United Security Technology White Paper
|
|
- Aileen Scott
- 7 years ago
- Views:
Transcription
1 United Security Technology White Paper
2 United Security Technology White Paper 1 Challenges Security Problems Caused by Mobile Communication Security Fragmentation Problems United Security Solution Big Data Analytics for United Security United Security Based on Security Resource Virtualization Applicable Scenarios Threat Detection Throughout the Network On-Demand Allocation of Security Resources...14
3 1 Challenges 1.1 Security Problems Caused by Mobile Communication To implement security defense on enterprise campus networks and data center networks, edges must be defined and security devices with different security levels are deployed on edges. The devices include the firewall, anti-ddos device, Anti-Virus (AV) device, Intrusion Prevention System (IPS) device, and Data Loss Prevention (DLP) device. While traditional internal network security is ensured at the external edge, wireless security is different. Bring Your Own Device (BYOD) and mobile users in any role, with any device, can connect to networks anywhere. Virus attacks and hacker intrusions have become diversified. Single-point and edge defenses face the following challenges: Untrusted intranet: Visitors, BYOD users, partners, vendors, and employees connect to campus networks, so terminal security status cannot be trusted and the intranet's horizontal traffic is insecure. Security levels of multiple departments and branches of Enterprise Data Centers (EDCs), Internet Data Center (IDC) multitenants, and Data Center (DC) networks are different, so internal traffic needs to be controlled. Traditional edges cannot solve all problems. Mobility: On mobile campus networks and virtualized DCs, terminals or DCs can move dynamically. Intranet's external and physical edges are unavailable. Traditional network security defense: Only edge defense is required. The access mode and user positions are fixed, and attack points and countermeasures come from single points. WAN/Internet External attack Single-point defense 1
4 Mobile network security: how is network defense performed on a borderless network? In mobile scenarios, employees can connect to enterprise networks anywhere using different types of terminals. In this case, attack points and countermeasures are diversified. WAN/Internet External attack Mobile network attack X Unavailable firewall single-point defense Wireless eavesdropping attack AP AP AP Mobile terminal attack Access terminals on a borderless network do not have unified security defense software. As a result, threats are omnipresent when users access WLANs, VPNs, and intranets. Traditional single-point defenses cannot meet changing user requirements. 1.2 Security Fragmentation Problems Fragmented Deployment Wastes Resources Background: Intranets demand high security. In addition to security defense at the external edge, security checks are needed for intranet services' horizontal traffic. Each department also requires an independent security defense. Multiple security defense points: Every department needs a hardware firewall, which increases Capital Expense (OPEX). In addition, policies are distributed and maintenance workloads are heavy. Inefficient usage: Many purchasers figure they need security devices that will handle two or five times the amount of peak data traffic. In practice, this is an inefficient use of high-performance security devices such as firewalls, IPS devices, anti-ddos devices. Complex Service Configuration Policies Background: Individual departments use different security levels for their service systems. As a result, companies require different security defenses and configuration policies for each department. Complex traffic distribution: Different security defense measures are also deployed between different areas. To implement different security defenses, complex traffic diversion policies need to be configured. This makes it difficult to expand and maintain networks. 2
5 2 United Security Solution Facing single-point defense and fragmented deployment problems, Huawei's United Security Solution collects security events across the entire network, and uses Big Data analytics to perform correlation analysis to detect security risks. The solution then employs virtualization technology to virtualize security resources and implement resource sharing and on-demand service provisioning. Huawei's United Security Solution solves security defense and service deployment problems. This solution has two sub-solutions: threat detection and security defense based on the results of Big Data analytics, and flexible chain based on security resource pooling. 2.1 Big Data Analytics for United Security Big Data analytics relieves personnel from service data analysis and improves their ability to utilize data values to improve security policies. Huawei's United Security Solution employs Big Data analytics to detect network threats and take defense measures Solution Architecture Agile Controller 4 Dynamically allocate security resources. Security resource center 2 Perform correlation analysis of Big Data. 3 Deliver security policies. 1 Deliver security policies. Anti- DDoS Sandbox NGFW SVN Collect security events. Ensure that security policies take effect. 3
6 The Agile Controller collects network security events. Security events are drawn from network and service device logs, logs of terminal user behaviors, and network attack events. The Agile Controller correlates the analysis of Big Data. This analysis detects potential security risks. The Agile Controller delivers security policies. The Agile Controller delivers adjusted security policies to devices Agile Controller Technology Huawei's United Security Solution uses the controller to analyze attack sources and respond to security devices. Agile controller Security resource center 1 Isolate threats 2 Intelligently import and clean traffic The Agile Controller performs the following operations: Collects security events. The Agile Controller collects, identifies, and analyzes security events, alarms, and faults, and detects network security situations by correlating analysis of Big Data. The technology module is divided into three layers: Data collection layer The data collection layer collects data including various types of security resources, security events of objects, vulnerabilities, and assets. The data is transmitted through standard protocols such as Syslog, SNMP, FTP/SFTP, ODBC, Socket, and XML. Analysis processing layer The analysis processing layer stores, analyzes, and processes collected device information. It filters and combines information, performs correlation analysis, analyzes potential security risks from mass logs, generates alarms, and performs risk analysis according to asset values and vulnerabilities. 4
7 Security presentation layer The security presentation layer presents collected data and provides a Portal page to implement asset, report, system, security alarm, vulnerability, risk, knowledge base, and O&M management. The security presentation layer provides different presentation pages for administrators of different levels. The system administrator only needs to perform operations three times to locate the source of a security event. Performs user policy management. The Agile Controller is responsible for authenticating users, synchronizing user information, and associating security policies. It can associate analysis results generated by the security event collection component. Huawei's Agile Controller combines various attributes and, in that way, provides complex authentication and authorization services for mobile users in campus networks. Attributes include: User: distinguishes identities of different users and delivers different authorization rules for accessing devices to the user authentication device (AC/ LSW/SVN). Position: delivers authorization rules based on IP addresses, SSIDs of access devices, and MAC addresses of Access Points (APs) to the user authentication device (AC/LSW/SVN). Time: distinguishes time ranges and delivers different authorization rules for accessing devices. Terminal type: differentiates terminal types and delivers different authorization rules for accessing devices to the user authentication device (AC/LSW/SVN). Terminal security compliance: identifies non-compliant terminals and delivers different authorization rules for accessing these devices to the user authentication device (AC/LSW/SVN) Solution Process Event report: Security systems such as Next-Generation Firewalls (NGFWs), IPS devices, and AV software detect attack behaviors. For example, a vulnerable terminal may be used for intrusions, scanning attacks, and worm attacks. A security system then reports the threats to the controller, and the log analysis component of the controller identifies and eliminates the threats. Events include threats, faults, security events, and non-compliant applications from network and security devices, host security software, and authentication/service systems. Association analysis and policy delivery: The controller's log analysis component accepts or collects network events. It then associates with an engine to perform Big Data analytics, including combination, traceability, and weighted algorithms, and reports critical risks. The log analysis component reports major events 5
8 to the IT administrator, and responds to and processes threats. For example, the component associates the vulnerable terminal with external data flow for processing. This reduces the manual workload of tracing the position, IP address, and traffic interface. Association solution 1 isolation: User access and authentication devices such as the switch, WLAN device, and SVN are associated with the controller to execute policies. For example, risky terminals are isolated or disconnected, or notifications are sent about these terminals. Association solution 2 flow diversion: The controller associates with the switch to divert attack traffic to the security device for processing through policy-based routing (PBR). 2.2 United Security Based on Security Resource Virtualization Cloud computing uses virtualization technology to efficiently use calculation resources and enable those resources to be quickly provisioned and scheduled. Virtualization technology virtualizes security resources, which makes possible unified management, on-demand service provisioning, and resource sharing Architecture Solution: security resource pooling, on-demand scheduling, and unified management Agile controller Security center Anti-attack Antivirus Leak prevention NGFW/DDOS/DLP DDoS attack 2 After the security center checks suspicious traffic, the Agile controller isolates it and lowers its level. DDoS attack Suspicious traffic is detected and diverted to the security center for cleaning. After identifying traffic from the untrusted area, the Agile controller diverts the traffic to the security center for cleaning. Office area A Office area B Untrusted area (visitor access and remote access) 6
9 2.2.2 Solution Process This solution uses agile switches, security devices such as the NGFW, and Agile Controller. The Agile Controller uniformly manages security resources and virtualizes them into a shared security resource center. The Agile Controller can dynamically use security resources based on user configurations or security event analysis. Security resource pooling Security devices 敏 捷 交 换 机 FW/IPS/AV/ASG/VPN Service-noed1 FW Service-noed2 AV Service-noed3 ASG Service-noedN IPS Fast deployment Efficient use of all resources Simplified configuration and management High reliability Service orchestration Users can configure security rules for service flows simply, without worrying about deployment of security resources. On-demand provisioning of security resources Marketing Service-noed1 FW Service-noed2 AV Service-noed3 ASG Service-noedN IPS Flow Type Service1 Service2 R&D Marketing- >Internet http vslot 1(FW) vslot2 (ASG) WAN/ Internet Marketing->R&D Marketing- >R&D File sharing vslot 1(FW) Video vslot1(fw) / vslot2(av) 7
10 3 Applicable Scenarios 3.1 Threat Detection Throughout the Network Background During mobile office, viruses may attack the external network connected to the enterprise network. Some terminals on the LAN also may be attacked due to a lack of control measures. In this case, internal and external terminals can be easily used by hackers to attack the enterprise network. Huawei Solution The NGFW, IPS device, or AV software detects attack behaviors. For example, a vulnerable terminal may be used for intrusions and scanning or worm attacks. The security system then reports the threats to the Agile Controller. The controller performs correlation analysis for various events. After determining the threats, the controller sends policies to the user authentication device (AC/LSW/SVN), executes isolation policies for risky terminals, and notifies the administrator. Customer Benefits This solution implements pervasive security defenses, improves intranet security, and speeds response times. 3.2 On-Demand Allocation of Security Resources Background The deployment costs of content security facilities are high and their performance is low. Specified users and services cannot be differentiated and cannot be well protected. Huawei Solution The solution ensures high security at a low cost: User-based traffic diversion: The solution performs the highest security checks for VIP users, plus security checks for untrusted terminals such as partner, guest, and agent-less devices to ensure intranet security. In addition, the solution provides differentiated security defenses based on subnets, VLANs, and MPLS VPNs. Service-based traffic diversion: The solution uses traffic flow based on service interfaces to prevent information leaks and protect files against viruses. It also ensures positive user experience with video services. 8
11 Figure 3-1 User-based traffic diversion Security resource center 100M low-cost content security device Inject User-based traffic diversion LAN 10G high-speed network Untrusted terminal VIP Employee BYOD Figure 3-2 Service-based traffic diversion Security resource center Inject SMTP used to divert traffic Smtp-tcp 25 Anti-leak audit and detection Customer Benefits Provides differentiated security defenses, which improves security, reduces investments, and ensures positive user experiences. 9
12 Copyright Huawei Technologies Co., Ltd All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd. Trademark Notice, HUAWEI, and are trademarks or registered trademarks of Huawei Technologies Co., Ltd. Other trademarks, product, service and company names mentioned are the property of their respective owners. General Disclaimer The information in this document may contain predictive statements including, without limitation, statements regarding the future financial and operating results, future product portfolio, new technology, etc. There are a number of factors that could cause actual results and developments to differ materially from those expressed or implied in the predictive statements. Therefore, such information is provided for reference purpose only and constitutes neither an offer nor an acceptance. Huawei may change the information at any time without notice. HUAWEI TECHNOLOGIES CO., LTD. Huawei Industrial Base Bantian Longgang Shenzhen , P.R. China Tel: Version No.: M C-1.0
1 Network Service Development Trends and Challenges
1 Network Service Development Trends and Challenges Mobility 1. Shift the focus from technology, device, and connectivity to services and user experience. Cloud Computing 2. Shift from single-point security
More informationLog Audit Ensuring Behavior Compliance Secoway elog System
As organizations strengthen informatization construction, their application systems (service systems, operating systems, databases, and Web servers), security devices (firewalls and the UTM, IPS, IDS,
More informationHuawei One Net Campus Network Solution
Huawei One Net Campus Network Solution 2 引 言 3 园 区 网 面 临 的 挑 战 4 华 为 园 区 网 解 决 方 案 介 绍 6 华 为 园 区 网 解 决 方 案 对 应 产 品 组 合 6 结 束 语 Introduction campus network is an internal network of an enterprise or organization,
More informationHow To Create A Network Access Control (Nac) Solution
Huawei Terminal Security Management Solution Create Enterprise Intranet Security Terminal Security Management Solution 01 Introduction According to the third-party agencies such as the Computer Security
More informationEudemon8000E Anti-DDoS SPU
Today's network attack varieties and intensities grow exponentially. Distributed Denial of Service (DDoS) attacks in 2010 swallowed 100G bandwidths, experiencing a 1000% increase over 2005. The diversified
More informationEudemon8000 High-End Security Gateway HUAWEI TECHNOLOGIES CO., LTD.
Eudemon8000 High-End Security Gateway HUAWEI TECHNOLOGIES CO., LTD. Product Overview Faced with increasingly serious network threats and dramatically increased network traffic, carriers' backbone networks,
More informationProduct Overview. Product Family. Product Features. Powerful intrusion detection and monitoring capacity
NIP IDS Product Overview The Network Intelligent Police (NIP) Intrusion Detection System (IDS) is a new generation of session-based intelligent network IDS developed by Huaweisymantec. Deployed in key
More informationSDN, a New Definition of Next-Generation Campus Network
SDN, a New Definition of Next-Generation Campus Network Contents Campus Evolution and Development Trends... 1 Three Changes to Drive the Campus Network Development... 2 Fundamental Changes in User Behaviors...2
More informationHuawei Cloud Data Center Solution
Huawei Cloud Data Center Solution Copyright Huawei Technologies Co., Ltd. 2015. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior
More informationHUAWEI USG6000 Next-Generation Firewall V100R001. Product Description. Issue 01. Date 2014-10-20 HUAWEI TECHNOLOGIES CO., LTD.
HUAWEI USG6000 Next-Generation Firewall V100R001 Issue 01 Date 2014-10-20 HUAWEI TECHNOLOGIES CO., LTD. 2014. All rights reserved. No part of this document may be reproduced or transmitted in any form
More informationEudemon1000E Series Firewall HUAWEI TECHNOLOGIES CO., LTD.
HUAWEI TECHNOLOGIES CO., LTD. Product Overview The Eudemon1000E series product (hereinafter referred to as the Eudemon1000E) is a new generation of multi-function security gateway designed by Huawei to
More informationDDoS Protection Technology White Paper
DDoS Protection Technology White Paper Keywords: DDoS attack, DDoS protection, traffic learning, threshold adjustment, detection and protection Abstract: This white paper describes the classification of
More informationV-ISA Reputation Mechanism, Enabling Precise Defense against New DDoS Attacks
Enabling Precise Defense against New DDoS Attacks 1 Key Points: DDoS attacks are more prone to targeting the application layer. Traditional attack detection and defensive measures fail to defend against
More informationHuawei Agile Network FAQ... 2. 1 What is an agile network? What is the relationship between an agile network and SDN?... 2
Contents Huawei Agile Network FAQ... 2 1 What is an agile network? What is the relationship between an agile network and SDN?... 2 2 What is an agile campus?... 3 3 What are the benefits of an agile network?...
More informationHuawei esight Brief Product Brochure
Huawei esight Brief Product Brochure esight Integrated Enterprise NMS As the network scales and the number of enterprise network applications continue to grow, so does the number of devices, such as multi-service
More informationBEYOND LIMITATIONS CONNECTING POSSIBILITIES
BEYOND LIMITATIONS CONNECTING POSSIBILITIES Huawei Enterprise BYOD Solution CONNECTING BUSINESS OPPORTUNITIES IN Trend 470 million 1.2 billion 35% In 2011, intelligent mobile terminals surpassed PCs in
More informationHUAWEI USG6000 Series Next-Generation Firewall Viatualization Technical White Paper
HUAWEI USG6000 Series Next-Generation Firewall Viatualization Technical White Paper Issue V1.1 Date 2014-03-14 HUAWEI TECHNOLOGIES CO., LTD. Huawei Technologies Co., Ltd. provides customers with comprehensive
More informationHuawei Agile WAN Solution
Huawei Agile WAN Solution WAN Development and Challenge As more Enterprise services are deployed on IT systems and transmitted over IP networks, Enterprise networks are expanding to support more service
More informationSecospace elog. Secospace elog
Secospace elog Product Overview With the development of networks, security events continually occur on hosts, databases, and Web servers. These range from Trojans, worms, and SQL injections, to Web page
More informationQuidway SVN3000 Security Access Gateway
Quidway SVN3000 Security Access Gateway SSL/IPSec VPN Access Gateway HUAWEI TECHNOLOGIES CO., LTD. Product Overview With the rapid development and popularization of the Internet, informatization of enterprise
More informationHuawei Business Continuity and Disaster Recovery Solution
Huawei Business Continuity and Disaster Recovery Solution Contents 01 Great Challenges to Business Continuity and Disaster Recovery 02 Huawei Business Continuity and Disaster Recovery Solution 02 Application
More informationHuawei PAN BYOD Converged Network Solution
Huawei PAN BYOD Converged Network Solution Background According to a report from IDC, by the end of 2015, users will use more mobile devices than PCs to surf the Internet. With the popularity of smart
More informationTrademark Notice. General Disclaimer
Trademark Notice General Disclaimer Intelligent Management, Centralized Operation & Maintenance Huawei Data Center Network Management Solution A data center is an integrated IT application environment
More informationVirtual Machine in Data Center Switches Huawei Virtual System
Virtual Machine in Data Center Switches Huawei Virtual System Contents 1 Introduction... 3 2 VS: From the Aspect of Virtualization Technology... 3 3 VS: From the Aspect of Market Driving... 4 4 VS: From
More informationHuawei Smart Education Solution
Copyright Huawei Technologies Co., Ltd. 2013. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies
More information1.Agile Network: SDN Concepts + 3 Architectural Innovations
1.Agile Network: SDN Concepts + 3 Architectural Innovations Agile Campus Cloud Fabric Agile WAN Agile Branch Chip Network Devices Centralized control Network capability openness SDN Huawei Agile Network
More informationIntro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved.
Intro to NSX Network Virtualization 2014 VMware Inc. All rights reserved. Agenda Introduction NSX Overview Details: Microsegmentation NSX Operations More Information SDDC/Network Virtualization Security
More informationBig Data Analytics for United Security
Big Data Analytics for United Security What Advantages Does an Agile Network Bring? (Issue 2) By Swift Liu, President Enterprise Networking Product Line Huawei Enterprise Business Group Agile means quick
More informationCloud Security. Securing what you can t touch. Presentation to Malaysia Government Cloud Computing Forum 2012-04-05 HUAWEI TECHNOLOGIES CO., LTD.
2012-04-05 Cloud Security Securing what you can t touch www.huawei.com www.huawei.com Presentation to Malaysia Government Cloud Computing Forum HUAWEI TECHNOLOGIES CO., LTD. Why worry about cloud security?
More informationApplication Defined E2E Security for Network Slices. Linda Dunbar (Linda.Dunbar@huawei.com) Diego Lopez (diego.r.lopez@telefonica.
Application Defined E2E Security for Network Slices Linda Dunbar (Linda.Dunbar@huawei.com) Diego Lopez (diego.r.lopez@telefonica.com ) Into the Inter-connected World Internet Mobile Internet Internet of
More informationDell SonicWALL Portfolio
Dell SonicWALL Portfolio Jiří Svatuška Presales Consultant Transform Connect Inform Protect Dell SonicWALL network security portfolio Network security Secure mobile access Email security Policy and management
More informationLucent VPN Firewall Security in 802.11x Wireless Networks
Lucent VPN Firewall Security in 802.11x Wireless Networks Corporate Wireless Deployment is Increasing, But Security is a Major Concern The Lucent Security Products can Secure Your Networks This white paper
More informationThe Ultimate WLAN Management and Security Solution for Large and Distributed Deployments
The Ultimate WLAN Management and Security Solution for Large and Distributed Deployments Centralized WLAN management and auto provisioning Manages up to 0 APs with granular access control Advanced RF management
More informationSCADA SYSTEMS AND SECURITY WHITEPAPER
SCADA SYSTEMS AND SECURITY WHITEPAPER Abstract: This paper discusses some of the options available to companies concerned with the threat of cyber attack on their critical infrastructure, who as part of
More informationVMware Software Defined Network. Dejan Grubić VMware Systems Engineer for Adriatic
VMware Software Defined Network Dejan Grubić VMware Systems Engineer for Adriatic The Transformation of Infrastructure Infrastructure Servers Clouds Be more responsive to business, change economics of
More informationHuawei Network Edge Security Solution
Huawei Network Edge Security Huawei Network Edge Security Solution Enterprise Campus Network HUAWEI TECHNOLOGIES CO., LTD. Huawei Network Edge Security Solution Huawei Network Edge Security 1 Overview
More informationHUAWEI OceanStor 9000. Load Balancing Technical White Paper. Issue 01. Date 2014-06-20 HUAWEI TECHNOLOGIES CO., LTD.
HUAWEI OceanStor 9000 Load Balancing Technical Issue 01 Date 2014-06-20 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2014. All rights reserved. No part of this document may be
More informationSecurity Technology White Paper
Security Technology White Paper Issue 01 Date 2012-10-30 HUAWEI TECHNOLOGIES CO., LTD. 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without
More informationSimple security is better security Or: How complexity became the biggest security threat
Simple security is better security Or: How complexity became the biggest security threat Christoph Litzbach, Pre-Sales Engineer NSG 1 What do they have in common? DATA BREACH 2 Security is HARD! Components
More informationSVN3000 Security Access Gateway SSL/IPSec VPN Access Gateway
With the development of across-region services and establishment of enterprise branches, remote office has seen increasing demand. Thus, interconnections between branches and secure access for employees
More informationARCHITECT S GUIDE: Mobile Security Using TNC Technology
ARCHITECT S GUIDE: Mobile Security Using TNC Technology December 0 Trusted Computing Group 855 SW 5rd Drive Beaverton, OR 97006 Tel (50) 69-056 Fax (50) 644-6708 admin@trustedcomputinggroup.org www.trustedcomputinggroup.org
More informationPART D NETWORK SERVICES
CONTENTS 1 ABOUT THIS PART... 2 2 PUBLIC NETWORK... 2 Internet... 2 3 PRIVATE NETWORK... 3 Global WAN services... 3 4 SECURITY SERVICES... 3 Firewall... 4 Intrusion Prevention (Network)... 5 SSL/IPSEC
More informationUnified Threat Management Throughput Performance
Unified Threat Management Throughput Performance Desktop Device Comparison DR150818C October 2015 Miercom www.miercom.com Contents Executive Summary... 3 Introduction... 4 Products Tested... 6 How We Did
More informationDATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0
DATA SECURITY 1/12 Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 Contents 1. INTRODUCTION... 3 2. REMOTE ACCESS ARCHITECTURES... 3 2.1 DIAL-UP MODEM ACCESS... 3 2.2 SECURE INTERNET ACCESS
More informationDesign and Implementation Guide. Apple iphone Compatibility
Design and Implementation Guide Apple iphone Compatibility Introduction Security in wireless LANs has long been a concern for network administrators. While securing laptop devices is well understood, new
More informationHUAWEI TECHNOLOGIES CO., LTD. HUAWEI FusionServer X6800 Data Center Server
HUAWEI TECHNOLOGIES CO., LTD. HUAWEI FusionServer X6800 Data Center Server HUAWEI FusionServer X6800 Data Center Server Data Center Cloud Internet App Big Data HPC As the IT infrastructure changes with
More informationHUAWEI Tecal E6000 Blade Server
HUAWEI Tecal E6000 Blade Server Professional Trusted Future-oriented HUAWEI TECHNOLOGIES CO., LTD. The HUAWEI Tecal E6000 is a new-generation server platform that guarantees comprehensive and powerful
More informationHuawei Enterprise UC&C Product and Solution Guide. -Mobility, Video Integration, and Cloud Collaboration HUAWEI TECHNOLOGIES CO., LTD.
Huawei Enterprise UC&C Product and Solution Guide -Mobility, Video Integration, and Cloud Collaboration HUAWEI TECHNOLOGIES CO., LTD. A Better Way UC&C Product Line Huawei enterprise service business group
More informationBest Practices for Outdoor Wireless Security
Best Practices for Outdoor Wireless Security This paper describes security best practices for deploying an outdoor wireless LAN. This is standard body copy, style used is Body. Customers are encouraged
More informationSecure Cloud-Ready Data Centers Juniper Networks
Secure Cloud-Ready Data Centers Juniper Networks JUNIPER SECURITY LEADERSHIP A $1B BUSINESS Market Leadership Data Center with High- End Firewall #1 at 42% Secure Mobility with SSL VPN #1 at 25% Security
More informationTech Brief. Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks
Tech Brief Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks Introduction In today s era of increasing mobile computing, one of the greatest challenges
More informationUnified Threat Management, Managed Security, and the Cloud Services Model
Unified Threat Management, Managed Security, and the Cloud Services Model Kurtis E. Minder CISSP Global Account Manager - Service Provider Group Fortinet, Inc. Introduction Kurtis E. Minder, Technical
More informationOffer Highly Available SAAS Solutions with Huawei. Huang Li Executive Vice President of isoftstone
Offer Highly Available SAAS Solutions with Huawei Huang Li Executive Vice President of isoftstone Contents Contents 1 2 3 4 5 6 7 Significance of SMEs in Urban Development SME Status Quo IT Capabilities
More informationUnited States Trustee Program s Wireless LAN Security Checklist
United States Trustee Program s Wireless LAN Security Checklist In support of a standing trustee s proposed implementation of Wireless Access Points (WAP) in ' 341 meeting rooms and courtrooms, the following
More informationA Mock RFI for a SD-WAN
A Mock RFI for a SD-WAN Ashton, Metzler & Associates Background and Intended Use After a long period with little if any fundamental innovation, the WAN is now the focus of considerable innovation. The
More informationSonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity
SSL-VPN Combined With Network Security Introducing A popular feature of the SonicWALL Aventail SSL VPN appliances is called End Point Control (EPC). This allows the administrator to define specific criteria
More informationIPS AIM for Cisco Integrated Services Routers
IPS AIM for Cisco Integrated Services Routers Technical Overview James Weathersby, TME, ARTG Tina Lam, Product Manager, ARTG 1 Cisco Integrated Threat Control Industry-Certified Security Embedded Within
More informationTechnical White Paper for Multi-Layer Network Planning
Technical White Paper for Multi-Layer Network Planning Technical White Paper for Multi-Layer Network Planning 1 Overview...1 2 Requirement Scenarios...2 2.1 Sharp Increase in Network Construction CapEx...3
More informationAlcatel-Lucent Services
SOLUTION DESCRIPTION Alcatel-Lucent Services Security Introduction Security is a sophisticated business and technical challenge, and it plays an important role in the success of any network, service or
More informationPCI Compliance for Branch Offices: Using Router-Based Security to Protect Cardholder Data
White Paper PCI Compliance for Branch Offices: Using Router-Based Security to Protect Cardholder Data Using credit cards to pay for goods and services is a common practice. Credit cards enable easy and
More informationMove over, TMG! Replacing TMG with Sophos UTM
Move over, TMG! Replacing TMG with Sophos UTM Christoph Litzbach, Pre-Sales Engineer NSG 39 Key Features of TMG HTTP Antivirus/spyware URL Filtering HTTPS forward inspection Web Caching Role based access
More informationHuawei espace VTM Remote Bank Solution
Huawei espace VTM Remote Bank Solution With the application of big data, cloud computing, and multimedia ICT in the banking system, the traditional bank gradually changed from a "reinforced concrete" bank
More informationPart Number: 203285. HG253s V2 Home Gateway Product Description V100R001_01. Issue HUAWEI TECHNOLOGIES CO., LTD.
Part Number: 203285 HG253s V2 Home Gateway Issue V100R001_01 HUAWEI TECHNOLOGIES CO., LTD. 2013. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means
More informationHUAWEI Secospace USG6600 Next-Generation Firewall Datasheet
HUAWEI Secospace USG6600 Next-Generation Firewall Datasheet Huawei Technologies Co., Ltd. Copyright Huawei Technologies Co., Ltd. 2012. All rights reserved. No part of this document may be reproduced or
More informationNetwork Virtualization
. White Paper Network Services Virtualization What Is Network Virtualization? Business and IT leaders require a more responsive IT infrastructure that can help accelerate business initiatives and remove
More informationApple Airport Extreme Base Station V4.0.8 Firmware: Version 5.4
1. APPLE AIRPORT EXTREME 1.1 Product Description The following are device specific configuration settings for the Apple Airport Extreme. Navigation through the management screens will be similar but may
More informationIBM Security QRadar Risk Manager
IBM Security QRadar Risk Manager Proactively manage vulnerabilities and network device configuration to reduce risk, improve compliance Highlights Visualize current and potential network traffic patterns
More informationMSP Dashboard. Solution Guide
Solution Guide MSP Dashboard This document discusses the Cisco Meraki Managed Services Dashboard, which contains features purpose-built for Managed Service Providers offering cloud-managed networking as
More informationHUAWEI TECHNOLOGIES CO., LTD. Huawei AnyOffice Mobile Security Solution
HUAWEI TECHNOLOGIES CO., LTD. 1 2 1 Overview In 2012, 20% of global employees brought their own mobile devices to work, such as the iphone, ipad, or Android based devices. Along with huge IT consumption,
More informationWireless Services. The Top Questions to Help You Choose the Right Wireless Solution for Your Business. www.megapath.com
Wireless Services The Top Questions to Help You Choose the Right Wireless Solution for Your Business Get Started Now: 877.611.6342 to learn more. www.megapath.com Why Go Wireless? Today, it seems that
More informationSVN5800 Secure Access Gateway
The development of networks allows enterprises to provide remote access to branch offices, partners, customers, mobile employees, and home offices so that they can access application and data resources,
More informationDesigning for Cisco Internetwork Solutions
Designing for Cisco Internetwork Solutions Course DESGN v2.1; 5 Days, Instructor-led Course Description: Designing for Cisco Internetwork Solutions (DESGN) v2.1 is an instructor-led course presented by
More informationSolution Brief. Branch on Demand. Extending and Securing Access Across the Organization
Solution Brief Branch on Demand Extending and Securing Access Across the Organization Extending Access to Corporate Resources Across the Organization As organizations extend corporate capabilities to teleworkers
More informationSolution Brief. Branch on Demand. Extending and Securing Access Across the Organization
Solution Brief Branch on Demand Extending and Securing Access Across the Organization Branch on Demand Extending Access to Corporate Resources Across the Organization As organizations extend corporate
More informationCisco Virtualization Experience Infrastructure: Secure the Virtual Desktop
White Paper Cisco Virtualization Experience Infrastructure: Secure the Virtual Desktop What You Will Learn Cisco Virtualization Experience Infrastructure (VXI) delivers a service-optimized desktop virtualization
More informationNIP6300/6600 Next-Generation Intrusion Prevention System
NIP6300/6600 Next-Generation Intrusion Prevention System Thanks to the development of the cloud and mobile computing technologies, many enterprises currently allow their employees to use smart devices,
More informationNetwork Virtualization Network Admission Control Deployment Guide
Network Virtualization Network Admission Control Deployment Guide This document provides guidance for enterprises that want to deploy the Cisco Network Admission Control (NAC) Appliance for their campus
More information74% 96 Action Items. Compliance
Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on July 02, 2013 11:12 AM 1 74% Compliance 96 Action Items Upcoming 0 items About PCI DSS 2.0 PCI-DSS is a legal obligation mandated
More informationSECURITY ACCESS AND DATA FLOW CONTROL IN NETWORKS
SECURITY ACCESS AND DATA FLOW CONTROL IN NETWORKS Since it significantly increases the usability and value of business information systems, networking within the information systems and between them proves
More informationCTS2134 Introduction to Networking. Module 8.4 8.7 Network Security
CTS2134 Introduction to Networking Module 8.4 8.7 Network Security Switch Security: VLANs A virtual LAN (VLAN) is a logical grouping of computers based on a switch port. VLAN membership is configured by
More informationSecurity Level: HUAWEI TECHNOLOGIES CO., LTD.
Security Level: www.huawei.com Pedro Gomez Miranda Enterprise Chief Technology Officer Huawei Enterprise Northern Latin America Region pedro.gomez@huawei.com HUAWEI TECHNOLOGIES CO., LTD. Understanding
More informationProtecting the Extended Enterprise Network Security Strategies and Solutions from ProCurve Networking
ProCurve Networking by HP Protecting the Extended Enterprise Network Security Strategies and Solutions from ProCurve Networking Introduction... 2 Today s Network Security Landscape... 2 Accessibility...
More informationDeploying Firewalls Throughout Your Organization
Deploying Firewalls Throughout Your Organization Avoiding break-ins requires firewall filtering at multiple external and internal network perimeters. Firewalls have long provided the first line of defense
More informationUNIFIED THREAT MANAGEMENT SOLUTIONS AND NEXT-GENERATION FIREWALLS ADMINISTRATION TOOLS NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY
UNIFIED THREAT MANAGEMENT SOLUTIONS AND NEXT-GENERATION FIREWALLS ADMINISTRATION TOOLS NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY ADMINISTRATION TOOLS Stormshield Network Security solutions simplify
More informationExtreme Networks Security Analytics G2 Risk Manager
DATA SHEET Extreme Networks Security Analytics G2 Risk Manager Proactively manage vulnerabilities and network device configuration to reduce risk, improve compliance HIGHLIGHTS Visualize current and potential
More informationHUAWEI USG2000&5000 Series Unified Security Gateway Content Filtering White Paper
Doc. code HUAWEI USG2000&5000 Series Unified Security Gateway Content Filtering White Paper Issue 1.0 Date 2014-08-21 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2012. All rights
More information2. From a control perspective, the PRIMARY objective of classifying information assets is to:
MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected
More informationARCHITECT S GUIDE: Comply to Connect Using TNC Technology
ARCHITECT S GUIDE: Comply to Connect Using TNC Technology August 2012 Trusted Computing Group 3855 SW 153rd Drive Beaverton, OR 97006 Tel (503) 619-0562 Fax (503) 644-6708 admin@trustedcomputinggroup.org
More informationUSG6600 Next-Generation Firewall
USG6600 Next-Generation Firewall With the proliferation of smart devices, such as smartphones and tablets, mobile apps, Web2.0, and social networking become integral parts of enterprise operation. The
More informationHUAWEI OceanStor Enterprise Storage System Success Cases
Copyright Huawei Technologies Co., Ltd. 2013. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies
More informationThe following chart provides the breakdown of exam as to the weight of each section of the exam.
Introduction The CWSP-205 exam, covering the 2015 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those
More informationImplementing Cisco IOS Network Security
Implementing Cisco IOS Network Security IINS v3.0; 5 Days, Instructor-led Course Description Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles
More informationCloud Managed Security with Meraki MX
Cloud Managed Security with Meraki MX Joe Aronow Product Specialist, Meraki MX #clmel Agenda Introduction: Cloud networking Demo IWAN Product Families Q&A Cisco Meraki: who we are and what we do? Complete
More informationHUAWEI TECHNOLOGIES CO., LTD. Huawei IDS2000-S Small Modular Data Center Solution
HUAWEI TECHNOLOGIES CO., LTD. Huawei IDS2000-S Small Modular Data Center Solution Group Data Center Concept: big center, small branch With the development and maturity of the IT automation age, rapid development
More informationÚvod k Cisco wireless riešeniam a Cisco Small Bussines Wireless (Linksys)
Cisco Smart Business Communications System Úvod k Cisco wireless riešeniam a Cisco Small Bussines Wireless (Linksys) IDEA 2.0 Slide 1 Emerging Session Markets number: Unified 923 274 Communications 942
More informationNetwork Instruments white paper
Network Instruments white paper USING A NETWORK ANALYZER AS A SECURITY TOOL Network Analyzers are designed to watch the network, identify issues and alert administrators of problem scenarios. These features
More informationTraining & Certification
enterprise.huawei.com Training & Certification Certify today. Master tomorrow. Introduction With the constant development of information and communications technology (ICT), IT and CT are converging as
More informationWhite Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act
A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK With organizations rushing to adopt Voice over IP (VoIP) technology to cut costs and integrate applications designed to serve customers better,
More informationMPLS L2VPN (VLL) Technology White Paper
MPLS L2VPN (VLL) Technology White Paper Issue 1.0 Date 2012-10-30 HUAWEI TECHNOLOGIES CO., LTD. 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationVerizon Managed SD WAN with Cisco IWAN. October 28, 2015
Verizon Managed SD WAN with Cisco IWAN. October 28, 2015 Agenda Evolution of the WAN SD WAN delivers business outcomes Verizon s Managed IWAN solution Challenges for SD WAN adoption Deployment guidelines
More information