillstone’s Product Portfolio of Innovation
10
I-Series sBDSServer Breach
Detection System
S-Series NIPSIntrusion Prevention System
E-SeriesNGFW
T-SeriesIntelligent NGFW
X-SeriesData Center FW
HSMHillstone Security
Management Platform
Security Management& Analytics Platform
www.hillstonenet.com
Solid Customer Base in All Verticals
11
15,000+ Customers
Others
6000+ Enterprise and SMB customers
30+ countries
Education
200+ colleges
600+ educational institutes
Media &
Internet
100+ media and ICP
Government
1800+ Government agencies
FinanceTop 5 China State Owned Banks, Big 3 stock exchanges
Top 10 securities dealers, Top 5 insurance groups
Carrier & ISP
60% market share of China Broadband SPs
5-Yrs on China Telecom, China Mobile Short Lists
Replace Cisco, Juniper etc.
www.hillstonenet.com
Partner with Technology Leaders
12
Hillstone at a Glance
Hillstone Core Technologies
Hillstone Product Portfolio
1
2
3
www.hillstonenet.com
HillstoneIntelligent Firewalls (i+NGFW)
for Enterprises
Find & Stop Threats in Minuteswith Hillstone’s Behavioral Intelligence
14
www.hillstonenet.com
Hillstone iNGFW –Making Network Security More Intelligent
15
for Enterprises
and Data Centers
Detect– Automation for discovery
of advance threats
– High-performance
Visualize– Real-time insight in
network risk
Enforce– High-end security without the high
price
– Complement to existing security
devices
www.hillstonenet.com
Advanced Threats Invalidate Traditional Security
16
New, professional
attacks
go right through.
malwareAPTs
Insider Theft
BYOD
Zero-Days
“In 60% of cases,attackers are able to
compromise an organization within minutes.”
– Verizon 2015 DBIR
www.hillstonenet.com
Malware Hidden in your Network for Months
17
One new threat PerSecond
Once intrusion Per 5 Minutes
67% Defense systems fail to
prevent targeted-attack
55% Enterprises Not Aware Being Compromised
Average
210 days75% intrude in 10
Minutes
Only 6%
detected
www.hillstonenet.com
Your Critical Asset is Always the Target!
18
There is a $3.79M
average cost, and
23% cost increase, for
each security breach
47% of all security
breaches is caused
by malicious or
criminal attacks
60% of attackers
compromise the target
organization within
minutes
Malicious attacks
take an average of
256 days to identify
Ponemon & IBM, 2015; Verizon, 2016
www.hillstonenet.com
Hillstone’s Solution: T-Series iNGFW Designed for
19
1) Defend Advanced Threats
2) Protect Your Critical Assets
3) Shorten Time between Compromise and Detection
Signature-
based
Behavior-based
iNGFW
NGFW
Intelligent
www.hillstonenet.com
Hillstone T-Series Architecture
20
Assets Threats
IPS
Anti-Virus/Anti-Spam
Sandbox
Perimeter Defense
…
99.6%
Intelligent Engine
NGFW Engine
URL/IP/Domain…
www.hillstonenet.com
Threat Correlation Analytics
21
www.hillstonenet.com
Unique Detection Engine I:Abnormal Behavior Detection (ABD) Engine
22
Threat & Risk IdentificationAbnormal behavior AnalysisBehavior Learning & Modeling
• Host/server behavior modeling by
adaptive machine learning
• Layer 4-7, hundreds of behavior
dimensions
• Real time Behavior Model and rules
• Identify abnormal dimensions by behavior
partnering
• Quantitate risk severity and certainty by
correlation analysis
• Threat forensics including suspicious and
relevant PCAP
www.hillstonenet.com
Server Abnormal Behavior Detected by ABD
23
www.hillstonenet.com
Unique Detection Engine II:Advanced Threat Detection (ATD) Engine
24
Machine
LearningKnown malware
Samples
Malware
Behavior Learning
Malware
Behavior set
1
Malware
Behavior set
2
Malware
Behavior set
3
…
Clustering
Modeling
Unknown Malware
Behavior Patterns
Identify Malware
Variants
Unknown
Malware
Sample
Parameter 1
Sample
Parameter 2
Sample
Parameter 3
…
Hillstone Intelligent
Next-Generation
Firewall
www.hillstonenet.com
Metamorphic Malware Identified via Family Behaviors
25
Malware Attributes
Malware
Actions
Family 1
Family 2
Family 3
Family n
www.hillstonenet.com
Summary: Hillstone’s Value Proposition
26
– Comprehensive visibilitySecurity correlation Analytics and Kill Chain
– Shorten time between compromise and detection
• Multiple detection and protection mechanisms and cloud ecosystem
– Determine root cause of an attack
• Rich Forensic and Analysis
– Mitigate damage
• Policy Enforcement & Mitigation Templates
– Full lifecycle-based threat prevention
• Security services at different stages of the breach cycle
www.hillstonenet.com
Hillstone Protects Across the Cyber Kill Chain
NGFW
MalwareDetection Software
Hillstone Intelligent NGFW (i+NGFW with Behavioral Intelligence)
Traditional FW
Reconnaissance Breach Theftpre-breach post-breach
27
www.hillstonenet.com
HillstoneCloud Security Solutions
for Virtualized Data Centers
Complete Protection for the Cloud
X Series Data Center NGFW
28
www.hillstonenet.com
Traditional Perimeter Security Fails in the Cloud
• No visibility of cloud internal traffic and threats
• East-West workloads are not secured
• Security cannot be scaled with the cloud
N
S
Tenants
Internet
TenantsW E?29
www.hillstonenet.com
Hillstone Provides Complete Protection for the Cloud
W EN
S
W E W E
W E W E
N
S
VPC
N
S
VPC
30
www.hillstonenet.com
Hillstone CloudEdge & CloudHive
North-SouthTraffic
VPC Gateway
Typical Scenario:Public Cloud VPC or Multi-tenants
Perimeter Protection
CloudEdge
Segmentation of each VM
East-WestTraffic
Typical Scenario:Private Cloud VM
visibility& Segmentation
Micro-segmentation
31
www.hillstonenet.com
Micro-Segmentation Sample Vendor
“Microsegmentation Sample Vendors: Amazon, Arkin, Catbird, CloudPassage, GuardiCore, HillstoneNetworks, Illumio, Trend Micro, vArmour and Vmware”
Gartner, Best Practices for Detecting and Mitigating Advanced Threats, 2016, Lawrence Pingree etc.
1. Cloud Access Security Brokers
2. Endpoint Detection and Response
3. Nonsignature Approaches for Endpoint Prevention
4. User and Entity Behavioral Analytics
5. Microsegmentation and Flow Visibility
6. Security Testing for DevOps (DevSecOps)
7. Intelligence-Driven Security Operations Center Orchestration Solutions
8. Remote Browser
9. Deception
10. Pervasive Trust Services• Gartner, Top 10 Information Security Trend.
2016 Security & Risk Management Summit
32
www.hillstonenet.com
What is Hillstone CloudHive?
CloudHive
• One vSOM
• Two vSCMs
• Up to 200
vSSMs
• One or multiple
vDSM
Notes:
• 1 vSOM to manage service lifecycle
• 2 vSCM for High Availability
• 1 vSSM in each physical server
• vDSM for log forwarding
vSSM
vSOM
vSCM
Cloud
Orchestration
HA
vDSM
33
www.hillstonenet.com
CloudHive & NSX Joint Solution
Analysis and Actions
Data Center Admin
Network Performance• L 2-4 Access Control
• L2 network segmentation
In-depth Security• Threat & app visibility
• Cloud threat report
• L7 advanced threat protection
Optimization Visibility
34
www.hillstonenet.com
CloudHive Provides Deep Visibility to East-West Traffic
35
www.hillstonenet.com
CloudHive Use Cases
Financial CloudGovernment CloudEducation Cloud
vm1
vm3
vm2
College A College N
IT Department
vm1
vm3
vm2
Department 1 Department n
IT Department
Government User
Internet
FW/VPN
vm1
vm3
vm2
IT Department
BU 1 BU 3
BU 2
College B
Compliance Agency
Visibility & Control Audit & Compliance Security & Audit
36
www.hillstonenet.com
CloudEdge: Perimeter Protection for VPC
VPC VPC
Public Cloud
Internet • Integrated with popular public Cloud
• Provide NGFW security
• On-demand expansion and charge
• Ease of use
37
www.hillstonenet.com
Demonstrates Broad Compatibility in ETSI’s NFV Plugtests
38
• 8 MANO (15) • 5 VIM (7)
• 2 NFVI
www.hillstonenet.com
CloudEdge Use Cases
VPC Access Control VPN Connection
VPC Gateway + HA VPC Protection (IPS+AV)
39
www.hillstonenet.com
CloudEdge for NFV Solutions
40
Orchestration based on cloud platform
Orchestration based on OpenStack FWaaS
Orchestration based on open source MANO
www.hillstonenet.com
CloudEdge License Management Solutions
41
Cloud-based License
Management Solution
Public cloud Private cloud (Internet)
Hardware-based License
Management Solution
Private cloud (Intranet)
Internet Authentication Local Authentication
www.hillstonenet.com
Flexible Adaption to Hypervisors and CMPs
Private Cloud Based on
vCenter+ESXi
AWSXen
OpenStackKVM
Vmware vCenterESXi
Private Cloud based on
OpenStack+KVM
AzureHyper-V
AliCloudXen
42
www.hillstonenet.com
43
Industry Recognition & Cloud Eco-System
25 Most Promising Amazon Solution
Providers 2016 by APAC CIOOutlook
The Cutting Edge Cloud Security Solution
for 2016 by Cyber Defense Magazine
43
Gold Winner in the 12th Annual 2017
IT World Award® in Cloud Security
Hillstone at a Glance
Hillstone Core Technologies
Hillstone Product Portfolio
1
2
3
www.hillstonenet.com
HSAHillstone Security
Audit Platform
ManagementCloudServerPerimeter
Security Service
Hillstone’s Product Portfolio of Innovation
45
I-Series sBDSServer Breach
Detection System
S-Series NIPSIntrusion Prevention System
E-SeriesNGFW
T-SeriesIntelligent NGFW
X-SeriesData Center FW
HSMHillstone Security
Management Platform
Security Management& Analytics Platform
www.hillstonenet.com
E-Series Next-Generation Firewalls
• Full-Concurrence, High-performance Architecture
• Fine-granular & Multi-dimensional Control
• High Efficient L2-L7 Full Security Protection
• Advanced Networking Features
• Comprehensive Security Report
46
www.hillstonenet.com
T-Series Intelligent Next-Generation Firewalls
Complete Risk/Threat Visibility besides Traffic/Apps/Users
Complete Kill Chain Mapping
Rich Forensic Information on Advanced Threats
Immediate Mitigation
Industry Best Threat Intelligence Feeds
47
www.hillstonenet.com
X-Series Data Center Next-Generation Firewall
⚫ Target Customers➢ Carriers, Large Enterprises, High Education & Government,Managed Security Service Providers
⚫ Deployment Scenarios➢ Carrier MAN and Mobile
➢ Carrier IDC, Government Cloud Data-Center
➢ Data Center or University Campus Internet Exit
• High Performance
• Carrier-Grade Reliability
• Low Power Consumption
• Massive Virtual Firewall for MSSPs
• Comprehensive NAT/IPV6 support
• Rich L2-L7 Security Functionality
• Unique Twin-Mode Firewall
48
www.hillstonenet.com
S-Series Network Intrusion Prevention System
• Unparalleled threat protection without performance compromise
• Granular reporting with user targeted viewpoints
• Ease of deployment and centralized management
• High Availability without network Interruption
49
www.hillstonenet.com
Hillstone Server Breach Detection System
Hillstone Post-Breach Detection Solution to Protect Critical Servers from Advanced Threats
50
www.hillstonenet.com
Hillstone Server Breach Detection System
51
www.hillstonenet.com
Cloud Sandbox Near Real-time Prevention and Cloud Intelligence
URL whitelist, file signature verification Cloud-based suspicious samples MD5 query for file behavior; verification
and report
Identify the malicious files Generate threat log and report Share the threat intelligence Block the threat by firewalls
Windows/Android/MacOS simulation Behavioral analysis to file process,
Registry action, network behavior Evasion detection
Static Analysis/Pre-Processing Behavioral Analysis Cloud Intelligence
Malicious Files Signature updateReporting
NGFWNGFW iNGFW NIPS
52
www.hillstonenet.com
Cloud Sandbox Near Real-time Prevention and Cloud Intelligence
53
www.hillstonenet.com
Anti-Spam: Real-time Spam Classification and Prevention
Email checksum Query
Cloud-Based Spam Database
Drop
Spam Classification
Hillstone Anti-Spam Key Features
• Real-time Spam Classification and Prevention
• Support Spam classification: Confirmed Spam, Suspected Spam, Bulk Spam, Valid Bulk
• Regardless of the language, format, or content of the message
• Works on both SMTP and POP3 email protocols
• Inbound and outbound detection
• White lists to allow emails from trusted domainDrop
Global Spam Collection (Partner)
54
www.hillstonenet.com
CloudEdge: Virtual Next-Generation Firewall
VPCVPCVPC
North-South Traffic Protection for tenants
• NAT, Access Control, Attack Defense
• Application control• IPS• URL Filtering• VPN• Anti-Virus• Cloud-Sandbox…
55
www.hillstonenet.com
CloudHive: Micro-segmentation for the Cloud
Unparalleled live traffic visibility
Reduce the attack surface to near-zero
Effortlessly scale security through active orchestration
Improve efficiency while reducing costs
One vSOM, Two vSCMs, Up to 200 vSSMs, One or Multiple vDSM
56
www.hillstonenet.com
HSM & HSA: Centralized Security Management & Audit
Branch Branch
Internet
Core
NGFW/NIPS…
HSM/vHSM
HSA
Centralized Security Policy Configuration
Centralized Device & Threat Monitoring
Network Behavior Monitoring
Security Incident Audit and Forensic
57
www.hillstonenet.com
CloudView: Security Management and Analysis Service (SaaS)
• Free to initiate (Includes Essential features)
• Pay to subscribe (For advanced features, Professional Version)
• Security as a Service (SaaS)
Low/Flexible Investment Options
• 24/7 monitoring and alerts• Threat analysis and reports• Mobile/web access
Real-time Monitoring
• No deployment required • No maintenance• Easy and instant subscription
Ease of Deployment
Centralized Device Monitoring• System/threat monitoring• Device License status and renewal• Cloud Inspection
Threat Analysis and Alarm• Threat and event logs• Comprehensive reports • Real-time message and alarms
58
www.hillstonenet.com
Portfolio: Performance Matrix
T3860
T5860
T5060
X10800*
UP to 680 Gbps
E5760
E5568/E5660
E5960
E2300
E2800
E3662 /E3668E2860 /E2868
E3960 / E3968
E5260 / E5268E3965 / E5168
E1600
E1700/E1606
E1100W/WG3w
T2860
T1860
E-Series NGFW T-Series iNGFW X-Series CloudI-Series S-Series
I-2850
S2660
S2160
S1560
S1060
S600
Each vSSM 5Gbps, up to 1T
VM01, 2Gbps/10GbpsVM02, 4Gbps/20GbpsVM04, 8Gbps/30Gbps
E6160 /6168E6360/E6368
I-3850*
S3560*
S3860*
S5560*X7180
* These models are coming soon.
UP to I Tbps
59
NSS Labs Recommended NGFW with the Best Value!
Positioned in Three of Gartner Magic Quadrants
15,000+ solid customer bases around the world
Layered Threat Protection: Enabling a Defensible Network for customers from SMB to Enterprises
Perimeter defense solutions for known & unknown threats protection
Server breach detection solution to protect critical assets from internal breach
Cloud Micro-Segmentation to secure each VM
Summary
15,000+customers around the world
Keep in touch
with us
Put your
QR here
Keep in touch
with us
61
Address:
E-mail:
Website:
Phone:
5201 Great America Pkwy, #420, Santa Clara, CA 95054
www.hillstonenet.com
[email protected] +1-800-889-9860
THANK YOU!