Huawei has launched a software-defined security solution at HUAWEI CONNECT 2016. It reportedly guarantees the security of enterprise tenants’ applications hosted on the cloud.
Based on the core component Agile Controller, the solution virtualises hardware security devices and offers a variety of services for online subscription. The automated security deployment capability also greatly improves cloud service protection efficiency.
While more and more enterprises are using cloud services to reduce costs and improve flexibility, enterprises rarely consider security before this change. As storage, computing, and network resources all become virtualised, manual configuration and adjustment of security resources can no longer adapt to quick service development in a flexible and cost effective way.
Moreover, cloud-based service deployment eliminates network security boundaries. Virtual networks, especially the virtual machine (VM) layer, urgently need effective security protection. As common threats have evolved to advanced persistent threats (APTs) that can hide for a longer period of time and are more difficult to detect, traditional APT defense methods also need to adapt to software-defined network (SDN) environments.
Huawei’s Software-defined Security Solution aims to improve security protection efficiency for cloud data centers in the following ways:
- The Agile Controller implements flexible orchestration and automated security service provisioning for tenants. Tenants can obtain up to 12 types of virtualised security capabilities and apply for appropriate quantities of security resources based on their needs. A software security cluster provides the industry’s highest capability of 2.5 Tbit/s for cloud data centers. The security service provisioning process requires no manual intervention and saves 90% of the manual configuration workload, enabling security services to be provisioned in a matter of minutes. This provides timely protection for resources used by tenants to keep pace with quick service development in virtualised environments.
- The Agile Controller provides the intelligent awareness function that enables security policies of tenants to migrate with services in real time. Scheduled by the Agile Controller, virtualised security resources provide L2-L7 in-depth security protection. The Agile Controller supports five virtualisation platforms and two northbound APIs and can interoperate with an OpenStack cloud platform on the public cloud to implement unified visual operations and maintenance (O&M). This improves service management efficiency.
Liu Lizhu, general manager of Huawei Enterprise Network Product Line’s Security Gateway Domain The Agile Controller provides unified resource scheduling for tenants and filters service traffic at the network boundary, tenant, and VM levels to provide triple protection. Tenants can collect and analyse logs, files, and traffic in virtualised environments using the cybersecurity intelligence system (CIS), an intelligent Big Data analytics platform. This platform detects abnormal network behaviors with an accuracy of more than 99%, overcoming traditional threat detection tools’ problem of low efficiency against upgraded threats.
“As more services are migrating to the cloud, the boundary of security threats becomes blurred. Data center services are facing more severe security risks after SDN technology is used, as such no companies, regions, or organisations are free from such risks,” said Liu Lizhu, general manager of Huawei Enterprise Network Product Line’s Security Gateway Domain.
“Huawei’s Software-defined Security Solution will guarantee innovative, scalable, and efficient cloud services for tenants and help enterprises accelerate business transformation and upgrade,” continued Lizhu.
Huawei has been working in the security domain for over a decade and will continue to deliver industry-leading security products and solutions to ensure ubiquitous security for global customers.
Comment on this article below or via Twitter: @ VanillaPlus OR @jcvplus
