The Huawei Cloud Data Center Solution focuses on automatic network deployment, elastic network connection, and refined O&M. It is an important component of the SDN/NFV network. The solution works with the management orchestration layer and control layer to provide end-to-end professional and comprehensive protection for data center borders, the virtual layer, and tenants in an elastic, simple, and efficient manner.
|Category||Data Center Infrastructure|
|Leading Verticals||Cloud Service Providers, Financials, Government & Education and Telecom|
Huawei’s solution offers Layer-4 to Layer-7 security as a service to support multi-tenant environments, and also features security virtualization which allows randomly combined software and hardware to be deployed into physical and virtual resource pools. The on-demand flexibility allows services to be deployed within minutes. Cloud sandbox inspection helps customers from the financial, government, telecom, and other industries to significantly reduce the risk of APTs targeted at core assets.
|Types of Threat Protection||
|Key Customers||Swisscom, ICBC, State Grid of China, Peking University, e-Government Cloud in Jiaxing|
|Pricing||The solution provides hardware, software and service. The average selling price of firewall is around 10 $ per Mbps protected. As software and service, depending on SLA and protected tenants, it is sold based service level and resource exhausted.|
SSL-encrypted traffic protection: Huawei NGFW can detect and defend against network threats to SSL-encrypted traffic, using such features as inbound offload, outbound offload, security control after decryption, and traffic detection without decryption.
Sandbox defense: The anti-APT capability is available after FireHunter is deployed or the cloud sandbox inspection service is subscribed. With a heuristic engine, the FireHunter captures over 100 anomalies, and investigates these sampled malicious files.
Cloud Application Security Awareness (CASA): Huawei NGFW can offer CASA capabilities, making it able to identify, trace, display, detect, and block potential threats in SaaS applications, combating the growth of Shadow IT.
|Performance and Scalability||
USG9000v implements single-NE flexible scale-out and scale-in, supports a maximum of 128 VMs in a cluster, and provides up to 2.5 Tbps forwarding capabilities. It can manage the configurations of 128 VMs and schedule pool-based resources for the VMs. Terabit-level DDoS Defense System AntiDDoS8000: 1.92 Tbit/s protection performance, attacks response within seconds, 60+ traffic models, defense against 100+ types of DDoS attacks, Value-added differentiated operation for 100,000 tenants.
NETCONF and RESTful programmable language are supported. NETCONF provides mechanisms to install, manipulate, and delete the configuration of network devices. Its operations are realized on top of a simple RPC layer. RESTful web services is a way of providing interoperability between computer systems on the Internet. REST-compliant Web services allow requesting systems to access and manipulate textual representations of Web resources using a uniform and predefined set of stateless operations.
|Key Partners||Algosec, FireMon, Avira, McAfee|