The SDSec Solution: Logical Architecture

Latest reply: Jan 30, 2020 23:31:06 86 1 3 0

Huawei SDSec solution uses three-layer architecture consisting of the analyzer, controller, and enforcer layers


Analyzer

Cybersecurity Intelligence System (CIS): CIS is an advanced threat detection and security analysis system that performs continuous detection to cope with APT attacks. The CIS collects network-wide metadata and log information of network security devices, continuously monitors network activities, and uses big data analytics and machine learning technologies to detect advanced threats. By interworking with the Agile Controller and SecoManager, the CIS can block threat traffic or isolate infected hosts in real time.

FireHunter sandbox: Huawei FireHunter sandbox is a high-performance APT detection system. In addition to traditional security detection technologies, the FireHunter sandbox also uses multi-engine virtualized detection technologies to collect and analyze the static and dynamic behavior of software. Then, the FireHunter sandbox uses its unique behavior pattern library technology to precisely identify malicious files transmitted on networks and command-and-control (C&C) connections, preventing the spread of unknown threats.

Controller

SDN Controller: Huawei Agile Controller is used in end-to-end (E2E) SDN solutions, covering agile DC, agile campus, and agile IoT scenarios. It implements E2E, automatic, and application-based network deployment and efficient O&M.

Security Controller: The SecoManager is the core of security policy lifecycle management and implements on-demand orchestration of security services and unified management of security policies. The SecoManager interworks with the Agile Controller to implement unified service orchestration. The SecoManager interworks with the CIS to implement automatic threat response, security policy emulation, and policy tuning, significantly improving O&M efficiency.

Enforcer

Huawei SDSec solution transforms network infrastructure into sensors of security detection and enforcers of security response. As sensors, network devices, such as switches, routers, and firewalls provide information for the analyzer, such as traffic data, NetFlow data, metadata, logs, and files. As enforcers, the network devices receive the defense policies delivered from the controllers and enforce them to prevent threats.

The USG and Eudemon series firewalls are Huawei's next-generation firewall (NGFW) products for digital enterprises. The global context awareness architecture of these firewalls can detect application-layer threats based on application, content, time, user, threat, and location (ACTUAL), providing fine-grained service access control. The deeply integrated security functions, such as intrusion prevention and antivirus, provide comprehensive application-layer protection to prevent known threats.

Huawei CE series switches are high-performance switches designed for next-generation data center network. They have comprehensive virtualization capabilities, extensive data center features, and well-designed hardware architecture. The S series switches are next-generation smart core, aggregation, and access switches for enterprise campus networks, allowing for flexible networking.


In the SDSec solution, the analyzer, controller, and enforcer work closely to quickly discover threats, automatically block malicious behavior, and intelligently fine tune security policies.


  • x
  • convention:

NACA4412
Created Jan 30, 2020 23:31:06 Helpful(0) Helpful(0)

Thanks, quite interesting
  • x
  • convention:

Comment

Reply
You need to log in to reply to the post Login | Register

Notice Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Login and enjoy all the member benefits

Login and enjoy all the member benefits

Login