Huawei NGN Security Solution. Author/ ID: xxx Dept: Security Version: V1.0( )

Huawei NGN Security Solution Author/ ID: xxx Dept: Security Version: V1.0(20130903)

IT Network Evolution and Challenges BYOD Information leaks due to mixed transmission of public and private data. Mobile virus/malicious software flooding Branch Headquarters Network boundary becomes vague and connection range is enlarged Mobility and cooperation become more important Account and protection against theft Disordered device Smart campus Vague boundary, difficult control Purpose-based, complicated attacks More application-based attacks Sensitive data transmission through social networks Cloud computing Data center Software -aas Platform -aas Infrastructure -aas More services are migrated to cloud Everything -aas Virtualization security threat Information leaking risk Intensive DDoS attacks Security protection bottleneck

Huawei NGN Security Easy-to-use mobile office Smart NGN campus Reliable cloud computing Mobile office solution End-to-end security and data protection Complete MDM+MAM Wired and wireless convergence ACTUAL environment perception and control Smart NG High-performance protection Unknown threat prevention Cloud data center boundary security solution Boundary security Protection against a large number of DDoS attacks Web service protection MDM MAM + UTM series NGFW series Anti-DDoS WAF AntiDDoS Security APP Terminal security suite AV gateway Online behavior IPS&IDS SSL VPN Tbit cloud security gateway

BYOD Security: Mobile Service, Great Experience Terminal Campus DMZ DC Office based Office terminals Non-Office based Office terminals SSL/IPSec 3G/4G Enterprise WiFi Enterprise switch Public WiFi Router Firewall AntiDDoS Online behavior VPN gateway MDM MAM Firewall UTM Antivirus IPS Web app security OA Server APP Server Highlights: Zero data leak Zero service interruption Easy terminal Secure applications Access control NAC Authentication, authorization Security check Transmission security L3 VPN encrypted transmission L4 VPN encrypted transmission Threat prevention Attack defense Online behavior Antivirus IDS/IPS Data protection Mobile sandbox Anti-theft Device&Policy Mobile device Unified policy Application security Security SDK App-independent sandbox Security app

NGN Security: Centralized Management, Security Cooperation Area-1 Group-3 Group-1 Group-2 Group-4 Area-2 Group-1 Group-5 Inside campus Management/ control/analysis system Distribute: user policy, security policy, app policy Controller Security center Outside campus Internet Remote Branch Highlights: Complete security Multiservice optimization Network perception Controllable traffic Virtualized security service Work group-based policy Dynamic work group Centralized policy configuration and delivery User mobile policy update Security cooperation on entire network User- and terminal-based behavior monitoring Associated security event analysis Unified in response to security threats App-based security check

Data Center Security: Reliable, Stable, Value-Added Server and storage access VM 1 App1 ------ OS1 vguard (vfw, VES) vswitch 1 VM N AppN ------ OSN vswitch N DC network service zone FW IDS LB WAF Core switch Campus core External zone/dmz ASG SVN AntiDDoS Highlights: Efficient capacity Flexible deployment VM1 App1 ------ OS1 vguard (vfw, VES) vswitch 1 VM N AppN ------ OSN vswitch N esight isoc Switch UMA Security Boundary firewall Internet Professional protection Huawei data center security solution focuses on service security, provides professional large capacity and virtualized protection capabilities.

Position of Huawei Security Solution in Industry MQ for UTM 2013 MQ for FW 2013 Nemertes 2012 Market Challenger Frost&Sullivan 2012 The first Chinese telecom vendor entering Gartner UTM MQ The first Chinese telecom vendor entering Gartner FW MQ Won many international awards in the security field

Our Customers Finance Russia Sperbank Brazil TecBanK Brazil Tecban Bank Egypt HD bank Netherlands SNS Reaal Spain Banco Santander Italy Zurich Hong Kong Exchanges and Clearing Limited Wing Lung Bank Hong Kong Customs and Excise Department Thailand Ministry of Finance Hong Kong Fire Service Department Thailand Science and Technology Department Poland Ministry of Home Affairs UAE eha, MOH Russia Public Healthcare U.K. Aintree NHS... Government Energy & Enterprise Malaysia KFC Malaysia Caring Pharmacy Kuwait MEW, Alshaya QATAR GAS Spain Euskaltel Italy FIAT Kong Kong CLP, Jockey Club Russia S, N, F Universities Turkey FATIH Saudi Arabia MOHE University of Hong Kong Mexico SEP Zhejiang University Beijing University Tsinghua University Education

Data Center Protection-Tencent Anti-DDoS Challenges >40G DDoS attack traffic, including application layer attacks such as DNS flood Worldwide IDCs, multipoint deployment, centralized protection Solution During IDC attack defense, Huawei devices worked normally and protected the network against continuous DNS flood attacks with large traffic, ensuring stable service running. We have not received any complaint from customer. The DDoS protection gateway is connected to the egress in bypass mode to provide 40G protection capability and prevent more than 100 types of DDoS attacks. Multi-layer deployment, centralized --Tencent application operation and maintenance security center director Zong Ze

Thank you www.huawei.com Copyright 2012 Huawei Technologies Co., Ltd. All Rights Reserved. The information in this document may contain predictive statements including, without limitation, statements regarding the future financial and operating results, future product portfolio, new technology, etc. There are a number of factors that could cause actual results and developments to differ materially from those expressed or implied in the predictive statements. Therefore, such information is provided for reference purpose only and constitutes neither an offer nor an acceptance. Huawei may change the information at any time without notice.