Virtualized Firewall System

Kernel-level security | East-west micro-isolation | Dynamic threat protection | Risk perspective | Cloud security situation awareness

Virtualized Firewall System Overview

Topsec Virtualized Firewall System is a powerful east-west security product that provides various security features in a cloud computing environment, such as dynamic/static micro-isolation, advanced threat protection, and malicious code interception. The system also provides strong cloud computing security guarantee through multidimensional risk perspectives and in-depth security situation analysis in the cloud environment, meeting the requirements of Cybersecurity Classified Protection 2.0.

Activity & Announcement

Hot products Next Generation Firewall
Typical cases CNCC security construction project

Advantages

Dynamic threat protection

The system synchronizes information from a cloud platform in real time. Newly created virtual machines (VMs) join the matching security groups automatically, without the need to set security policies. That is, threat protection is implemented dynamically.

Dynamic migration of security policies

Security policies are created and delivered in a centralized manner and migrated dynamically with VMs, so that VMs are always protected.

Multi-cloud risk management

The security management center can synchronize information from cloud platforms of Huawei, H3C, Inspur, and other vendors. It provides consistent security policy management and risk display for these cloud platforms.

Cloud risk perspective

With the risk perspective capability, the system monitors communication relationships and threat transmission paths in the cloud in real time to analyze regularity of risks, detect security protection processes, and improve the protection effect.

Cloud security situation awareness

The system uses multidimensional analysis technology to measure risks and determine threats in the cloud. It can quickly identify the distribution and trend of threats and display the overall security situation in the cloud.

Adaptation to systems and platforms made in China

The system is compatible with domestically produced CPUs (such as Kunpeng and Phytium CPUs), operating systems (such as KylinOS and UOS), and cloud platforms (such as Huawei Cloud, Inspur Cloud, H3C Cloud, Kylin Cloud, and Whale Cloud).

Application

Scenario

Cybersecurity Classified Protection 2.0 defines new requirements for cloud computing security and interprets cloud computing security. However, most of cloud platforms for e-government, education, healthcare, and other applications do not have an effective cloud security system for communication monitoring or risk monitoring and analysis in the cloud environment. To address the need for cloud computing security and meet the new requirements in Cybersecurity Classified Protection 2.0, security capabilities need to be distributed in the cloud computing environment.

Issues Resolved

The system helps customers meet the new requirements for cloud computing security in Cybersecurity Classified Protection 2.0.
With the capability to ensure security of east-west traffic in the cloud environment, the system serves as a supplement to hardware security devices that cannot manage risks in the cloud environment.
The system migrates security policies dynamically with VMs to provide uninterrupted protection.
The system detects and blocks intrusions to VMs and malicious code transmission.
The system detects and blocks abnormal traffic between VMs and network attacks.
Through multidimensional risks perspectives and cloud security situation awareness, the system can grasp the regularity of risks and detect security protection processes in the cloud environment.

Scenario

A cloud data center provides users with an environment for easy and fast access to cloud computing resources, as well as powerful protection for the physical network. However, the boundary of the cloud data center network is blurring because of features of the cloud, such as elastic scaling, virtual communication, and dynamic VM migration. As a result, physical security devices cannot provide comprehensive security protection in the cloud environment, which hinders traffic monitoring and threat control for the cloud. Therefore, the firewall system needs to deeply integrate with the cloud platform to embed security capabilities into the platform, so that security can be ensured at kernel level.

Issues Resolved

Deep integration with the cloud platform for kernel-level security.
Professional security protection for cloud platforms, which cannot be implemented by physical cyber security devices.
Cloud risk perspective, showing logical links behind communication between VMs, intrusions, and malicious code transmission.
Detection of DDoS attacks based on multiple protocols on the cloud platform, including IP, TCP, UDP, and ICMP.
Filtering of keywords based on protocols such as HTTP, FTP, POP3, SMTP, and Telnet.

Scenario

China is facing great challenges to cybersecurity because some core technologies and devices are provided by vendors of other countries. As the foundation of a cloud data center, cloud platforms have been domesticized. Under this circumstance, a security system with autonomous control capability needs to be developed to analyze the security situation, present regularity of risks, and detect security protection processes in the domestic cloud computing environment, helping to strengthen protection of cloud computing security.

Issues Resolved

Full compatibility with domestically produced CPUs (such as Kunpeng and Phytium CPUs), operating systems (such as KylinOS and UOS), and cloud platforms (such as Huawei Cloud, Inspur Cloud, H3C Cloud, and Kylin Cloud).
Powerful access control between VMs.
Defense against common attacks, such as overflow attacks, RPC attacks, and Web CGI attacks.
Real-time detection and blocking of malicious code transmission based on FTP, HTTP, POP3, SMTP, and other protocols.
Cloud risk situation display, with display capabilities such as intrusion prevention, malicious code detection, and traffic monitoring.

Value to Customers

Comprehensive threat control

The system deeply integrates with the cloud platform to embed its security capabilities into the platform, including micro-isolation, threat prevention, malicious code interception, cloud DDoS attack detection, and data filtering.

Security risk perspective

The system leverages multidimensional risk perspectives to monitor and analyze paths of intrusions and malicious code transmission in the cloud environment, and determine the targets of attacks. Then, it creates a threat grid to assist in threat source tracing for the cloud environment.

Communication analysis

The system monitors real-time traffic and analyzes in depth the communication between VMs in the cloud environment to provide data evidence for setting cloud computing security policies. This cannot be implemented by traditional security products.

Cloud security situation awareness

Through in-depth analysis of the cloud security situation, the system dynamically detects changes in the cloud environment, trend of security risks, and security protection processes to help with risk prediction, thus enhancing security protection for the cloud environment.

Success Case

Digital China Summit

The BRICS conference system is deployed in the cloud data center of the customer. The physical network environment is well protected by comprehensive security mechanisms. However, security risks in the cloud environment cannot be detected quickly due to the lack of a security system in the cloud data center. This severely threatens security of the conference system. Therefore, the customer is in an urgent need for a comprehensive cloud security system to ensure stable operation of the conference system.

Value to Customers：: Cloud threat protection Cloud risk perspective Communication analysis

View details

Relevant Recommendations

Product Recommendation

Special Recommendation

News Recommendation

Digital China Summit