hillstone corporate overview - proficomms · 2018. 10. 11. · 2. endpoint detection and response...

www.hillstonenet.com

Hillstone Corporate OverviewHillstone Networks

Hillstone at a Glance

Hillstone Core Technologies

Hillstone Product Portfolio

1

2

3



• Founded in 2006 by founding engineers from Netscreen

• 15,000+ customers in 50+ countries: financial, telecom, education etc.

• 800+ employees globally, >40% in engineering

Beijing

Singapore

Silicon Valley

Dubai

LatinAmerica

Czech

Suzhou • Experienced leadership

from Netscreen, Cisco,

Juniper, Intel

World Class Team

3

Mexico


Hillstone – A Security Technology Innovator

4

2006

2007

2008

2010

2012

2013

2014

Hillstone Networks Founded

1st vendor to release NGFW with multi-core parallel processing OS

Release multi-core Plus G2 Security Architecture

Released multi-core multiple CPU parallel processing based high performance DCFW

1st vendor to release 32 core product

1st vendor to release intelligent NGFW using behavior analysis

Enter Gartner MQ

Partnership with VMware and Citrix

20141st vendor to release micro-segmentation for private cloud security

2018

2016NSS Labs Recommended NGFW with the

Best Value

Hillstone CloudEdge Demonstrates Broad

Compatibility During ETSI’s NFV Plugtests


Hillstone – A Security Technology Innovator

5

2006

2007

2008

2010

2012

2013

2014

Hillstone Networks Founded

1st vendor to release NGFW with multi-core parallel processing OS

Release multi-core Plus G2 Security Architecture

Released multi-core multiple CPU parallel processing based high performance DCFW

1st vendor to release 32 core product

1st vendor to release intelligent NGFW using behavior analysis

Enter Gartner MQ

Partnership with VMware and Citrix

20141st vendor to release micro-segmentation for private cloud security

2018

2016NSS Labs Recommended NGFW with the

Best Value

Hillstone CloudEdge Demonstrates Broad

Compatibility During ETSI’s NFV Plugtests


Hillstone Layered Threat ProtectionEnabling a Defensible Network

6


NSS Labs Recommended NGFW with the Best Value!

7

99.60% Block Rate in Static test

98.32% Block Rate in Live Test

NSS Labs 2016


Positioned in Three of Gartner Magic Quadrants for its vision of Layered Defense

8

“Hillstone firewalls are a good candidate for enterprises with hybrid networks, such as on-premises, cloud and virtualized

environments in the abovementioned regions.”…

“Hillstone CloudHive offers a micro-segmentation solution for virtual VMware networks along with CloudEdge virtual firewalls

for the networks over the cloud. This offering makes Hillstone a strong vendor for cloud security use cases.”…

… ...

“Hillstone supports a wide range of detection and prevention options with signatures, behavioral analytics, anti-malware and

cloud-based sandboxing available as options..”…


Positioned in Three of Gartner Magic Quadrants for its vision of Layered Defense

9

“


HSAHillstone Security

Audit Platform

ManagementCloudServerPerimeter

Security Service

Hillstone’s Product Portfolio of Innovation

10

I-Series sBDSServer Breach

Detection System

S-Series NIPSIntrusion Prevention System

E-SeriesNGFW

T-SeriesIntelligent NGFW

X-SeriesData Center FW

HSMHillstone Security

Management Platform

Security Management& Analytics Platform


Solid Customer Base in All Verticals

11

15,000+ Customers

Others

6000+ Enterprise and SMB customers

30+ countries

Education

200+ colleges

600+ educational institutes

Media &

Internet

100+ media and ICP

Government

1800+ Government agencies

FinanceTop 5 China State Owned Banks, Big 3 stock exchanges

Top 10 securities dealers, Top 5 insurance groups

Carrier & ISP

60% market share of China Broadband SPs

5-Yrs on China Telecom, China Mobile Short Lists

Replace Cisco, Juniper etc.


Partner with Technology Leaders

12




1

2

3


HillstoneIntelligent Firewalls (i+NGFW)

for Enterprises

Find & Stop Threats in Minuteswith Hillstone’s Behavioral Intelligence

14


Hillstone iNGFW –Making Network Security More Intelligent

15

for Enterprises

and Data Centers

Detect– Automation for discovery

of advance threats

– High-performance

Visualize– Real-time insight in

network risk

Enforce– High-end security without the high

price

– Complement to existing security

devices


Advanced Threats Invalidate Traditional Security

16

New, professional

attacks

go right through.

malwareAPTs

Insider Theft

BYOD

Zero-Days

“In 60% of cases,attackers are able to

compromise an organization within minutes.”

– Verizon 2015 DBIR


Malware Hidden in your Network for Months

17

One new threat PerSecond

Once intrusion Per 5 Minutes

67% Defense systems fail to

prevent targeted-attack

55% Enterprises Not Aware Being Compromised

Average

210 days75% intrude in 10

Minutes

Only 6%

detected


Your Critical Asset is Always the Target!

18

There is a $3.79M

average cost, and

23% cost increase, for

each security breach

47% of all security

breaches is caused

by malicious or

criminal attacks

60% of attackers

compromise the target

organization within

minutes

Malicious attacks

take an average of

256 days to identify

Ponemon & IBM, 2015; Verizon, 2016


Hillstone’s Solution: T-Series iNGFW Designed for

19

1) Defend Advanced Threats

2) Protect Your Critical Assets

3) Shorten Time between Compromise and Detection

Signature-

based

Behavior-based

iNGFW

NGFW

Intelligent


Hillstone T-Series Architecture

20

Assets Threats

IPS

Anti-Virus/Anti-Spam

Sandbox

Perimeter Defense

…

99.6%

Intelligent Engine

NGFW Engine

URL/IP/Domain…


Threat Correlation Analytics

21


Unique Detection Engine I:Abnormal Behavior Detection (ABD) Engine

22

Threat & Risk IdentificationAbnormal behavior AnalysisBehavior Learning & Modeling

• Host/server behavior modeling by

adaptive machine learning

• Layer 4-7, hundreds of behavior

dimensions

• Real time Behavior Model and rules

• Identify abnormal dimensions by behavior

partnering

• Quantitate risk severity and certainty by

correlation analysis

• Threat forensics including suspicious and

relevant PCAP


Server Abnormal Behavior Detected by ABD

23


Unique Detection Engine II:Advanced Threat Detection (ATD) Engine

24

Machine

LearningKnown malware

Samples

Malware

Behavior Learning

Malware

Behavior set

1

Malware

Behavior set

2

Malware

Behavior set

3

…

Clustering

Modeling

Unknown Malware

Behavior Patterns

Identify Malware

Variants

Unknown

Malware

Sample

Parameter 1

Sample

Parameter 2

Sample

Parameter 3

…

Hillstone Intelligent

Next-Generation

Firewall


Metamorphic Malware Identified via Family Behaviors

25

Malware Attributes

Malware

Actions

Family 1

Family 2

Family 3

Family n


Summary: Hillstone’s Value Proposition

26

– Comprehensive visibilitySecurity correlation Analytics and Kill Chain

– Shorten time between compromise and detection

• Multiple detection and protection mechanisms and cloud ecosystem

– Determine root cause of an attack

• Rich Forensic and Analysis

– Mitigate damage

• Policy Enforcement & Mitigation Templates

– Full lifecycle-based threat prevention

• Security services at different stages of the breach cycle


Hillstone Protects Across the Cyber Kill Chain

NGFW

MalwareDetection Software

Hillstone Intelligent NGFW (i+NGFW with Behavioral Intelligence)

Traditional FW

Reconnaissance Breach Theftpre-breach post-breach

27


HillstoneCloud Security Solutions

for Virtualized Data Centers

Complete Protection for the Cloud

X Series Data Center NGFW

28


Traditional Perimeter Security Fails in the Cloud

• No visibility of cloud internal traffic and threats

• East-West workloads are not secured

• Security cannot be scaled with the cloud

N

S

Tenants

Internet

TenantsW E?29


Hillstone Provides Complete Protection for the Cloud

W EN

S

W E W E

W E W E

N

S

VPC

N

S

VPC

30


Hillstone CloudEdge & CloudHive

North-SouthTraffic

VPC Gateway

Typical Scenario:Public Cloud VPC or Multi-tenants

Perimeter Protection

CloudEdge

Segmentation of each VM

East-WestTraffic

Typical Scenario:Private Cloud VM

visibility& Segmentation

Micro-segmentation

31


Micro-Segmentation Sample Vendor

“Microsegmentation Sample Vendors: Amazon, Arkin, Catbird, CloudPassage, GuardiCore, HillstoneNetworks, Illumio, Trend Micro, vArmour and Vmware”

Gartner, Best Practices for Detecting and Mitigating Advanced Threats, 2016, Lawrence Pingree etc.

1. Cloud Access Security Brokers

2. Endpoint Detection and Response

3. Nonsignature Approaches for Endpoint Prevention

4. User and Entity Behavioral Analytics

5. Microsegmentation and Flow Visibility

6. Security Testing for DevOps (DevSecOps)

7. Intelligence-Driven Security Operations Center Orchestration Solutions

8. Remote Browser

9. Deception

10. Pervasive Trust Services• Gartner, Top 10 Information Security Trend.

2016 Security & Risk Management Summit

32


What is Hillstone CloudHive?

CloudHive

• One vSOM

• Two vSCMs

• Up to 200

vSSMs

• One or multiple

vDSM

Notes：

• 1 vSOM to manage service lifecycle

• 2 vSCM for High Availability

• 1 vSSM in each physical server

• vDSM for log forwarding

vSSM

vSOM

vSCM

Cloud

Orchestration

HA

vDSM

33


CloudHive & NSX Joint Solution

Analysis and Actions

Data Center Admin

Network Performance• L 2-4 Access Control

• L2 network segmentation

In-depth Security• Threat & app visibility

• Cloud threat report

• L7 advanced threat protection

Optimization Visibility

34


CloudHive Provides Deep Visibility to East-West Traffic

35


CloudHive Use Cases

Financial CloudGovernment CloudEducation Cloud

vm1

vm3

vm2

College A College N

IT Department

vm1

vm3

vm2

Department 1 Department n

IT Department

Government User

Internet

FW/VPN

vm1

vm3

vm2

IT Department

BU 1 BU 3

BU 2

College B

Compliance Agency

Visibility & Control Audit & Compliance Security & Audit

36


CloudEdge: Perimeter Protection for VPC

VPC VPC

Public Cloud

Internet • Integrated with popular public Cloud

• Provide NGFW security

• On-demand expansion and charge

• Ease of use

37


Demonstrates Broad Compatibility in ETSI’s NFV Plugtests

38

• 8 MANO (15) • 5 VIM (7)

• 2 NFVI


CloudEdge Use Cases

VPC Access Control VPN Connection

VPC Gateway + HA VPC Protection (IPS+AV)

39


CloudEdge for NFV Solutions

40

Orchestration based on cloud platform

Orchestration based on OpenStack FWaaS

Orchestration based on open source MANO


CloudEdge License Management Solutions

41

Cloud-based License

Management Solution

Public cloud Private cloud (Internet)

Hardware-based License

Management Solution

Private cloud (Intranet)

Internet Authentication Local Authentication


Flexible Adaption to Hypervisors and CMPs

Private Cloud Based on

vCenter＋ESXi

AWSXen

OpenStackKVM

Vmware vCenterESXi

Private Cloud based on

OpenStack＋KVM

AzureHyper-V

AliCloudXen

42


43

Industry Recognition & Cloud Eco-System

25 Most Promising Amazon Solution

Providers 2016 by APAC CIOOutlook

The Cutting Edge Cloud Security Solution

for 2016 by Cyber Defense Magazine

43

Gold Winner in the 12th Annual 2017

IT World Award® in Cloud Security




1

2

3


HSAHillstone Security

Audit Platform

ManagementCloudServerPerimeter

Security Service

Hillstone’s Product Portfolio of Innovation

45

I-Series sBDSServer Breach

Detection System

S-Series NIPSIntrusion Prevention System

E-SeriesNGFW

T-SeriesIntelligent NGFW

X-SeriesData Center FW

HSMHillstone Security

Management Platform

Security Management& Analytics Platform


E-Series Next-Generation Firewalls

• Full-Concurrence, High-performance Architecture

• Fine-granular & Multi-dimensional Control

• High Efficient L2-L7 Full Security Protection

• Advanced Networking Features

• Comprehensive Security Report

46


T-Series Intelligent Next-Generation Firewalls

Complete Risk/Threat Visibility besides Traffic/Apps/Users

Complete Kill Chain Mapping

Rich Forensic Information on Advanced Threats

Immediate Mitigation

Industry Best Threat Intelligence Feeds

47


X-Series Data Center Next-Generation Firewall

⚫ Target Customers➢ Carriers, Large Enterprises, High Education & Government,Managed Security Service Providers

⚫ Deployment Scenarios➢ Carrier MAN and Mobile

➢ Carrier IDC, Government Cloud Data-Center

➢ Data Center or University Campus Internet Exit

• High Performance

• Carrier-Grade Reliability

• Low Power Consumption

• Massive Virtual Firewall for MSSPs

• Comprehensive NAT/IPV6 support

• Rich L2-L7 Security Functionality

• Unique Twin-Mode Firewall

48


S-Series Network Intrusion Prevention System

• Unparalleled threat protection without performance compromise

• Granular reporting with user targeted viewpoints

• Ease of deployment and centralized management

• High Availability without network Interruption

49


Hillstone Server Breach Detection System

Hillstone Post-Breach Detection Solution to Protect Critical Servers from Advanced Threats

50


Hillstone Server Breach Detection System

51


Cloud Sandbox Near Real-time Prevention and Cloud Intelligence

URL whitelist, file signature verification Cloud-based suspicious samples MD5 query for file behavior; verification

and report

Identify the malicious files Generate threat log and report Share the threat intelligence Block the threat by firewalls

Windows/Android/MacOS simulation Behavioral analysis to file process,

Registry action, network behavior Evasion detection

Static Analysis/Pre-Processing Behavioral Analysis Cloud Intelligence

Malicious Files Signature updateReporting

NGFWNGFW iNGFW NIPS

52


Cloud Sandbox Near Real-time Prevention and Cloud Intelligence

53


Anti-Spam: Real-time Spam Classification and Prevention

Email checksum Query

Cloud-Based Spam Database

Drop

Spam Classification

Hillstone Anti-Spam Key Features

• Real-time Spam Classification and Prevention

• Support Spam classification: Confirmed Spam, Suspected Spam, Bulk Spam, Valid Bulk

• Regardless of the language, format, or content of the message

• Works on both SMTP and POP3 email protocols

• Inbound and outbound detection

• White lists to allow emails from trusted domainDrop

Global Spam Collection (Partner)

54


CloudEdge: Virtual Next-Generation Firewall

VPCVPCVPC

North-South Traffic Protection for tenants

• NAT, Access Control, Attack Defense

• Application control• IPS• URL Filtering• VPN• Anti-Virus• Cloud-Sandbox…

55


CloudHive: Micro-segmentation for the Cloud

Unparalleled live traffic visibility

Reduce the attack surface to near-zero

Effortlessly scale security through active orchestration

Improve efficiency while reducing costs

One vSOM, Two vSCMs, Up to 200 vSSMs, One or Multiple vDSM

56


HSM & HSA: Centralized Security Management & Audit

Branch Branch

Internet

Core

NGFW/NIPS…

HSM/vHSM

HSA

Centralized Security Policy Configuration

Centralized Device & Threat Monitoring

Network Behavior Monitoring

Security Incident Audit and Forensic

57


CloudView: Security Management and Analysis Service (SaaS)

• Free to initiate (Includes Essential features)

• Pay to subscribe (For advanced features, Professional Version)

• Security as a Service (SaaS)

Low/Flexible Investment Options

• 24/7 monitoring and alerts• Threat analysis and reports• Mobile/web access

Real-time Monitoring

• No deployment required • No maintenance• Easy and instant subscription

Ease of Deployment

Centralized Device Monitoring• System/threat monitoring• Device License status and renewal• Cloud Inspection

Threat Analysis and Alarm• Threat and event logs• Comprehensive reports • Real-time message and alarms

58


Portfolio: Performance Matrix

T3860

T5860

T5060

X10800*

UP to 680 Gbps

E5760

E5568/E5660

E5960

E2300

E2800

E3662 /E3668E2860 /E2868

E3960 / E3968

E5260 / E5268E3965 / E5168

E1600

E1700/E1606

E1100W/WG3w

T2860

T1860

E-Series NGFW T-Series iNGFW X-Series CloudI-Series S-Series

I-2850

S2660

S2160

S1560

S1060

S600

Each vSSM 5Gbps, up to 1T

VM01, 2Gbps/10GbpsVM02, 4Gbps/20GbpsVM04, 8Gbps/30Gbps

E6160 /6168E6360/E6368

I-3850*

S3560*

S3860*

S5560*X7180

* These models are coming soon.

UP to I Tbps

59

NSS Labs Recommended NGFW with the Best Value!

Positioned in Three of Gartner Magic Quadrants

15,000+ solid customer bases around the world

Layered Threat Protection: Enabling a Defensible Network for customers from SMB to Enterprises

Perimeter defense solutions for known & unknown threats protection

Server breach detection solution to protect critical assets from internal breach

Cloud Micro-Segmentation to secure each VM

Summary

15,000+customers around the world

Keep in touch

with us

Put your

QR here

Keep in touch

with us

61

Address:

E-mail:

Website:

Phone:

5201 Great America Pkwy, #420, Santa Clara, CA 95054


[email protected] +1-800-889-9860

THANK YOU!

hillstone corporate overview - proficomms · 2018. 10. 11. · 2. endpoint detection and response...

Documents